Android OEM agreements now include regular security patching
As part of a device manufacturer’s agreement to use Google services with Android in its products, they must also now submit regular security patches through the life cycle.
Head of Android platform security David Kleidermacher announced at a Google I/O security keynote that not only will Project Treble allow players behind the components, consumer devices and carriers to streamline updates to devices, but that a new security patching requirement has been built into OEM agreements.
It’s just one measure of many security measures Android is taking moving forward, but it’s also making sure that Android manufacturers keep the pace up with security patches — especially after one researcher found that many of those manufacturers claimed to have patched certain exploits only to have missed out on them completely.
As Kleidermacher was previously Chief Security Officer at BlackBerry, this is a regime to be respected by consumers, but perhaps despised by OEMs.