According to software experts, Google’s failure to fix a flaw in the Linux kernel server is encouraging Android users to migrate to iPhones. The flaw, which was discovered by Perception Point Research, has needed a patch to update the software since 2012.
Operators have admitted that fixing the major hiccup will still leave millions of Android users out in the cold.
The fault is classified as a zero-day flaw. This means that apps can have access to sensitive information, as well as other functions, unrestricted. According to Ars’ Dan Goodin, users’ personal information as well GPS location, camera and other data are at risk of being attacked through the kernel flaw.
The good news about this flaw is that it can be remedied quite easily by a patch on desktop computers and servers. Unfortunately, it won’t be that simple for holders of mobile Android devices. Getting a patch for cellphones and tablets is near impossible.
The really bad news for users is that the flaw has been around long enough to greatly enhance the vulnerability of the system. It is estimated that more than 65% of Android devices and millions more PCs have been affected.
Google has made an effort to recover from this disaster by pushing out the newest Android update. This version’s release coincided with Apple’s iOS 9.2.1 update. Since then, only a minute percentage of users have adopted the Android version. Google has failed to enjoy the same success as Apple’s development, which 75% of its consumers now use.
It is believed that this failure is the primary result of Google’s negligence to test and distribute updates after creating them. Hardware providers and carriers are to be held accountable for this flaw as well.
Android’s vulnerability is widespread. In the US, vendors continue to perpetuate the problem by selling outdated software to users. Despite Google’s efforts to promote new updates, many providers seem unconcerned about selling software that is up to date.
China, on the other hand, does make updates available to its users. Unfortunately, only 20% of the country’s user base has opted to install it since 2014. This means millions of others still operate devices and servers that have not been updated with the security patches.
A frequent commenter on Ars recently brought light to the unavoidable transition of Android users to Apple and Windows devices. He expressed how leaving the flaw unattended has become problematic for users and that most may never be able to get the issue fixed.
Another user voiced out concern regarding the update problem after experiencing a number of security issues on an Android phone. The user acknowledges that flaws in the system are inevitable but that Google has to work harder (and faster) at providing reparative software.
To many, it seems Google is not doing enough to roll out its updates. However, this is to the contrary. In 2011, the company attempted to get their hardware manufacturers to incorporate updated software into phones through an initiative called the Android Update Alliance.
As decent an attempt as it was, Google’s partners refuse to back this initiative. Committing to at least 18 months of updated software meant they would lose financial incentive. Because older phone models would have to be updated as well, the partners claim it will make their newer products less appealing to consumers.
Unlike many Google partners, Samsung took a stride towards making Android devices more secure by releasing their Knox software. Installed on new and slightly more costly models, the company’s strategy to beef up security was geared towards increasing their sales to enterprises.
Lorenzo Franceschi-Bicchierai, an avid fan of Android, commented on the availability (or lack thereof) of Android updates. He expressed in a statement his appreciation for Android’s customization. However, the fact that users relied on hardware makers and carriers for updates was a big problem.
The real issue is not that updates have to pass through these parties before they reach the user. According to Nicholas Weaver, a security researcher, the problem is that these parties don’t seem to care much.
Franceschi-Bicchierai’s statements came after the outbreak of a bug called Stagefright, which enabled hackers to gain access to Android devices through a text message.
In the meantime, Apple is enjoying the new business that Google’s update issues are bringing to their platforms. According to Tim Cook, up to 30% of Apple’s new customers are former Android users frustrated with the security flaw.
Apple offers what Android cannot guarantee – security. Unlike their competitor, they release and distribute updates on a very regular basis, which has increase iPhone sales exponentially.