Using the CGA to get Android updates in a timely manner

Forums › Android › Using the CGA to get Android updates in a timely manner

1 | 2 | 3 | 4 | 5 | 6

557 posts

Ultimate Geek

#686392 15-Sep-2012 12:25

The OS's I know of all have patches available for download. You are not reliant upon your ISP to approve those updates before you can apply them to your computer.

With cellphones it's different. AFAIK you can't apply updates that have not been approved without rooting your phone and voiding your warranty.

If the GPS/DVR etc has a free update available, nobody is stopping you from applying it to your device as far as I know.

AliExpress

Affiliate link

Affiliate link: Buy anything now at AliExpress.

Talkiet

4573 posts

Uber Geek

Trusted

#686393 15-Sep-2012 12:29

blair003: The OS's I know of all have patches available for download. You are not reliant upon your ISP to approve those updates before you can apply them to your computer.

With cellphones it's different. AFAIK you can't apply updates that have not been approved without rooting your phone and voiding your warranty.

If the GPS/DVR etc has a free update available, nobody is stopping you from applying it to your device as far as I know.

Not the point I was making...

Consider the OP's statements...

This got me thinking NZ has the Consumer Guarantees Act. Which does say something along the lines of if there is a fault in the product you have purchased the versatile either has to fix it (which they can only do by providing the latest Android update) or to replace (which will only help if it is brand spanking new phone model) or provide you with a refund.

(My bold)

It doesn't matter that the OSes have patches, unless you want to assert that a copy of windows with the current patch level is completely free of minor defects'. Because if it's not, according to the OP logic, it needs to be replaced or refunded.

Cheers - N

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

karit

84 posts

Master Geek

#686394 15-Sep-2012 12:32

Talkiet: Just for a moment, consider what you are implying...

- Every single computer sold by a retailer with an OS now needs to be replaced.
- Every single GPS unit sold by a retailer now needs to be replaced.
- Every TV, every DVR, every piece of consumer electronics need to be replaced.

And once these items are replaced, the new replacements now themselves, need to be replaced.

And what about the case when your brand new replacement phone (or untested SW update) itself has a minor defect? That's right, it needs to be replaced. Oh, and then that one has to be replaced.

You probably see where I'm going with this.

Cheers - N

Firstly there is an expected life span aspect of a product. OSs e.g. Windows or Mac or Linux receive security updates in a timely manner to fixing those defects and they continue providing updates for some time. When was the last new computer sold with XP and XP still has updates to 2014, so desktop OSs aren't a problem.

Though how many GPSs, TV and DVRs have defects opposed to missing features or usability improvements? The T-Box springs to mind but that is rented so doesn't fall under the CGA.

khull

1245 posts

Uber Geek

#686395 15-Sep-2012 12:34

Agree with JohnR and others on this. Nothing wrong with the current landscape of android phones. If you are unhappy with the update frequency consider switching to alternate operating systems I.e. iOS

blair003

557 posts

Ultimate Geek

#686396 15-Sep-2012 12:38

Talkiet:
blair003: The OS's I know of all have patches available for download. You are not reliant upon your ISP to approve those updates before you can apply them to your computer.

With cellphones it's different. AFAIK you can't apply updates that have not been approved without rooting your phone and voiding your warranty.

If the GPS/DVR etc has a free update available, nobody is stopping you from applying it to your device as far as I know.

Not the point I was making...

Consider the OP's statements...

This got me thinking NZ has the Consumer Guarantees Act. Which does say something along the lines of if there is a fault in the product you have purchased the versatile either has to fix it (which they can only do by providing the latest Android update) or to replace (which will only help if it is brand spanking new phone model) or provide you with a refund.
(My bold)

It doesn't matter that the OSes have patches, unless you want to assert that a copy of windows with the current patch level is completely free of minor defects'. Because if it's not, according to the OP logic, it needs to be replaced or refunded.

Cheers - N

Yeah, I don't think this is a practical solution to the problem in any event and I don't completely agree with OP, but its an interesting angle.
Also a replacement phone won't necessarily have the latest software (this is the entire problem) so actually it would not help. It would be interesting if you tried to return under CGA and saw how far you could take it, maybe you could get some publicity.

From how I understand the CGA if the retailer is clear that you can't apply software updates to the phone yourself, they are only provided with carrier approval, then it would not apply anyway.

Talkiet

4573 posts

Uber Geek

Trusted

#686397 15-Sep-2012 12:39

karit:
Talkiet: Just for a moment, consider what you are implying...

- Every single computer sold by a retailer with an OS now needs to be replaced.
- Every single GPS unit sold by a retailer now needs to be replaced.
- Every TV, every DVR, every piece of consumer electronics need to be replaced.

