On-time integration of Android security patches

Hello there,

I’ve searched the forum and the FAQ regarding this topic and the essence of what I found was:

Maybe anyone of the /e/ team can confirm this assumptions.

I’m using /e/ on a star2lte (dev branch) which is on Android Oreo. I have not received the Android security patch of May (released on 05.05.2020 by G). I expected that the “official” promoted/sold phones like mine will get those important security patches a bit faster which means before the end of the month, since the next security patch is released around 05.06.2020 by G (aso.).

Please don’t understand this as criticism. I just want to understand how the process is handled and if you are planning to optimize sth. in the future regarding this topic (like you did it with the /e/ app store which is working way better now!). This may be seen as an addition to the topic OS Upgrade - Volunteer Testers Required - Next Set of Devices for OS Upgrade.

Thank you for this great project and all which has been achieved by the /e/ team and the community so far!

2 Likes

I’m interested in this topic too. I am testing /e/ on titan and my last security update is the one of february. I am wondering why it is not at least a little more up to date. Might this be because of the corona crisis? Or are there other reasons like maybe the pretty “old” phone? Anything else?

I think there are problems building e ROMs for titan. I have tried recently without success. I am also not sure if there are security patches still being issued for nougat ROMs.

1 Like

Seems nougat is being more and more abandoned, right? In another topic i found the solution for nougat devices was only upgrade. I doubt this would come for titan, since it is no longer supported by lineage… Bad perspectives. And maybe the hardware is getting to old?

The answers to these questions can be derived from here. In my estimation, there will inevitably be a clear-cutting of device support.

/e/ has neither the staff nor the resources to maintain the current device portfolio.his situation is becoming more and more noticeable every day.

Yes I know about resources @archje that’s why I am trying to assist in a small way. Titan is not supported officially by LOS anymore which makes it difficult for e.
There are unofficial Lineage builds available. If I could hook into them then maybe???
You are correct in saying e needs to concentrate on a small set of devices but there should also be a team of volunteers to maintain community builds for older phones.

The problem with older phones like titan is that they don’t have resources to run pie. Comments on XDA seem to suggest that running more than a couple of apps causes problems force closing etc. Whereas it rubs fine with nougat and Oreo.

1 Like

Thanks @archje. That cofirms my impression.

Concentrating on a smaller set of /e/ supported devices is also critical to the survival of /e/volution. Badly maintained d/e/vices gnaw at the imag/e/ and inevitably provoke criticism, which only plays into the hands of oppon/e/nts.

1 Like

I wouldn’t reject oreo. But it seems more likely to me that the device will be dropped. :-/

I fully understand. I really like /e/. Need to look for a better supported device…

1 Like

@gael @Manoj @rhunault @amitkma

Maybe you can say sth. about my initial questions. Thank you!

Hello,

Yes.

Yes. The build system has been updated this week so now updates should come correctly.

Yes.

Stable branch receives the same updates than the dev branch, but less frequently and later. If an update in the dev branch has an issue, the stable branch won’t be updated until the issue is fixed.

1 Like

Backporting of patches for nougat builds is done by some developers as you can see a thread here
This is not a regular process and is not a long term solution.
The best solution is to upgrade the device. Again the question comes up if upgrading devices which are no longer supported by vendors is a viable process. We are looking at shortlisting a select set of devices from the overall list of supported devices
For non nougat devices the security patches come around mid of every month. Last month we were working on upgrading our build infra and so there were less builds. The testing of the next build is currently underway and we should be releasing the build OTA for all users by next week. It will have the latest cumulative security patches.
We will be optimizing the process to provide users with delta patches- so a user only downloads the updated code instead of the entire build each time. That on a paid connection can be a bit upsetting for most users. Patch delivery will also be faster with this approach.

1 Like

Thank you @Anonyme and @Manoj for clearification! Sounds very good; especially that the possible improvements have been identified and the whole process is already under optimization.

I think many users who care about privacy also care about security, so a fast and reliable delivery of security updates over OTA is important. Delta updates could be the right way to achieve that.

1 Like

@Manoj
Are there any news on that topic? I saw that some devices have received the update last week (like you have announced). Starlte/star2lte (S9/S9+) are still on the security patch level of April. So this week for them? Thanks!

1 Like

Solved for now.
I’m staying optimistic with regard to the new build processes. :wink: