Samsung's Android-powered Galaxy Note 5. Photo: Samsung.
From July, 2011 to July, 2015, nearly 88% of Android-powered devices on average suffered a critical security flaw, according to a new study from The University of Cambridge. Most of the blame lies with Alphabet's many hardware partners, which often fail to deliver security updates on a timely basis.
Continue Reading Below
In the past, Apple has oftencriticizedthe Android platform for its relative lack of security. CEO Tim Cook once characterized Android as a "toxic hellstew" ofvulnerabilities. This study appears to lend credence to that assessment.
A complicated processPatching an Android device is a complex process, with many different firms playing key roles. Alphabet develops Android, but it remains open source -- device-makers are free to modify it as they see fit. Alphabet often releases Android updates, butmanufacturersare responsible for pushing those updates to the many devices they make and sell. Carriers often addanother layer of complexity to the mix, standing between device-makers and consumers in some markets. For these reasons, Androidupdates are often delayed weeks or months, if they're delivered at all.
Earlier this year, researchers discovered a series of bugs present in some newer versions of Android that allowed attackers to take control of a device by sending a simple text message.Collectivelyknown as Stagefright, Alphabet quickly patched the flaw, but its hardware partners took several weeks to update their devices. The most popular Android handsets have received updates, but given the thousands of different Android models in use, plenty of Android devices may remainvulnerable to this day.
Apple, in contrast, uses a completely different model, pushing iOS updates to the iPhone directly -- with no partner or carrier involvement. iOS is not aninvulnerableplatform, but it's likely more secure than Android. In its study, The University ofCambridgeawarded individual Android devices and manufacturerssecurity scores on a scale ranging from 0 to 10. One ofthe study's authors, Daniel Thomas,told ZDNet that Apple and the iPhone wouldn't score a perfect 10, but would likely outrank every Androidmanufacturerand device.
Nexus does better than the othersAlphabet's own Nexus devices were found to be the most secure, with the Galaxy Nexus, Nexus 4, and Nexus 7 among the top-scoring models on The University of Cambridge's scale. Like Apple, Alphabet pushes Android updates to its Nexus devices directly. Among Androidmanufacturers, LG and Motorola scored the best, while two firms most have likely never heard of -- Symphony and walton -- scored the worst. Both Symphony and walton make cheap Android handsets sold in Bangladesh -- a powerful testament to Android's ability to bring connectivity to consumers everywhere, but also a perfect example of the platform's fragmentation.
In the wake of the Stagefrightvulnerability, two of Alphabet's most dominant partners -- Samsung and LG -- promised to push security updates to their Android handsets monthly. But last month, HTC said that goal was unrealistic. Ultimately, most Android handset buyers must put their trust in individual manufacturers-- not Alphabet -- for security updates.
It's unlikely that consumers will parse through Cambridge's study before purchasing their next handset, but the relative reputation of the two platforms could have an effect on sales. Fair or not, Alphabet's mobile operating system has earned a reputation for security problems, and this latest study lends further credence to that notion.
The article This Study Highlights a Major Problem with Alphabet Inc.'s Android originally appeared on Fool.com.
Sam Mattera has no position in any stocks mentioned. The Motley Fool owns shares of and recommends Alphabet (A shares), Alphabet (C shares), and Apple. Try any of our Foolish newsletter services free for 30 days. We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.
Copyright 1995 - 2015 The Motley Fool, LLC. All rights reserved. The Motley Fool has a disclosure policy.