this post was submitted on 02 Jul 2024
29 points (100.0% liked)

Cybersecurity

5601 readers
86 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 3 months ago (1 children)

I don't know. According to this : https://www.statista.com/statistics/921152/mobile-android-version-share-worldwide/ android version 13 and 14 account for almost half the device versions, and those usually have forced auto update and also recent enough to be getting updates in theory...

[–] [email protected] 2 points 3 months ago (1 children)

But if the manufacturers don't then update their custom bits, the updates don't make it to the phones. Right? Or is that not a thing anymore?

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago) (1 children)

That is a difficult topic. Google did take steps to mitigate issues there. Android got Hardware Abstraction Layer to prevent blobs from blocking updates ; also, a lot of updates were moved from AOSP to the Play Service, so Google can more easily roll them out. (And to make AOSP and 3rd party roms less of a threat, eh.)

Edit : that said, most android phones have woefully short support period.

[–] [email protected] 2 points 3 months ago

It is a difficult topic, but one worth discussing I think. Cellphone security used to be an afterthought, at best. Google (and some rom maintainers) have done an amazing job at improving overall security. They have a long way still to go (such as forcing manufacturers to a certain level support), but what they've done thus far is commendable.