Menu
KitKat is out, but a lot of Android users won't get it

KitKat is out, but a lot of Android users won't get it

some people may never get to use the enhancements in KitKat until they replace their phone

Google has added lots of nifty features in the latest version of Android. Unfortunately, for most users of the mobile operating system, they'll have to buy a new mobile phone if they want to get the latest and greatest technology.

[Experts weigh in with wish lists for Android 4.4 KitKat security]

Google released Android 4.4 KitKat last Thursday, but how soon users will get the OS will very much depend on either their wireless carrier or the device manufacturer, which tend to move slowly. As a result, some people may never get to use the enhancements in KitKat until they replace their phone.

The update problem has existed with Android since the beginning and most experts agree it presents the biggest security risk to users. Updates always include patches for vulnerabilities, and once the fixes are available, hackers are able to analyze them to find and exploit the flaws.

"We see exploits available in a matter of days after a patch has been disclosed," Adi Sharabani, chief executive and co-founder of mobile security vendor Skycure said. "Attackers are creating these exploits to attack users who haven't updated their devices."

The risk of not having regular updates was cited a couple of months ago in a memo the FBI and Department of Homeland Security sent to police and fire departments. The warning said SMS Trojans, rootkits and fake Google Play domains were the top security threats to out-of-date Android devices.

While experts universally agree that the lack of timely updates is a major security problem, there is no easy solution. That's because Google lets anyone modify Android to fit the needs of their business, which means there are as many ways to update Android as there are flavors of the operating system.

[The Department of Homeland Security and its obsolete Android OS problem]

Sharabani would like to see Google make structural changes to the Android codebase, so there are application programming interfaces (APIs) available to update the core OS without damaging whatever software is running on top of it, such as the user interface.

While that sounds reasonable, Tielei Wang, mobile security researcher at the Georgia Institute of Technology, points out that depending on the amount of customization, updating without breaking may be difficult.

"(Even with the APIs) it may not be easy to merge Google's code changes," Wang said.

Sharabani also suggests that Google launch a certification program for companies using Android. Those businesses that integrate Google's update mechanism into their platform would be certified as such. In addition, Google could impose other requirements, such as sending out patches in between OS updates for previously unknown vulnerabilities that hackers are exploiting.

Again, such a program sounds like a good idea, but managing and controlling it would be hard. Android has become the leading mobile OS because Google made it easy for carriers and manufacturers to use it. Changing that model would likely lead to serious discontent.

"Currently, it's almost impossible for Google to ban major manufacturers," Wang said.

Besides the technical difficulties, carriers have a business interest in not making Android updates a priority, Bogdan Botezatu, senior e-threat analyst for Bitdefender, said. Rather than update software, carriers would prefer to have subscribers buy a new phone.

"Instead of delivering fixes, phone manufacturers would rather spend their resources on developing new devices to deliver along with the latest version of Android," Botezatu said.

So for now, Android fans who want the latest update will have to be technically advanced enough to root their smartphone in order to install KitKat. For those who want regular updates in the future, they can buy their phone directly from Google.

Anything more universal won't come easily.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Googlesecuritymobile

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments