back to article I don't think you're ready for this Jelly: Google pulls support for Android WebView

Google has decided to end support for older versions of Android WebView, the default web browser on 'droid devices. This will apply to users running 4.3 or earlier versions of its Android smartphone OS. It has decided instead to invite securobods to fix the problem, saying it "welcome(d) patches with the report for …

  1. Anonymous Coward
    Unhappy

    WTF

    Maintaining support for a software product that is two versions behind would be fairly unusual.....

    Yes but "normally" your OS isn't obsolete in less than a couple of years.

    So many people bitched about XP support being ended after 13 years, but it's OK render a phone OS obsolete after a year or two.

    1. sabroni Silver badge

      Re: WTF

      No, no, no. This is totally, totally different to MS dropping support for XP, and a load of fandroids will be along to explain how any second, without a hint of irony....

      1. Phil O'Sophical Silver badge

        Re: WTF

        This is totally, totally different to MS dropping support for XP,

        But it is. It's a bit like Dell dropping support for their OEMed XP SP1 after 2 years, and you being unable to get SP3 or any other upgrades from anyone else, even Microsoft.

      2. Anonymous Coward
        Anonymous Coward

        Re: WTF

        No, no, no. This is totally, totally different to MS dropping support for XP, and a load of fandroids will be along to explain how any second, without a hint of irony....

        The difference is that a computer running Windows XP can theoretically be updated to run another OS. Possibly even Windows 10 beta if that's your preference.

        A phone cannot be updated by the end user as easily. If an over-the-air update isn't available from the vendor, you're on your own.

        It figures Android 4.1 would make that list, I literally just replaced my Android 4.0 phone this week after some water got into the LCD and developed circular black spot about 25mm in diameter up the top-right corner. That phone was barely 2 years old.

        The phone I bought to replace it, I bought due to its hardware features (apparently can tolerate being dunked 1m in water, and it offers the ability to connect external antennas) thinking that they might have updated the OS.

        ZTE won't assist me in updating the OS, and going it alone will void the warranty. I just have to put up with the older OS, I have no choice.

        Thankfully there's the F-Droid marketplace and Firefox on Android, so at least I can keep some software up-to-date when Google decide to stop supporting v4.1 altogether.

        1. John Brown (no body) Silver badge

          Re: WTF

          "ZTE won't assist me in updating the OS, and going it alone will void the warranty. I just have to put up with the older OS, I have no choice."

          So you bought a product which is still under warranty and is now known to have a defect that was in place at the time of manufacture. That sounds like a reasonable complaint to take up with them under Sale of Goods and/or any other applicable consumer protection laws.

          Their get out clause, of course, is that the software containing the fault is not purchased, only licensed and therefore not covered. It might be time for someone to make a case of this with the argument that the device is unusable without the software, potentially unsafe to use with the software and they won't rectify the fault so it's no longer fit for purpose.

          I have no doubt that they would "settle" in some way rather than allow something like that to get to court. It's cheaper to pay off a few than to actually support their products.

        2. big_D Silver badge

          Re: WTF @Stuart

          The difference is that a computer running Windows XP can theoretically be updated to run another OS. Possibly even Windows 10 beta if that's your preference.

          A phone cannot be updated by the end user as easily. If an over-the-air update isn't available from the vendor, you're on your own.

          Your argument works the other way round. If the PC can be upgraded to a newer version of Windows by the user, then there is no need for older versions to be supported for 13 years... On the other hand, if the Android handset cannot be upgraded then it means that it is reliant on those security patches from the manufacturer being delivered in a timely manner for the lifetime of the product (5 to 10 years).

          1. Anonymous Coward
            Anonymous Coward

            Re: WTF @Stuart

            "ZTE won't assist me in updating the OS, and going it alone will void the warranty. I just have to put up with the older OS, I have no choice."

            So you bought a product which is still under warranty and is now known to have a defect that was in place at the time of manufacture. That sounds like a reasonable complaint to take up with them under Sale of Goods and/or any other applicable consumer protection laws.

            I bought a product, the one and only product on the market from what I can see, which has the closest match to the (hardware) feature set that I'm after in a device.

            My choice is binary, either I buy it, or I do without, and I need a phone for work.

            The difference is that a computer running Windows XP can theoretically be updated to run another OS. Possibly even Windows 10 beta if that's your preference.

            A phone cannot be updated by the end user as easily. If an over-the-air update isn't available from the vendor, you're on your own.

