LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Evidence? Where is it?

Evidence? Where is it?

Posted Jan 23, 2011 14:09 UTC (Sun) by khim (subscriber, #9252)
In reply to: EFF: Don't Sacrifice Security on Mobile Devices by clump
Parent article: EFF: Don't Sacrifice Security on Mobile Devices

This seems backwards given the history of modular Linux distro management. If the kernel is updated, send a kernel update. If the browser needs an update, send a browser update

Well, in my experience such modular updates need a lot of hand-holding. Kernel is updated and X server no longer starts (rememeber that all phones include proprietary 3D acceleration module), browser is update and help no longer works (because new security settings don't work with old JS library in help system), etc. For the non-geeks partial updates are huge disaster. What they need are delta-updates (to save bandwidth if it's OTA update) and it looks like recent phones (like Nexus S) support them.

I think there's much evidence that the 'service pack' model of security and bug fix management doesn't work well.

Do you have any statistic? Anecdote evidence looks mixed: iPhone uses 'service pack' model of security and it's broken again and again, but XBox360 is totally different story (take a look on the price of JTAGed consoles: they are 2x-3x vs original price which suggests scarcity).

(Log in to post comments)

Evidence? Where is it?

Posted Jan 23, 2011 23:00 UTC (Sun) by Cyberax (✭ supporter ✭, #52523) [Link]

Well, Android actually has a pretty good architecture for data&apps, so in case of a catastrophic failure it should be easy to reset phone to factory settings. Also, there'll be lot less components than in a common Linux distribution (which can be stable, my Debian installation on a bunch of servers has been living without problems through 2 stable Debian revisions).

But the fact that Android is monolithic is already starting to take its toll. Vendors aren't going to be able to keep up with all the changes (and they little motivation to do this). So separating Android into a set of 'core' components and vendor-specific additions (aka 'crap') should do wonders.

Ongoing work on standardization in the ARM space should also help this.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds