back to article What is this bullsh*t, Google? Nexus phones starved of security fixes after just three years

Google has published timelines for when it will kill off security patches for its Nexus-branded Android line. In a quiet update just before the weekend, the Chocolate Factory revealed both the Nexus 6 and Nexus 9 will no longer receive guaranteed security updates as of October of this year. The Nexus 6P and 5X will stop …

  1. Anonymous Coward
    Anonymous Coward

    Cool planned obsolescence bro

    2 years support wasn't long enough so no more Google devices for me.

    I was hoping somebody would make a mobile/tablet that didn't suck by now, but it never happened.

    1. This post has been deleted by its author

      1. John Brown (no body) Silver badge

        Re: Cool planned obsolescence bro

        "I now cannot afford the latest gadgets, so i am looking for 5 years use at least from any new purchase"

        Under UK (and EU?) consumer protection law, a fault in a product at the time of manufacture is under warranty for the reasonable lifetime of the product, which could be up to 6 years Maybe one day, someone who can afford it will take this to court and get buggy software confirmed as being covered by this since by definition the bugs and security vulnerabilities were faults there at the time of manufacture.

      2. Orv Silver badge

        Re: Cool planned obsolescence bro

        I too am waiting for a tablet that you can install a version of Linux on - which you can have complete control over.

        While clunky compared to an iPad, there are tablet-convertible Chromebooks that might fit the bill. Chromebooks all have unlockable bootloaders (by Google mandate) and there are Linux builds for many -- or you can make your own build of ChromiumOS.

        1. This post has been deleted by its author

          1. Orv Silver badge

            Re: Cool planned obsolescence bro

            Before you buy, do some research on whether other people have installed Linux on the one you're considering. These are NOT normal x86 machines with PC BIOSes; the boot loader is different. In theory they can all run Linux (ChromeOS is just a specialized Linux distribution) but actually installing it on some machines may not be trivial.

            I'll defer to others on the best distribution, because I haven't personally installed Linux natively on a Chromebook.

            Make sure you either get enough RAM from the start or check that it's upgradable -- on some low-end Chromebooks it's soldered to the mainboard. 2 GB is a little tight even for ChromeOS if you like to open lots of tabs, 4 GB is probably OK, especially if you're not planning to run the whole GNOME stack in your Linux install.

            These are pretty robust machines for the price, often comparable to a laptop from a few years ago. My old Acer C710 will stream full HD video through its HDMI port without breaking a sweat.

      3. Jonathan 27

        Re: Cool planned obsolescence bro

        Several of the ASUS transformer pad tablets can run Linux. If you're looking for an official Linux-powered tablet, you might be waiting a long time now that Ubuntu has given up on the Unity idea.

    2. TVU Silver badge

      Re: Cool planned obsolescence bro

      "Cool planned obsolescence bro

      2 years support wasn't long enough so no more Google devices for me.

      I was hoping somebody would make a mobile/tablet that didn't suck by now, but it never happened."

      Yep, I also think it's a counterproductive strategy from Google to turn perfectly functional phones into abandonware after only a couple of years to encourage new purchases. I think it is a deeply cynical strategy and I certainly won't consider buying a Google phones while they continue with this $$$ "Greed is Good" policy.

  2. Fan of Mr. Obvious

    Google's fault

    If I had known about the history before I purchased three 5x's I would have still bought them. Now that I know I need to replace three 5x's in the not to distant future, I am pissed.

    Pissed at me, or pissed at Google? No matter. I will just blame it on Google - easier that way.

    1. Dan 55 Silver badge

      Re: Google's fault

      Blame it on commentards who are guaranteed to say "I'm alright, I've got a Nexus" in the comments whenever there's an Android security scare story?

      1. Anonymous Coward
        Anonymous Coward

        Re: Google's fault

        They are still better off than the owners of other Android devices that won't get updates for even the short time Nexus does - or in some cases at all!

        1. MyffyW Silver badge

          Re: Google's fault

          The whole phone market is a shambles. The idea that a three year old phone should be junked is obscene. There's hardware in our house still patched ten years after installation. Mind you I got to choose the OS for that and a nice Finnish man releases periodic updates between swearing bouts.

        2. Captain Scarlet Silver badge

          Re: Google's fault

          "They are still better off than the owners of other Android devices that won't get updates for even the short time Nexus does - or in some cases at all!"

          Not in the wallet area (I have a Nexus 9 tablet and if I am honest I had no idea it was nearing the end of its life and I hadn't planned to replace it)

      2. Anonymous Coward
        Anonymous Coward

        Re: Google's fault

        I'm alright, I've got a Ne-FUUUUUUuuuuu....

    2. fishman

      Re: Google's fault

      Google's policy for Android updates / security fixes have been known for a couple of years - before the 5X came out. And it is longer than what it was in the past - the Nexus 1 to 3 had much shorter times than the Nexus 4.

      1. brainbone

        Re: Google's fault

        "Google's policy for Android updates / security fixes have been known for a couple of years"

        Doesn't make a 3 year life span, max, (unless you like flying by the seat of your unsecured pants) for $400 to $900+ kit any less obscene.

        I blame the millennials... because they're retarded.

  3. redpawn

    Son Going to College

    Was going to get him an Android smart phone of some kind to save money. Looks like Apple will win this purchase despite my dislike of cost and policies.

    1. Anonymous Coward
      Anonymous Coward

      Re: Son Going to College

      It's a safe choice, and pretty much the only choice for a device that will get security and other updates past the point where the Li-ion battery needs replacing; the two year mark. Funny, people, including me, complained wildly about Apple not having easily replaceable batteries, as opposed to Android devices. Turns out, you CAN open an iPhone and do the battery without too much fuss, and you will be able to get software updates for it when you do. With Android... it's looking grim over there. And I like the Androids. I just would not want another one until the security starts keeping up with a level that should reach all devices, not just the ones purchased 15 minutes past... and then cut off from OS updates, right when the battery should be replaced. Not cool.

      1. Anonymous Coward
        Anonymous Coward

        Re: Son Going to College

        >Turns out, you CAN open an iPhone and do the battery without too much fuss, and you will be able to get software updates for it when you do.

        Worth paying slightly over the odds for Apple to swap it (~£75) - I've done this with a couple of ours by mail - both times a new (or possibly mint ie new case/glass refurb) iPhone arrived almost by return of post.

        1. werdsmith Silver badge

          Re: Son Going to College

          £75 Slightly over the odds?

          I've done dozens of iPhones for less than a tenner each and they have all been as good as new for battery performance. Takes about 5 minutes, but I need reading glasses to do it.

          1. Anonymous Coward
            Anonymous Coward

            Re: Son Going to College

            >I've done dozens of iPhones for less than a tenner each and they have all been as good as new Takes about 5 minutes, but I need reading glasses to do it.

            Yep fairly trivial - but it invalidates your warranty - probably shocking for our cousins across the pond, but in the UK Apple freely replace a dead iPhone for 6 years (apart from the fee for battery replacement which kicks in after 2).

          2. Nifty Silver badge

            Re: Son Going to College

            Is it still true that you cannot buy original batteries for iPhones from anyone except Apple when they do the fitting? Last battery replacement I had for an iPhone 4 involved a 'reasonably new' genuine battery from another dismantled iPhone.

            1. Anonymous Coward
              Anonymous Coward

              Re: Son Going to College

              Uh, how would it be an "original battery" if you bought it from someone other than Apple? Either you buy an OEM Apple battery which costs more but you know it meets their standards, or you save money buying a compatible battery from someone else and hope they were made better than the Note 7's batteries!

    2. Colin Ritchie
      Windows

      Re: Son Going to College

      My Android device purchase plan assumes built in obsolescence after 2-3 years anyway, along with the battery fade. I bought a Moto G in 2013 (£120) and replaced it in 2016 with a Moto G4 (£160). Next replacement probably another Moto G in 2019 (at about £200 by then). This averages out at £53.33 per year for hardware (PAYG ofc, add a £10 per month goodie bag on Giff Gaff).

