Project Treble is the most important thing in this release
>The biggest change to the foundations of Android to date: a modular architecture that makes it easier and faster for hardware makers to deliver Android updates.
With any luck, this will end the huge security/update problem Android has. Right now an update is dependent on the chip manufacturer's drivers, then the OEM adding them to the ROM with their custom "improvements", and finally the carrier pushing the update to devices. Right now it just takes one break in the link and a device goes without updates, which is a security disaster. If Google can push updates from the Play Store (presumably the end goal of Treble), none of this will be a problem.
I remember many years ago when a few carrier and chipset execs stood up on Google I/O stage and announced a new program to ensure Android devices get updated quicker. Nothing came out of that.
The proof here will be when they ship.
Thankfully, 'Google Play Services' and distributing more and more services through the Play Store is a step in the right direction.
> I remember many years ago when a few carrier and chipset execs stood up on Google I/O stage and announced a new program to ensure Android devices get updated quicker. Nothing came out of that
Google remembers that too, and this change allows Google to bypass those same execs when pushing out updates. The HAL layer will not change from version to version, meaning no driver support will be required from the OEM for new Android versions.
They were supposed to not put any user app on the system partition but rather install them using play services when the user logs in. I've only seen one device implement it and it was a low end device so it kind of choked anyway.
All true, but what does that tell us about any solutions to slow or non-existant updates and fragmentation? What are some of the thousands of solutions? Or are you saying that there never was a problem in the first place?
The issue: apps that are only updated with the OS end up outdated.
The current solution: Move them out of AOSP, into Google's internal projects, distribute updates via the Play Store.
An alternative solution: Move them out of AOSP, onto GitHub, distribute updates via the Play Store.
Yes, Google had to decouple them from AOSP. But that’s no reason not to put the code anywhere else in the open. These issues are entirely orthogonal, and Google uses it as a way to force more people onto the proprietary ones.
Open sourcing Google's apps is not a solution to Android's core problems though. Not every part of the OS that needs to be updated can be moved into open sourced apps.
Also, open sourcing the apps takes away any leverage Google has to recoup the costs of developing Android.
All the apps were open source in the first place. Google Music, Books, Search, the Phone Dialer, the contacts, the SMS app, Google Talk, all of them used to be open source.
It should have been possible for Google to open up much of what they are pushing, but they don't. And i wonder if that has to do with the likes of Amazon and Xiaomi.
As an Android developer this is a big pain in the arse if you intend to develop apps using google apis.
The development is easier, but if you plan to distribute on other stores, google play services are useless and will make your development more time consuming as they are exclusive to devices with google play store.
Or even if just gets the chip manufacturers out of the equation, that alone fixes most of the problems.
The OEM side is usually pretty easy / trivial in comparison. And there are a number of OEMs who would happily push updates but can't, because they can't get hardware packages from Qualcomm / Amlogic / Freescale / etc.
That, more than anything else, holds back new Android releases on lots of hardware.
Good thing their lawyer literally runs the FCC. They also have the best coverage, also like Comcast. Unlike Comcast, however, you don't have to get Verizon depending on where you live.
Verizon wireless being evil is exactly why I stuck with T-Mobile for such a long time even as they keep making billing "mistakes" to the tune of about ten dollars every month for a while. (I believe they're just supremely incompetent but the errors somehow always are to their benefit.) With Verizon or Cingular, I assume it is just pure malice.
I've talked to people about how Verizon is trying to use its network as an advantage for advertising with supercookies and such on one end and Yahoo!/Aol on the other end but it seems to alarm nobody.
2. They had a "free for life" 200MB? data plan for the Nexus 7 tablet kept billing me every month. It was a monthly ritual for about six months. Call, explain, get adjusted.
Honestly, even after years of following Android, I still don't understand what the carriers even do to the ROMs. It's not like it needs special proprietary software tweaks just to connect to an ordinary GSM band. And it's also not like I get any kind of visual voicemail, WiFi calling, etc baked directly into the system either. Those carrier features are usually still separate apps, anyway.
Honestly, what are they doing, and why does it take them multiple months to do it?
Carriers generally have deals with other companies for preinstalled apps which may or may not still be active by the time it comes around for an update. Also they have to test the devices, but considering the sheer number of Android devices they probably prioritize new high end devices first.
This problem is made worse on Verizon and Sprint which use CDMA 3G networks, as opposed to the worldwide GSM standard.
Also this could be a result of marketing as well. You can get the latest Android on a new device, or you can wait an indeterminate amount of time (a few months to never) to get a free update on your old device.
Why? The whole point of GSM is that carrier and phone can (and should) be entirely disconnected, decoupled and only connected through the means of whatever SIM the user puts in his phone.
