Google promises better security for Android in 2017
In 2015, Google announced that there were more than 1.4 billion active Android devices. As the push for Internet of Things (IoT) and other "smart" devices running the open-source operating system increases, this number will as well. All these devices pose a security threat, however, as non-updated devices are extremely vulnerable to security threats such as malware. As seen increasingly, compromised devices are not only threats to security and privacy, but they also can become unwilling participants of botnets used for distributed denial of service (DDoS) attacks.
In an announcement today where Google pledged to provide more numerous and timely security updates for the OS, the company also admitted a disturbing statistic: of all the Android devices active at the end of 2016, about half of them did not receive any security updates that year. Google said that it would be improving its security patch program by simplifying the roll-outs for OEMs. This has been the major hurdle for Android security from the past until now, as every OEM has added their own changes to the original Android OS, meaning the patches cannot simply be applied to all devices in one broad stroke. Combined with the fact that not all Android devices are running the most up-to-date version of Android, the slight variations in OS implementation between smartphones make it difficult to roll out truly global security updates to keep users safe.