14 DAY TRIAL // After the massive Android vulnerability Stagefright was revealed, Google and other device manufacturers hurried to promise they would deliver monthly security patches to ensure phones and tablets remain protected.
A few days ago, we told you that Google wants to prompt device makers to deliver faster updates, so in Android 6.0 Marshmallow you’ll be able to see the date of the last security patch update.
As mentioned above, other device manufacturers like Samsung and LG committed to delivering the security patches on a monthly basis too. But other OEMs remained silent on the matter. Like HTC.
Over the weekend, some HTC owners probed one of the company’s executives on Twitter, looking for answers. What users were trying to find out was why HTC hadn’t committed to delivering monthly security updates like the rest of the device makers.
Delivering monthly security updates is just not viable
HTC’s Jason Mackenzie explains that the company considers a monthly timetable as being “unrealistic,” mostly due to carriers being involved in the whole affair, and HTC did not want to make unrealistic promises.
All this talk about Android security just makes us think of BlackBerry’s upcoming Android slider product called Priv, which is supposed to be an uber-secure Android device. It seems like the Canadian company has chosen an excellent time to deliver a product such as the Priv on the market, as the device has already managed to attract a lot of attention so far.
Speaking of which, a few days ago, we reported that Zimperium zLabs, the company that first discovered the Stagefright Android vulnerability, revealed that it had identified two new flaws which affect all smartphones running versions of Android starting with 1.0 and higher.
The two new flaws have been dubbed Stagefright 2, because they work in a similar fashion to the original vulnerability.
The original Stagefright relied on sending malicious MMS messages that allowed hackers to infiltrate the victim’s smartphone, but the new vulnerability relies on injecting malformed audio and video files in Web traffic, which can be opened via Web browsers, multimedia players and IM applications.
So the time for a secure Android smartphone has never been better.
@bkerensa @htc 1. Because commitment to this is not realistic. In order to push an update you have to get carrier approval.
— Jason Mackenzie (@JasonMacHTC) October 3, 2015