Chinese KitKat

[Oleg Goldshmidt]

geoffrey mendelson <geoffreymendelson at gmail.com> writes:

> On 1/6/2014 12:02 PM, Oleg Goldshmidt wrote:
>> We are not discussing past-EOL versions here, so the implicit
>> assumption is that critical security updates are provided, without
>> downgrading functionality. 
>
> But they are not. While very few companies are providing Android 4
> upgrades for Android two phones, are any still upgrading Android 2?
> When was the last time your phone had an operating system patch or
> fix?

AFAIK, there is no indication (not that I check obsessively) that
Gingerbread went the way of XP [chuckle]. You said yourself that you see
2.x devices being sold today. Personally, I know I am behind on the
patchlevel, but upgrading is a MUCH bigger risk than any security
concerns, given my experience and my usage pattern.

To explain, when you look you find that many existing vulnerabilities
(not all) exist assuming you install and run applications that exploit
them. This is simply not very likely for me. Stuff where opening a
specially crafted SMS pwns your phone is very rare indeed.

> To comment on another post, do you know if those upgrades offered for
> apps would actually work on your phone, or the upgrade checker just
> sees a new version and offers it to you?

I have never had any problems with those apps that I cared to update. I
have not noticed anything that would cause me to suspect that my phone
is unsupported / past-EOL / anything. I don't actually *know*, but I
don't think Google Play would offer me (or allow me to download/install)
an update that would be incompatible with my firmware. I fully expect it
to know the exact version better than I do.  FWIW, at the moment I have
10 update notifications I have not looked at yet.

-- 
Oleg Goldshmidt | pub at goldshmidt.org