Have you seen gingerbread?

Step into my time machine, and go back to May 20, 2010, with me.  That was the day Google released Froyo to the world with much fanfare and cheering.  I think a few little old ladies may have even cried.  In any case, we all were excited and looking forward to the day we could have some frozen yogurt for our Android phones.  Now back to today, and things still look about the same -- a year and a few days later and manufacturers are still shipping phones with Froyo, even though Gingerbread has been available since December of last year.  We're not talking about phones that languished forever and a day without getting an update, that's just as ridiculous, but best saved for another day.  This is about new phones, still being shipped and sold with a year old codebase -- and known security issues.  Hit the break and read along.

I'll let that last bit simmer for a second -- shipping with known security issues.

Forget about the bugfixes.  Forget about the improvements to rendering and partial GPU acceleration.  Forget about enhancements for certain CPUs.  Think about this instead: On any version of Android prior to 2.3.3, a potential troublemaker can intercept and read your Google Calendar and Contacts on any open Wifi network, and a truly dedicated one can impersonate you at Google.  This isn't hype or scare tactics -- it's real, and pretty damn easy to do for more than a few people.  Without getting into too much detail (we're not a zero-day exploit site after all) it's something that shouldn't have shipped in the first place, but to Google's credit it was fixed shortly after discovery and made available to OEMs months ago.  But you likely haven't seen it yet, unless you're using a Nexus device or a good custom ROM.

There are other, less dramatic security fixes as well.  That's part of the reason Google updates Android with version bumps like the one from 2.3.2 to 2.3.3.  But maybe sidejacking and authToken bugs don't matter to you.  You just use your Android phone for fun and could care less if some loser in Starbucks wants to see your calendar.  To you I say one word: GTalk.  That Samsung Droid Charge you just bought has a really cool front-facing camera, but you're stuck using Qik or Tango while Google has made GTalk ready, willing, and able to video chat with other Android phones and any computer with a camera (even Linux this time).  And even to an old tech dinosaur like myself, it's fun.  Phones almost six months old can do it, but your brand new one can't.  And there's a good chance that the next brand new one to hit the shelves won't be able to, either.  And the worst news?  When Ice Cream Sandwich is released, we get to do this all over again.

Maybe I'm a geek, but the answer seems simple to me.  If manufacturers want to fork Android, and carriers want to purchase those forked phones, they are responsible to keep you up-to-date, both with critical security patches as well as software enhancements.  Forget Google, they are only responsible for two phones, and both are up-to-date.  They have made the patches, and added in the features, but Samsung, Motorola, HTC and the rest don't seem to understand the importance of getting the updates out.  If they can't do that, they have no business forking around with the codebase, then locking up the phones like a Chinese puzzle so you can't fix it yourself.  That's how open-source works -- when the folks behind Debian Linux find a critical bug and issue a patch, the folks behind Ubuntu and other Debian forks quickly issue one of their own.  If you've built your own system, you get the code fixes and build your own patch.  It's the only way open-source can work.  It's the way Android was designed to work.

The folks at Google know this is an issue.  They have even assembled a team of people from carriers and OEMs with a plan to keep new models updated and current for 18 months.  If this works as planned, it will be just what we need, but my skeptical side sees this getting mired in excuses and red tape. Unless Google does it for them, it's going to cost money, and nobody likes to spend money unless they have to.  This is another of those times where I want to be wrong, we'll see.  I also hope another mandate of this program is getting the current version on the phones before they ship -- Google use your heavy hand and make that a requirement of getting your apps and the Market bundled in a phone or tablet, please.

There are a few things you can do to get out of the old OS rut.  Buy a Nexus phone to always be up to date.  Or buy from someone like Sony Ericsson, who hopefully learned from their past and are shipping phones with Gingerbread (although not the latest version) and allowing consumers to unlock and update them at their own pace if they like.  Another option is asking your carrier for a fix, but that's just going to lead to a lot of finger pointing and shoulder shrugging -- might as well ask the man in the moon because they can't do anything about it.  And of course, you can always root your phone and own it, provided you were lucky enough to get one that's not sealed up like a pickle jar and feel comfortable doing it.

