Op-ed: Google should take full control of Android’s security updatesEnlarge / Google’s “Project Treble” aims to streamline Android updates, but when it comes to security, Google could still be doing more. (credit: Google)
Last Friday, Google announced a major new initiative that promises to solve one of the many problems that keeps Android phones from being promptly updated.

Coming as a part of the forthcoming Android O, Google will soon begin separating the Android operating system from the hardware-specific drivers and firmware on each individual Android phone in a move called “Project Treble.” If successful, Project Treble will prevent a repeat of what we saw last year with Android Nougat, when Qualcomm’s unwillingness to support the update on older hardware made it impossible for companies to release the update on older devices even if they wanted to.

But as we wrote last week, this is still just a solution for one of Android’s many update problems.

Treble can help OEMs support older hardware for longer and with less effort, and that’s unquestionably a good thing.

But the core issue remains: wireless carriers and phone makers are still the gatekeepers for updates, and since they all make their money primarily from selling new hardware, they have little incentive to offer continued support for stuff they’ve already sold—especially once it’s no longer on store shelves.
There are technical and political reasons why Android updates don’t come directly from Google. On the technical side, carriers need to do their own validation and testing to prevent network problems, and OEMs need to make sure that their skins and other differentiating features work with new Android versions before releasing them. Politically, OEMs and carriers don’t want to become “dumb” conduits for Google’s software and services, since it reduces their ability to differentiate themselves from their competitors, and they don’t want to be subject to Google’s every whim or demand.
Read 9 remaining paragraphs

Leave a Reply