      I have no idea how many iPhones someone would buy over a 9 year period or how much that would cost them.

      Google treating Nexus as badly as any other Droid manufacturer does their own devices, seriously undermines their value.

  4. Adrian 4

    Just wow.

    That's bad. That's even worse than Windows.

    I thought the USP for commercial software was that it was supported.

    Why do we put up with this vendor (non)supported software when we could use open stuff and have support for as long as we want to pay for it ?

    1. This post has been deleted by its author

      1. Sandtitz Silver badge
        FAIL

        Re: Just wow.

        "I thought that Windows 10 was similar - or worse - 18 months only, of security updates. Website as follows"

        Then you though wrong, or you're just disingenuous there. Tough to defend Google so better attack the competition, right?

        This Google policy automatically makes your new device obsolete in two years. Sure there are handful of users (including you?) who cares only for security fixes but the vast majority would very much like to use their devices for more than that period. If that means you'll need to upgrade to the latest Android so be it. Most Android 4/5/6 users would be thrilled to get Nougat!

        If you need Windows for long term support then you need to enroll Windows 10 LTSB, which gets 10 years of only security fixes.

        1. This post has been deleted by its author

          1. Sandtitz Silver badge

            Re: Just wow.

            "Not everyone is a Volume licensee. Can you provide the information you have which disagrees with the above ?"

            I'm not disagreeing, that product truly is a volume license, and has associated costs.

            1. This post has been deleted by its author

      2. fidodogbreath

        Re: Just wow.

        So, if for compatibility or stability, you want to freeze the version you are on, then after 18months it will not be as secure????

        Yes, but in fairness, "freezing" the OS version is a choice that you are making; M$ are not unilaterally rendering your system obsolete with this policy. And in any case, skipping major updates is no magic bullet, since there's always the possibility that even a seemingly minor update can bork "compatibility or stability."

        When your frozen OS version reaches EOL, you have the option to update to the then-current version of Windows, thus extending your security support for another 18 months. There's at least a chance that your environment can be stabilized again on the newer version. That may not be ideal for your specific use case, but it's not the same as completely cutting off support for your device.

  5. Banananas

    That's fucking ridiculous considering how long most people keep a device for. My sons nexus 7 2013 is bits fit for the bin? He's only had it 2 years (bought new). I was a huge fan of Android when it came out but this really pissess me off

    1. Adrian 4

      The other side of the argument is that when Google updated my 2012 nexus 7 it changed from being excellent to being nearly useless due to short battery life. I've barely used it since. That sort of update I can do without.

      1. Paul Docherty

        The same is true in the iOS camp. iOS 7 gimped my iPad 2, relegating it kitchen usage only. It can just about open a recipe PDF without crashing...

        Updates are a double edged sword. I completely understand that releasing new features for >2 years (so major version updates) isn't realistic. However, security updates should reach through the expected lifetime of the device. In past days that may have been around three years for a typical android phone, but I'd guess it's now reaching closer to five.

        At least Nexus devices are easy root/mod. I have two Nexus 5 devices (used as a baby-monitor system) which are running Android 7.1 via LineageOS.

        1. werdsmith Silver badge

          My iPad 2 is still going strong with iOS 10.

          It is a bit slow for some things, but fine for browsing and video playback.

          1. cambsukguy

            Yet our three 'crappy' Surface RTs, still getting updates, security and more, still 'play videos' and browse the web (wow!).

            They also still run Skype, Mail works as normal and Netflix is smooth.

            In fact, everything seems to work as well (or better in some cases) as when they were purchased.

            It is true they get minimal use, travel and other less common uses where toting a laptop is unwarranted.

            I can't believe people tolerate either very poor support, even for the best supported devices or, good support but large overpricing and then insult and ridicule WinPhone because it lacks Apps. At least the Apps it has work (on the whole) and the battery lasts (and is removable in a 950) and the cameras/audio recording are superb and the support is excellent and the cost is low.

            As much as I would like the odd extra App (Santander, are you there?), I would much rather have a more secure device with the added capability over an iOS device (storage expansion, working Bluetooth, that sort of thing) for (much) less money.

            I find this App addiction by anyone other than a teenager desperate to be 'in' rather strange in fact.

            1. robin thakur 1

              950XL

              That might have been true on the old Nokia built Windows Phones, but my experience of the "flagship" 950XL is that it is by far the worst, most unreliable device I've ever owned, and I had a SE P990...Whether it is provided security updates above and beyond Google is little consolation when the device crashes regularly (necessitating a full reboot, I might add) on trying to answer an SMS.

          2. whoelse

            Then it's a newer model

            I have an iPad 2 from when the 2 was brand new and Apple won't allow it to upgrade past 9.x.

            Since about iOS 7 it has crawled, and since my wife and I largely use Android smartphones it's really just about useful for games for the kids that don't demand too much graphics or processing.

        2. tiggity Silver badge

          Apple updates

          Too often only way to get security fixes from apple is to update the OS.

          SO had iPhone 4, it worked OK, after OS "upgrade" it was almost useless for app use, ultra slow as although its skimpy resources worked fine with original OS, the way more demanding "upgraded" OS was too much for it to adequately deal with.

          That was essentially forced obsolescence - either recent to old version (without security patches and so with extra risks) or have a more secure but ultra slow upgraded OS.

    2. Updraft102

      My Samsung Galaxy Tab 2 7.0 was released in April, 2012. By February of 2013, it had received its second and final Android update. That's a period of ten months, and I didn't buy the tablet on the day it was released, so it was even shorter for me.

      Windows XP hit the market 11 years before the Tab 2 was released, yet it received security updates for a year after the tablet's last update. I know I am comparing a PC OS to a mobile OS, which is something I usually find invalid (particularly in terms of telemetry, as people always seem to say "Android and iOS do it too!" when I denounce Windows 10), but this time, I find it quite valid: I expect hardware I've purchased to not be arbitrarily made obsolete by "we won't update it" fiat, and that's true whatever the device may be. If it's not obsolete in terms of the underlying technology (too slow to run modern code, etc.), it's still a viable device.

      Of course, I bought it before I realized how short the support period was going to be (not to mention that the two updates that were pushed out ruined the excellent ICS 4.0.4 UI; I would much rather Samsung had stuck to the ICS security-only updates and skipped the JB updates).

      I do not intend to repeat the error by buying any more mobile devices. Simply put, by my way of thinking, there are no suitable mainstream smart phones or tablets. Apple products are too overpriced and locked down, and Android has the absurd "depend on the device manufacturer" update method that doesn't even last that long if the device manufacturer is Google itself (among many other issues). It's hard to believe these half-baked pieces of crap are what's ravaging the PC industry...

      By the time my tablet was two years old, it had already spent the majority of its existence

  6. Anonymous Coward
    Anonymous Coward

    Some enterprising outfit like Blackberry should announce endless security updates

    Take advantage of Google's dirty little secret.

    1. datafabric

      Re: Some enterprising outfit like Blackberry should announce endless security updates

      I will seriously consider the new BB Android phone w/keyboard if BB make such announcement. Also, not an Apple fanboi but an iPhone is a good possibility for next phone.

    2. Anonymous Coward
      Anonymous Coward

      Re: Some enterprising outfit like Blackberry should announce endless security updates

      You may not have noticed, but Blackberry now use Android.

      I can't see them paying the developer time for this any more than google.

      1. bazza Silver badge

        Re: Some enterprising outfit like Blackberry should announce endless security updates

        "You may not have noticed, but Blackberry now use Android.

        I can't see them paying the developer time for this any more than google."

        Who knows, but they're doing very well so far on rolling out updates. They've occasionally beaten Google to it on distributing security updates...

        Their target market, such as it is, is the business sector, and updates longevity and timeliness is much more of an up-front selling point there. I too am quite tempted by the new Key One...

  7. Brian Miller

    Expensive trash

    I bought a Nexus phone because I knew that Google would be rolling out the updates for it. Unfortunately, they don't do it for very long. And oddly enough, my phone and my tablet asked me to verify my Gmail account to continue receiving security updates for them. Go figure.

  8. fnusnu

    Ipad mini 1 anyone?

    Apple is also happy to dump old tech.

    Custom ROMs look like the future...

    1. Anonymous Coward
      Anonymous Coward

      Re: Ipad mini 1 anyone?

      Most iOS devices get five years of updates, some even more. The first gen Mini got only four years worth, but that still beats Google by a year.

      Once Apple finally drops support for the last 32 bit iOS devices (likely with iOS 11) they'll be able to go 64 bit only, and there won't be anything with less than a gig of RAM or 16GB flash, which would make it easier to support them even longer. No idea if they will, but iOS is growing in size more slowly than it used to in percentage terms so resource issues won't be the concern they have been.

  9. ecarlseen

    Why is this shocking?

    Let's be blunt - Google and its partners had to be shamed and dragged kicking and screaming into providing even a semblance of an update infrastructure. They've never really embraced the concept. Even things like disk encryption have been half-assed. Android isn't really a business. It's a loss-leader for Google to drive their search traffic and other products, and it's treated as such. I still hold out hope that they pull their heads out (and / or Microsoft takes a break from shooting themselves alternately in the foot and the head), because an OS monoculture is in nobody's interest (at least for us consumers).

    I could (and often do) criticize Apple for a million different things, but they've always taken security fairly seriously for IOS. Heck, they recently patched a zero-day exploit in about 10 days. That's 10 days for discovery, reporting, fixing, QA, and rolling out to customers. Apologies to the haters, but that's freaking impressive in my book. No other major OS vendor is even in that ballpark right now; they're all busy whining that 90 days isn't enough time.

    1. Vector

      Re: Why is this shocking?

      Why? Because, as I remember, and I may be remembering poorly, one of Google's selling points when the Nexuses (Nexi?) first came out was that you'd always have the most up to date version of Android if you bought one.

      So much for that claim...

      1. Anonymous Coward
        Anonymous Coward

        Re: Why is this shocking?

        Please cite, as Google NEVER said that. If you actually believe that you need to unplug from the internet, as you are clearly too thick to use it.

        1. RegW

          Re: Why is this shocking?

          > Please cite, as Google NEVER said that. If you actually believe that you need to unplug from the internet, as you are clearly too thick to use it.

          OK, always like a challenge ...

          > ... Always new ... You're always among the first to receive software and security updates ... And you'll have the freshest, fastest version ...

          https://www.google.com/intl/en_uk/nexus/5x/ (as of today).

          Hmm. That wasn't much of a challenge.

          1. Vector

            Re: Why is this shocking?

            Thanks RegW. I just saw this and was afraid I was gonna have to unplug from the internet (even though I did originally qualify my potentially faulty memory).

            There is, however, a devil in the details. There's a little footnote on that claim that reads:

            "These devices will receive Android version updates for at least two years from when the device first became available on the Google Store."

            How long that little detail has been around I couldn't begin to say. I will say, however, that 2 years is hardly "Always."

    2. Anonymous Coward
      Anonymous Coward

      Re: Why is this shocking?

      Sorry that is horseshite.

      "Even things like disk encryption have been half-assed." Please explain. My 5x had hardware backed full device encryption, same as iOS, and has done since android 5. and also the option of hardware backed file encryption. Since android 7, which has some significant advantages over apples offering.

      https://source.android.com/security/encryption/

      At least 2 of this month's May 2017 security update (which turned up last night on my device) were reported within this patch cycle..

      You seem to want to move away from a monoculture, as long as someone else is willing to accept the shite Apple and Microsoft closed source stuff.

      1. Dan 55 Silver badge

        Re: Why is this shocking?

        The fact that there's a link to the source doesn't necessarily mean it's good.

        Voila, half-assed disk encryption.

  10. ma1010
    FAIL

    Yes, Google sucks, but...

    Look at other phone manufacturers (Sony, HTC, etc.) who bugger about with Android so you can get the updates ONLY from the OEM. You're lucky if you get any sort of updates for as long as 2 years from date of purchase. My HTC got *ONE* Android update, no additional security or OS updates.

    The reality is that all these corporations have the same view of their customers - sheep to be sheared.

    They ALL suck.

    1. Anonymous Coward
      Anonymous Coward

      Re: Yes, Google sucks, but...

      Sony have been doing pretty well for me with their Z series.

      Z2 got an android update 2 years after purchase, and Z5 got an android update 1 year after.

      Both still seem to get roughly quarterly security bumps too.

      1. fuzzie

        Re: Yes, Google sucks, but...

        Gotta +1 this for Sony who've done a commendable job. Extra bonus points for their Open Device program for custom ROMs.

        I've had an Xperia Z (4.3 through 5.0.1), a Z3 (from 5.0.1 through 6.01; Google's OpenGL requirement scuppered the Nougat update) and a Z Ultra (4.4? through 5.1.1). They all seen at least two years' updates, some into their third year. That's three major Android "releases" per handset. Sadly, each release also came with yet more mandatory Google apps :(

        The Z3 Nougat update was killed by Qualcom refusing updated OpenGL drivers. Qualcom tends to EOL their chip support packages very aggressively and that often kills updates for OEM.

  11. Andy Non Silver badge

    Bye bye Android

    When my current smart phone dies I'm seriously thinking of going back to a feature phone. Not only are they much cheaper to buy, but the battery life is far superior. And as for all the apps... I can't think of one that I'd actually miss enough to be a deal breaker. I don't trust my Android now for sensitive uses such as online banking so lack of internet on the phone would be no real loss to me. I'm also sick of all the unwanted bloatware that Google keeps pushing onto my phone. I uninstalled YouTube because Google started pushing recommended videos at me - the first one was in Chinese (with a Chinese title) and I'd no idea WTF was going off and thought my phone had been hacked, especially with the way the phone woke me up to tell me I'd received something important! Enough with the all the crap Google!

    1. AMBxx Silver badge

      Re: Bye bye Android

      I was disappointed that the new Nokias didn't have 4G. Would have been great as an access point for a tablet

      1. Dan 55 Silver badge

        Re: Bye bye Android

        They've all got LTE cat 4, except the 3310...

        1. AMBxx Silver badge

          Re: Bye bye Android

          It was the 3310 I wanted. Long battery life and no Android.

      2. Orv Silver badge

        Re: Bye bye Android

        Serious question: What could you do on a feature phone that would need 4G bandwidth? It's nice and snappy for web browsing on my smartphone, but the feature phone browsers I've tried were all so crippled I can't see why it'd matter. Likewise you're not going to be streaming MP3s or video to a feature phone. Seems to me 2G ought to be plenty good enough for the limited use they see.

        1. m0rt

          Re: Bye bye Android

          For tethering other devices. This is what I have been looking for also.

    2. fidodogbreath

      Re: Bye bye Android

      I'd always had Androids from Motorola and Samsung, but in December I switched to an iPhone -- primarily over the lack of Android updates. Viewed solely in terms of UX, I'd call the switch a mixed bag, as one would expect. In terms of security, though, it has exceeded my expectations.

      I've gotten more iOS updates in the past five months than I received for all of my Androids combined over 5+ years, and that's not an exaggeration. Apple has even patched the Broadcom WiFi bug; I think it's safe to say that most Android devices in use today will never see a fix for that. It sucks, but that's the reality that Google has created.

    3. cambsukguy

      Re: Bye bye Android

      Then buy a low-end WinPhone and get the best of both, long battery life and most important Apps when you need them.

      Most of the 'bloatware' is removable, if you regard Skype and free Office as bloatware that is.

