The FCC and the FTC in the US have launched investigations in to how companies release their mobile security patches. The investigation is said to centre around how some companies review their security updates and then release them via OTA, while also looking in to the lack of consistency amongst device makers, as some receive security updates while others are left vulnerable.
While the FCC is getting in touch with US networks like AT&T, Verizon and Sprint, the FTC is getting in touch with device manufacturers to get their input on the state of mobile security and the process of putting out a patch.
It turns out that this is happening as the FCC is worried about OS-wide bugs, like Stagefright, which appeared on Android last year. While Google did put a patch out for several Android vulnerabilities, including Stagefright later in 2015, not every device has had the update and that lack of consistency is apparently what the FCC is worried about, according to The Verge.
The FCC's official post on the matter reads:
“Consumers may be left unprotected, for long periods of time or even indefinitely, by any delays in patching vulnerabilities once they are discovered. To date, operating system providers, original equipment manufacturers, and mobile service providers have responded to address vulnerabilities as they arise. There are, however, significant delays in delivering patches to actual devices—and that older devices may never be patched.”
KitGuru Says: It is true that some Android device makers are more concerned about security updates than others. I imagine there are still plenty of smartphones out there that haven't had the Stagefright patch yet despite it being quite a dangerous bug. Do you guys think rules should be put in place for smartphone makers to ensure timely security updates for OS-wide problems? It would make sense for more smartphone makers to ensure their customers are secure.
Agree. Recently bought an Android phone and the security patch for the U.S. version is actually behind that of the India version. There doesn’t seem to be any consistency. I think once a security patch has been finalized it should be rolled out across all devices running the relevant build, simultaneously.
“my room mate Mary Is getting paid on the internet 98$/hr”..,……..!wc257ctwo days ago grey MacLaren P1 I bought after earning 18,512 DoIIars..it was my previous month’s payout..just a little over.17k DoIIars Last month..3-5 hours job a day…with weekly payouts..it’s realy the simplest. job I have ever Do.. I Joined This 7 months. ago. and now making over. hourly 87 DoIIars…Learn. More right Here !wc257:➽:➽:➽➽➽➽ http://GlobalSuperJobsReportsEmploymentsHouseGetPayHourly$98…. .❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦::::::!wc257……
“my room mate Mary Is getting paid on the internet 98$/hr”..,……..!wc196ctwo days ago grey MacLaren P1 I bought after earning 18,512 DoIIars..it was my previous month’s payout..just a little over.17k DoIIars Last month..3-5 hours job a day…with weekly payouts..it’s realy the simplest. job I have ever Do.. I Joined This 7 months. ago. and now making over. hourly 87 DoIIars…Learn. More right Here !wc196:➽:➽:➽➽➽➽ http://GlobalSuperJobsReportsEmploymentsHyperionGetPayHourly$98…. .❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦:❖❖:❦❦::::::!wc196……../