The only real solution is to stop buying new phones until the carriers get the message, because they can pressure the manufacturers in ways you and I can't.  I just signed a contract with T-Mobile to keep the rates and plan I have for at least two years, and got a pair of LG G2X's for my troubles.  They shipped with Android 2.2.2, and it leaves a bit of a bad taste in my mouth that I have to void the warranty and root them to get them current.  I don't expect 90 plus percent of the users out there to do the same, and they shouldn't have to.

Get with the program manufacturers, or risk losing your most hard-core users. 

For more information on sidejacking and Android: Freedom to Tinker; ULM University

 

Reader comments

Editorial: Android's most wanted -- New phones with a current OS

85 Comments

Good editorial.

This is actually one place where I'd like to see Google get MORE restrictive (yes I said it)....with the manufactures. But the problem is that they can't tell manufactures what to do with the android code. They can, however, put stipulations on the devices on which they will license Google Apps. So, for instance, Moto would be free to pollute their phones with Blur and and lock their bootloader and all that other ridiculous garbage, but Google wouldn't allow them to have the market, gtalk, gmail, calendar, ect. on the phone. See how fast that phone sells.

Unfortunately, I think that editorials and messages like this need to be aimed at Google, and not the manufactures. It's not like any of them care if you buy an android phone, only that you buy a phone. If android gets too (fragmented, restrictive, lack up updates, whatever) and people start to turn to (windows phone 7, or something else), those manufactures will just start making those types of phones and dump android. Google has to care about android, because manufactures don't.

just learned something new, i saw you put at the end, get with the "program" was like hmmm am sure its spelt programme. Turn out americans spell is program, while us english spell it programme.....

oh and great read, agree 100%. This is why i only buy phones with bootloader unlocked, used to be HTC, but i really like the LG optimus 2x so i plumped for that, love the look and feel of the phone and since i have a tegra2 tablet with tegra zone games, i wanted a tegra2 phone.

Even though i only went for it because it was supported by the cyanogen team.

American English always uses program
British English uses programme unless referring to computers
Australian English recommends program for official usage, but programme is still in common use.

Sad thing is the majority of the users of android devices have no idea this is an issue. Which is probably why the carriers could care less. Jer's right we shouldnt be buying these devices and when someone asks us for advise we should point them in the right direction.

Also

the solution is obvious, and i know am not the only one to of come up with this, but since now the devs can exclude phones with their apps.

the obvious thing to do is for manufactures to dish out stock android on every phone. Then pre-load their apps with the phone, the launcher can be an app, then all of their widgets and apps can be app form, instead of heavily skinned roms like HTC do.

This way the devs can make their apps and widgets onto the android market so if HTC want to update there peep app, they dont need to do a whole new update just for one tiny little bug. But also since they can restrict what phones see the peep app, they restrict all phones that arent HTC.

This way it should be very very easy to do android updates as it would just be stock, but at the same time make it easier for them to update their own apps and widgets.

Amen. I've said for a long time that the custom manufacturer UI's need to die, and this is a big reason for that. I know that there are people who like the custom UI's (Sense in particular defiantly has it's fans) but at the end of the day all they do is delay updates and cause fragmentation. Kill the custom UI's and ditch or at least greatly reduce the number of carrier bloatwere apps. Fragmentation will decrease, users will receive more timely updates to the latest version of Android, and fewer of us will feel the need to root.

I agree this would be ideal, but the #1 reason this will not happen is because simply restricting the apps in android market by device type is not enough to ensure that only HTC phones get HTC custom apps. I believe that is why Sense is backed into the phone at a kernel level. If they implemented your solution then people with Motorola/Samsung/etc phones could simply sideload all the Sense apps and they would have no incentive to buy an HTC device.

My solution is that every OEM is required to provide a vanilla android option along side their skinned option if they want to have access to google apps. That way you can be sure to have a legit way to keep your phone up-to-date and it would no doubt put pressure on the OEMs to keep their skinned versions up to date so people actually use them. The dealbreaker to this approach is that carriers would not go for it because tethering is built into vanilla android.

+100

Unfortunately, while your solution makes PERFECT sense, there is a small but very real problem... Us...Us being more technical users that have little regard for the (sometimes arbitary) restrictions that some programs are limited to. Does anyone honestly believe that if HTC started shipping vanilla android, and sense components as downloadable add-ons, that they wouldn't be immediately worked around so you could get them onto a Moto or Sammy phone? It would effectively make their software (Sense) a low value commodity to anyone moderately savy. Unfortunately, those are the same people that are the most consious of things like skins and OS delays. Most users are just oblivious, and would just assume 'that's how it came'...

