
Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge - aldo_23
http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html
======
listic
Which phones allow running the latest AOSP today?

~~~
izacus
Nexus devices from 5 and newer.

~~~
droopybuns
I think there is lag between the "Latest" AOSP build & what's actually
available.

------
dang
Url changed from
[http://www.bbc.co.uk/news/technology-34719564](http://www.bbc.co.uk/news/technology-34719564),
which points to this.

------
xenadu02
Another day, another batch of Android security holes. Since I'm primarily an
iOS Developer these days I used to laugh at Google's seeming ineptitude (and
inability to wrangle the herd of cats that is the OEMs and carriers). I
naively assumed they'd catch a couple of black eyes, get serious about
security, and fix their internal processes and the OEM licensing process.

It has been 3-4 years since then and now I just feel sorry for everyone stuck
on an Android phone. You can walk into any store and buy brand new Android
phones that have unpatched libStageFright holes _today_... some of which will
_never_ receive an update!

The whole thing is a disgrace and the fact that Google is resorting to public
shaming shows just how little power they have over Android as a platform. At
this point, deploying Android devices in Government, Enterprise, or sensitive
contexts is equivalent to a breech of professional duties on the part of IT
personnel.

There is no reason it has to be this way; it just seems like Google, carriers,
OEMs, and the government don't care.

* Yes, I know iOS has security bugs. All Operating Systems do. The difference is every iOS device Apple ever shipped got at least 2 years of patches; the recent trend is a minimum of four years of updates. I believe it was "goto fail" that prompted a patch for the older version of iOS to fix the bug for devices not supported by the latest iOS. I don't think any Android device has _ever_ gotten that treatment.

