I have previously written about Googles problems with updating their Android operating system over the air - especially when the carriers will often customise their phone-specific builds of Android to give the end user a carrier branded experience - usually after the handset manufacturer gets their hands on it. Nothing much has changed on this front practically speaking. These problems are real, but they suddenly became glaringly apparent last week when a vulnerability in Android was found.
Since then Google has been able to patch most of the server sides to correct the problem. 99.7% of Android users wiped the sweat from their collective brows and moved on with their lives.
Here’s the thing: what if it was not possible to fix the vulnerability on the server? What then? Google would be in the near impossible situation whereby phones of different OS revisions would need a patch/fix/update to fix that vulnerability. That’s fine - they could create forks in the OS at different points and publish the fixes but then how to ensure/enforce the manufacturers and carriers to push the updates through to the end customers?
No software and therefore no operating system is infallible. Eventually Android will have a major issue that can not be resolved with a server-side fix. At that time, it’s fragmentation and approach to updating will come back to bite them, and their customers will be left hanging in the breeze.
That’s okay though, because they’re “open” remember?