WIP: Software-Updates on Android or obsolence by design

Edit: Thanks for your comments and ideas, I added a new section to my post below. This post is a work in progress, that I intend to develop with you.

State of Smartphone Software Updates

In October 2013, Apple announced and started selling the iPhone 5S. It was the first Apple smartphone to feature a 64bit processor and a ID fingerprint sensor. It cost around 700€ when introduced, since about a year, the price is stable at around 300€. Repairing the display costs 160€ at a Apple Store, Battery service costs 90€. Since it’s introduction, the iPhone 5S has received day one software updates, not only security updates but major OS upgrades. The phone was introduced with iOS 7, it will run the iOS 11 version to be released this fall just fine. It is unclear if the device will receive iOS 12 or whatever next year, it certainly will get security and bugfix updates during the full iOS 11 lifetime – which means for longer then a year. Apple stopped selling the iPhone 5S 17 months ago. This is pretty near to the 5year lifetime many of us envision for our smartphones.

At the same month, October 2013, Google launched the Nexus 5 with Android 4.4. As a reference phone sold by Google, the Nexus 5 received Android Updates at their official launch. The latest major upgrade was Android 6 in fall 2016, the last security update was released in October 2016. Google stopped selling the Nexus 5 in March 2015. This makes two major software updates and three years of software support. While this is exactly in line with Googles Software Policy for Nexus and Pixel phones, which promise two years of updates from release day and 18 months of security updates from the last day sold in the Google Store, this is two major updates and already a year less of software support compared to the still supported iPhone 5S, which is the same age. Google still includes Android 6 in its monthly security bulletins, by the way. The Nexus 5 sold for around 360€.

The Fairphone 1, launched in December 2013, did not receive a single major OS upgrade (or one if you count an prerelease Alpha build) and stopped receiving security updates more then a year ago. Since shortly after it’s launch, it was clear that Fairphone would not be able to provide major Android Upgrades, without gaining control of the source code. And as the recent announcement shows, even that was not enough, Android 4.4 development was canceled, that essentially means the Fairphone 1 software was outdated since it’s launch and can be considered unsupported since over a year. That means less then three years of security updates and no major software upgrades for the OS at all. The Fairphone 1 cost 325€. Support for the FP1, including repairs and spare parts has been stopped by Fairphone.

The Sony Xperia Z3 compact was launched in fall 2014 with Android 4.4. It received Android 5 in July 2015 (six months after Android 5 was announced) and Android 6 in April 2016 (again six months after the OS was announced). The Z3 will not receive future Android Updates (it uses the same chipset as the FP2) and it is on security level Mai 2016 (Google started issuing monthly security updates). With two major software updates, the Z3 compact is actually more of a good then a bad example in the industry, however, it still means that the OS is unsupported since over 12months has only received support for 18months. It cost around 400€ when launched.

The Xperia Z5 compact was launched in December 2015 with Android 5 Lollipop, it received Android 6 in spring 2016 and Android 7 in winter 2017. Since June 2017, it’s one of the very few non Google phones running Android 7.1.1. It received some security updates and is currently on Security Level June 1., 2017. It’s unclear if the Z5 compact will receive an Update to the next Android release “O” or if future security updates will be released. That makes 17 months of software support as of now. The list price was 550€ in early 2016.

The Fairphone 2 was launched in December 2015 with Android 5. It received Android 6 in spring 2017 and has since received regular security updates. It’s at Security Level June 1., 2017 as of writing and still in software support. However, it cannot receive Android 7 with Google certification, since it uses the same chipset as the Xperia Z3, a Snapdragon 801 by Qualcomm. It remains to be seen if Fairphone can pull some tricks at get major software upgrades for the FP2 through Lineage OS, but i would not count on it, so users who want to upgrade to Android 7 or newer will need to use community build and maintained software.

Is the only way to prevent software obsolescence to buy Apple?

At the moment, it seems so. If we want our devices to live a long live, software updates are essential. Not only do they keep the software secure and make sure you can install new apps, they also reduce the incentive and need to buy new hardware. At work, we can safely develop apps using old iPhone 5S phones, but still use all the latest APIs, for example. And since the OS is (almost) exactly the same on all iPhones, there is less incentive to be a new phone just to be on the bleeding edge.

