Some Android OEMs don’t take it so seriously with security updates

Android security is better than the reputation I wrote on BB10QNX. But something else can be filtered out of the data collected from the German security company Security Research Labs: Some manufacturers do not work accurately or cheat.

The date of the security patches is decisive. This allows Android users to see very well whether they have a current system or not. That’s what people used to think. Some OEMs may adopt the date, but do not implement all security patches. Some even change only the date without applying a single patch.

Based on the quantity of missing patches from the last six months, a quality can be derived:

  • 0-1 missing patches Google, Sony, Samsung, Wiko
  • 1-3 Xiaomi, OnePlus, Nokia
  • 3-4 HTC, Huawei, LG, Motorola
  • 4+ TCL, and ZTE

The hardware which is used in the devices is also important. For devices with MediaTek SoCs, for example, you don’t even have to wait for updates because the manufacturer often doesn’t even issue patches for critical security holes. Buyers should therefore not only pay attention to the quantity of security patches and the Android version used, but also to SoC and device manufacturers.