And once these items are replaced, the new replacements now themselves, need to be replaced.

And what about the case when your brand new replacement phone (or untested SW update) itself has a minor defect? That's right, it needs to be replaced. Oh, and then that one has to be replaced.

You probably see where I'm going with this.

Cheers - N

Firstly there is an expected life span aspect of a product. OSs e.g. Windows or Mac or Linux receive security updates in a timely manner to fixing those defects and they continue providing updates for some time. When was the last new computer sold with XP and XP still has updates to 2014, so desktop OSs aren't a problem.

Though how many GPSs, TV and DVRs have defects opposed to missing features or usability improvements? The T-Box springs to mind but that is rented so doesn't fall under the CGA.

I disagree with you. I still believe that the same logic you use to require instant SW upgrades or replacement of your phone should mean that any electronic device with any minor defects should be eligible for replacement or refund unless they are completely free of minor defects.

In essence you're complaining that you aren't getting android updates the same day (or week) that they are released by Google and want to force NZ suppliers to release updates on a schedule that doesn't match either their testing schedule, or limited resources to manage update testing for dozens of handsets.

I personally think your approach is preposterous and unrealistic.

If you really want an up to date OS, there are ways of making that happen.

(Please note that I am not in the mobile side of Telecom - these are my own opinions - at least partially formed however from knowing how damn hard the guys work on our handsets - supply chain and testing.)

Cheers -N

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

blair003

557 posts

Ultimate Geek

#686398 15-Sep-2012 12:43

khull: Agree with JohnR and others on this. Nothing wrong with the current landscape of android phones. If you are unhappy with the update frequency consider switching to alternate operating systems I.e. iOS

Really? Nothing wrong?

Phones are basically mini computers nowadays, yet we are restricted from loading our choice of software on them. PCs are going the same way and it will be harder to load custom operating systems onto them in future, but I disagree with that also.

I could understand if it was radio firmware or something that had the potential to disrupt the network of the carrier, but I don't think that is the reason. I personally don't think it's OK that I have to root my own phone so I can get it to do what I want it to do.

In my view this is one area where apple has a clear advantage over android.

uglyb0b

335 posts

Ultimate Geek

#686421 15-Sep-2012 13:12

All software has security vulnerabilities, including Apple. How do you think jailbreaking works? Developers find a hole and exploit it, the same as any other security hack.

Apple has even been vulnerable to much more end-user accessible security holes. I remember a while ago there was a bug in iOS (Can't remember which version), where opening a .pdf attachment from an email opened up some security hole. I can't remember the details, but I will update this post if I can find anything on it.

My point is, no operating system is unbreakable. There will ALWAYS be security holes, and all that a manufacturer can do is work to patch as many of them as possible.

Update - The issue involves (involved) how the iOS parses fronts within the mobile version of the Safari browser
http://www.macworld.com/article/1160990/ios_security.html

Dunnersfella

4032 posts

Uber Geek

#686430 15-Sep-2012 13:41

Talkiet:

In essence you're complaining that you aren't getting android updates the same day (or week) that they are released by Google and want to force NZ suppliers to release updates on a schedule that doesn't match either their testing schedule, or limited resources to manage update testing for dozens of handsets.

I personally think your approach is preposterous and unrealistic.

Imagine if this whole CGA approach being put forward by the OP was indeed enforced.
The likely outcome?
Far, far, far fewer handsets would be released into the NZ marketplace, leaving the consumer with much less choice in the long run. Why? Because the telcos wouldn't have the resources / inclination to keep a massive army of Android phones constantly tested / updated.
Fixing one problem would create a bigger issue market wide.

And here's another thing to consider, what if the case is taken to arbitration, leaving one outcome... a new iPhone for the complainant. I can just imagine the thread now...

blair003

557 posts

Ultimate Geek

#686433 15-Sep-2012 13:47

uglyb0b:

My point is, no operating system is unbreakable. There will ALWAYS be security holes, and all that a manufacturer can do is work to patch as many of them as possible.

Agreed. But when patches exist yet you are not allowed to apply them to a device you purchased yourself, and the carrier who is able to apply those patches to your device doesn't do so, is it fair that I have no recourse?

karit

84 posts

Master Geek

#686435 15-Sep-2012 13:56

blair003:
uglyb0b:

My point is, no operating system is unbreakable. There will ALWAYS be security holes, and all that a manufacturer can do is work to patch as many of them as possible.

Agreed. But when patches exist yet you are not allowed to apply them to a device you purchased yourself, and the carrier who is able to apply those patches to your device doesn't do so, is it fair that I have no recourse?