Good article. We need to light fires in users and get them to write to mfg demanding updates. I'm off to write to HTC.

Until there is a Nexus device on Verizon, I am stuck. I can't afford to have phones on VZW, AT&T, T-Mobile, and every other carrier out there., like the guys on AC do.

There does seems to be indications that the next Nexus device is coming to Big Red, I hope the rumors are correct.

google announced it, but they apparently still need to work out the details. i personally don't expect it to happen at all. if it does, it won't be for at least a year or so.

This security update/bugfix issue too often gets left out when we talk about the lack of updates from OEMs. This sounds to me like potentially rich ground for a class action law suit - which might be the only way to get OEMs and carriers to devote the kind of resources to this problem that it deserves!

Its an agreement that know one knows when it starts or what phones will b updated per-agreement. I've had my Evo since last July and I'm jealous of my wifes Nexus S 4G I got her even though I'm running CM 7+. My next phone is a Nexus 3 when ever it comes.

Great read Jerry.

Very good editorial. This is a big deal.

If a huge security hole occurs with android, one that achieves critical media mass, can google even get an update out to the user base in a reasonable timeframe? No way. A critical security fix would hit the same mess. This is a real problem for google, but more importantly a big flaw in the whole android game for all of us with android phones.

The other side of this issue is custom ROMs. That game is changing. There are too many phones and too many new phones each month. Think about this in practical terms. How many good ROM developers are there out there? On how many of the growing list of android phones is it cost effective for a developer to ... develop? How long is any developer going to stick with any specific phone? And then we have the whole signed and locked issue that continues to put even more limits on custom ROMs.

This is fragmentation pure and simple. That same fragmentation has been a good thing, leading to unprecedented choice, but it comes with an unfortunate downside, one that google needs to fix, yesterday.

I'm completely in agreement that there's no excuse for a new phone to be shipping with Froyo at this point. I've already taken one of the suggested routes and updated my Droid X to the leaked version of Gingerbread. I really do agree that your average person isn't going to do that. It seems like Verizon in particular takes their sweet time in testing and rolling out upgrades. That combined with their inability to offer a Nexus device is turning me away from them fast. I won't be out of contract until next year but my wife and I agree if Verizon doesn't change we're taking our family plan so Sprint which has equally good coverage in our area. Then I would be the proud owner of a Nexus phone that I can control. My wife has a Droid 2 that she likes, its still on the Froyo release it got at launch last summer. She's not into rooting and leaked roms but she deleted the blur widgets and installed ADW which is a great non geek way tonget closer to stock Android.

It's time to recalibrate your time machine; your return to the "present" brought you about a week too far. According to my calendar, and Google, it's May 15, 2011 - 5 days LESS than a year since May 20, 2010.

Onto the real subject... it was a year to the day that I had my OG Droid before I rooted it. I was concerned about voiding the warranty and leaving the phone non-functional in the process. A week later I was trying my 3rd custom ROM and haven't looked back. I don't plan on buying a new phone any time soon (I'm eligible it two months), and don't plan to buy any phone until it's been out for a while, rooted, and has good custom recovery and custom ROM available. I no longer care what a device ships with, just what I can do with it.

But you're right, most users won't be that way, and shouldn't have to do anything special to be up to date and secure.

Why is it that individual ROM developers (Peter Alfonso comes to mind) can produce Gingerbread ROMs for devices while behemoths like Motorola can't/don't/won't?

I don't see why Android can't be enhanced so manufacturers don't need to modify it to put their garbage on on. Then its Google's job to update the OS and the manufacturer's job to update their garbage (apps).

If the manufacturer's garbage can be removed without rooting (at least for the apps) there goes most peoples reason for rooting etc.

Thanks for continuing to pound the table. Unfortunately tmobile and sprint are lacking in coverage footprint, but I see no reason to ever buy a phone with a locked bootloader.

Just buy nexus phones, there always up to date and in my opinion because they are always up to date they are the best android phones. If the nexus phones became the best selling android phones maybe the manufacturers would get a clue

Trust me, if Verizon had a Nexus phone I would buy it in a second. I would have already switched to Sprint for the Nexus S 4G, but I can't afford Verizon's cancellation fee, but whenever the next Nexus device comes out I'll but the Verizon version, and if there is no Verizon version then I'll go to wherever the next Nexus phone is. Besides, there is no reason why non Nexus phones should not have the most up-to-date and secure version of Android.