            Your argument works the other way round. If the PC can be upgraded to a newer version of Windows by the user, then there is no need for older versions to be supported for 13 years... On the other hand, if the Android handset cannot be upgraded then it means that it is reliant on those security patches from the manufacturer being delivered in a timely manner for the lifetime of the product (5 to 10 years).

            Yes, I recognise this… and surprisingly I do understand Microsoft eventually dropping support for older OSes. You might be surprised to note that not much software runs easily on Red Hat Linux 8.0, which was latest and greatest when Windows XP came on the scene.

            It'd help though if cowboy coders and sloppy design didn't combine to produce a whole raft of software packages that break when said sloppy design got cleaned up.

            But I digress… Handset makers should either be prepared to keep up, or they should provide the materials to the end user to let them keep up (either themselves, or pay someone for it).

            stuartl@portege ~ $ uname -a

            Linux portege 3.11.2-portege-dirty #3 PREEMPT Sun Oct 6 13:47:57 EST 2013 i686 Pentium II (Deschutes) GenuineIntel GNU/Linux

            ^^ See, even old kit can run a recent OS. That's a PII 300MHz laptop with 160MB RAM and a 160GB HDD running Gentoo, acting as an APRS I-Gate. Does the job fine.

            1. Anonymous Coward
              Anonymous Coward

              Re: WTF @Stuart

              So you bought a product which is still under warranty and is now known to have a defect that was in place at the time of manufacture.

              In the interests of science, I have asked ZTE:

              http://www.longlandclan.yi.org/~stuartl/images_tmp/ZTE_Australia_Support_Feedback_-_2015-01-17_05.10.48.png

              1. Anonymous Coward
                Anonymous Coward

                Re: WTF @Stuart

                In the interests of science, I have asked ZTE

                And the reply, after much backwards and forwards, was basically along the lines of: No, we forget devices even exist once released. They use the excuse that this model was developed in early 2013 (after Android 4.2.1), and apparently it's cheaper to back-port every fix than to just port their changes to a newer OS.

                They allege the release on these devices "includes a fix for known security issues". With no formally released sources or change-log, and an ever widening gap between code branches we've only got their say-so on that. Pretty sure the WebView vulnerability won't be among those fixes.

                IMO devices that are not supported by the manufacturer should be a fully open design so that the end user has at least a fighting chance, but that's just a pipe dream. Commerce says we should just buy new every 10 minutes and throw the old away.

                If I had the resources, I'd do it myself, but unfortunately getting something that would be workable would be a significant challenge for a one-man band.

      3. Anonymous Coward
        Anonymous Coward

        Re: WTF

        >and a load of fandroids will be along to explain how any second

        Still butt hurt about WP world wide market share dropping below %3 at the end of 2014 huh? That WP7 no upgrade stunt ranks in the same ball park as this. I will grant though security updates and security in general is a joke on Android and is actually one of WP strengths (security by obscurity, few apps means few malware apps and all that). That said nobody uses software and especially yearly OS service packs masquerading as new OS releases to obsolete old hardware like Apple.

    2. Simon Harris
      Facepalm

      Re: WTF

      Yes but "normally" your OS isn't obsolete in less than a couple of years.

      Translated as "normally" your OS isn't obsolete in less than the length of a phone contract.

      1. Anonymous Coward
        Anonymous Coward

        Re: WTF

        Of course this really should be seen as what it really is. Google are punishing the users of devices where the makers & Telco's never updated to Kitkat and if they could have gotten away with it they would have looked for a way to have those users of KitKat placed in the same situation as those with 4.3 to punish them for the makers and Telco's not pushing to upgrade to Android Lollipop.

        Google's slogan was "Don't Be Evil" now it seems it's "Don't give a Damn" especially if you are using a phone using 4.3 or earlier but they will point the finger at the Makers and Telco's.

        1. Anonymous Coward
          Anonymous Coward

          Re: WTF

          If they provides fixes for webview then the phone manufacturer would still have to take that update merge it into their custom build and distribute it to all their customers.

          The point is, while Google actively update the OS, phone manufacturers often customise the build and don't then update them. If a manufacturer is refusing to send out updates then what is the point in fixing and securing them for them never to be installed.

          If the manufacturer is sending out updates then they can just send out the latest Android build while they are at it?

