Security
Headlines
HeadlinesLatestCVEs

Headline

How to Tell When Your Phone Will Stop Getting Security Updates

Every smartphone has an expiration date. Here’s when yours will probably come.

Wired
#vulnerability#web#ios#android#apple#google#perl#samsung#auth

If you’re shopping for a smartphone, you’re probably weighing how powerful it is, how good the cameras are, and of course how much you’re going to have to pay for it—but it’s also worth considering how long the handset is going to last you.

A big part of that calculation comes down to the length of time that the phone will get updates. Apple just pushed out iOS 17, a software update that is heading to iPhones including the iPhone XR and the iPhone XS—handsets that launched in 2018.

For five-year-old phones to be getting (mostly) the same software features as the brand new iPhone 15 is something Apple can be proud of and that its users can be grateful for, but this kind of future-proofing isn’t standard.

At the time of writing, Google promises Android updates for its Pixel phones for at least three years. For flagship Samsung Galaxy phones, the software update guarantee is for four years, and for the latest Fairphone 5, it’s five years.

Pixel phones are covered for three years of software updates.

Courtesy of Google

There’s another important time span to consider though, which is the one for security updates. These updates continue to be issued for older phones even after major software updates have finished, so important vulnerabilities can be patched and phones can be kept safe even if they’re no longer getting new and improved features.

For Google and Samsung, security updates are provided for five years, while Fairphone is promising at least eight for the Fairphone 5, and possibly as many as 10. Apple doesn’t have a fixed approach but tends to issue security updates for a year or two after software updates have finished—after seven years, Apple products are declared obsolete.

You may be planning to upgrade your smartphone before that happens, but not everyone will be—and knowing how long your device is going to be supported with updates from its manufacturer then becomes very important.

If you’re struggling to find out this information about a particular gadget, the web can help—and specifically the endoflife.date site, which lists a whole host of hardware devices and software packages. You can see continually updated countdowns for manufacturer support for iPhones, Pixels, Galaxy phones, and more.

When Security Updates End

Software updates keep your phone properly patched up and supplied with the latest new features. In contrast, security updates make sure that a device stays secure and protected against evolving threats even after software updates have stopped. Which then prompts the question: What happens when security updates end?

To begin with, your device isn’t going to suddenly stop working and become a useless brick of electronics. Assuming the components inside it are still functioning—which is by no means a given after five or six years—then you can continue to use the device in the same way that you always have.

As time goes on, you might start to notice a problem with some of your apps: Apps will often need the very latest versions of iOS or Android in order to run, and if you’re not getting those updates, they may stop working or start misbehaving, or you may find yourself unable to update to the latest versions.

Security is a bigger problem. There will be some legacy protection in terms of the patches you’ve applied over the lifetime of the device, but your phone is no longer going to be prepared for newer exploits and malware attacks, and that puts your data at risk.

iOS 17 works on the iPhone 15 Pro—and on iPhones from 2018.

Courtesy of Apple

When mobile security vulnerabilities emerge, you’ll find that many of them are aimed at older versions of operating systems, versions that don’t have all of the necessary defense measures in place. The more time that goes by since the last security update, the bigger the risk you’re running by still using your phone.

Apple, Google, and Samsung will often scramble to fix security issues as they’re discovered, pushing out updates outside of the regular schedule in order to keep devices protected—and again, your phone is ineligible for these patches, except under rare circumstances, if you’ve reached the end-of-life stage.

You can choose to keep on using your phone: The usual practices of being careful with apps and websites, turning on two-factor authentication for your accounts, and keeping the lock screen securely locked all still apply, and offer some level of protection. However, your device is at significantly more risk of an attack.

As expensive as it may be, it might be time to think about upgrading your phone so you keep receiving updates—it doesn’t have to be a brand-new one to get the latest iOS or Android software. When you do decide to say goodbye to your old handset, be sure to dispose of it responsibly.

Wired: Latest News

Drug Dealers Have Moved Onto Social Media