The nexus s is awesome, its the first android I've owed that doesn't leave me feeling left behind on the hardware or software end. People jump carriers for the iphone, Google needs to build on the nexus brand and get some demand going

After 11 years with Verizon, I just moved the family plan over to Sprint because of the Nexus S. I couldn't be happier, and so far Sprint has been great. The customer service is excellent. In addition, with their new integration with Google Voice, I think they are the strongest partner for Google. They offer 30 days completely FREE trial (you don't even pay for that months service) and if you are unhappy, you can go back to verizon and Verizon will not charge you your early termination fees. In addition, there is a $125 port credit per line right now with Sprint, which hopefully would cover most or all of your termination fees (or help with the purchase of the phone).

I dumped my blackberry storm 2, which I loved, because of the lack of OS updates and improvements and bought a Droid X which I equally loved, until now. I seem to have fallen into the same rut I was in with blackberry. If I hadn't gone ahead and loaded the leaked android version 2.3.3, I would still be sitting on android 2.2 while all these other phones that are being released are coming out with 2.3 or higher. Are the manufactures and carriers forgetting about their current clients or do they feel we are all stupid and don't know the difference?

i quit buying Moto phones because of missing updates and lousy ongoing support. I got a samsung continuum in nov with eclair and a promised froyo upgrade. 6 months later, no upgrade. This is turning me off samsung and vzw! I too, don't feel I should have to void my warranty to have a current phone.

Very well said indeed. I have hopes for this committee but they are not the highest of hopes, since I know exactly how much people do not like to spend money unless absolutely necessary, and we know how that definition will stretch a good distance for some. Thanks for the good read.

Absolutely agree. If I had not purchased the Nexus S back in December, I'd still be stuck on 2.1 on the Samsung Galaxy S. As I am a Mac user, I wasn't able to update it to 2.2. The lack of support from Samsung is discouraging, to say the least.

My next phone will either be another pure Android, or an iPhone. Whatever one's opinion of Apple's device is, at least they don't allow this mess from carriers or manufacturers.

I'm a Mac user too, and had a similar problem. I had a Samsung Vibrant (T-Mobile USA's Galaxy S variant) and was stuck on 2.1, even after the promised 2.2 update was supposed to have come. I really liked that phone, but it was just too buggy and laggy, and froze up a lot. I think Samsung & T-Mo's bloatware was the problem. I wish I could've at least had the option of disabling it or removing it entirely, without having to root it and void my warranty. Samsung's lack of support for their devices has just been inexcusable. Then months later (what was it, like 8 months later?), they finally rolled out Froyo for the Vibrant, and of course by that time it was long outdated anyway. Ridiculous... But if I could've just had stock Android on it (like the Nexus S), I probably would've been OK... On top of all that, T-Mo's reception in my area is horrible, and I got so sick of it all that I just said "F... it" and got an iPhone 4 on AT&T, and so far have been happy with it, more or less. I miss Android, and all the functionality it has (that the iPhone lacks), but this whole issue of not being able to get current software (even for a brand-new device!) is just intolerable, especially since these new devices need the security enhancements included in 2.3. Maybe when that Galaxy S2 becomes available in the States, I'll come back to Android and get one of those, or the next Nexus-series phone; as long as I can get stock Android on it.

I bought a Droid X in December because I liked the network and figured all the talk of ROMs and interfaces was blown out of proportion. I did not realize how big of an issue carrier and manufacturer bloatware would be until I got that phone. After messing around with a few custom ROMs, I've settled on the leaked "Gingerblur" build until it becomes official. In the future, i plan on buying a Nexus phone and only Nexus phones until the manufacturers and carriers understand that what they add to the device DOES NOT improve the experience. Even as good as HTC Sense it (and it is definitely the best manufacturer interface), it does not beat the pure android experience.