      2. Robert Helpmann??
        Childcatcher

        Re: WTF

        Translated as "normally" your OS isn't obsolete in less than the length of a phone contract.

        Simon Harris, thank you for that epiphany! I had not realized that the way my phone company pushed out OS updates was by forcing or enticing customers to upgrade their hardware.

        No, I am not being ironic. That is de facto how it seems to work

      3. big_D Silver badge

        Re: WTF

        I got monthly security fixes from MS for my Windows PCs, yet my HTC and Samsung Android phones received about 4 updates over 5 years, despite many know security holes.

        Good, this isn't just Google's problem, it is also partly down to the carriers and the hardware manufacturers, but Google should make part of being certified for Android is that the manufacturers have to push out at least security patches for at least 5 years - although timely updates to newer versions would be more welcome.

        The same for carriers, they should get their noses out of security updates, if they can't get their acts together and protect their customers in a timely manner, then they should not be allowed to sell customised handsets.

        That is one of the reasons why I buy unbranded phones these days, at least there is half a chance of it getting security patches.

      4. heyrick Silver badge
        Meh

        Re: WTF

        "Translated as "normally" your OS isn't obsolete in less than the length of a phone contract."

        Given normal carrier laziness, your OS is probably obsolete before you buy, and good luck if you think you'll ever see an upgrade.

        My current phone is an Xperia U. It runs Android 2.3.7 (I think). That was on it when I bought it in 2013. To their credit, Sony did make a version of 4.something available for it. Have Orange? Not bloody likely. Still, my contract ends in a week and a bit. Time to look for something a little less ancient.

    3. Stuart 22

      Re: WTF

      Two versions is a fair policy if you provide updates to move to those versions if physically possible.

      It would have been nice if Google put that requirement into their licence agreement with the manufacturers. The upside for us is it would make it more attractive (ie easier and cheaper) for the manufacturers to stick to a close approximation of bloat free vanilla Android.

      As it is very few new products offer Lollipop or even a promise of Lollipop. Some are still offering JellyBean which suggests they are going nowhere.

      I'm not sure the average punter is aware of the version/upgrade policy is when he/she buys and not much effort goes into telling them - what a surprise!

      Maybe if Google was billed for the landfill and unnecessary re-purchases things might change

      1. cambsukguy

        Re: WTF

        Since a lot of ordinary folks must be on their second or third Android phone by now, I presume they do not notice or care about the lack of an upgrade path (or their phone does get upgraded).

        My assumption, for those not upgraded, is that they assume the OS is mostly fixed and they buy a new phone to get the better hardware and the 'better system'.

        Perhaps their iPhone buddies tell them that *their* phone gets updated but they maybe think that is an Apple thing.

        Security-wise, they never knew about malware and risk in the first place so they didn't care a toss.

        Windows Phone doesn't change that much version to version, the owner sees it, Cortana added etc. but it *looks* much the same.

        I for one like that every Win8 phone has been updateable to every version thus far, hardware limitations leaving some features unsupported obviously.

        1. big_D Silver badge

          Re: WTF

          Since a lot of ordinary folks must be on their second or third Android phone by now, I presume they do not notice or care about the lack of an upgrade path (or their phone does get upgraded).

          Most don't know what an Android is and they are used to dumb phones which never got upgraded... I know of several people still using ICS or earlier devices, because they are still working and they do what they need.

          A lot of people expect a good ROI on their devices and when a phone costs 400 - 600€, they expect it to last at least half a decade before it will be replaced.

        2. John Brown (no body) Silver badge

          Re: WTF

          "they buy a new phone to get the better hardware and the 'better system'."

          I think that's the nub of the matter. Most users still buy phone on contract and get all excited when they get a "free" upgrade every year or 18 months. We here of course know that it's a loan agreement that just ended and the "free" upgrade is just the unthinking punter buying a new phone on a new contract and part-exchanging the phone they just finished paying for. This means most users never keep a phone long enough to even consider if the OS can be upgraded.

          1. sabroni Silver badge
            Thumb Up

            Re: a load of fandroids will be along to explain how any second, without a hint of irony....

            See!

            I love it when a plan comes together!!

  2. Martin hepworth

    who would have got this anyway

    Given the vast majority of users would have never been sent these updates from either the phone vendor or carrier would this make any difference anyway.