Pretty much. Desktop OS manufacturers when alerted to a security defect they patch it and make it available to all users. MS I think will provide security patches to pirated versions because its for the greater good. They don't wait for the ISPs or computer OEMs to give the ok. I can't remember the last time an OS update bricked a computer, a couple of AV vendors have done it but not MS, Apple or Linux Distros.

nzgeek

614 posts

Ultimate Geek

#686437 15-Sep-2012 14:00

I don't think it will be possible to get any action under the CGA. At best you might be able to get a refund, but even then I think you'd be lucky to get that far.

You definitely won't be able to force a firmware update. The firmware is created by the manufacturer, and then sent out to the regional teclo providers for any testing and customisation. The local telcos have the power to block an update because it contains noticeable bugs, but they don't have the power to demand a newer firmware version than what the manufacturer currently supplies. Even the local subsidiaries of the manufacturer (e.g. Samsung or Apple's NZ subsidiaries) have little power over the process. They can relay what you want up to the phone manufacturing division, but can't guarantee any action will be taken.

The only way you can get a firmware update is if a telco is currently testing a new version, and even then they can reasonably make you wait until they've got it sorted.

Given all this, the best you can get is a refund. However, I don't think that minor OS vulnerabilities are something that the CGA covers. The CGA is there to ensure that consumers are not ripped off. It's not there to ensure that you get a perfect product (or service) every time, otherwise it would be abused.

This applies doubly so to software. It is impossible to write any non-trivial piece of software without it having at least one bug. Most major bugs can be picked up during testing, but it's impractical to try and find every possible bug that a piece of software might have. Security vulnerabilities are different yet again, because they are not caused by the normal operation of the software, They are caused by someone deliberately misusing the software, in a way that's well outside of what can be reasonably expected by the software's creator.

It's for this reason that I don't think you'd get any action at all under the CGA. The hardware has not exhibited any defects that warrant action. The software is working as expected under normal operation of the device. The only fault is a vulnerability that might be exploited by a malicious third party, an act which is a criminal offense.

Think about it this way: a standard door lock can opened by applying torsion to the barrel and raking the pins with a pick. This is not part of the normal operation of the lock, but can be misused by a malicious third party to gain access to some place they should not be allowed. Does this mean you can demand that the lock manufacturer fix the problem under the CGA, so that lock picks cannot be used?

blair003

557 posts

Ultimate Geek

#686438 15-Sep-2012 14:08

nzgeek:
Think about it this way: a standard door lock can opened by applying torsion to the barrel and raking the pins with a pick. This is not part of the normal operation of the lock, but can be misused by a malicious third party to gain access to some place they should not be allowed. Does this mean you can demand that the lock manufacturer fix the problem under the CGA, so that lock picks cannot be used?

Not that I disagree with your post, but I see it as much more subtle than your example. Playing devils advocate:

A standard door lock is produced. After production, the manufacturer becomes aware that far from needing a torsion bar to open it, you can actually open the lock with a similar looking key even if it was not coded for that lock. Do I have any rights under CGA?

blair003

557 posts

Ultimate Geek

#686441 15-Sep-2012 14:23

To be clear: I myself see software as a different beast (hence why I think the software patents are pretty stupid), so I don't know that the lock example is great. But with more and more software interacting with hardware in products used by consumers, this is going to become more of an issue.

I agree it's not really a CGA issue in this instance, even if you could potentially argue to get a refund if your device was new.. I think the CGA idea was more a means to an end.

As far as I am aware the carriers (globally) are the root of the problem. Their demands mean the device manufactures make locked boot loaders which prevent me accessing my own device. If it doesn't affect a carriers network, and I am prepared to run an unsupported device, why should I be prevented from doing that on a device I purchased?

Given the boot loaders are locked, I am dependent on my carrier for any updates that the manufacturer has released, so it does become their problem. I could understand rigorous testing and lock down of radio versions, but what we have is not limited to that and I don't understand why.

tdgeek

26478 posts

Uber Geek

Trusted

Lifetime subscriber

#686443 15-Sep-2012 14:31

If you did get timely updates to correct security vulnerabilities, that will give you the ideal outcome. What about the security vulnerabilities that exist, but are as yet unknown? Every computer based OS has vulnerability potential. Windows, MacOS, iOS, Android, WP, Linux, everything.

You could use an OS that updates faster, you can also install security software to help. You have a backup in place for the rare instance that you feel a need to blow it away and start over. Likely that the last point will rarely arise. In any case, Android will no doubt evolve to make this process more timely.

1 | 2 | 3 | 4 | 5 | 6