Google, why do I have to hack my phone to keep it secure?
- 09 September, 2021 20:45
When Google announced it would guarantee Pixel phones three years of security updates, the news reports were largely positive. At the time, the reaction made sense. For years and years, Google left it up to smartphone makers to decide update releases—and they chose to do so very erratically. Setting a standard of three years seemed like a big step.
Well, my Pixel 3 is coming up on its three year mark, and instead of feeling gratitude for that time, I’m extremely annoyed about the end of its security updates next month.
The phone still runs perfectly well. Apps and websites load quickly, and the battery is holding up. I have no urge to upgrade it, much less spend $700+ on the newest Pixel (and definitely not as much as $1,200 for a competing Android phone). So if I want to keep my Pixel 3 and protection against current security threats, I’m going to have to “hack” it.
More accurately, I have to root my phone and flash it with a different version of Android. For me, the clear choice would be LineageOS—in fact, until I got my first Pixel phone in 2017, I always flashed my phones with CyanogenMod, the predecessor of LineageOS. My first smartphone ten years ago was a real piece of crap. CyanogenMod rescued me from its horribly slow interface. Ironically, the move to a Pixel phone is what ended my loyalty to CyanogenMod: Google designed the Pixel and Pixel 2 in a way that made flashing custom ROMs difficult.
But now years later, LineageOS has Pixel 3 builds. Problem solved, right? No need to grumble about Google’s decisions.
Not quite. One big drawback to rooting an Android phone is that it breaks Google Pay. You can work around that issue if you really want, but I find the fix’s security implications discomforting. You can also just not use Google Pay, but in this pandemic world, touchless payment is a huge boon. Another drawback are the inevitable minor bugs you’ll encounter in custom ROMs. LineageOS and other Android variants are absolutely fantastic, but never quite as smooth as the stock experience on a Pixel.
So overall, Google has put me and countless other Pixel users in a quandary where every option for moving on has a clear downside. Buy a new phone, and you’re spending money earlier than truly necessary. (Plus, it’s not great for the environment.) Root and flash the phone, and you lose a key stock Android feature, as well as a whole afternoon to the process. Do nothing, and you’re gambling that you’re not caught flatfooted by whatever later vulnerabilities are discovered.
You have to give Apple credit: It supports its older phones. The iPhone 6s will get iOS 15, six years after its 2015 launch. Heck, even Samsung is handling security updates better than Google with four years of guaranteed security updates, which already seems stingy given the prices on its flagship phones.
Maintaining a PC is not nearly this exasperating. You never have to put Linux on a newish computer capable of running the latest version of Windows in order to keep its security protection current. If you can run the OS, you get the security updates. Even given the debacle around Windows 11 and its support for older hardware, Microsoft does not leave PC users out to dry in this way. Computers incompatible with Windows 11 can still run Windows 10, which the company will fully support until 2025—meaning you’ll continue to get security updates, patches, and feature tweaks years after Windows 11’s October release.
Most importantly, Microsoft actually seems to pay attention to how its users feel. This Pixel situation is ridiculous, and Google seemingly doesn’t care. You don’t see it offering fans a bone. You’re just on your own.