    Now we just have to get the vendors to stop selling devices with Gingerbread (2.3) installed :-)

    1. Anonymous Coward
      Anonymous Coward

      Re: who would have got this anyway

      Yeah but nerds on here might have gotten those security fixes through Cyanogenmod and its ilk. Still Android and security rank right up there with IE6 and security anyway.

  3. Harry the Bastard

    non-event

    most oems seem to provide updates for only a short period, then the phone is stuck with ageing software, no updates even for serious security issues

    my samsung is stuck on 4.1.2, but i'm loathe to ditch a perfectly functional phone, especially as most of the new ones with features i like have become so fat

    it's the only real gripe i have with android, if there's a new nexus with a smaller screen than the 6, i'll buy it simply to be free of the bloatware and rapid abandonment that come with other brands (yes i know i could put cyanogen/other on my existing one, but i just can't be arsed)

    1. petur
      Meh

      Re: non-event

      It is a non-event, for a complete different reason.... we're talking about a browsing component no longer getting updates. Just install another browser and done. And frankly, the old browser sucked hard anyway, so nothing is lost.

      1. big_D Silver badge

        Re: non-event

        The problem is, the majority of people still using these old devices probably don't know that they need to update, that their hardware providers aren't providing updates, that they are at risk or that there is such a thing a "another" browser...

        They "just click the Internet button."

      2. Dr. Mouse

        Re: non-event

        "Just install another browser and done."

        WebView is used in a lot of applications, too. Those won't use the alternative browser you have installed.

        I have to say that Google need to put it in the license with manufacturers that they provide timely updates from release to at least 2 years after they discontinue it (so a consumer who buys on the last day gets at least 2 years updates, the normal length of a phone contract). At the very least this should be security updates, but should really be full OS updates.

  4. Sporkinum

    Looks like I need to go the Cyanogen route as well. My HTC is stuck on 4.1 as well. I am a cheap bastard and do prepaid, so I buy cheap, older phones from ebay.

    1. This post has been deleted by its author

  5. Dan 55 Silver badge

    Chrome it is then

    The things they'll do to get your browsing history with your Google ID.

    1. Anonymous Coward
      Anonymous Coward

      Re: Chrome it is then

      The latest chrome is garbage on 4.4 custom roms though because of that whole floating windows crap (nothing like half window chrome). Sadly even there you end up having to use an older version.

    2. petur
      FAIL

      Re: Chrome it is then

      You make it sound as if Chrome is the only browser on offer (hint: it is not)

      1. Dan 55 Silver badge

        Re: Chrome it is then

        No, but it'll be the only browser that will come preinstalled with new phones, if manufacturers want Google Play.

        1. Dan 55 Silver badge
          Facepalm

          Re: Chrome it is then

          Downvoted for R-ingTFA it seems.

        2. Anonymous Coward
          Anonymous Coward

          Re: Chrome it is then

          the only browser that will come preinstalled with new phones

          I bet you're one of those cry-babies who whined about Win8 needing a 3rd party start menu

        3. RyokuMas
          Facepalm

          Re: Chrome it is then

          "No, but it'll be the only browser that will come preinstalled with new phones, if manufacturers want Google Play."

          ... and the irony will be how many fandroids try and justify this happening while still bashing Microsoft from shipping Windows with IE pre-installed back in the browser wars era...

  6. Anonymous Coward
    Anonymous Coward

    "Chris Boyd, a malware intelligence analyst at Malwarebytes, argued that the change wouldn't make much practical difference to the Android security threatscape."

    Yes, because the malware industry will completely ignore the large number of non jelly bean phones, tablets, and embedded devices once they can have write-it-once, use-it-forever malware. And all of the landfill android manufacturers will absolutely step up to the plate and offer free upgrades, or their own patches...

  7. Thought About IT

    Lack of OS updates is a killer

    Having found out the hard way that the version of Android on my old Samsung Galaxy was never going to be updated, when the contract expired I switched to a Lumia 925 which prompts me when OS updates are available. It's a great phone/camera/GPS/radio/communications device which also doubles as a torch/timer/translator etc. I daresay there are loads of apps not available for it, but I haven't missed them.

    1. ZSn

      Re: Lack of OS updates is a killer

      Same here, Microsoft has said that they will support windows phone 8.1 for three years from when you get it on your phone (and it looks as if windows phone 10 will also get ported to the older phones as well). This puts android to shame. My nexus will be just about supported and it's only a year old. Google say that they will support it for 18 months and that is good by android manufacturer standards. What a joke!

