- cross-posted to:
- samsung@lemdro.id
- cross-posted to:
- samsung@lemdro.id
cross-posted from: https://lemdro.id/post/2136203 (!samsung@lemdro.id)
Samsung is an industry leader when it comes to Android OS and security updates. There are only a few Android manufacturers that can match the four years of Android OS and five years of security updates that it provides. Never one to rest on its laurels, the company is now actively considering to expand the […]
This doesn’t stop Google supporting the older Qualcomm phones. It just means they need to be responsible for the drivers, or contract Qualcomm to do it (which will cost Google extra).
They would also need to take responsibility for any security issues related to the chipset. It is also not possible to upgrade proprietary firmware (e. g. for the modem) at all without support from the chipset manufacturer.
Fairphone doesn’t seem to care much about security (they use public keys for signing their OS afterall!), so they may be fine with those compromises.
Qualcomm is interested in selling new SoCs, so even if they actually offer support extensions, their fees are most likely very high to make it unprofitable for manufacturers to go this route.
Any source for that claim? Digital signing works with key pairs - a private one for signing and a public one for verifying that something was signed by the corresponding private key. So I take it you’re saying they publish the private keys used for signing somewhere?
At least the Fairphone 3 and 4 use public test keys in production:
Seems like at least the Fairphone 5 finally uses production keys: https://forum.fairphone.com/t/avb-keys-used-in-roms-for-fairphone-5/100314
Thank you, I tried searching for it before I asked but didn’t find anything immediately and considered this situation to be way too ridiculous to spend more time on it. But apparently you’re right and Fairphone really just used publicly available private keys.
That’s kind of horrifying