The notion that a carrier needs to be involved in the making of a phone makes about as much sense as if my ISP needed to test and "approve" what Ethernet hardware I use at home.
It's frankly none of their business.
> This problem is made worse on Verizon and Sprint which use CDMA
So don't use them, just like you wouldn't use an ISP which doesn't speak IP.
Pretty much any argument for network/device tie-in is fallacious on its face for the simple reason that there are many countries out there which don't have that arrangement. And yet the phones there work fine, and so do the networks.
It is none of their business, but they desperately want a piece of the pie so they brand their phones (and probably sell them at a small discount - this is the value proposition here). Branding also results in shifting responsibilities from OEM manufacturer to carrier with regard to testing and stuff.
Also, plenty ISPs actually do sell branded wireless routers with branded firmware, so it's not uncommon practice in other neighboring industries.
This is about cost: updates sometimes fail (incredible, I know), and carriers are the first place people go to get their phones back in working order. This kind of support is quite costly so carriers don't push too hard for updates to happen.
> carriers are the first place people go to get their phones back in working order
That only applies to phone bought from carriers.
Most people buy them in electronic shops where they buy tvs and laptops and stuff (since that allows you to get the best deal any carrier can offer, and not just be restricted to one).
This is half true and I think it falls neatly along generational lines, with exceptions for "really good deals". Most iPhone owners became first time AT&T customers when the iPhone came out. When Android hit the market, people went to their carrier because before this more or less was how you had to do it.
More people are just buying whatever phone and sticking a simcard in it but there is still a huge number who live by what their carrier gives them.
> More people are just buying whatever phone and sticking a simcard in it but there is still a huge number who live by what their carrier gives them.
Interestingly enough I see that as the wrong way around.
Going to a carrier specific-store is also guaranteed to offered me inferior choice both in phones and subscriptions. What's in it for me as a customer?
My electronic store is giving me the phone and carrier which provides me with the best deal. I have no reason to give a carrier, a transparent transport network, any sort of loyalty.
I don't have a "my carrier" which I care about. I do however have a "my phone", and I care about that deeply.
Carriers are a red herring. The world at large couldn't care less about how the customers of AT&T can supposedly only install AT&T-approved firmware. Most people can, but they're not seeing any updates.
Google needs to fix their upgrade story. Even if the North American customers continued to run old vulnerable versions forever, updating everyone else's systems would be a tremendous improvement. (It would also make it difficult for the US carriers to continue those particular business shenanigans.)
Prior to the iPhone changing how phones were sold-- carriers meddled with everything so they could get their hands in media playback, app sales, feature upgrades etc. I don't think much has changed in this where anyone gives them an inch (which is nearly everyone but Apple).
Note: I worked for T-Mobile for four years prior and a little after the originals iphone came out.
Facts to backup what? That most mobile phone users are outside the US? Or that most of the world buys phones in home electronics stores, not from their carrier?
The iPhone brought a bit of the outside world to the US telco market. This was only a matter of time, as the market becomes more globalized there is increasing competition in the consumer market, and carrier bound phones are less flexible and more expensive in the long run. Everybody knows this.
(I believe that even the US broadband market sooner or later will transformed in much the same way. For a long time it looked like Google was about to do it, but with that seemingly stalled for the time being we might have to wait a few more years.)
It is not reasonable to describe the iPhone as changing how phones were sold outside of a select few countries. Therefore we should not accept that explanation as to why Android phones do not receieve updates either. Those markets are small on a global scale, especially for Android which clearly dominates the lower end of the market, which is predominantly deregulated.
Funny, i felt that the iPhone brought the US mobile market crapfest to the world. Especially when i watched Apple play favorites with what operator in my country, down to dictating the style of plans the iPhone could be combined with.
Where I lived it was common before the iPhone for people to go to electronics stores or carrier-agnostic "phone stores" to buy their phones. You could get an unmolested phone on subsidy/contract and everything. This was in Europe though, where cheap prepaid SIMs for young people and MVNOs were already very popular.
You would walk in, and find a wall of phones, alongside a list of carrier plans.
Then you could pretty much mix and match plan and phone to find some price you were comfortable with.
Come the iPhone's "worldwide" launch however Apple sat down and insisted that only one carrier would get the iPhone, and defined in detail the kinds of plans that said carrier could offer.
Before the iPhone, how prevalent were software updates to phones? I know of no one who ever got had an update.
There is absolutely no reason for carriers to need to do anything at all, else it would not make sense that I can change the SIM card out and voila I’m on a new carrier. The manufacturer is the one doing the testing, and the carrier simply provides the infrastructure.
