HTC couldn't care less about its Android customers' security it seems...

HTC One SThere was bad news for owners of the HTC One S Android smartphone last week, when the company revealed that it was not going to issue any more OS updates for the device.

The HTC One S was released in the first half of 2012, and praised by the technology press for its slim design and excellent battery life.

But after little more than a year, the firm behind the smartphone couldn't care less about supporting its customers with updates for the Android OS and its custom HTC Sense user interface.

As HTC told Android Central:

"We can confirm that the HTC One S will not receive further Android OS updates and will remain on the current version of Android and HTC Sense. We realize this news will be met with disappointment by some, but our customers should feel confident that we have designed the HTC One S to be optimized with our amazing camera and audio experiences."

Well, that's great. I'm sure the "amazing camera and audio experiences" will alleviate any concern that users might have that their smartphione isn't going to receive any more security patches.

How would you feel if you bought a smartphone, only to find you won't be receiving any security updates little more than a year later? To me, it seems utterly unacceptable.

Imagine you got the phone on a standard two year contract, for instance. Yes, you can always root your device and install a custom ROM. But is that really what you expect when you spend hundreds of dollars on an expensive phone? And is it really going to be within the capability of the average user to keep their mobile phone manually updated with the latest tweaks and fixes?

Clockwork robotBack in 2009, I bought an HTC Android smartphone but ultimately I chucked it out because of the sheer difficulty in keeping its operating system up-to-date. If you choose to go the Android route you need Google, your cellphone service provider and your smartphone manufacturer to all agree to push out a new OS update.

Companies like HTC "roll-their-own" versions of Android, layering on their own tweaks and user interface tinsel. All that customisation adds to the complexity of issuing updates, requiring work by the hardware manufacturer and then the service providers.

But with an iPhone or iPad, all you're waiting for is Apple to publish an update or security fix. They have total control over the hardware, and can deliver the update directly to you via the internet. The only people in the chain are Apple, as opposed to Google, the hardware manufacturer and service provider.

Of course, it's not practical to support all hardware for ever. System requirements change as software becomes more sophisticated.

But to have the HTC One S's lifespan limited to little more than a year seems a huge slap in the face for users, and should have potential customers thinking carefully about who they might want to buy their next phone from.

Google and Android phone manufacturers need to work harder to ensure that updates to their millions of smartphone users exist in the first place, and are then delivered in a speedy fashion.

If they don't, we're only going to end up with an increase number of out-of-date mobile devices which could potentially be exploited by cybercriminals.

Do you agree that it's harder to keep Android devices up-to-date with the latest version of the operating system? Or is the problem exaggerated? Let us know your thoughts by leaving a comment below

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , ,

9 Responses

  1. Charles

    July 8, 2013 at 12:35 pm #

    Just look at the numbers. 4% of Android are running the current version as opposed to the claimed 60% after the first month for IOS 6. Much harder to keep android up to date. Corporations need to specify an exact Android model if they want any hope of keeping current.

  2. Martin Yirrell

    July 8, 2013 at 1:09 pm #

    Seems to me that the operating system should be upgraded for a minimum of 3 years. Security updates for longer. I really do not want to go the Apple route, but it seems we are being pushed that way.

  3. sb101

    July 8, 2013 at 3:23 pm #

    Well that sucks – I was seriously considering buying the HTC One without a contract, but I don't think I'll bother now. I think that phone manufacturers have a duty of care to their users and should be made to support their handsets for a minimum period of time, perhaps 3 years as another poster suggested. Not everyone rushes to upgrade to a new handset every year – I've tried quite a few Android handsets over the past 2 years and all have gone wrong or failed to work properly, so I'm still using my trusty old Nokia which I bought in 2009 and am happy with it. It's not fancy, but it works reliably and the battery lasts about 5 days between charges.

    You'd think that with the poor position HTC is currently in that they would value their customers more. This sort of stunt won't help and if they are still around in 3 years I'll be a little surprised.

    It might also make manufacturers start thinking about releasing Android handsets without all of the (largely useless and annoying) customisations. I'd like a handset with the non-tinkered, non-skinned Android as I'm sure many more users would, without having to resort to rooting and all of that palaver.

    Bad, VERY bad move HTC.

  4. spryte

    July 8, 2013 at 6:16 pm #

    Less than a year after I decided to buy an iPod I found out apple would not longer support that OS…
    Safari is a security risk, no nore security updates there either.
    Thankfully it is not a phone that I must keep under contract.

    And apple, google wonder why people are asking if they can get some version of Linux on their tablets…

    • Graham Cluley in reply to spryte.

      July 8, 2013 at 6:19 pm #

      Just to be clear, Apple is still producing updates (and security fixes) for the Mac OS X version of Safari.

      The final version of Safari for Windows, however, appears to be 5.1.7.

      • spryte in reply to Graham Cluley.

        July 9, 2013 at 12:02 am #

        Agreed…

        Not my 2nd gen iPod touch though.

  5. Ramiro

    July 8, 2013 at 10:30 pm #

    This is the way Android works. If you are concerned about getting security updates for your phone in a timely fashion for long after its release, buy a nexus phone (which I have done, and it is an excellent value phone as well)

    Google releases control of their operating system by making it open source, it's not by mistake but by design. Don't blame Google, it is the manufacturer's responsibility to release updates to their phone since they own their OS. Shame on HTC for their decision

  6. Real Belahzur

    July 8, 2013 at 10:32 pm #

    Hey Graham.

    This is nothing new. Samsung did the same thing with the original SGS & SGS2 when ICS was released.

    I learned shortly after that and watch many other OEM's backtrack on promises and now just decide whenever I buy a device, first day I root and install CM on it.

  7. Ryan

    September 24, 2013 at 8:02 pm #

    I think this is mainly due to the service providers.
    Verizon is the most critical by far, but all are guilty. If it was
    just an issue of Google and the OEM's, I think the process
    would take much less time.

Leave a Reply