      And, as for worrying about viruses on WP - I don't think so, I have yet to read of a successful attack, they are non-existent or extremely rare.

      Oh, and Metrotube manage to make YouTube elegant and usable despite Google best efforts to stop them.

    4. robin thakur 1

      Re: Bye bye Android

      That's really sad that you don't even trust your phone to access your banking apps? The idea that my iPhone might be compromised on the device itself is a foreign concept, because it's never happened and would definitely change my usage of it were it happen. Given that the banks are rapidly closing branches and pushing people to use their apps, this situation needs remedying urgently.

      Even using iOS,I'm as concerned as you are, Android phones are the cheap smartphones of choice in less developed markets like some African, Asian countries, or Woolwich, say. Do those even see any patches whatsoever given the bandwidth limitations, and if not is that not a colossal ticking DDOS botnet time bomb of Google's own invention which could affect us all?

      The utter hilarity of an advertising firm waking you up to make you watch a (very poorly targeted) advert on your phone is comedy gold however.

      1. JLV
        Black Helicopters

        Re: Bye bye Android

        Regardless of OS-level security, a phone is much more likely to end up lost and in someone's physical possession. Or on a dodgy WiFi.

        I don't do banking on mine either.

        Google fail. My (broken) Nexus 5 considers itself up to date @ Oct '16. When my BlackBerry Classic dies, that just comforts me Android's not in the cards. Pbly an iPhone SE though I woulda given a highend camera Lumia a try instead if MS was more competent.

      2. Dan 55 Silver badge
        Black Helicopters

        Re: Bye bye Android

        How do you know it hasn't been compromised? Those Android phones with pre-installed malware don't announce it, they just get on with slurping.

  12. Jeroen Braamhaar

    (Currently) content Nexus 6 owner here, which was my first smartphone ... and it looks like it's also my last one as well.

    Smartphones are a great convenience, but if I have to chuck out my perfectly good servicable phone every 2-3 years to boost their device sales bottom line, I'd rather spend a few tenners on a shitty feature phone with only 2-3 years life expectancy.

  13. Anonymous Coward
    Anonymous Coward

    They should be compelled by law to give security updates for 5 years.

    1. Anonymous Coward
      Anonymous Coward

      You've inspired me, Doc Ock! I'm going to keep my iPhone 6s+ for 5 years and see how it goes. I have insider knowledge of the manufacture data for this device, and which Foxconn factory it came from (FXGL). So, on March 25th 2021, we'll see how it goes.

      I retired my Motorola RAZR after daily use from Jul 2005 through Jan 2016, and it still works fine and carries the Cingular Wireless branding with "pride." Several, simple, battery changes. Dropped it a few times. Apps are horrific. Works like new! "Now, it's garbage." :P

      "But those times don't add up" I used a Samesong S4 for the months in between. Stop it.

      1. Anonymous Coward
        Anonymous Coward

        Manufacture date is irrelevant

        If you look at Google's 2/3 year deadlines that's from the initial release of the device, not the manufacture date and certainly not the sales date. If you get one that was made a year after the initial release you get only one year of updates and two years of security patches. If you bought one two years after initial release (maybe because you got a nice discount) it would have just the one year of security patches.

        Apple has generally supported devices for five years. Sometimes a little more, sometimes a little less. But that's from the initial release. If you bought an iPhone 4S at release in Sept. 2011 it got its last iOS update in Sept. 2016 for a five year life. But they didn't quit selling it until early Sept. 2013, so if you bought it then you only got three years of updates. Maybe 3 1/4 to 3 1/2 years if you count from manufacture date depending on how long before last sale they are still making them.

        So if you want to maximize the post-sale support life, buy something immediately after release...

  14. ad47uk

    i have a Nexus 4 Phone and a Nexus 7 tablet, none of them get updates now. It is not a problem they still work fine, never had a problem with security either.

    I do think the security updates should be longer, but they are not, i am not going to cry about it.

    1. fidodogbreath

      never had a problem with security either

      That you know of...

      1. Anonymous Coward
        Anonymous Coward

        This is the thing. Lots of noise about android security, but with billions of devices, nothing real. Never heard of anyone ever having any issues whatsoever, not is the west, where people use Google play store and don't have untrusted sources and inescure rooted devices.

        If anything. It's the Apple ones that actually get exploited (like to date change brick).

        1. Robert Carnegie Silver badge

          What about "Stagefright"?

          A malicious MMS or a web page containing an MP4 file can execute arbitrary code on a vulnerable Android device, probably as a "system" level process. (Detected and fixed in 2015, or never, depending on which phone you have.)

          Who's using it? I dunno. Ask WikiLeaks.

        2. robin thakur 1

          Errr

          Would you honestly feel safe accessing banking apps, your stock trading platforms, storing identifiable personal data and reading sensitive emails on a device that received no security updates? I certainly don't feel safe as a non-android user, thinking about those billions of devices all around the world being compromised, formed into a botnet and directed at whoever. If it is known that security on Android is basically like Swiss Cheese, and is unlikely to get patched then it will be targeted, simples. How do you know they aren't being exploited exactly?

          I also dispute your assertion that phones in the West aren't rooted and have untrusted sources enabled. If you side-load Apps, are a pirate or a developer, or want to customize locked down devices 100% you need to root them. Yes this is not a large proportion of users by any means, but it will certainly affect users in the West.

  15. Shadow Systems

    This is why I use a flip phone...

    As much as I want a smart phone (wipes chin of the geeky drool), the fact that the manufacturer's refuse to support their devices for more than 3 years in the case of Google or what seems like three *months* in everyone else's, it doesn't make sense to buy a device that will become a security nightmare just as soon as that particular event horizon happens.

    At least with a flip phone it doesn't run apps, so doesn't need security updates (for the apps it doesn't run), & won't get used to pillage my privates by some script kiddie with too much time on their

    hands.

    It makes me sad that there's a bit of smug curmudgeon crowing gleefully deep inside, getting all uppity about having resisted the smart phone craze.

    *Shouts into own navel* Stop that! Go eat your frog pills!

    1. Anonymous Coward
      Anonymous Coward

      Re: This is why I use a flip phone...

      For reasons of backup I always have to carry a phone on a separate network with my work smartphone, and for that I use the good old Motorola V3i, but a later model with a matte keyboard so it's at least usable in sunlight. It's simple, lasts *days* on a single charge and weighs little.

    2. jMcPhee
      Devil

      Re: This is why I use a flip phone...

      ...not to mention, most flip phone hardware has easily swappable batteries, fits in the pocket, and has near zero chances of being stolen. The downside is that flips don't work very well for no life introverts.

      1. Updraft102

        Re: This is why I use a flip phone...

        I resemble that remark, but I think my feature phone works very well... it sits there in my pocket, being available in case I need it, which I have on about four occasions over the years.

    3. Orv Silver badge

      Re: This is why I use a flip phone...

      There have been flip phone exploits, mostly via multimedia message payloads. The potential for mischief is lower, but it's not zero. The software on most flip phones is incredibly shoddy -- my old one would routinely crash while trying to view text messages.

      1. robin thakur 1

        Re: This is why I use a flip phone...

        No different to a Microsoft 950XL then...

  16. 404

    Essentially....

    Google, et al, can go suck a bag of dicks...

  17. Anonymous Coward
    Anonymous Coward

    The phone I want

    Is a feature phone, but with an LTE wifi hotspot that I can connect my laptop to.

    99% of my needs will be covered and I'm ok having to deal with the odd edge case where I need a smartphone and don't have one.

    Does anyone make this kind of phone? and no, I don't want to have to carry around two devices (phone + hotspot)

    1. Anonymous Coward
      Anonymous Coward

      Re: The phone I want

      You could get a laptop with built-in 4G along with the feature phone. Simplifies things even if it isn't the cheapest option and you're limited to select business laptop models only, e.g. Macs don't have them.

      (those 4G modules have had vulns - will Huawei/Sierra/Ericsson still support it after two years?)