I feel US perhaps has a different experience, because of their ridiculous CDMA infrastructure. Is it Verizon or what, where it’s not a SIM card but the phone itself that’s setup to a specific carrier?
I only started using around Android 2.3 time frame, because I held to my trusty Symbian until it died on me, by then Nokia was already showing signs of not being sure what to do after Belle.
Belle already had lots of features that took Android and iPhone years to catch up with.
they had Maemo, they had Symbian. But they were afraid that focusing on Maemo would lead to Symbian dying before they could get Maemo to the same level.
And then boardroom meddling was added, and they went much the same way as HP...
It's not just just Verizon. AT&T, in particular, has a habit of locking important features (VoLTE, Wi-Fi Calling) to phones running AT&T-branded and certified software. So unless the device you want is sold by AT&T and you get the AT&T-branded version, you're SoL. They even do IMEI blocking, so even if your device could otherwise work...
I have the impression that Nokia had trouble getting into the US market because they refused to let US carriers modify phone firmware to disable features.
In particular when Nokia tried to introduce SIP support.
Sony Ericsson's non-smart phones (e.g. K800) had OTA software updates. They would pop up a dialog from time to remind you to check for updates, then download them and update, all on the phone. (Carriers would often hold them back, though, if you had a carrier-customized model.)
I'm pretty sure I got an actual update at least once.
Near the end of the dumbphone era I remember getting an OTA update to mine that added a chat-style view to SMS text messaging. I don't think the iPhone would even get OTA updates for years, it was all purely through iTunes.
Probably because they have to test the ROMs on their network in different regions, with different frequency bands, with roaming, etc. That work is tedious given all of the phones they support.
Do they do all this testing for all GSM phones in the world? All new and old? All GSM phones ever sold?
I guess not. I guess instead they rely on the GSM specification to allow seamless independence between the phone and the carrier for 99.999% of the phones out there (if not more).
So why do they need to "test" the remaining 0.001% when they have a update in user-facing functionality the carrier will never see or interoperate against?
No carrier in Europe does this.
Does your ISP control what OS updates you can download? No. And why should they?
That carriers needs to do testing is a lie perpetuated to allow for customer-hostile business-practices. Stop repeating it.
It happens with Apple OS updates too, Apple just have sufficient market clout to tell networks they must complete the testing in the week between the gold master release and the public release.
GSM isn't some magic specification. It's entirely possible for a crappy radio firmware to cause significant disruption to a network it connects to (indeed, I've seen a pre-release firmware from a mid-tier Android manufacturer that managed to cause a reboot in every cell tower it connected to from one of the UK's networks). That's an extreme example, but carriers frequently do testing on that basis, and it often holds up the European releases of Android software updates.
The iPhone doesn't suffer from this problem. It should be up to the phone manufacturer (HTC, Samsung, etc.) to test their product.
Moreover, in some European countries it is normal to buy a phone and a subscription separately. In some countries bundling is even illegal. I have never had a carrier-branded phone since I switched to smartphones, including my Android excursion (Nexus 4, Moto X 2013, Moto G, Moto X 2014) and some Windows Phones that I played with (Lumia 710/920/640). They all worked on multiple carriers.
Everyone should stop perpetuating the carrier testing myth. For this we have the GSM standards and in many parts of the world a large number of phones are not carrier-branded.
The carriers are not the problem. They may be an additional problem but even when they aren't involved (i.e. outside America) Android updates still suck.
And even then, in the US HTC rolled out a recent update for the HTC 10, while we're still on the January patches in the EU (and the rest of the world).
If it passed VTS it should be able to run AOSP. The new CTS will be an AOSP System image running their VTS passing "drivers".
Even if your vendor doesn't push any updates. At least you should be able to run a number of newer versions of AOSP as long as Android doesn't deprecate those VTS drivers.
You've said this in a few different places, do you have a source for that? You are saying you could load AOSP on an S9 regardless of what Samsung does?
If so, this is indeed huge, but I have some serious doubts about it, perhaps because I have felt so very burned by Android so many times in this respect on anything but Nexus devices.
Maybe - the bootloader must allow you to run that AOSP ROM, which only is possible if the bootloader isn't locked. Lots of OEM:s lock their bootloaders. But otherwise, yes, there's nothing else stopping you.
There are a bunch of things potentially stopping you in practice. The HAL isn't a total wall, and I expect to see many OEMs go around it in some places, either due to incompetence, the HAL being inflexible, or timescales.
So even in situations where you can install such a ROM, there's very little guarantee key bits of hardware will operate properly. Any non-standard hardware/hardware feature is also fairly likely to break.
How in practice would you go about putting AOSP on a device without the vendor cooperating? Is there some kind of secure boot system that always accepts AOSP images?
