AH Google IO-1429 Android Devices and devs

AH Primetime: Android Fragmentation Leads To Major Security Flaws

May 20, 2015 - Written By Ricardo Trevizo

Google might not like to admit it, but Android is not an operating system free of flaws. There are lots of issues that have been discovered by both the community and specialized users. One of the problems that Google is the most afraid to admit is, the flawed security inside its own mobile operating system. The internet giant is known for searching bugs and security vulnerabilities inside their competitors’ software, namely Microsoft and Apple; This is one of the main reasons why Google won’t admit that Android has some major security flaws. Why would a company so focused on finding security gaps in their competitors’ software allow for a vulnerability to slip inside its own mobile operating system? Well, it’s not Google by itself that has allowed these issues to persist, as one of the major causes is the fragmentation that exists in the whole Android ecosystem.

Leading with more than 81 percent of the market share, Android is, without a doubt, the most popular mobile operating system across the globe. This should sound like good news, but the truth is that most devices running Android haven’t seen an update in a long time, and are stuck running an outdated version of the mobile operating system. Less than 10 percent of all Android-based devices have Android 5.0 Lollipop installed, around 39 percent is running Android 4.4 KitKat, the previous version of the OS; and the other 50 percent is stuck with Android 4.3 Jelly Bean or lower. This is what Google is afraid of, most users are running versions of Android that haven’t been touched in years, this means that numerous important security updates were never sent out to these devices with outdated systems. It’s not Google’s sole fault, both manufacturers and carriers have a lot to do with the process of sending out updates; sometimes the firmware update sent out by Google gets stuck in the process of rolling out, whether it is in the manufacturer’s or in the carrier’s hands.

One of the biggest security gaps is the lack of device encryption, which has only made its way to devices running the latest version of Google’s mobile operating system, Android 5.0 Lollipop. This has caused some issues along Android’s history, as it is a way for digital criminals, or even the NSA to exploit the user’s personal information. The issues with Android’s security will continue until Google itself, addresses said issues and makes it a priority to solve them. The only way that this is going to happen is by Google forcing both carriers and manufacturers to update older devices.