As much as I like Verizon's network, I will go to either Sprint or T-mobile or whoever it if means buying Nexus. We win with our wallets. It's how the consumers send a message

I bought a Droid X in December because I liked the network and figured all the talk of ROMs and interfaces was blown out of proportion. I did not realize how big of an issue carrier and manufacturer bloatware would be until I got that phone. After messing around with a few custom ROMs, I've settled on the leaked "Gingerblur" build until it becomes official. In the future, i plan on buying a Nexus phone and only Nexus phones until the manufacturers and carriers understand that what they add to the device DOES NOT improve the experience. Even as good as HTC Sense it (and it is definitely the best manufacturer interface), it does not beat the pure android experience.

As much as I like Verizon's network, I will go to either Sprint or T-mobile or whoever it if means buying Nexus. We win with our wallets. It's how the consumers send a message

I agree with you, I've been with sprint since 06 and you can't beat their plANS AND pricing , Verizon might have a better network but for the average user and in this economy,, its a no brainer to me.

I would leave verizon for Tmo in a hearbeat now that they have got rid of 1 year contracts and slow updates so much. If they don't release a Nexus device I will be tempted to leave, even though they are the only carrier with 3g coverage in my area.

So so so true ... couldn't agree more. Sadly I realize that after the gingerbread update promised to my Thunderbolt I most likely won't see anything else after. The sad thing is that this could be solved if all carriers had to sign an agreement with Google to offer at least 1 vanilla android phone in their lineup so that all carrier customers at least have an option. The best thing I did with my bolt was sign the 1 year deal. I know that by the time I can upgrade again next year that my bolt will most likely be old news and it will be time for something new if I want the current OS. Hopefully vzw will have some kind of vanilla offering by than (preferably a dual core Nexus) as to take advantage of ice cream. If only some carriers would just offer us the option it would be soo much better.

That wAs very well said, and I have a question. How can you say Google is only responsible for two phones, that you said were updated, but isn't android their platform?

android is their platform but the carriers and manufacturers are where the breakdown is. google released the gingerbread code months ago. to date, the only phones i see running it are the Nexus S and Nexus S 4G. Sprint, VZ, etc. all have to add their junk on top of the junk slapped on top of Android by the manufactures (Samsung TouchWiz, Motorola Blur, HTC Sense, etc.). getting all this garbage on the phone in good working order is the issue. not to mention the cost of pushing OTA's. Google doesnt have that junk on the Nexus phones. that's why OTA's happen when they should and why i will not touch anything but a Nexus phone going forward

great editorial Jerry, you guys should do them more often.

As for the article your points are great but you've missed one small fact. No matter how much we scream and moan, phone geeks are a minuscule fraction of the market. Not only are we a tiny portion of the market, but we will be tiny for a long time, since the market of Android users will be growing for a long time. So yes, we can stop buying phones, write scathing letters or post editorials, but in the end, no one will notice, least of all the manufacturers and carriers.

The only advantage we can leverage over the manufacturers is the trust of our friends and family. No matter how many flashy ads or unbelievable deals they create, our friends will always trust our opinions over theirs. So what we should do is inform our friends about which phones are best for them, and ultimately which ones have earned our respect enough for our friends to purchase.

I hope that they really get with it. If not the TBolt and the Charge are my last purchases for the next two years. It really is a shame that the people that provide us with the phones are so lazy to keep their product relevant. Hoping that the Charge gets some rom love soon, because Gingerbread is almost outdated. Disappointed. It's almost like the companies got together and agreed to not update any phones. It is a bit crazy that I have two of the newest phones on Vzw and both are running. 2.2.1 but I am crazy for getting them, just hoping they finally get to it.

Yeah, Now that these manufactures know that Android is the ish, and know it sells phones, Google needs to lock it up. They need to make sure HTC and others get updates out quicker.

But, we also have to remember that the majority of people who happen to own an android are not concerned with all this nonsense. They could care less, probably are not even aware of all these updates named after desserts. These are the people who refer to any android phone as a DROID..

Totally agree and thats why I jumped as soon as sprint released NS4G. It might have its shortcomings but its pure google without bloatware and "manufacturer enhancement" so i will get updates as they are released by google

shortcomings? the nexus s is the best phone on the market in my opinion. i dont care about dual core as there isn't official support in android for dual core yet and this phone is plenty fast. just dont really see the shortcomings

Looks like Gingerbread is imminent for the G2X but you are right, it should have shipped with the latest greatest version.

The ONLY way the carriers and manufacturers will stop putting outdated versions of Android on new releases is if Google completely stops any customization of the OS by the carriers and manufacturers.

