Android OEMs need a wake up call to fix the update problem

The Stagefright security vulnerability of 2015 give the Android world a scare. Unfortunately, that seems to have been short-lived and, sadly, ineffective in the long run. While it is fortunate that the exploit was never fully used to wreak havoc, that may have allowed the powers that be in Android land to settle back into their complacency and laxity. Updates still don't come on time and even the security-critical ones can take weeks if not months. It may be cruel to say, but the Android platform probably needs to be shocked awake if it is to ever get its update narrative straight.

Where we stand

Computerworld ran an interesting piece grading major (in the US) manufacturers and their speed, consistency, and communication in rolling out Android 8.0 Oreo, which has reached its sixth month of public existence. Long story short, it's paints a very depressing picture. Google is at the top, unsurprisingly, but not with a perfect score of 94%. Second is OnePlus with 65%. That's how steep the decline was. Samsung and LG tie at the bottom with 0%.

Granted, there is no agreed-upon standard for measuring Android update performance and some might not agree with Computerworld's imposed limitations. It doesn't for example include Essential and only mentions Nokia in passing. It has also kicked out Sony and BlackBerry for being practically irrelevant to the US market. And, of course, it doesn't take into account the international market either, but that's the author's prerogative.

Regardless, it is a nearly accurate representation of how dismal the update situation has been on Android. We may rejoice at the fact that Nougat has finally overtaken all others as the dominant version, but that's more than a year after it was released. And even then, it is still just at a fourth of the total Android distribution. The six-month old Oreo hasn't even reached a tenth of the total.

Excess baggage

This tune isn't new to OEMs. Some, like HTC and Sony, lay the blame on the laborious process of updating and testing software. Others, like Samsung, have turned completely deaf on the matter. But yes, that entire pipeline is flawed at this point, but manufacturers aren't exactly doing much to help fix it.

Of course, users appreciate a well-tested update, as evidenced by the uproar that comes from botched ones. But part of the reason why such testing takes too long and too much effort isn't simply because OEMs have too much diverse devices to test on. It's because they have too many versions to test. Almost all OEMs, with extremely few exceptions, have changes upon changes heaped on Android. And while those arguably do offer substantial value to users, the can also burden them with the cost of delayed updates as well. Worse, some OEMs even have different versions for those UX customizations across different versions of Android.

This isn't a call for completely doing away with OEM customizations. In a way, those have actually helped Android flourish. It is, however, a call to improve the Android platform to take these practices into account. Treble is one such solution, but it's really just the start, not the final answer.

Openness doesn’t mean chaos

Some will point to Apple's paradigm and how successful it is in making sure updates are rolled out in time. While that obviously does work, it's an unfair and unrealistic comparison. Apple is the master, owner, and executor of its own fate. Like it or not, even carriers have to play by its rules. It can shove updates down others' throats and no one will complain. It's a take it or leave it situation, and very few opt to leave.

Android in this particular instance is a victim of its own openness. The variety was necessary in order for the platform to survive against the iPhone monoculture. Google gave manufacturers and carriers almost free reign in order to be in their good graces. It worked before. It was needed before. But it has to change now.

Google doesn't have to be a dictator for it to happen. The company loves to employ and boast of technical means to solve problems that others would have to manually resolve. It is going to be a painful transition, but the Android platform has to adapt now before it becomes nearly impossible by version 10 or 15. And, sooner or later, Google will have to put its foot down on certain matters. It's not going to sit well with all users, even if benefits the platform as a whole. Fortunately, those users will always have options outside the Google-sanctioned versions.

Disaster waiting to happen

But why is getting updates regularly and on time that important? There are many reasons, and some may resonate more than others for some users. The most critical reason of all is, of course, security and bug fixes. In the days following Stagefright, the frenzy caused many OEMs to take swift action. Even the usually silent Samsung actually spoke up. Over time, however, almost all of those went back to old habits and many phones, even the latest models, remain months behind security patches.

But don't know the value of having the latest and greatest features either. It might not be a do or die situation, but being on the latest version of a platform means being exposed to less bugs, having access to more important platform features, which usually include safeguards against malware, and enjoying less problematic behavior from previous releases.

All in all, updates give an indicator of the overall health of the entire ecosystem. No matter how updated the software may be, when no one gets it on time, it's still a symptom of a rather sickly platform.


Every time the topic of Android updates comes up lately, Project Treble naturally comes up as well. In a nutshell, Treble gives OEMs a layer of protection that ensures that the underlying vendor implementation doesn't have to change with each and every Android update. In theory, that means Google can just push out updates to Android that is guaranteed to work on the same vendor implementation, reducing the need to test each and every update.

Treble, however, is not a panacea. It is a good start but still just one piece of a larger puzzle. Even six months after it debuted, very few OEMs support it. Even fewer already existing phones do. And while future phones will have no choice but to implement Treble, that still doesn't solve another update bottleneck: OEM customizations. Treble only addresses the underlying hardware implementations, not the software on top of the Android framework. Eventually, Google will need something like that too, allowing it to push out Android updates that slip effortlessly between custom UX and vendor implementation.

Wrap-up: Voluntary responsibility

In the end, excluding the role carriers play, fixing the Android update situation is, unfortunately, in the hands of OEMs. While Google indeed needs to implement technical solutions like Treble to make things easier, the open nature of Android puts the power in the hands of phone makers. Google can only do so much to force those hands without earning their ire. It is, perhaps, no wonder why Google wants to be its own man in terms of making phones.

Unfortunately, OEMs might not be so motivated to invest too much resources in cleaning up their act. It is, in fact, probably more beneficial to maintain the status quo. Apple has recently been accused of practicing planned obsolescence but, to some extent, Android phone makers have been doing that for years, depriving users of new Android releases and, thereby, presenting new phones as an enticing update in hardware and software. Nothing short of a miracle of a disaster of epic proportions will make OEMs change their ways. Hopefully, it won't come to that.