Google will send security patches directly to users owning an Android device, bypassing the update procedures of individual manufacturers and operators. One of the ancestral problems that still grip Android today is the need for a sufficient number of updates.
Constantly updating the firmware of every single model of Android smartphone placed on the market costs money, and manufacturers, especially for medium-low-end devices, prefer to “glide” and leave the devices to their fate.
When the manufacturer no longer supports an Android device, it is a good idea to evaluate the installation of an unofficial ROM by choosing from the best-known and most appreciated projects: Android update and how to do it when it seems impossible. Using an Android device that uses an old version of the operating system and, above all, on which the latest security updates have not been applied is certainly not a good thing. As we also highlighted in the article Android antivirus: no, it’s not useless at all; malicious code can leverage known vulnerabilities to acquire root privileges, steal personal data, monitor user activities, and appropriate other people’s money.
Try to go to the Android settings, choose System, Advanced, then About the phone or the tablet, then look for the entry Android security patch level (in some devices, it is necessary to go to the System update section ). Suppose the date displayed needs to catch up in time. In that case, the device needs to be updated with the latest security patches and potentially exposed to the risk of aggression. While in the case of iOS, Apple tends to maintain only a single version of the operating system on the market, in the case of Android – even today – many different releases coexist, some of which are now very old. To understand this, visit this recently updated page where Google accounts for the usage quotas of each version of Android.
The Android fragmentation problem is nothing new; over time, Google has tried to remedy it using different strategies. But the point is not the transition from one version of Android to the latest one, but rather the possibility of an operating system updating with all the latest security patches. We have illustrated our point of view by highlighting that Google releases Android security updates monthly. Still, if these are not adopted by mobile device manufacturers and, above all, distributed to end users, there is a risk of leaving a vast array of devices.
Android Update Alliance And Project Treble: A Failure And An Early Success
On the occasion of Google I / O 2011, the Mountain View company presented the Android Update Alliance initiative quite a few years ago. The goal was to encourage manufacturers and telecom operators to release Android device updates consistently. Unfortunately, the initiative was unsuccessful and failed to garner the interest of the parties involved.
Android devices remained on the market, never updated, and, consequently, inherently insecure. Six years later, Google launched Project Treble, of which we have talked abundantly: Project Treble: what it is and how it will improve the Android update. With Project Treble, Google engineers redesigned the way Android updates are handled. After a rather slow initial adoption, with the release of Android 9.0 Pie, support for Project Treble became mandatory.
With Project Treble, Google has finally begun to register positive results since managing and distributing updates for the operating system has become easier for all manufacturers.
Nonetheless, despite Google’s request to guarantee users updates for at least two years from the purchase of the terminal, at least in the case of Android One (see Android One: two years of support from the manufacturer confirmed ), many Android devices continue not to receive monthly updates like Pixels and other Android One devices. Therefore, the fragmentation problem and the one linked to the non-distribution of security updates, including the most critical ones, persist.
Project Mainline, A New Solution To The Problem
On the occasion of the Google I/O 2019 conference, Google presented Project Mainline, a new initiative whose ultimate goal is to distribute at least Android security updates to user terminals and, regardless of the behavior of individual hardware manufacturers and telephone operators: Android Q, the main innovations of the tenth version presented.
With Project Mainline, the idea is to bypass the device update system developed by individual manufacturers to automatically release, distribute and install the most important security patches through the Play Store.
Over time, Google Play Services has become an increasingly important system component capable of directly intervening in many aspects related to the configuration of the Android mobile device. Project Mainline will not allow you to update the Android version installed on your mobile device to a later release (therefore, it will not end the fragmentation problem). Still, it will allow Google to secure end-user devices by applying updates to 14 different modules. The components involved, at least according to the information we have to date, will be the following: ANGLE, APK, Captive portal login, Conscript, DNS resolver, Documents UI, ExtServices,
With this solution, users will no longer be forced to use an inherently insecure device that has yet to be updated for months or even years. A big step forward, without a doubt. The only problem is that Project Mainline will be available starting from the release date of Android Q and only for those devices that will mount that version of the operating system. So, it would help if you upgraded to Android Q to get the benefits of Project Mainline.
When Will You Be Able To Receive Android Security Updates Through Project Mainline?
As noted earlier, only those who can upgrade to Android Q or who install a ROM based on that OS version will be able to get security updates automatically through Project Mainline.
It is confirmed that 23 mobile devices will receive Android Q very quickly when it is finally released in the fall.
– Google Pixel (8 models total, including the latest Pixel 3a and 3a XL)
– Asus Zenfone 5z
– Essential PH-1
– Nokia 8.1
– Huawei Mate 20 Pro
– LG G8
– OnePlus 6T
– Oppo Reno
– Realme 3 Pro
– Sony Xperia XZ3
– Tecno Spark 3 Pro
– Vivo X27
– Vivo NEX S
– Vivo NEX A
– Xiaomi Mi 9
– Xiaomi Mi MIX 3 5G