As a software developer, i stop supporting old version of iOS not earlier then half a year after the next iOS release is out, if possible, to give users enough time to upgrade. That means if you bought an iPhone 5S in 2013, you will probably still be able to run my app in spring 2019 and i only have to test two OS versions.

If you bought an Nexus 5 in 2013, by 2019 you would be running a device that has not received security updates for over two years. I probably wont be able to stop support for Android 6 by then without loosing marketshare, but I need to test support not one or two OS releases but four. As a developer, I will probably not be using Android 6 by then, but a newer OS, as most users will. There will be very little incentives to fix bugs affecting your platform/version only and you will miss out features I can only provide on newer versions.

Whats the reason for this difference?

I see three main reasons for this difference in software support:

  1. Finances
  2. Incentive
  3. Control
  4. Architecture of the OS

Finances

Apple is the most successful smartphone produces in the world. It has not only industry leading devices and software, but probably also the highest profit per device in the industry. That leaves more reserves to keep supporting older hardware, since all the support time has to be calculated in the device price. Profits in Android smartphones are said to be razor thin, at least if you are not in the high price model range, in which only very few manufactures have reasonable marketshare.

On the other hand, Apple devices a more pricey and customers expect better and longer support. This reflects in very high prices in the second hand market. How are you supposed to sell a used Android device for a good price if it has already been abandoned by the vendor.

Incentive

Apple has an image to lose. But more importantly, in stark contrast to Android manufacturers (except for Google), Apple continues to make money after the device is sold through App Store shopping and subscriptions to Apple and third party apps and services. This is doubly important: Again, it provides financial resources, but it also is a strong incentive to keep existing users happy. Everytime an iPhone is abandoned, Apple risks loosing customers to the far less expensive and sometimes technically superior Android world.

Android manufacturers make all their money when the device is sold. Larger manufacturers experimented with own app stores to get a small piece of the money, but all of them were ill-fated. In Europe and the US, the only relevant market for apps and services is the Play Store. And those profits go to Google. You could say that’s fair, since Google develops the Software and the manufacturer the hardware, but that is not the point. The point is: It provides very few incentives for manufacturers to keep older devices alive. They only have to support them long enough to prevent public outroar.

Control

Apple controls software and hardware development, including the chipset. On Android, on the other hand, there are several hundred manufacturers building thousands of different smartphones. They use software from Google and SoC from Qualcomm or MediaTek or their own. They simply don’t have the same level of control over their product and product lifecycle as Apple does. Even if Sony and Fairphone wanted to bring Android 7 to their respective devices, they simple can’t since the cant pass the Android 7 compatibility certification. If that is Google’s or Qualcomms fault or if both companies are equally to blame is still undecided.

By the way, the Google Pixel is the first device that’s not only sold but also developed by Google. That did not improve the support times mentioned above.

Solutions

I think I established a key point: Software maintenance is required to prevent obsolescence and Apple is leading in this area with iOS Software support. When I asked for your opinions on the post above, a frequent response was that I missed custom ROMs. Below I explain why I currently don’t think they are the solution to that problem.

Custom roms

A custom rom is a software (OS) you install on your smartphone, that is not provided by your manufacturer, but a third party. The best known custom rom was CyanogenOS, now it is Lineage OS. Custom roms are provided by enthusiasts, support length and quality vary between devices. Getting them to work required a lot of work, deep knowledge of Android and Linux programming and some tricks that manufacturers of devices cannot pull. Initiatives like Fairphone Open Source or Sony Open Devices can make porting customs roms to specific devices easier. At their best, custom roms provide long-time, up-to-date software that is maintained without a commercial interest. Still, by definition, they are by a third party. They are able to support older devices and can be developed by relativly few people since they do not need to go through certification, neither by Google nor by carries or governements. They come without Google Apps which are essential to many users and they are not supported, in a traditional sense, by the manufacturer.

Custom roms can be a fallback for enthusiasts, and i think it is important to support them through any means possible. But I don’t consider them a solution for the typical user.

Alternative Open Source Operating Systems

Note: Fairphone provides “Fairphone Open OS”, an Android based operating system that is in general compatible with Googles Version of Android, but lacking Googles Applications, especially the Play Store and some services popular with app developers. I don’t consider that an alternative operating system.