    2. Anonymous Coward
      Anonymous Coward

      Re: The phone I want

      Is a feature phone, but with an LTE wifi hotspot that I can connect my laptop to

      Isn't that just about any smartphone? My iPhone has had that for ages (WiFi, Bluetooth and I believe it even works with a cable), and I'm certain that Androids have had WiFi hotspots too. It is the reason that most laptop manufacturers (including Apple) no longer bother to add cellphone facilities.

      1. John Brown (no body) Silver badge

        Re: The phone I want

        Is a feature phone, but with an LTE wifi hotspot that I can connect my laptop to"

        "Isn't that just about any smartphone?"

        Did you notice the bit about a "feature phone", with minimal to no security issue that plague "smart" phones?

        1. Charles 9

          Re: The phone I want

          You'll be chasing moonbeams, then, because HSPA and LTE were both made with mobile data in mind, and that means smartphones (because what else would a feature phone use with high-speed data; it has no apps, and the carriers would be pressuring the phone makers not to include tethering capabilities; Apple and Google are the only two companies strong enough to push back). As others have said, mobile hotspots have themselves been targeted, so you're screwed no matter what. Basically, if you don't want to be targeted, get off the Internet. That's your only real option now.

  18. jtaylor

    Bah. I want to be able to recommend a smartphone to people who just want, you know, a smartphone. That will work until it doesn't or they replace it.

    I really thought that Google (brand) phones were a good answer. Seems they are not.

    In this context, my iPhone is a better investment than I realized.

  19. OliP

    to be fair - the longest ive ever run a device was 3 years and by that point it was so out-dated it was barely usable. this is definetly a strike against android when viewed against the iphone, but in real life - this doesnt affect me and i wonder how many others it really gets.

    most smart-phones are updated beyond their hardware capability by year 3 anyway - and if you dont install the update, well your in the same boat re security anyway

    1. John Brown (no body) Silver badge

      "to be fair - the longest ive ever run a device was 3 years and by that point it was so out-dated it was barely usable."

      Not sure how old my company Galaxy S5 is, but it'd still working fine and showing no signs of being "outdated" or "barely usable". Wifeys Galaxy S2 is also fine and running her required apps, although showing signs of overheating the last few weeks.

      Maybe it depends on the users use-case.

    2. tedleaf

      Rubbish,if it was fast enough three years ago,then it will still be fast enough today,unless you realy NEED the slight increase then just reset the phone,it will be as fast as when new..

      Only works for folk who don't need the latest,pricey shiney toy,which will only be slightly faster than last year's,smartphones are very nearly at the point that pc's have,tiny incremental speed increases,at the price of lots of money..

  20. I Like Heckling Silver badge

    How about this for a simple solution

    For every one hundred pounds (or equivalent currency in whatever location you purchase) you spend on a phone, you should get security updates for a year.

    That shiny nexus you paid 500 for... 5yrs security updates... that cheap 99 pound phone... you'd see basically no difference to what you get now.

    However... things like this need to be enshrined in law, we need legislation to force manufacturers to produce products with an adequate shelf life which should be displayed clearly in massive print on all packaging.

    We need to get away from this disposable culture when it comes to consumer items like this. No one needs to replace their phone every 12-18 months unless it's lost/stolen/accidentally damaged.

    I purchased a Wileyfox Storm and the phone is great... but they have basically wiped their hands of it already... No longer getting updates after owning it for 12 months. So not only will I not be getting another Wileyfox, I shall be reconsidering anything android... and I admit that I loathe Apple devices and their overpriced tat and smug owners.. not to mention their walled garden but at least they seem to be supporting their devices for 4yrs or more (the average time I keep a phone).

    My tablet on the other hand is an nVidia Shield K1 and that's been getting regular updates every month or two. Last one was about 6 weeks ago updating to Nougat followed a week or so later with a security update.

    Perhaps nVidia should consider getting into the phone market.

    1. BebopWeBop
      Holmes

      Re: How about this for a simple solution

      Well as I understand it WileFox are issuing Nougat updates for the storm - but are you talking about something else?

    2. robin thakur 1

      Re: How about this for a simple solution

      What do you expect buying a phone from a company very few have ever heard of? You should petition them to conform to EU law and the Sale Of Goods Act, we might even hear the laughter emanating from Shenzhen over here. At least we know now why Apple users look so smug. Not only are their devices not hacked, and not rooted. They can use banking apps with impunity and they are supported with security updates for the reasonable lifetime of the device. I always wondered why they hold their resale value quite so much. Buying an expensive Android has always been like buying a new diesel car. Worth 50% on day 2.

      In all seriousness though, the situation which Google has created with not just the Nexus line but all other Android devices and their inability to be patched easily and uniformly is borderline irresponsible.

      1. dajames

        Re: How about this for a simple solution

        You should petition them to conform to EU law and the Sale Of Goods Act, we might even hear the laughter emanating from Shenzhen over here.

        Wileyfox are a British firm (the phones are made in China, but not designed or specified there).

  21. Anonymous Coward
    Anonymous Coward

    What is it with these "because of this I use a feature phone" people?

    So instead of paying $750 for an iPhone 7 plus ($150/year of support life) or a Pixel ($250/year of support life) or Galaxy (~$375/year of support life) buy a cheap $100 Android and figure on either replacing it yearly / whenever there's a major Android security bug you are concerned about, or never using any smart features on it like apps/browser (i.e. treat it like a dumbphone)

    1. short

      Re: What is it with these "because of this I use a feature phone" people?

      Sure, I could buy a cheap Android for $100 each year, or I could buy a featurephone for £20, replace it once or twice a decade. Also, with a featurephone, I don't have to wrestle with a fuckawful touchscreen, risible battery life, and I can have something water, dust and drop proof. Horses, courses, etc.

    2. Abacus

      Re: What is it with these "because of this I use a feature phone" people?

      That's what I'm doing. I recently bought a couple of Telstra branded ZTE phones for the missus and I running 6.01. They're fast enough, work well enough, and cheap enough to toss after a year or so. Who cares if they don't receive any updates in that time? I don't.

  22. This post has been deleted by its author

  23. DaddyHoggy

    My wife's Huawei P9 and daughter's Honor 7 seem to be getting regular updates (not sure if they're from 3 or Huawei), but my S3 (also on 3) never got a single update ever.

    I don't use it for banking and social media is accessed via web interface not apps.

    Just got to hope I keep being lucky...

  24. Anonymous Coward
    Anonymous Coward

    Everyone talks about 'security updates' but no one actually lists what they are, or if they are bug fixes in the operating system or something to do with the multitude of apps available.

    If it is for apps then we should be given a list of those vulnerable apps so we can avoid their use. Operating system bugs should be rated by their severity which allows us to decide if we need to root the device and update the OS, assuming the hardware is suitable for the update.

    1. Orv Silver badge

      This would be security updates for the phone's OS. App security updates are provided by whoever publishes the app.

      This gets into a bit of a grey area when it comes to bundled apps, but in the case of Nexus phones those are generally updated through the normal App Store mechanism, not via OS updates.

  25. jason 7

    Easy...

    ...I gave up caring.

    Worry about it if and when it happens.

  26. FreeFlyJ

    Google Product Line...

    So is this a sign of things to come?

    Google Car = 3 years of security updates then a hail Mary...

    And if Google do it, why would other manufacturers create more work for themselves?

    1. localzuk Silver badge

      Re: Google Product Line...

      Why would it be? Cars and phones are very different markets, and have very different buying patterns.

      I would actually be quite surprised if Google were to sell their cars to be honest. I reckon that once they actually have a workable commercial product, it'll be a leased/rented product only.

  27. dmartin

    Add another vote for shaming Google for it's lack of regard for (a) customers and (b) the environment. IMO big corporations should be required (or incentivised - whether positive or negative) to avoid obsolesence / waste. Google's "do no evil" applies to this issue. So clearly they don't abide by that promise.

  28. ObeyThePoodle
    Holmes

    Actually...

    The very reason I picked up a Nexus is because they're easy to unlock, root and install custom ROMs on them.

    I've been running the stock ROM and updating manually every other month, once the security updates are no longer available from Google, I can switch to a community supported ROM (Pure Nexus, LineageOS, whatever)

    1. Charles 9

      Re: Actually...

      But how do you deal with increasing numbers of root-aware apps?

      1. ObeyThePoodle

        Re: Actually...

        I have not had a real problem with those, i.e. I don't use AndroidPay 'cause I am not that trusting.

        Another one, the Chase Banking app asks for root access as the check mechanism, you deny it and it happily starts; but I rather not use it on the phone.

        And if really needed, you can use Xposed modules to hide root from selected apps.

        1. Charles 9

          Re: Actually...

          As I understand it, Xposed has never been able to reliably block SafetyNet because it uses an external and secured connection (similar to a timing attack used to detect being in a VM--there's no real way to stop this). Only Google or the app maker knows the private key.

  29. jason.bourne
    Pint

    Smart Phones

    I have a flip phone that costs the same as 2 pints of beer. It is not registered in my name and I have never walked mindlessly into a water fountain staring at it. A single charge is good for about a week with modest to little voice usage. It can do voice and text just fine. I don't even care if they ever push out a security update.

    I wager my phone is smarter than these fondleslabs.

  30. daryah

    My galaxy s2, s4 mini, tab pro all run Android 7.1 with the latest security patch thanks to custom ROMs, and they are today are a great value deal. My nexus 5x will be hitting ebay August 2018 as corporate email will not run on custom OS. Will get another google phone if value proposition exists, but comparing Apple to Pixel today I think I may be getting my first iPhone next year..

  31. cdrcat

    I love you Android, but goodbye.

    *hate* using iOS, and I detest so many things about Apple, but my next phone will be an iPhone because I need to *trust* my phone with my banking and privacy.

    I have been stung 3 times by Google Nexus:

    1. Nexus bought at release with TI CPU that they dropped support for early (no excuses when it cost me *more* than an iPhone did), 2. Nexus 5 where hardware had multiple failures, 3. Nexus 7 2012 with design flaw that Flash performance slowly degrades until device is unusably slow. I have also been stung by Moto (G1 and G3).

    Cheap Android's are mostly shitty, buggy, and have obsolete Android. Who wants to get on a treadmill of regular purchases of crappy phones? I don't want to research anything. I have been doing that for years with Android and I ask sick of it. I also need at least 16GB. However I will not use an microSD because I had one fail that caused significant costs to me (the SD card was a good brand from a really reliable source).

    I still love you Android, but you have hurt me enough. I am going to go out with your pretty dumb expensive sister next time.

    1. tedleaf

      Re: I love you Android, but goodbye.

      So exactly how long would it have taken you to either back up phone and card or just copy contents of card ?

      If it was that vital,you should have been doing copy/back up on regular basis.

      I hope you don't run a business,I can see you having huge problems in the future if you do..

    2. Anonymous Coward
      Anonymous Coward

      Re: I love you Android, but goodbye.

      Galaxy nexus 2011 launch price £499.99

      iPhone 4s 2011 launch price £599.99

      #fail

    3. fidodogbreath

      Re: I love you Android, but goodbye.

      *hate* using iOS, and I detest so many things about Apple, but my next phone will be an iPhone

      I recently switched to iPhone, for the same reason, and with the same reservations. By far the biggest pain point for an Android refugee is the lack of file system access. iOS inter-app communication happens through the "share" command, which forces awkward work-arounds for common tasks that are stone simple on Android (e.g., using a 3rd-party app to open, edit, and save a file from cloud storage).

      That said -- preventing apps from fscking with the file system (outside of their own userspace) is a big part of the iOS security model. The fruit giveth, and the fruit taketh away.

      If you come at iOS like "why won't this POS let me decide where to put a file, like a real computer?" you'll be frustrated. If you modulate that to, "yeah, file management was way easier on Android, but at least now I can install my bank app, and I can choose not to be surveilled by Google," then it's a lot more palatable.

  32. Adam 1

    3 years is ok, but ....

    It has to be from date of purchase, not first release. If you are selling these things still in 2016 then you should be still patching them to 2019, even if a particular phone was purchased in 2013.

    Windows Vista (released 2006) only ended security patch support a few weeks ago. (And even then you can still wave about a large wad of cash and get updates). Why can't phone makers do the same? If it's a cost thing, I would have paid an additional $100 for "guaranteed monthly security patches for 5 years".

    1. fidodogbreath

      Re: 3 years is ok, but ....

      Why can't phone makers do the same?

      They can, but they choose not to. Instead, they take turns swiping each other's disgusted customers. For everyone who buys a Galaxy this time because Moto screwed them, there's someone else buying a Moto G because they got screwed by Sammy. It's the smartphone circle of life.

  33. Slx

    Well, that is the first and last piece of Google hardware I buy.

    As much as people love to bash Apple, it doesn't dump you without update support and actually is still supporting pretty ancient iPhones at this stage.

  34. AlexS
    Headmaster

    Why don't you just root your phone afterwards?

    I'm running Nougat on my old phones. Just saying.

    1. the-it-slayer
      Unhappy

      Re: Why don't you just root your phone afterwards?

      Because not everyone knows how to do this or wants to? Or should even expect to. Although, is there anyone making this a business to help Joe Bloggs consumers keep their phones updated post-OEM death date? Or are they allowed to?

      The multiple reasons why I'd never buy an Android phone ever again stacks up now Google has put up the 'can't be arsed flag'. The cluster-mess of OEM vs Google ownership over the phone software, generally complicated setup/usage of Android OS (although it has got better), abuse of skinning Android from certain OEMs to obscure themselves from vanilla Android + spyware/malware/whatevers.

      I'm continuing to care more about using devices for the long-term so I don't leave a huge wastage footprint when using electronics and trying to repair them until they die. But, even that is difficult with all manufacturers now using pretty much super glue rather than screws to put them together. Apple's record is not great (and some indie repair shops are exposing that their recycling scheme is just a marketing wall to hide their lack of recycling). I'm sure most Android phones from general consumers go in the draw after 2-3 years because of this lack of support. This 2-3 year support attitude just breeds the culture even more.

      We're in such a good age of tech where we really don't need to update every 2-3 years, but companies get away with it by enforcing such stupid policies such as this. Where's the aims to create products that stand the test of time? Yes, the move to flexible ROM/software updates allows addition of new features, but the majority just want something they can use easily and securely.

  35. Anonymous Coward
    Anonymous Coward

    Happy

    Still another 18 months on my Nexus 5x, by then, it will be long in the tooth and I will be looking for something new anyway...

    Given that all Nexus and pixel devices are not only better than an Apple counterpart, have a better security track record , and cost a fraction of the price,

    Clearly apple sting users £300 each in upfront support basically, so no wonder they can make old iOS devices just about still run the latest OS versions..

    1. Adam 1

      Re: Happy

      I recently upgraded from a nexus 5. It's power button had broken and got stuck in a reboot loop (yes, known issue). So I installed an app to wake up the phone with the volume button instead so I could still use it. Then the microphone stopped working (yes, also known issue). So I got myself a cheap Bluetooth headset so I could still use it. Then the battery dropped so low that I couldn't be more than an hour or so without a charge. It finally died after replacing the battery.

      I didn't buy a Google phone because I don't need a 1300AUD telephone.

      Your comment may be correct for the nexus but I'm afraid it is not with the pixel. Unless by fraction you are considering numbers greater than one.

  36. jnffarrell1

    Could it be that security fix requires hardware that is younger than three years old

    NT

    1. dajames

      Re: Could it be that security fix requires hardware that is younger than three years old

      A security fix almost certainly doesn't make the OS require any better hardware than it did before the fix was applied.

