![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
http://arstechnica.com/security/2015/01/google-wont-fix-bug-hitting-60-percent-of-android-phones/
The bug is in WebView, so it affects Android 4.3 and earlier. As near as I can tell, 4.3 dates to July 2013, so not yet two years old.
http://en.wikipedia.org/wiki/Android_Jelly_Bean
which cites
http://www.engadget.com/2013/07/24/android-4-3-jelly-bean-official/
for the July 2013 date. And it wasn't early July.
So the next time you're sitting around and whining about how Apple discontinues support for its products that you are still using, just keep this in mind: if it's a two year old Android bug, and the person who reports the bug does not ALSO include a fix for it, Android won't do anything beyond reporting it out to the OEMs.
If the OEM lets you upgrade to 4.4 or later, you're okay, obvs, because those are supported.
Open Source doesn't just mean you _can_ change it yourself. It generally means you are expected to do so, if it's gonna get fixed at all. That's not a new definition, but the idea may be new to some people encountering it as an ideal.
ETA: I don't really follow Android, because we don't have any in the house. At moments like these, I think, once again, that I really _should_ have one in the house and pay more attention, because there is clearly a really big, slow trend going on. Back in the Bad Old Days of PCs, the comparative success of Wintel vs. Apple seemed to indicate that walled gardens/proprietary = bad and systems that other people could modify = good. Of course, the security and reliability of Wintel was legendarily bad until they started to back away from the (comparative) openness and started to move in a direction of greater control. I could slide down the rabbit hole of why _that_ became possible with greater/cheaper computing power, memory, etc., but really. Who even gives a fuck, amirite?
It would be crazy easy to oversell the PC = Android and Apple = well, Apple, and I don't want to do that. But it is sort of entertaining watching the same pattern develop. The openness and adaptability that makes Android cheap and popular to a wide range of people also makes quality control inherently much more difficult, and in many cases, it is just too tempting to say, upgrade! Oh, you can't? Well, buy a new one! To be sure, that is true whether it's pure proprietary or totes open -- stuff eventually stops being worth upgrading, by any definition, at some point.
In any event, the commenters on the Ars Technica piece seem to think that Android is solving the problem by gradually converting Android into, well, what fuzzyfuzzyfungus wrote:
"Well... Once the webkit component is deprecated and 'blink' is added to "Google Play Services", all this will be automagically fixed...
Honestly, watching Android is just kind of depressing. If Google wants to make purely tactical use of OSS, that's their right, and AOSP is better than no AOSP; but that doesn't make watching the slow bleeding and gradual transition into a bootloader and set of device drivers for Google Play Services any less depressing."
Really, if Google is involved, they are always going to trumpet the developer obsession of the InsertTimeUnitHere, and then they are going to define whatever is affected most by that obsession out of existence and produce something useful on a higher level layer that they can completely control.
Ah. Abstraction. We love you so. But the Anabaptist/JW of my personal history really wants to focus on the hypocrisy, even while my pragmatic current self just feels like you should have Gone There in the first place.
The bug is in WebView, so it affects Android 4.3 and earlier. As near as I can tell, 4.3 dates to July 2013, so not yet two years old.
http://en.wikipedia.org/wiki/Android_Jelly_Bean
which cites
http://www.engadget.com/2013/07/24/android-4-3-jelly-bean-official/
for the July 2013 date. And it wasn't early July.
So the next time you're sitting around and whining about how Apple discontinues support for its products that you are still using, just keep this in mind: if it's a two year old Android bug, and the person who reports the bug does not ALSO include a fix for it, Android won't do anything beyond reporting it out to the OEMs.
If the OEM lets you upgrade to 4.4 or later, you're okay, obvs, because those are supported.
Open Source doesn't just mean you _can_ change it yourself. It generally means you are expected to do so, if it's gonna get fixed at all. That's not a new definition, but the idea may be new to some people encountering it as an ideal.
ETA: I don't really follow Android, because we don't have any in the house. At moments like these, I think, once again, that I really _should_ have one in the house and pay more attention, because there is clearly a really big, slow trend going on. Back in the Bad Old Days of PCs, the comparative success of Wintel vs. Apple seemed to indicate that walled gardens/proprietary = bad and systems that other people could modify = good. Of course, the security and reliability of Wintel was legendarily bad until they started to back away from the (comparative) openness and started to move in a direction of greater control. I could slide down the rabbit hole of why _that_ became possible with greater/cheaper computing power, memory, etc., but really. Who even gives a fuck, amirite?
It would be crazy easy to oversell the PC = Android and Apple = well, Apple, and I don't want to do that. But it is sort of entertaining watching the same pattern develop. The openness and adaptability that makes Android cheap and popular to a wide range of people also makes quality control inherently much more difficult, and in many cases, it is just too tempting to say, upgrade! Oh, you can't? Well, buy a new one! To be sure, that is true whether it's pure proprietary or totes open -- stuff eventually stops being worth upgrading, by any definition, at some point.
In any event, the commenters on the Ars Technica piece seem to think that Android is solving the problem by gradually converting Android into, well, what fuzzyfuzzyfungus wrote:
"Well... Once the webkit component is deprecated and 'blink' is added to "Google Play Services", all this will be automagically fixed...
Honestly, watching Android is just kind of depressing. If Google wants to make purely tactical use of OSS, that's their right, and AOSP is better than no AOSP; but that doesn't make watching the slow bleeding and gradual transition into a bootloader and set of device drivers for Google Play Services any less depressing."
Really, if Google is involved, they are always going to trumpet the developer obsession of the InsertTimeUnitHere, and then they are going to define whatever is affected most by that obsession out of existence and produce something useful on a higher level layer that they can completely control.
Ah. Abstraction. We love you so. But the Anabaptist/JW of my personal history really wants to focus on the hypocrisy, even while my pragmatic current self just feels like you should have Gone There in the first place.