Security on Android smartphones is still a big problem. Google also knows this and has therefore set up a new program to protect users.
Unlike Apple’s iOS, which is only developed for iPhones, Google’s Android operating system runs on tens of thousands of different smartphones from a wide variety of manufacturers. Each manufacturer also adapts Android with their own user interfaces. However, these can vary from model to model even within the manufacturer’s own ecosystem – also in terms of safety.
Google has no control over Android security
For Google, this means that it is extremely difficult to ensure a consistent user experience across all the different devices. Since Android is extremely fragmented – split up into many small parts – the company cannot simply bring updates to all devices at the same time. Manufacturers must first adapt their interfaces before new functions and, more importantly, security updates reach users.
Google has therefore been pursuing a two-pronged approach for some time now and offers security patches independent of function updates. The patches are provided monthly, but only a few smartphones receive them every month. Many devices only receive a patch update every quarter or six months. Nevertheless, the patch level allows users to quickly check whether they are up to date with the current security status.
Manufacturer responsible for eliminating weak points
But the patches do not cover all of the security holes known for Android. It is therefore up to the manufacturers themselves to minimize such risks. So far, however, there was no overview for users of which manufacturers and smartphones are affected. Google now wants to change that and for this purpose has launched the “Android Partner Vulnerability Initiative” (Android partner vulnerability initiative, APVI for short ). Google announced the initiative on its own security blog in early October . The company itself describes the APVI as “designed to drive fixes and give users transparency about problems that Google finds on devices from Android partners”.
List of open security vulnerabilities can be viewed by users
Google is now publishing a list of vulnerabilities in the manufacturer’s own versions of Android. In doing so, the company not only educates users about the security of their smartphones. It is also a kind of leverage to induce manufacturers to resolve problems quickly.
If a Google employee reports a vulnerability, it is added to the list. New entries are first checked and then marked as “open”. So far the list is quite short and most of the entries are marked as “solved”. The entries not only include smartphone manufacturers such as Huawei, Meizu, Oppo and ZTE, but also chip manufacturers Mediatek, for example. This means that users not only find out whether smartphones of certain brands are affected by a vulnerability. But also whether devices across manufacturer boundaries are unsafe if they use chips from a certain manufacturer.
Visit the site!
You can find the list with all current entries under the link ” https://bugs.chromium.org/p/apvi/ “. Chromium is Google’s own domain that the company uses for its “Monorail” troubleshooting platform. TECHNOLOGYBUTTON recommends that owners of Android smartphones that are not made by Google themselves save the page as a bookmark. This means that you are always up to date with regard to potential threats to the security of your smartphone.