      If the OS vendor chooses to issue fixes by rolling them into updates that increase functionality, and so may require a different standard of hardware support that would be a different matter ...

      ... and we would be entitled to shout DON'T DO THAT! (... not that the vendor would take any notice.)

  37. Zola
    Linux

    Jolla provide Sailfish updates for their Nov 2013 device

    Latest update received April 2017. And that's not just security updates - that's almost 3.5 years of regular OS updates.

    Sure, the hardware is a bit long in the tooth but it's working fine and I've no reason to upgrade just yet - not until there's better Jolla hardware on the market.

  38. Anonymous Coward
    Anonymous Coward

    I have a cheap Andriod phone ($250) from Motorola, bought when it was owned by Google.

    I bought it thinking I was safe from the upgrade/patching mess... nope.

    My battery is going... when I'm forced to buy a new one it will be an IPhone SE.

    Andriod isn't bad on new phones, but Google half asses things from there on out...

    It's no surprise Samsung tried to develop their own OS. Failed.

    We'll see if some of these Chinese phones can do better. I bet they can get the Chinese govt to apply pressure on Google...

  39. Anonymous Coward
    Linux

    Google to drop security fixes for old version of Android

    What's preventing you from upgrading to the latest Android?

    1. Charles 9

      Re: Google to drop security fixes for old version of Android

      A slim budget and a need to stay stock due to root-aware apps.

      1. phil 21

        Re: Google to drop security fixes for old version of Android

        you don't have to root. I upgraded my 2012 Nexus 7 last week to the current Lineage release for that device, 7.1, which isn't rooted by default. None of the root aware apps have complained.

        1. Charles 9

          Re: Google to drop security fixes for old version of Android

          Not even Android Pay, which ALSO blocks on unofficial ROMs?

  40. DrM
    WTF?

    Ben Dover

    Hi, we're Google -- bend over.

  41. localzuk Silver badge

    Gotta remember who Google are

    Google are a data driven company. They make their decisions based on real world data.

    So, all these dates show us is that they have the data to show that the vast majority of people change phones every 2 years with a smaller percentage taking up to 3 years (you know, those ones waiting for a specific phone to be released).

    So, we can all feign indignation, but Google knows who their target customers are, and these dates won't affect them at all.

    1. fidodogbreath

      Re: Gotta remember who Google are

      So, all these dates show us is that they have the data to show that the vast majority of people change phones every 2 years with a smaller percentage taking up to 3 years

      More likely: they used big data to find the shortest possible support time frame, where customers are not quite pissed off enough to change brands at their next refresh.

  42. Anonymous Coward
    Anonymous Coward

    3 years is ok for early adopters is it?

    It may be, but essentially making the device landfill after this time is economically and environmentally irresponsible.

    Never owned a nexus, but I hope Google are offering a responsible recycling/trade in for the devices...

  43. Outer mongolian custard monster from outer space (honest)

    As others, I have a nexus 5 , easy to root and supported by 3rd party roms, currently running 7.1.1 but got notification the other day that 7.1.2 is available from the repo, so thats faster than my carrier releases updates for their newer phones. Put a new battery in the other week as it had gone bad with age too, remember the howls about non replaceable battery? its trivial to do.

    I'm also one of those oddballs that like the Qi charging as on my other devices these seem to wear out, but as I only hook the nexus up to use with ADB its good still. In fact if I spot another at reasonable price I'll probably buy it to put sailfish or another os on to experiment with as its easy to do.

    No updates from google != landfill the phone, nor require mass migration to overpriced fruity things.

  44. Len Goddard

    Giving up on smartphones

    I've looked at my phone usage. Basically I make phone calls and occasionally listen to music/audiobooks. I think I will be backing off to a feature-phone and an mp3 player.

    1. Charles 9

      Re: Giving up on smartphones

      I still need something like a smartphone for on-the-spot research. Feature phones just don't cut it (I tried on an N95, thank you. Went to an Android phone and it was like night and day).

  45. sequester

    That's still four more years than Sony or HTC.

  46. tedleaf

    My very old HTC hd2 was never even meant to be an android phone (winmo 6.5)

    My very old one,with pin cpu and not the stupid solder balls connections is still going strong,and if you head over to xdaforum,you can still get and flash Roma built around android n 7.1.1,

    It all depends on wether you trust Rom developers the same as you do htc etc,they all have a crap record for updates that ruin devices,where as I have never had a case of a Rom devoper purposely loading a Rom with malware,that I know of,there are still a lot of users/devs for the hd2,so I work on the usual open source idea of many eyes etc to spot problems,the old beastly can do 90% of what the latest devices can,just a bit slower,but then show me a Samsung s8 that will ever run 15+ different id's including window desktops..the closest thi g there has ever been to a true open source device,the HTC hd2 is a legend with good reason..

  47. rb80

    Pretty poor. My Nexus 4 is still going strong after 4 years. Why should we be forced to upgrade after 2-3 years? Not everyone likes to change their phone as often as their pants.

    Anyway, I'm shortly replacing mine with a new Moto Z Play. I hope Motorola's updates last longer than that.

  48. Anonymous Coward
    Anonymous Coward

    Did everyone forget that the nexus lineup was targeting developers and not primarily consumers.

    Did everyone forget that the nexus lineup was targeting developers and not primarily consumers. Anyways, for as long as I remember, Google outright said that they will only update the version for 2 years and security for 3 years and this has stayed the same since the first nexus. Now we're getting a shit storm over them discontinuing updates at there scheduled time whenever they support their devices the longest on any android device outside of modders using a custom rom which still get feature and security updates.

  49. GeneralStuff

    Google is loosing it, just another multinational!

    I have decided not buy a Google phone anymore and I have owned all of them. They have become super expensive and nothing extra. Also look at Google Classic Sites and how they are trying to get everyone to migrate over to Google New Sites which they released prematurely, giving us garbage an insult to true Google users, Its terrible. They are loosing focus of their clients. They have become just another large multinational..

  50. Richard Lloyd

    Is there any Android device with >3 years support? / Custom ROMs

    A lot of indignation on here about "only" 3 years support, but are there any Android devices out there with longer support? 3 years is pretty well longer than any typical phone contract (which tend to max out at 2 years, at which point most users upgrade their phone).

    Also note that popular Android devices (and the Nexus/Pixel lines are no exception) will have custom ROMs that can extend the updates by a few extra years. My ancient Nexus 10 is on LineageOS 14.1 (Android 7.1.2 - years after Google dropped support) and is working well with it.

    1. Test Man

      Re: Is there any Android device with >3 years support? / Custom ROMs

      "3 years is pretty well longer than any typical phone contract (which tend to max out at 2 years, at which point most users upgrade their phone)."

      You seem to forget that there are people who have purchased device under 2-year contract towards the end of the device's lifetime (i.e. let's say 1 1/2 years). If you don't buy the device immediately after release, the typical support timeline doesn't help you in the slightest.

  51. Test Man

    I can see why they have done it (hard to support an OS on a device where components aren't supported after a short length of time), but I think it really sucks for people who don't purchase it straight after it launches, in particular people who buy it just before it goes off sale.

  52. fandom

    I am shocked, shocked!

    Really guys, this policy has been know for years now, and you are acting all shocked about it?

    Really? They kind of people that read the Register didn't know about this? Really?

    The same kind of people don't know that apps like Chrome, who do the actual talking to the internet, still get updates after that period?

    Dudes, you are funny, hilarious even.

  53. Anonymous Coward
    Anonymous Coward

    This is 2 year old news

    Google announced this update plan for Nexus devices back in August of 2015. It was clearly stated then that there would be no guaranteed Android version updates after 2 years, and no guaranteed security updates after 3 years. Then in June of 2016 they began listing end of life dates for Nexus devices on their support site. The only thing that happened this week was Google posting some ending dates. Dates that anyone paying attention would have already known.

