Android’s broken software update model

By Steve Biddle, in , posted: 28-Nov-2017 07:52

Keeping your mobile phone software up to date is more important than ever in light of recent security concerns. Whether you’re a Google Android or Apple iOS fan, one thing everybody has to accept is that Apple’s software update model works a lot better in practice than Google’s.

When Apple release an iOS update it’s immediately available to all users of every device supported by the update. The “supported” life has exceeded 4 years for numerous Apple iPhone and iPad devices.

In the Android world things are a lot more complex. Assuming a manufacturer does decide to make Android updates available (plenty of Android manufacturers don’t make any updates available), the process to get those updates to end users is often long and complex. For many phones there is a requirement for the manufacturer to send software updates to the mobile networks for testing, and once they’ve tested the software it then becomes available from the manufacturers as a software update.

Apple’s model isn’t necessarily perfect – bugs in iOS have caused grief for both networks and end users in the past.

Changes to signalling caused headaches for mobile networks as they become flooded with signalling traffic after an iOS update, and on multiple occasions Apple have introduced WiFi changes that have meant nothing but grief for end users. In such situations it’s not just the odd user or mobile network that’s affected – it’s every user and mobile network.

HTC released this infographic detailing the Android update model a while ago

I saw a post on Geekzone recently asking about software updates for the Sony Xperia Z5. The poster asked whether users of the Spark New Zealand branded Xperia Z5 were ever likely to see the Android 7.1.1 update. As it has been available now for months for non Spark branded handsets, it’s not an unrealistic to expect that it should be available.


The Xperia Z5 is a handset I had previously owned, and after purchasing it in Hong Kong in 2016 I flashed it with the generic Australian firmware. In the year I owned this phone updates were pretty regular, with Android 7.1.1 appearing for it in early July, a week or so after Sony made it available. I was surprised to see that the update was not yet available for the Spark branded Z5.

I upgraded to a Hong Kong sourced Xperia XZ in July, and get regular updates for this including monthly Android security updates that often appear within weeks of being released by Google. I’ve long regarded Sony as being great with updates for all of the Xperia phones I’ve had, and Sony have typically made updates available for 2 years from the release of the phone.

A few days later there was an update after the user contacting Sony -


I reached out to Spark to ask them about the situation and got this response -

"The latest build we have tested for the Z5 is 7.0 – which we approved on 28/02/2017. We don’t have a new build from Sony on the radar at this stage, we've asked them to see if we will get it or not. "

A 3rd party tool called Xperifirm allows Xperia users to download official firmware files from Sony’s servers and install it on their phones. Simply by running Xperifirm you can easily see the latest software release available for any Xperia handset.



As you can see from the list Android 7.1.1 (32.4.A.1.54) is available from a number of carriers. Android 7.0 builds (32.4.A.0.160 and 32.3.A.2.33) are available from the rest. Your phone is tied to the latest release available for your CDA code, so even if a newer update may be available for your device, the CDA code defines the software available to you.

The good news is that reflashing a Xperia handset with a different firmware version (which will change the CDA code) isn’t difficult but does carry some risk. If you don’t fully understand what you’re doing you do run the risk of turning your phone into an expensive brick.

The downside of flashing different firmware onto your device is that it means your phone may not be fully compatible with the network you’re using it on. Despite 3G and 4G being standards, many networks have customised settings for features such as Carrier Aggregation (CA) that may mean your phone won’t be able to take advantage of the CA features offered by your network. In some circumstances it can also result in delays connecting to networks while roaming, or reconnecting to your home network when you come back to New Zealand.

Security updates appear most months for Android. Some of these updates are minor. Some fix critical bugs. By not running the latest available software on your device you’re potentially being exposed to bugs that do exist in the wild and could theoretically result in data or personal information on your device being compromised.

In light of the recent KRACK WiFi exploit, the issue was raised by a number of people as to whether consumer law in New Zealand provided cover for end users. Any product sold in New Zealand must be “fit for purpose” under our Consumer Guarantees Act (CGA).

Manufacturer obligations under the CGA can exceed those that exist under a regular product warranty – even if a product is out of warranty and fails the manufacturer and/or retailer could still be liable if the product is not deemed “fit for purpose” and is within an accepted lifetime of the product.

Consumer guarantees for products

The CGA gives you rights if the products you buy or are supplied by a business are faulty and do not meet the guarantees below under the CGA.

All consumer products must:

  • be of acceptable quality (durable, safe, fit for purpose, free from defects, acceptable in look or finish)
  • be fit for any particular purpose you have told the supplier
  • match a description, sample or model shown to you
  • have good legal title, eg be able to be sold and not have any security interests registered against them
  • be a reasonable price if no price is set
  • arrive on time (within a reasonable time if not agreed) and in good condition
  • have spare parts and repair facilities available (manufacturer is responsible). This does not apply if you are told about limited availability before you buy.

There has been plenty of debate in the online world as to how phones should be treated under the CGA. Most discussion centres around what a reasonable expectation is for the lifespan of a phone. Cases in both Australia and New Zealand have seen warranties on phones move to 2 years as standard – with many people deeming 2 years to be considered a reasonable lifespan for a modern device. It’s a timeframe I agree with.

Google publically state their support policy for current Google branded Nexus and Pixel phones on their support page. They commit to updates for 2 years from the release of their phone, and security updates for 3 years from the release of the phone.

Many devices out there (particularly low end), will never receive updates, meaning the end user could potentially be exposed to data loss or encounter issues that may be fixed in newer releases. Could a lack of software updates for a phone mean that you could lodge a CGA claim over a handset because it’s no longer “fit for purpose”? That’s something there aren’t simple answers for, and something that probably needs to be tested in court.

In the case of the Xperia Z5 it’s hard to decide where fault lies. Software updates for the Z5 exist in many other markets but don’t exist for the Spark branded Z5. Spark are saying they haven’t received any new updates from Sony. Are Sony simply deciding that it’s not worth investing in development of updates for Spark customised firmware in a small market such as New Zealand where it’s unlikely that significant numbers of Z5 handsets were sold? We can really only speculate.

In light of the CGA should all manufacturers of handsets that are sold in New Zealand be required to commit to disclosing  publically their support timeframes for handsets? Google already do this. Should mobile networks be required to publically list all handsets they have sold and the current firmware levels and upgrade status? Maybe.

It shouldn’t be up to an end user to have to search the Internet to work out how to download and flash their handset with foreign software to update it to the latest release available, but right now for many people in New Zealand this is the only way to get the latest updates on their hardware. That’s wrong, and to me shows how broken the update model is.

Other related posts:
Skinny takes FUD to new heights with Vodafone GSM network shutdown billboards.
Are Air New Zealand about to dump their Premium Economy Spaceseat?
Will the iPhone 6 work in New Zealand?

comments powered by Disqus

sbiddle's profile

Steve Biddle
New Zealand

I'm an engineer who loves building solutions to solve problems. I'll also a co-founder of the travel site. 

I also love sharing my views and analysis of the tech world on this blog, along with the odd story about aviation and the travel industry.

My interests and skillset include:

*VoIP (Voice over IP). I work with various brands of hardware and PBX's on a daily basis
  -Asterisk (incl PiaF, FreePBX, Elastix)

  -xDSL deployments

*Structured cabling
  -Home/office cabling
  -Phone & Data

*Computer networking
  -Mikrotik hardware
  -WAN/LAN solutions

*Wireless solutions
  -Motel/Hotel hotspot deployments
  -Outdoor wireless deployments, both small and large scale
  -Temporary wireless deployments
*CCTV solutions
  -Analogue and IP

I'm an #avgeek who loves to travel the world (preferably in seat 1A) and stay in nice hotels.

+My views do no represent my employer. I'm sure they'll be happy to give their own if you ask them.

You can contact me here or by email at