Cybersecurity

Google Aims to Defrag Android Universe

As any Android user knows, the version of the operating system you’re using can vary widely because it depends on parties other than Google. That’s why nearly two-thirds of users are running a version of Android introduced in 2012 or earlier.

With Android making the leap to wearables and the Internet of Things (IoT), however, Google is aiming to make that kind of fragmentation of its mobile operating system a thing of the past. It plans to limit what a hardware maker can do to the Android interface and control updates to the operating system.

“I think Google has discovered that an open operating system is nice to get a lot of units deployed, but it doesn’t necessarily provide a consistent user experience,” Yankee Group Vice President Carl Howe told TechNewsWorld.

“They could have chosen to exercise more control when they started,” he added. “They chose not to. If they had, they might not have gotten the rate of adoption they got.”

Google did not respond to our request to comment for this story.

Bold Move

The move toward greater control over Android in wearables, autos and TVs makes sense, said Ross Rubin, principal analyst with Reticle Research.

With smartphones, people typically are wedded to one device, but a person may have multiple watches and TVs.

“Google wants to enforce more consistency across different devices from different brands, which is less important in the smartphone market,” Rubin told TechNewsWorld.

“It’s also an opportunity for Google to address industry criticism about difficulties in upgrading to new versions of Android,” he added.

Times have changed since Google was an upstart in a market dominated by Apple.

“Google may feel emboldened to do this at this point, because it feels the polish and functionality of its user interface is such that it can deliver a good, consistent user experience in these products,” Rubin said.

If what Google is doing on the IoT side of Android catches on among consumers, it could influence the smartphone side of the operating system as well.

“If initiatives like TVs and smartwatches take off, consumers will want more consistency between those products and their phones, so Google will have more negotiating leverage to insist on cleaner software interfaces from their phone partners.”

Getting Ahead of the Curve

Choosing to exercise control over Android now, as it enters the IoT market, as opposed to later is a smart move, contended Marc Rogers, a principal security researcher at Lookout Mobile Security.

“Instead of trying to tackle fragmentation after the fact, as they did with the smartphone industry, they’re trying to get ahead of it and trying to prevent fragmentation from happening with things,” Rogers told TechNewsWorld.

“We have millions of smartphones, and we’re anticipating 10 billion things,” he continued. “You can imagine the scale of the problem with an exponential increase in manufacturers all modifying Google’s code.”

Google’s tightening the reins on Android for things will reduce the kind of variety found in the smartphone market, but that’s not necessarily a bad thing, he noted.

“From a security perspective, less variability and predictability is a good thing,” Rogers said. “The less manufacturers have to tweak and code themselves, the less of a headache Google has managing security.”

Security Problems

Fragmentation often is viewed as a contributor to Android’s security problems.

“When a vulnerability is discovered, the ability to get a patch or move to the latest upgrade isn’t in the hands of Google; it’s in the hands of the hardware vendor,” noted Michael Sutton, vice president of security research at Zscaler.

“We’ve seen many situations over time where some vulnerability is discovered, and end users end up waiting for — or in some cases never get — a patch that they need, because it has to be blessed by the hardware vendor,” he told TechNewsWorld.

By the same token, as Google improves the security of Android over time, many users can’t take advantage of those advances because they’re not allowed to upgrade their versions of the OS.

“If you can’t upgrade to that latest edition, you can’t benefit from those improvements,” Sutton said.

Reducing or even eliminating fragmentation won’t end Android’s security problems, however.

“I still consider Android less secure than other operating systems — even if it’s the latest version,” NSS Labs Practice Manager Chris Morales told TechNewsWorld.

“There tend to be more flaws with Android than in Windows Phone or iOS,” he said.

“I don’t know, though, if that’s because it’s targeted more often or it actually has more issues,” he added. “A lot of times more flaws are found because a platform has lots of users.”

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Cybersecurity

Technewsworld Channels