      1. Anonymous Coward
        Anonymous Coward

        Re: Lack of OS updates is a killer

        Weren't Microsoft the company who explicitly didn't support updates for their OS on their mobile devices (from 7 to 8 for instance - or from prior versions)? But it is good that, as you say they have reversed that decision and are now allowing updates from 7 to 8..., oh they're not, right?

        So they might allow you to update to the next major version? Perhaps? Maybe not?

        However Google updated my Nexus 4 from Jelly Bean, through Kit Kat right up to the latest Lollipop and that was released in 2012 (oh yeah, and my Nexus 7 released in the middle of 2012).

        Just wanted to point out the absurdity of your argument rather than claim anything great about Android/Google.

        1. Anonymous Coward
          Anonymous Coward

          Re: Just wanted to point out the absurdity of your argument

          Then talk about security patches not version updates. They are quite different.

  8. Leeroy

    Awesome timing

    Maybe MS should spread this around a bit with twatter or something after Google's latest 90 day Windows 8 exploit shenanigans?

  9. Warm Braw

    Hope all those Nest enthusiasts...

    ... are paying attention.

  10. Bucky 2

    Browser != OS

    Firefox and Chrome seem to work just fine as downloads, and update just fine independent of the Android version.

    Saying that they won't patch old versions of this "Web View" monkey should be a non-issue. It should update independently, just like any other browser.

    That they've bound it to the underlying operating system means they've done a silly thing, and they should undo that silly thing.

    1. Anonymous Coward
      Anonymous Coward

      Re: Browser != OS

      One of the first things I did was nuke/system-remove the "system browser." I've become very accustomed to having separate browsers tailored around their roles/sites on all my devices.

  11. Anonymous Coward
    Anonymous Coward

    Whoever created this mess is the one who should fix it

    And let's face it, Google created this mess. No one is asking Google to backport enhancements on new Android versions to older harwdware. Just to backport security fixes.

    I'm afraid to say this, so Android fanboys can save their downvotes, but Microsoft has solved this perfectly a long time ago: older OSs still get security updates but no new features and that's ok and allows you to keep using the OS for a decade without forced upgrades.

    (note that Apple is in the same boat as Google in this regard, as they stop releasing updates for n-2 generation devices)

    The fact that even if Google released a patch (something it's not going to happen anyway) it won't end up in user devices because operators don't bother with patches or upgrades after the devices are obsoleted by new ones is not any kind of relief for the billion devices or so affected. At all. It is merely a stellar example of how this industry in general disregards their customers in favor of their forced update cycles.

    And the worst part is that it is too late in this case: operators are bound to a Google license that does not obligue them to distribute upgrades. But in the future, and at least for the Google-licensed Android operators, Google SHOULD backport security fixes and Google should REQUIRE operators to apply security patches.

    Alternatively, just wait for the Androidpocalipse of one of these unpatched vulnerabilities being exploited in a couple hundred million phones and watch the class action lawsuits fly: yes, you provided a device with a known security vulnerability AND you neglected patching it resulting in direct financial dammage to your customeers. I know, lawyers are already salivating over this.

    1. asdf

      Re: Whoever created this mess is the one who should fix it

      Well maybe the first time somebody turns a billion android devices into the nastiest ddos botnet the world has ever seen and takes down all of Google's sites it will get their attention.

    2. This post has been deleted by its author

    3. Anonymous Coward
      Anonymous Coward

      Re: Whoever created this mess is the one who should fix it

      Hah hah, yeah I am waiting for the androidpocalipse as well, popcorn in hand. There are a lot of foolish people out there who think that google are 'nice' and that they have their customers best interests at heart (ohhh LOOK, they GIVE me shiny software and it is FREE). The reality could not be further from the truth, but some people just have to learn the hard way....

  12. Anonymous Bullard
    Meh

    No more updates? Nothing new!

    The phones that don't have the Chromium based WebView probably haven't received an update in years anyway, because the appalling situation with updates from manufacturers this isn't going to make a shit of difference!

    Anyway, I'm glad they're giving the original WebView the bullet because from a developer point of view it's so crap it's almost as bad as IE.

  13. Alan Denman

    Webview ?

    Come on, it was so useless that no one uses it anyway !

  14. Anonymous Coward
    Flame

    The best way to secure an Android device

    1. Place it on a hard surface

    2. Whack it several times with a sledge hammer

    3. Kill it with fire

    Alternatively one could install a different OS, if there were a secure yet usable one....

