Linked by Thom Holwerda on Fri 11th May 2018 22:47 UTC
Android

Updates are easily the biggest problem facing the Android ecosystem, and Google is working hard to fix that. Project Treble has proven that it's capable of making updates easier, and now Google is stepping up requirements for OEMs when it comes to security patches.

Every little step in this department is a welcome one. It's not yet clear what, exactly, the requirements entail, but hopefully, it's a strict and hard requirement to publish every monthly security update.

Thread beginning with comment 656564
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Finally!
by Alfman on Sat 12th May 2018 17:11 UTC in reply to "RE[2]: Finally!"
Alfman
Member since:
2011-01-28

Brendan,

The world doesn't work like that.

Imagine you are a mobile phone manufacturer; and you know that by hiring more staff (to roll out updates to older devices) it will cost you $X for the staff and cost you $Y in lost sales due to people not replacing old phones with new phones; but you will also get an additional $Z in publicity (to help sell new phones).

If $X + $Y is less than $Z, then you hire more staff because you'll end up making more profit; and if $X + $Y is greater than $Z you just ignore all the people that want updates because you don't want to lose money.

Note: the words "hire more staff" can be replaced by "not make existing staff redundant" if/where necessary. Either way it's mostly the same $X.


The algebra is sound. Unfortunately if we were to put numbers to those I strongly suspect the costs of supporting older devices along with lower sales caused by longer device lifetimes make it hard to justify better aftersale support.

The thing is that while many people say that they are frustrated with the lack of support, it usually doesn't change their buying behavior. As a business owner I see the same phenomenon with my prospective clients too, where they spend the least possible for services even if nine times out of ten it turns out to be disastrous.

Reply Parent Score: 4

RE[4]: Finally!
by Troels on Sat 12th May 2018 21:58 in reply to "RE[3]: Finally!"
Troels Member since:
2005-07-11

The real thing is that the number of people who care about updates is highly overestimated by the geek community.

I have said it many times before, but the OS updates are too frequent, there is hardly anything in them that anyone care about. Same with many other pieces of software, update notifications and list of what (nothing) is new is the new cookie warning annoyance.

Reply Parent Score: 3

RE[5]: Finally!
by oiaohm on Sat 12th May 2018 23:06 in reply to "RE[4]: Finally!"
oiaohm Member since:
2009-05-30

The real thing is that the number of people who care about updates is highly overestimated by the geek community.

I have said it many times before, but the OS updates are too frequent, there is hardly anything in them that anyone care about. Same with many other pieces of software, update notifications and list of what (nothing) is new is the new cookie warning annoyance.


You have the wrong point of view. People don't care about security until they have the device breached and their bank account emptied.

Updates are important. Now if you want to drop frequency of need updates you have to drop bug count. Drop bug count means improve quality control procedures.

Of course just like general users don't show that much interest in updates until after they are burnt. General users don't demand software makers use the best quality control processes possible either. I guess why is they don't want the pay 4 to 5 the current price for computer stuff.

Reply Parent Score: 2

RE[5]: Finally!
by ahferroin7 on Mon 14th May 2018 11:34 in reply to "RE[4]: Finally!"
ahferroin7 Member since:
2015-10-30

I think a better statement is that people don't care about security proactively, only reactively. Anybody who's worked for any extended period of time in the IT industry can tell you that about 90% of users don't care about security until after they've been hacked, and a significant percentage still don't care once that's happened and they've patched that specific hole.

Reply Parent Score: 3