this post was submitted on 15 Jul 2024
51 points (98.1% liked)
Android
731 readers
5 users here now
Android news for android developers. Everything that happens in android world.
For Android development specific topics please see /c/android_dev
The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Are there any other sources for this number? 'Cos most devices i deal with are in the jelly bean - lollipop range.
Even if, a company such as Google could perfectly well keep maintaining older devices, but then they wouldn't be able to sell Pixels and boast how eco-friendly they are.
Yeah but also vulnerabilities in older android remain unpatchable.
EG: Strandhogg 2.0 can't be patched - you just have to set min SDK 28.
I'm sorry, what? Setting min SDK is, itself, a patch. I'm sure Google could backport that patch if they so desired. It's not Spectre, it's a software vulnerability.
There's no technical reason not to provide security backports to software. This is intentional.
You can't modify activity intent apis on older versions of Android to fix intentjacking is my understanding. It fundamentally breaks the versions.
In theory they could've supported down to sdk26 afaik. Android Sec is ancillary to my main day to day.