Similiar to many popular variants of Linux on the Desktop, there a few Open Source Operating System apart from Android. However, all efforts to establish more operating systems in the mobile space failed, in my view. Microsofts Windows Phone is history and Windows 10 on phones pratically non-existent, Microsofts Apps famously are better supported on iOS and Android compared to their on mobile OS. Blackberry stopped developing their technically interesting BlackBerry 10 OS, Mozilla stopped Firefox OS, a web based mobile OS that failed like WebOS, developed by Palm, then HP, years ago. The Nokia, Intel and Samsung Initiative MeeGo failed to, while it’s ideas live on in Sailfish OS by Jolla and Tizen by Samsung. Canonical stopped developing UbuntuTouch just this years, after years of development.

We need to accept it: At that time, there is no alternative to Android if you want to have any chance of commercial success. I would argue there is no alternative to Android with Google Services, as it is installed on the Fairphone 2, opposed to the Google free Fairphone Open OS, which I consider a niche. I love free software and I want it to develop in it’s niche. But it’s not, by any means, a solution for the problems above since it does not fit the requirements considered standard on a smartphone.

Interesting reads



18 Likes

I think you missed custom roms in your story. My Samsung S2 from 2011 is running Android 7.1.2 and I use it in 2017.

4 Likes

Good point, thank you. I’m not sure how custom ROMs fit in the story yet, this is why there are missing. There are simply no custom ROMs on iOS of course, not possible. On the other hand, most companies do nor support custom ROMs developers at all. Some help by providing documentation and driver downloads for AOSP like Sony for some of its devices or like Fairphone. Google devices typically have outstanding custom ROMs, although that’s not due to Google efforts.

Furthermore, I’m not really sure if custom ROMs are a full solution due to all the hacks involved and missing customer support from the manufacturer.

Do you feel custom ROMs or aftermarket OS updates from a third party could be a solution?

3 Likes

But afaik you can jailbraik an old iPhone and install a newer jailbroken iOS version on it than officially possible.

I never used customer support from any software company, so I have no experience with this, but wouldn’t official support by the custom ROM company be enough (FP2 has official UBports support and maybe soon Lineage)?

I see no reason why not.

1 Like

What’s missing from the equation in my opinion is the hardware design side. A phone could last for 5 years and have the latest software by then, but when the battery goes worse or I drop it and the screen breaks, it might be obsolent after 2 years. This is where Apple lacks behind: Repairs cost too much (money and effort).

5 Likes

I disagree, it was as easy as for no other phone, except for the Fairphone, to find the prices and information of repairs for the iPhone.

It did not find a similar price list for Samsung or Sony as the one Apple provides here: https://support.apple.com/de-de/iphone/repair (German version). Again, Fairphone supplies a similar list and repairing the Fairphone 2 is super easy and cheap, thanks to the modules (except for when the main module breaks), so Fairphone is leading, but Apple is leading the rest of the industry here. You can go into any Apple Store worldwide, or in Europe to the Apple Stores or official partners (like Gravis). If you get a price for the repair, you can easily compare it with Apples prices.

Furthermore, some batteries are really high quality, I know several people with 4 year and older iPhones and Android smartphones and the batteries are sill acceptable. I agree that batteries should be easy to change, and i love that the FP2 battery is accesible. But we should not overestimate the effect the battery has on the obsolence of devices.

3 Likes

fair account, ben, for all points i’m familiar with (at least superficially). you didn’t mention it explicitely but i understand from your post that you’d like fairphone to follow apples lead with respect to durability/repairability/upgradability. if so, i happily agree. so far, i’m happy with the performance of my regularily updated FP2 (my son loves my “old” FP1 despite having shattered the screen). but having read (here in the forum) about the various issues a fair number of FP2 users have with their device and the fairphone support i think it would be a wise decision to plan for a more solid (=apple-like) soft-&hard-ware supply chain for FP3. (and if the screen size of the FP3 would be that of apple’s 5C i would place my order immediately)

1 Like

Except for the fact that your analysis does not cite any references I partly agree with some of your conclusions. However, I doubt Google designed the Android system with obsolescence in mind. It’s simply the lack of pressure and incentives for the manufacturers to provide (security) updates in a responsible fashion.

