Google and Android 4.x.x WebView security problem

So recently Google has been getting nothing but flak from the online community in regards to an existing security issue in Android 4.x.x with the exception of Android 4.4.x (Kitkat). I’ve been watching this problem, and reading about it for the last 2-3 weeks or so.

google_trans

Apparently in Kitkat Google overhauled WebView completely, and probably for a good reason. Here is a good read about it. What really surprised me is the fact that professional sites the likes of Ars and others are siding with the hardware manufacturers. Which leads me to believe and confirms my previous suspicions, these hacks know very little about technology or are getting kickbacks from companies.

First they need a lesson on Linux versioning which can be found here. The basics of it… 4.x.x denotes a major revision with new features and major updates, think Windows 7 vs Windows 8. 4.4.x is a minor revision with bug fixes and probable feature additions and fixes, think Windows Service Packs. 4.4.4. is an insignificant update generally associated with bug fixes only, think Windows Updates.

As far as I am concerned Google did their part, they updated Android 4 all the way to 4.4.4, overhauled WebView and inturn fixed what was ailing previous versions of it on Android. This practice is similar to Windows releasing service packs, going from Windows 8 to Windows 8.1. The underlying OS is the same, however some features were fixed or replaced.

samsungb

I’m glad this issue is getting the light of day, because this raises a bigger problem that exists with the OEM Android hardware manufacturers, NOT with Google.

The culprits responsible for this issue are the OEMs. The Samsungs of the world. They are the ones responsible for updating their hardware with the software that Google provides them. They have Android 4.4.4 which is immune to the issue, but the problem is that the life expectancy of their devices is so short. So short that you might get one or two software revision updates if your lucky. The life expectancy of a Samsung phone is 1.5-2 years at most. The S4 is getting it’s last update this spring to version 5. I guarantee you after this the S4 will be abandoned by Samsung.

The life expectancy of a Nexus device is about 3 years. Apple does the same thing. After 3 years you can not expect an OEM to support their device anymore. The hardware tech moves so fast that is is nearly impossible to do so as well.

Yes the old version of WebView is patched via Google Play, where the new one is done via firmware updates. But I still believe that manufacturers should take responsibility and update their hardware, yet no one is screaming bloody murder in their direction. So the issue is not that google will not patch the problem, they already have. The issue is that OEMs the likes of Samsung are not willing to push software updates to their old devices. It is the OEMs

Advertisements
This entry was posted in Mobile, Software and tagged , , , , by Nerd Drivel. Bookmark the permalink.

About Nerd Drivel

Knowledge is power. Empower yourself! I've been a computer nerd since I was 7 years old. I started in the days of the Power PC with a Commodore 64. As I grew so did my knowledge and curiosity, anything I could take apart with a screw driver would be opened and investigated. Later on I went on to graduate from a post secondary Computer Engineering program. Today I work in an IT department for a mid sized company, I get to tinker and toy with gadgets of all types, fuelling my passion for technology and software. I understand computers more than I understand some people.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s