Return to Level1Techs.com

Android patch gaps


#1

So apparently some Android manufacturers not only won’t provide security patches, but will instead just lie to the customers that their software has been patched while all the vendor has done has been to change the date stamp on the security patch.
Pretty extreme lol, one more reason to run custom roms I guess…

I’m interested in how this ‘looks like in the real world’, so if you feel like it you should all test if we got any patches missing with SnoopSnitch (Play, F-Droid) and see how bad the situation actually is.
Update your phone to the latest software, run SnoopSnitch and post your results below! :slight_smile:

EDIT: The version on F-Droid is outdated, by the time of writing only the Play Store version works on all phones, no root required.

Sony Xperia - Stock Nougat. 1 patch gap (CVE-2017-3544)


#2

Few things to note:

  • requires root privileges
  • requires Qualcomm based phones

I have an Xperia XA1 Ultra, and it is not compatible.


#3

You don’t need root to check the patches, thx for the heads up - updated the post


#4

Thanks for the update. I got mine from fdroid, I’ll try the play store one.


#5

Moto X4 with Android 8.0 and 1st feb. securty patches no patch gap.


#6

4 missing patches, and 15 inconclusive. Latest patch (Feb) on Oreo, Sony Xperia XA1 Ultra.


#7

Pixel 2 here and it’s missing one inconclusive.


#8

Same for the pixel 1st gen. It’s not very clear on what it’s checking. It says 1 inconclusive test (not patch), and patched 1. No idea what that means considering I’ve had dozens of patches.


#9

Galaxy S4 LineageOS current weekly:
Level: 05-03-2018
Patched: 85
Patch missing: 1
Test inconclusive: 34


#10

I forgot that my Sony has to be update manually since it’s unlocked so after I updated it to Oreo (Stock, March patch, Nordic/Baltic version) the results are

41 Patched
0 Missing
13 Inconclusive

Rumours say Samsung, Sony and Google are providing the best update practices and so far this seems to be the case. Well, if Google was lacking behind they should be shunned lol.
This is just something to keep in mind when buying a new phone, shame on Nokia tho who apparently lacks behind, just because they flamboyantly promised that they would provide quick patches.

Also interesting to see how custom ROMs compare with stock.


#11

I didn’t buy the anti hacking toolkit with my phone.

But everything is fine so far, no hackers.

I usually update when something doesn’t work.


#12

Last I check there wasn’t any drop down menu for what inconclusive patch is. I assume that it was something dealing with that I wasn’t a beta tester.


#13

Doesn’t inconclusive just translate to a failed check?

Could be either that SnoopSnitch doesn’t recognize the patch, the patch is missing/not needed, or the check just failed.


#14

I believe that I was having a disagreement with people over the fact that you should have antivirus for android… ya circle of trust is pretty weak.


#15

LG G5 H850 LineageOS 14.1 built on the 7th of April. Have a lot of patches with one missing and 56 inconclusive.


#16

I think the app isnt able to handle whatever the pixel phones are doing to handle updates (maybe their update system that uses multiple partitions) so the app is useless for those phones.


#17

So general incompatibility, given it’s much to ask of one app to cover all models so that’s in the grey area.


#18

Yeah I imagine it is, but without more information on what its doing that not disclosing that its actually not comparable on some phones [which ones?], it makes me at least unable to trust its results. (not saying they are correct or not, just no longer trustworthy without more info on compatibility)


#19

Yeah I agree that providing more info to users would be better practice, afterall we nerds use tools like these.
Anywho it’s open aource so…


#20

Surprised to see Motorola and OnePlus on that list- a little discouraging as I’m anticipating the OnePlus 6 announcement. LG and Samsung are infamous for delays in updates. I have an LG (imo good hardware/reliable) but use LineageOS.