There are some reasons behind this that also differentiate them a bit from Apple:

  • the manufacturers produce too many devices with too many chipsets per year
  • many manufacturers do not care at all about maintainability when choosing a platform (no incentives)
  • customers do not make buy decisions based on these factors and there is simply too little choice
  • customers do not claim their rights like they should and regulatory bodies are deeply asleep (on purpose?). At least in the EU, for any new goods you buy get 24 months of a limited warranty (“Gewährleistung” in German) and it’s your right to receive a product that is free from faults. Why do people that buy such products that have known, severe security issues do not claim this warranty? Why do institutions only do small campaigns such as [1] instead of getting those cases to court?

After lengthier consideration, personally, I decided not to get a FP2. Not only because it’s a inferior product, but because Fairphone decided for a non-free platform where they again made themselves direclty dependant from a chipset manufacturer for providing updates. They did not learn their lesson. They could have chosen a platform that is (much) more open and that is supported by free software out of the box. Imho, this is the only way to solve the update disaster in the long run.

As long as Google continues to provide security fixes for Android 6 things will stay fixable. Once they stop (maybe in a year or two, who knows?), FP2 will become as obsolete as FP1 is today - at least if you want to have a phone that is not vulnerable to old and well-known security issues.

Regarding Custom ROMs: Yes, they are currently the only solution but they are not for everybody (installation, warranty…). Fairphone still is MUCH slower than e.g. LineageOS in providing security updates, and I don’t understand why they mess around so much with their firmware instead of concentrating on the hardware and partnering with/supporting community projects like LineageOS for providing the software.

[1] https://www.golem.de/news/unsichere-android-version-verbraucherschuetzer-verklagen-haendler-1707-129064.html

2 Likes

I guess, you just answered that question yourself:

A company as small as Fairphone can neither change the world in one go, nor can it offer support like apple or tackle each and every task at the same time.
From a business point of view it is convincing to first develop a smartphone that is durable, as fair produced as possible and that has the potential to get the message of fair electronics to as many people as possible (i.e. that’s marketable).
Once that has been successful, a phone optimized or even especially developed for the technically advanced user willing to experiment with the OS might be a serious option.
I for one would not have got me Fairphone, if I would have had to take a computer course first. :wink:
And to be honest, when browsing this forum’s threads for other operating systems like LOS, Ubuntu etc. I still can not see myself to try a change from the original Fairphone OS (with google-stuff disabled as much as possible of course).

5 Likes

Then you might have misunderstood my suggestion: My point was not to leave the software part alone and see what the community does, but to support projects like LineageOS. One such model could be if Fairphone dealt with the device-specific parts (like maintainers of other devices do) while the community would deal with all other stuff “for free”. The second duty would be of course to test the resulting ROMs (FP part + community part) and make available official releases of the tested versions. This way, end users would not need to do any tinkering themselves.Well, I think we are too much into discussing possible solutions already…

So, coming back to the problem: Selecting a hardware platform that relies on 180 MB of non-free blobs for proper operation is what I would call a careless approach towards obsolescence.

This is exactly the way to go if you want to achieve “obsolescence by design” in an unintended way :frowning:

The practical difference between FP and other manufacturers like those mentioned by the OP is that FP is a bit more “Apple”-alike. Yes, FP also has just one product, but as we’ve been told by FP1 this does not help at all if you made the wrong decision for the hardware in the first run.

2 Likes

Do you know an open platform that is ready to be used in a smartphone that should be more or less competitive, is designed to be opened and that incorporates conflict-free minerals? As far as I know there is no such platform. OpenPhoenux (formerly OpenMoko) is not modular, and the specs are mediocre.

6 Likes

I fully agree, that a google-free OS is most desirable.
I just have my doubts, that Fairphone would have made it past the pre order phase had they opted for a phone with a kind of OS that needs to be bugfixed and developed by a community.
As long as there is no widespread, free and easy to use OS, I don’ t see 15,000 or more people willing to fund it. Although I might be wrong of course.
And … you always have to keep in mind, that fairphone aimed at sourcing fairer raw materials, enhancing the working conditions and realizing easy reparability. Given all that already has been achieved in that regard, I am even surprised, that the FP2 already seem to be running under LOS, Ubuntu and Sailfish; not to mention the officia Fairphone Open OS.

