Google has much improved the Android security, but there are still hundreds of millions of devices without updates and exposed to the danger of cyber attacks. Google can’t do much to solve the problem, but what should we do to deal with it.
The report on Google’s 2016 security informs that there are still 400 million Android devices exposed to security risks. These are models with older versions of the software that no longer receive updates, so they can’t be fixed and their vulnerabilities can’t be solved. The problem is still widespread but declining steadily. It proposes a problem that has become a classic of the Android world. The manufacturers cease to update smartphones and tablets (indeed sometimes not even begin), leaving their owners exposed to more or less serious risks. The counterexample is given by Google Nexus, that receives guaranteed updates for a long time.
But even with the top of the range of other brands updates often come for only a few years: for example Marshmallow recently arrived on the Galaxy S5 and Xperia Z2 -the latter actually was a relative surprise. However, with the cheapest products, even best sellers, there are no guarantees.
In some cases, the updates come (see Moto E and Moto G for example), but many times your smartphone remains exactly as it was the day of purchase -including security problems. To resolve without changing smartphone you can try an antivirus for Android, or install an alternative ROM like the famous Cyanogen -if available for your model. And of course, you should not install applications from sources other than Google Play.
Google’s report also tells us that the company examines 6 billion applications (installed), every day on 400 million devices. The company continues to work to make Google Play secure -ie prevent that someone uses it to spread malware, and over the last year this specific activity has achieved many successes. Adrian Ludwig (Google) reminds us that those who download applications from Google Play can be considered safe, at least as far as the malware is only in malicious applications. Attacks exploiting of known vulnerabilities and not patched, maybe via browser, are instead possible if your smartphone does not receive the necessary updates.