Android’s openness is both its biggest strength and its biggest weakness. While this openness makes it easily accessible to companies that’re developing their own mobile devices, it also makes it so that Google isn’t the one that’s responsible for bringing updates to Android users. Instead, it’s up to the company that made the mobile device to ensure that users have the latest Android updates, and most of these companies like to take a really long time pushing out updates, assuming they ever do, which includes security updates. That’s why Facebook’s head of security, Alex Stamos, considers Android to be a major security concern.
Facebook’s head of security, Alex Stamos, has a seriously high-pressure job: Keeping 1.5 billion Facebook users safe and secure every day. The American software engineer works at Facebook’s global head of security, where he is ultimately responsible for protecting its billions of users — whether that’s from opportunistic teenagers hackers in their parents’ basements, or sophisticated nation-state backed attacks. So what worries him the most? “Mobile devices.” Speaking at the Irish tech conference Web Summit on Wednesday afternoon, Stamos told CNN’s Laurie Siegel that the proliferation of cheap smartphones across the globe has made hundreds of millions of people vulnerable to hacking. Google’s mobile operating system Android is given away freely to hardware manufacturers to put on their devices. This has given Google unparalleled reach, and put smartphones in the hands on billions of people. But this also means Google isn’t responsible for getting updates to users — that is down to the handset makers themselves. But this doesn’t always happen: A smartphone goes obsolete and stops being updated, or a manufacturer goes under altogether. Either way, it means the necessary updates to protect users can’t get through, even if the security issue is well-documented, and easily fixable.