3 Likes

I have no knowledge about minerals in this regard, but I have serious doubt that manufacturers of the QC platforms care about this at all. I assume FP had to negotiate some contract for use of more fair gold or whatever with the SoC manufacturer themselvey, and I don’t see why this should be different with others in principle. Things they can probably better influence are assembling the logic boards into the devices etc.

And yes, there are much more open platforms such as Allwinner A20 (EOMA68-A20 is based on it as well), Freescale etc… Maybe not as powerful, but on the other side much cheaper. Recently, some people even managed to build a phone around a Raspberry Pi Zero, a device that has been recently liberated to some point.

I don’t see why people would not Crowdfund a project based on a customized Android firmware like LOS. Have you looked on sales numbers of manufacturers like bq or Oneplus who used to sell hardware with such custom Android firmware? These devices are still among the best-supported ones by LOS, OmniROM etc.

For me, all the fair mineral mining is not of much help if the device gets obsolete too soon. Buying a used Galaxy S2 from 2011 is a much better option since no new minerals have to be mined for it. And it’s much more open - if you can live without 3d support, wifi and gps you can run a completely blob-free OS (ReplicantOS) together with some lowlevel stuff you never have to touch (bootloader, modem firmware) on it. This means that it can be ported to newer Android versions with ease and without any help from the chipset manufacturer needed at all.

=> Using hardware components that are supported by mainline Linux and free drivers is the proper way to go if you are into long-lasting hardware.

1 Like

No, it’s a very different solution – like buying no coffee at all instead of fair trade coffee. Not buying a product is good since you avoid being part of production chain that is unhealthy, unfair and destroying the environment. But it’s not a solution of which the miners profit. Instead, I think the approach of fairphone is much better: Help those working in bad conditions to improve their situation.

I think these a different issues that should both be addressed. But that is about all I would like to say in this regard, to keep this thread on topic.

8 Likes

Ok, I guess we are going in circles.
You might have got a phone crowdfunded like you propose, but you would not sell 100,000s of them. I really do not know anyone in person, who would buy such a phone.
Of course a long living Samsung might be more environmental friendly, than any new phone. But that way nothing ever will change for the mine-workers and the people in Congo or for the factory-workers in china/asia.
Starting small means that sacrifices have to be made.
Given the problems Fairphone faces even with google’s android on their self developed modular phone, I might not imagine the troubles they would have to go through with a less common OS.
Seriously, let’s just wait and give them some more years to get the business up and running smoothly for the carefree customer, before demanding more.

3 Likes

@kuleszdl: Yes, in general I agree, but this approach won’t solve the structural problem of the exploitation of human beings and the environment in the electronics industry.

@ben You were a tick faster with your reply. I was still trying to figure out how to get back on topic.

In my opinion the crucial point here is Fairphone’s work. Sure that a Samsung Galaxy SII doesn’t have to be produced anymore, but if you buy it nothing will change in Samsung’s / the industry’s behaviour. Fairphones are not the best supported phones in the world, but I can be sure that by buying one I contribute to overcoming the big challenge of fair mobile communication.

Also, the lack of updates for the Fairphone 1 might even have had a positive notion by having people open their eyes upon the things that are going wrong in the industry. They are wondering what’s the reason for the missing updates and that opens up a discussion about software updates in general. Even if there is a planned obsolescence, in the end people will be conscious about it and vote with their wallets against it.

PS.: It is ridiculous that every Nougat phone should have accelerated 3D graphics whilst many many users only want to use their phone as a phone and for basic task such as e-mails and browsing the web. Google deliberately uses people’s dependency on the Google Service to force them into buying new phones.

4 Likes

I disagree. With this argument, you could also say that buying a new FP every year is better for the miners because it helps them staying employed in “good” working conditions, so having a short-living FP would be even better.

I am not talking about avoiding “carefree” customers at all. And not about “less common OS” either. For some reason you seem to think that “custom OS = tinkering”. That’s not true. Again, look at bq and Oneplus who ship these OSs by default without any need for tinkering on the customer side. And there are many customers who value such an OS much higher than something crippled by one of the regular suspects with one of their “great” customizings.