    I do agree with the common opinion that 3 years is not enough for a flagship phone. However, it is also a lot more than most other devices, even similarly priced flagships, will get. Nexus/Pixel devices also get monthly security updates, which is more often than most others. A large number of devices won't see more than 2-3 updates throughout their lifetime, and very few will see 2 years of Android version updates. I'd rather have a phone that gets updated monthly for 3 years than one that gets an update every 8-12 months for 4 years.

  54. enormous c word

    Do any phone manufacturers supply Cyanogen as an option or even the default?

    1. phil 21

      Wileyfox do/did, i believe they are switching to LineageOS 'soon'

    2. Charles 9

      Any that do can't supply Google Play Services, many apps depend on it, and they'd get complaints soon enough.

      In other words, unless you're catering to a market not used to Google Play Services anyway, it's practically suicide.

  55. Anonymous Coward
    Anonymous Coward

    The Nexus 9 I have had since release has suffered a big slow down with recent updates. I installed RemixOS to test and it is much faster. Not sure about the long term support for RemixOS on this tablet as I suspect it was just an initial business plan to support the Nexus 9.

  56. W4YBO

    Okay Google,

    "Okay Google, tell your bosses that I want three years of Android updates and four years of security updates for Google phones."

    Response - "Here to help"

    Result - 1Password - Password Manager

  57. Anonymous Coward
    Anonymous Coward

    But is that GREEN

    Interesting how the hipster douche bags at places like Google like their late's and talk about their Himalayan grown coffee and their solar panel power this or that seem to think it is okay to toss perfectly usable hardware out the door every 2 to 3 years.

    Wow, not sure if anyone knows the amount of energy required (aka carbon footprint) to build just one phone, never mind the heavy metal contaminated fresh water and poisons spewed back into the environment. As many have already suggested this should be mandated by law, world wide to have a 10 year shelf life. At least security patches, I would not expect to have new OS versions but have it be patchable, heck at least with Android have a third party group maintain the code base. Have the industry pay a small fee to keep products secure.

    The tech industry seems to be omitted by many mandates that other industries have to comply with, I guess this tech stuff is still beyond law makers comprehension.

  58. Jonathan 27

    All phones should be supported for at least 5 years... from the last shipped date from the manufacturer (last sold anywhere would be very hard to track and would likely never actually happen). So if company A ships out Phone B until Jan 1, 2017. Then Phone B needs to get software updates until Jan 1, 2022.

    Yes, this will cost money, but not that much money. I'd happily spend a bit more to have a longer update window on my smart devices. I have had to replace phones before, not because there is an issue with the phone, but because the software is out of date. That's really annoying and wasteful.

  59. sharkyblunt

    Lineage OS FTW

    As others have said, two year planned obsolescence from a consumer device worth hundreds of pounds is obscene. For tech savvy people there's always the option of doing an unlock and Lineage OS install, which gets monthly security updates well pas the stock ROM's demise.

    In my case I bought a Xiaomi handset at half the cost of an iPhone or Pixel and replaced the stock ROM as soon as my boot-loader unlock code came through. The initial installation process is definitely not consumer friendly, and there were teething problems on some of the weekly builds, but now it's done I've basically got a flagship spec phone and a near-stock Google ROM with the latest patching for half the price.

  60. David Spalding

    I bought into the Nexus 4 when my third HTC Amaze replacement pissed me off for the last time. Since, I've upgraded to a refurb Nexus 5. Not all Nexus users are early adopters, but we're FRUGAL adopters. Both were a bargain.

    Alas, Google things their own phones are as disposable as anyone elses. Add to that, I will not be able to use all these Qi wireless chargers i bought with future Google phones. :( I'm hooked on Qi now, Google, thanks for leaving me out in the cold.

  61. Anonymous Coward
    Anonymous Coward

    Hypocrites

    What's the betting that some of the people claiming here that a phone without regular security updates is akin to the end of the world are the same people that complain about Microsoft forcing Windows 10 updates.

  62. Griffo

    C'mon where are all the Microsoft Haters today?

    MS is usually the company that gets bashed on here for dropping security releases for older products, usually after you know, oh 10 or 12 years or so.. I mean how dare they decide they can no longer support a 12 year old code-base.

    Oh hang on, this article is about Google dropping security updates after just three? Oh the Irony.

  63. Anonymous Coward
    Anonymous Coward

    Whither Project Fi?

    The only devices that work on Google's mobile service (which roams between Wi-Fi, Sprint and T-Mobile networks) are the Nexus 5x, 6, and Pixel.

    Today, from Google, you can buy a 5x for $249 or a 6p for $399. Apparently, should you choose to do so, you will not be on the current Android version in 5 months and your phone will be insecure before you have paid it off, if you lease it.

    What a deal!

  64. mike360

    As someone who spent a decade on Android and moved over to iPhone for this exact reason it still surprises me that Google haven't found / pushed a way for users to update to the latest version through the play store or something similar. iPhone gives me 5/6 years of updates and for the price it commands I see that as a fair deal. I was looking at buying a pixel but how long will that get updates for? Just because people buy from Samsung doesn't mean Google should act like them.

  65. Big-nosed Pengie
    FAIL

    A bloody disgrace

    Google is now the global village idiot. That's the last Google branded product I buy.

  66. JammyGit

    Never had a phone for more than 2 years, let alone 3. By the 3rd year it will be well out of date and old.

  67. OtotheJ

    We've enabled these lock-ins

    Remember that a large proportion of mobile device users want to upgrade to the latest hardware every two years when their contract expires.

    This acceptance of obsolescence paves the way for device manufacturers to not care about keeping older devices up to date.

    Also with PC sales apparently in decline because of everyone's rush to buy mobile devices instead and the implicit acceptance of the fact that many of these devices are only capable of running their native OS means that devices that allow those of us that require it, to install their preferred OS look less and less likely every day.

  68. EJ

    Well, that sinks my plans to consider a Google phone next time around. Nice move.

  69. Nathan 13

    Loved my Nexus5, love my Nexus 6P

    But my next phone will not be anything to do with google if they are going to treat their customers like shit.

    I cant do Apple for the same reason help lol

  70. tom dial Silver badge

    Just asking

    Apologies if this has been asked and answered, but I was too lazy today to go through 165 posts to find out.

    Background: my Samsung S3 (Android 4.4.2), purchased in 2012, was updated most recently in October 2014, and my wife's S4 (Android 5.0.1), purchased in 2013, was last updated in December 2016. The carrier in both cases is Verizon.

    Is there a carrier that supports updates, including security updates, longer than Google? Unless there is, and the period is at least half a year longer, I am unconvinced that Google's policy warrants the scorn and criticism in the article and comments here, other than for the near universal custom of binding the firmware and software to the hardware. If they, and the carriers (for phones no longer on their network, at least) would break that tie, there would seem to be a lot less to complain about.

    1. Anonymous Coward
      Anonymous Coward

      Re: Just asking

      "Is there a carrier that supports updates, including security updates"

      No? If you are looking for updates, never trust 'carrier' to do it for you. In fact, they even try to block updates (or delay them for very long time if they ever update).

      Also, the only types of update longer than google's are 3rd party roms. I know it sucks, that's why some users here are thinking about moving to iPhone.

  71. Tim Seventh

    Google's Terrible Planning

    Google could have added one extra idea in here and it would have worked out well.

    If google added that all out of support Nexus can be trade-in for a coupon for the newest google phone (currently it is the pixel phone), things here would have probably looked a lot better.

    We would feel like our investment is not completely wasted. We would feel better for recycling (it doesn't matter if that is true recycle or not). We would have felt like we are paying like an extension to device support. Google would get their money flowing.

    Seriously, google is terrible at even copying what Apple is doing right.

    edit: look not all device can continuous get support forever. Nonetheless, google should have done it better even if they don't make it a 5 yrs (security) support cycle.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like