I think the idea is that they cooperate once, and then Google promises to stop breaking the HAL interface for x years at the cost of increasing their development difficulty.
The sad thing is that it shouldn't be on Google to force them. It should be Google to enable them and the users to "force" them.
They have argably been enabled for a while, but Treble is making it even easier. Hopefully this pushes the needle over the line for at least some OEMs/teclos.
Same is in Bulgaria. And when you ask them "Hey actual version is 7.0. Why you use outdated OS with vulnerability? How you buy that devices?" They told "I have seen 7.0 there was nothing new."
But no one want to get computer with Windows 95 (or 98) anymore. Just Android 4.4 is "OK".
There are no cheap windows 95 computers where everything works on the market. Android 4.4 does do everything people need (like running whatsapp), and the devices are out there to buy.
Security vulnerabilities? Nobody was ever affected by those (at least in the social circles of the people buying the devices), so why should they care?
Tons of sites full of "amateur porn" think you shouldn't worry either. Who cares if all of your pictures are freely available to anyone on the planet, right?
> But no one want to get computer with Windows 95 (or 98) anymore. Just Android 4.4 is "OK".
They should do a yearly release (eg. Android 2018). Then at the store when they display phones, they'd have to write "Android 2013" instead of "Android 4.4 KitKat."
In the UK last year, I bought a Samsung android tablet for the kid (my first Android device). It was running 4 and I ass7med Samsung would have an upgrade available. Ha! No chance.
You're thinking like a technical person. Aunt Susan doesn't know her phone is an Android phone. In her mind, it's a Samsung phone. It's not a question of not caring, she simply doesn't know.
There is such a thing as not knowing because you don't care, and I wouldn't even say that it's irrational. There's simply too much to know and care about in the world, so you have to be selective and event driven.
That is very true, and I have to say it's disappointing and baffling how Microsoft dropped the ball on this one.
Microsoft are the only ones who ever managed to make the separation between OS vendor and hardware vendors work (at least on the PC side). They are sorely missed in the mobile space.
I agree. There are two parts to the Android update problem. I'd wager OEMs having no motivation to release updates is bigger than them having no ability.
I completely agree. It's good they broke it apart to make updates, in theory, easier but after working for a company that modified software that was delivered to them and then reshipped elsewhere it really never mattered how module the original was; the updates still go through the same channels, testing, etc and the OEMs will likely want to modify things not as cleanly separated (an API design never passes its production usage without warts).
I doubt we'll see much change. I hope it'll make it slightly faster but without an agreement with OEMs that has teeth forcing them to be more expedient I can't see this getting much better.
Except, of course, getting your hands on a phone that has Oreo.
For instance, the Galaxy S8 is the hottest new thing on the market right now, and it launched with Nougat. It will probably be six months to a year before Samsung pushes an Oreo update to it, if at all.
Samsung actually has a decent track record of updating their software -- my family's Galaxy S5s on T-Mobile (purchased 2014) are actually still receiving security updates, despite being on Marshmallow API level.
It doesn't help with things like firmware vulnerabilities (without some extensive reverse engineering). I can get LineageOS on my Nexus 5 just fine, but it doesn't have broadpwn fixed.
(note that I wasn't able to actually replicate broadpwn on Nexus 5, if anyone was, some info would be appreciated)
I'm cautiously optimistic about Treble. I welcome userland updates not being subject to device/soc manufacturers whims, but wonder if this means devices will see kernel updates even less frequently than they already do.
Then again, this new architecture likely makes it easier to move the Android userland to a new (non-linux) kernel, so maybe it'll be a moot point.
Why do you think so? On that page is just this sentence and nothing more. I don't believe in a significant improvment unless Google takes ownership of all OS updates themselves.
Treble is the first step to Google updating devices themselves. Now that drivers are more or less independent from the rest of the operating system, Google has the option to push updates to the OS without having to tailor it specifically for every device
Every time I seriously consider the Android platform, I hear about this kind of shortcoming and I'm immediately turned off. I want to buy a phone, not a carrier. This fragmentation per device/carrier is killing this amazing platform. They need to lock it down Apple style (at least for phones).
>The biggest change to the foundations of Android to date: a modular architecture that makes it easier and faster for hardware makers to deliver Android updates.
With any luck, this will end the huge security/update problem Android has. Right now an update is dependent on the chip manufacturer's drivers, then the OEM adding them to the ROM with their custom "improvements", and finally the carrier pushing the update to devices. Right now it just takes one break in the link and a device goes without updates, which is a security disaster. If Google can push updates from the Play Store (presumably the end goal of Treble), none of this will be a problem.