  15. Anonymous Coward
    Anonymous Coward

    Actually...

    Chrome is available for 4.0+, which is 85% of the user-base. It's a drop-in replacement for the shitty built-in webview. All you have to do is install it from Play - it would be lovely if this was enforced when you next go on it.

    The "60% affected users" means "60% of phones don't have Chrome pre-installed.". So, 15% of the user-base probably have no option to upgrade.

    Fortunately, from 5.0 Lollipop (which has a fuck-all user-base right now) they've finally fixed the way the phones are upgraded by moving most of the "built-in" crap in /system into the user-space - meaning the non-OS stuff gets updated from Play rather than leaving it to the shitty manufacturers and even shittier carriers.

    (but I only use and develop for Android at work)

  16. Mr D Spenser
    Unhappy

    Haven't you ever heard of planned obsolescence?

    From Wikipedia:

    "Planned obsolescence or built-in obsolescence in industrial design is a policy of planning or designing a product with an artificially limited useful life, so it will become obsolete, that is, unfashionable or no longer functional after a certain period of time."

    Sorta says it all.

    Back in the 60's and 70's US cars lasted for 4-5 years max until Honda showed up and forced a change. Hopefully unlocked phones with a standard OS can force this same type of change.

    Right now my phone is stuck at 4.2.2 and my iPad 1 is stuck at 5.1.1.

  17. Anonymous Coward
    Anonymous Coward

    Makes a lie of fandroid claims

    Kept hearing how great it was that Google could update the apps separate from the OS, so the fact people were stuck on older versions of Android that weren't updated by the OEM didn't matter because Google could update them via Google Play. I guess not! Last March Apple updated iOS 6.x for the 3gs (almost five years old at the time) to fix a Safari bug. I guess we see who cares more about the security of their end users, and it sure ain't Google!

    If Apple did this we'd see a post about how it is all planned obsolesence to force people to buy new phones, garnering dozens of upvotes. What is it when Google does it? I guess just an attempt to push people towards new phones that use the tighter Android license that ensures they use Chrome with its constant nags for you to login, hoping you'll use it on other devices so they can get the maximum amount of individualized tracking!

    1. Charlie Clark Silver badge

      Re: Makes a lie of fandroid claims

      Google does update the OS. It's just manufacturers and carriers who don't ship the patches and updates. This isn't good but not really (or at least not entirely Google's fault).

      However, it's not really about the stock browser as much as the component used for viewing HTML / websites in lots of applications. Might be some interesting legal cases if these turn out to be vulnerable.

  18. Dan 55 Silver badge
    Devil

    Play fair, Google...

    ... and post the exploit code, as you do with other manufacturers flaws.

  19. stephajn

    Makes me wonder...

    ...where these researchers for the stories get their facts from.

    Quote from article:

    "Jelly Bean (versions 4.0 through 4.3)"

    Um yeah...Try Ice Cream Sandwich and Jelly Bean since Jelly Bean wasn't a name used until 4.1, not 4.0.

    As for updates to the WebView component not being supplied anymore, I'm at a loss here because I wasn't really aware that the WebView was being updated all that much anyway for your average Joe user since those kinds of updates would have gone to the manufacturers of the phones and it would have been up to them to decide if they wanted to release an update for their installed userbase, right?

    I am a fan of Android over iOS, but I do feel a bit of Apple envy when they get their updates on a regular basis and I am stuck wondering if my phone manufacturer will be so kind as to give me an update for my phone running Android. Makes me glad that I got the OnePlus One running CM 11. A CM 12 update is promised very shortly.

  20. ozor

    Blame your operator & manufacturer not Google

    In probably 99% of all these scenarios the only reason your still running 2 version or older OS's is because your either your manufacturer or network operator cant be #$%~$ to forward on these updates to you. And why should they? if your phone becomes obsolete excellent you will go back to them to get another.

    Until you learn the below points this will continue forever as its a great money spinner.

    * Contracts are bad

    * Leave manufacturers who do not maintain OS updates

    * Dont get Network Operator branded phones

    If the Network Operators or manufacturers are not punished for treating there user base like a big fat cash cow then they will never stop.

  21. Anonymous Coward
    Mushroom

    Let the researchers that found this out have some fun....

    Google.

    You have 90 days to fix (and all future bugs) for this or we release the code required for the exploits.

    What goes around.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like