Talking about wallet-voting: FP did not learn many lessons from FP1 regarding longetivity and they sell a phone that is much worse than a used S2/S3 in terms of freedom or security. How long will QC continue to provide updates for this 180 MB of blobs? Are they even providing any updates at all? How can you know in this closed world? Many Android exploits are device-specific btw. which is why only updating Android will not help if you have a bunch of firmware around this is not supported by the manufacturer anymore.

I don’t like this move by Google either because they should be well aware of the consequences. However, to me it looks like the actual cause is not with Google but with QC who refuse to spend efforts for providing updated drivers. Afaik it’s not the hardware that has these limitations.

Again, this is a typical situation where having a free driver would have made it possible to overcome it with the help of the community. On the other side, having a blob from QC makes FP completely dependent on them with no incentives on their side to spend efforts for such a dated chipset.

3 Likes

I added a new section to my original post to reflect that I do not consider alternative open source OS like Sailfish a solution.

That might even be true in the short run. As in most thinks in life, it’s about the balance.

I don’t think so. Google does many thinks, but this simply makes no sense. For one part, it is still unclear if it is device encryption or a 3d graphics API that the Snapdragon misses, for the other part, Google puts a lot of development power into making Android Updates easier, look at project tremble, for example. I am 100% sure this is not planned, but a just stupidity. In the long run, Google engineers did probably know this, but they need to balance different interests.
If the 3D API is the reason for the Snapdragon 801 not receiving Android 801, it’s probably about virtual reality. For developers, especially when targeting VR scenarios, it’s great to know every Android 7 device support either OpenGL ES 3.X or Vulkan. By pushing these standards, Google can push AR and VR on Android.
If the device encryption support is the reason, it might be security considerations.

Google does not need to force people into buying new devices, they make money with their services, not hardware.

In which way is that? Samsung does not support these custom roms at all. The S2 or S3 are no longer sold, there is no software or hardware support, the latest update to the S3 was Android 4.3 in late 2013.

This is why the Android Security Bulletins and Patch Levels contain two parts, the first patch level is Android Core, the second is device and driver specific updates. A device that advertises a specific patch date, must include all updates, including the device specific, until that day.

I would love an open phone with fully open SoCs. But there is none. I do not see Fairphone should be the company risking everything the pursuit this goal which no other manufacturer, ever, successfully did.

4 Likes

I should have added that it’s worse than a used S2/S3 running a custom Android version. To my knowledge, FP does not support running custom OSs either, and unlike a FP1 which heavily relies on blobs by the hardware vendor an S2/S3 can run Android 6/7 (without Vulkan and hardware-aided “truly random” pseudo-encryption) just fine.

As far as I know this only accounts for Nexus/Pixel devices where Google provides the blobs they received from the chipset vendor themselves. In how far does this affect other OEMs like Samsung, Sony or FP? How can Google dictate them which driver-specific updates they have to ship, possibly not even knowing which hardware they shipped?

Edit: Okay, I guess I got the point. They list some known CVEs for components of various (mostly chipset) manufacturers and require these to be fixed if the security tag is applied without requiring the application of certain patches.

I see a couple of reasons here:

(a) because it’s the only way that makes it possible to escape the update obsolescence trap,
(b) providing “lifetime” updates would be a real killer argument and demonstrate that it’s doable, showing that other manufactures simply do not want to
© because it would have possibly allowed for a FP2 in the 300€ price range
(d) because such components exist.

They didn’t try, or maybe they did but we cannot know since they are not transparent about this type of decisions at all (despite claiming the opposite).

The whole “built to last” thing is a promise that was already broken at the time the chipset manufacturer was selected. It’s just as wrong as claiming that they provided support and security updates for the FP1 for a long time while the device was never in a state where all known vulnerabilites were fixed.

1 Like

It’s most probably not missing encryption capabilities. See my analysis here.

What if I don’t want to use AR or VR and if I will never install such an app? Is this justification enough to keep me locked out from newer Android versions and earlier stop of security updates?

Why is the CTS so strict then? If Google was so benevolent towards older devices, they wouldn’t impose restrictions on them that they cannot meet.

@kuleszdl Please post only once in a row, to keep the forum tidy. :slight_smile:

1 Like