A recent article on Ars Technica, Linux bug imperils tens of millions of PCs, servers, and Android phones, highlights – once again – the most serious problem with the Android OS.
Lack of security. Your personal data is simply not safe on Android. Ever.
Apple and Microsoft both have an update model where bugs can be fixed with security updates – without requiring the carrier service to do the update. In reality, this is the only update model that actually updates devices to fix security bugs.
Android, however, does not do this. Most Android devices will not be updated at all, even after known bugs make it insecure. The device manufacturers (OEMs) are responsible for updating devices, with the exception of some Google Nexus devices. Yet, even the Nexus devices may have to wait weeks for a known serious bug to be fixed in an update, and older Nexus devices lose update support.
In the above article, the Linux kernel bug received an immediate update (“Major Linux distributions are expected to make fixes available as early as Tuesday”), but it just isnt being passed on to most Android devices. In an update to the article, they report that Google will release a fix in March. Google also says that they believe Android is not vulnerable to third party apps. However, this is absolutely untrue, and third party apps regularly compromise user data. Some Android apps can even use unfixed bugs to get root access. These “exploits” never get fixed.
All OSes have security bugs. And all security bugs can be fixed with an update. Its just that most Android devices dont get updates. Google themselves publicly state that it is vital to keep Android devices running the latest version of Android, yet the update model they created makes this impossible for most people – because the updated OS for their device simply doesnt exist, and the OEM isnt going to spend a lot of money to create it. In this context, Google’s recommendation is an insulting joke.
Quite simply, in its current state, most Android devices will never be secure. Knowing this, it is impossible to recommend Android as an OS. For this reason alone, I recommend avoiding Android. Forever.