Google has publicly released the company’s new plan for security updates for Android, and Google hopes that the update of Android will be simpler and more efficient.
According to data released by Google, a total of 1 billion devices in the world have been updated in 2017, and the number of updates has increased by more than 30% compared with 2016.
But even so, there are still a large number of Android devices that can’t get security updates, which makes the Android system vulnerable and fragmented.
The current issues facing the Android update:
For system updates, many vendors will no longer provide maintenance shortly after the release. Stopping support will naturally not result in a security update push user installation.
However, not all vendors do not want to provide updates. The main reason is that making updates requires adapting the version and testing time and money.
In particular, the customised versions of various operators will become more troublesome in updating, and the attitude of the manufacturers is naturally so much less annoying than giving up the updates directly.
Google is trying to improve efficiency through modular updates:
In the past, making updates required multiple tests to prevent solving a problem and causing new problems. Of course, even if this happens, new issues will arise.
So Google began to try to reduce the probability of new problems through modular updates, that is, when updating a subsystem, it will not affect other subsystems.
Google has split the hardware modules out of this way, which significantly simplifies the workload required to update devices. The Android P version now supports this technology.
Google claims that the Android P version is the most straightforward version to update in all versions, and the modular update strategy also applies to install security-class updates.
Extract system services as applications:
For system service updates, vendors are now required to make updates, and Google hopes to make system service updates independent of application-like updates.
In this way, for example, the problem of the frequently leaked media service framework is that it is directly updated through the Google App Store, and there is no need to make a patch separately.
Also, the modular update can directly replace the old version of the system service with the new version, and the update will not affect other subsystems of the system.
Google: Vulnerabilities are inevitable
Google claims that vulnerabilities in all complex software systems are unavoidable, but it is entirely possible to prevent vulnerabilities from being exploited by malicious people.
In addition to the development of the project, system updates are a significant step so that Google will provide patches to vendors every month.
Google said that monthly updates are the best practice, but even if vendors can’t cope with the monthly update frequency, they can be updated in the event of significant vulnerability.
Common security breaches are disclosed for three months, so vendors providing updates every three months are also a minimum requirement to ensure device and user security.
Source: Android Developers Blog