So Jerry your wish (editorial) is a nice dream but its never going to happen and I think you already know that.

Thats why all the Android geeks flock to the Nexus phones.

I picked up a G2X on Craigslist for real cheap and I may end up getting a Sensation when they start showing up on the list for cheap
(usually a month after release), but I wont be doing another 2yr contract till TMO releases a 4G Nexus thats not made by Sammysung.

:-D

i wouldnt sleep on the ns4g. yeah there are some radio issues, but that samsung harware is rock solid. it's touchPiz that's their problem. if they arent allowed to write code, their phones are nasty. i know gingerbread is fast no matter what, but the ns4g is a rocket. and that display is so sick i find myself TRYING to find a reason to use the phone... just my 2cp

this write-up is absolutely correct. i bought an EVO when it came out (June i believe of last year). it had 2.1 on it at launch but within weeks i was running Froyo and i was happy. however i did not like the EVO keyboard and swype was locked down. i opted to give that phone to my wife and buy an EPIC (off contract) for myself. well my keyboard issues were a thing of the past and unfortunately so was froyo. they promised EPIC owners a 2.2 release for around 8 months before we actually got it. and when we did finally get it, it was absolute garbage. volume control issues, radio issues, touchPIZ issues. it was just trash. i was so disheartened by samsung that i actually considered going back to a smackedberry. thank God Google comondered a Galaxy class phone and made it with vanilla android. i have now sold my EPIC and am the proud owner of a NS4G. i will not buy any phone that is not a Nexus going forward. everything else is crap with shading and fancy borders.

THANK YOU for finally addressing the fact that the Tbolt and Charge are coming out months after Gingerbread's release and still rocking a year old OS...

Well said!!!! Thank you so much for writing this article. I have felt this way for a long time now. I have had the Nexus One now for a year and a half. I thank god everyday that I am among the lucky few to get updates as soon as they are available. I would never give this phone up for something else that I could not experience the benefits of the newest OS updates. I have been contemplating the HTC Sensation, but I can not see myself sacrificing immediate OS updates for a superior phone, compared to a 1 and a half year old N1. Even still our N1's may not be dual core or have front facing camera's or NFC of even 4G. But we have Gingerbread.
I hope that manufactures take heed and understand this is what makes Android so amazing. But I also hope that more and more android customers don't get suckered into believing that the hotness now is better than the original, that is a year and a half older.

Great editorial. I would like to see Google set itself up a bit like Apple to the carriers for the Nexus phones at least. Apple tells carriers they don't get to put crapware, the Nexus line should have the same exemption. Next is getting one on every carrier.

This is why I upgraded from my Evo to the Nexus S, I need to feel that my phone won't be left out in the cold on updates. And from now on, it's only going to be a Nexus device for me. I don't care bout the latest hardware anymore, my 1Ghz Hummingbird works just as well as an Atrix does.

100% agree, this is the first phone that seems like it wont be left behind, id still have my nexus one but Google skimped on the touch screen so i couldn't use a lot of the multi touch gestures. Google really did a good job on the nexus s.

Nexus phones are behind in hardware. No dual core is going to hurt especially with Tegra 3 by end of the year upping the stakes even more.

Despite its faults, starting with the subpar touchscreen & insufficient memory, my N1 is good enough that I'm likely going to use it until it T-Mo's 3G bands are eliminated under the AT&T buyout.

After that, who knows? iOS currently has so many more vertical apps for my line of work it's tempting to join the dark side afterwards...

Agreed... but I'm never going back to the iPrison.

I love my N1, and I don't see anything out there so OMGAWESOME that it's worth buying. It seems like there's a new anonymous slab phone out every 15 minutes, and to be honest, they all look the same to me... yet none of them are as attractive to me as my N1. Love that trackball, that plain vanilla Android, and that fast, fast update. (Sort of. The clock has been off a few seconds per day since 2.3.1.)

Still, being able to walk away whenever I like it is a good feeling. <3 my unlocked phone.

I'm still in the "iPrison," and I feel where you're coming from on the updates. That was why I went to iOS; so I could get timely updates, and have a device that would sync easily with my Mac. But as much as I like my iPhone 4, I'm starting to feel too restricted and limited within the whole iOS platform. I just feel that I'm starting to outgrow it. There's just so much that I simply can't do within iOS, and it's starting to bug me, especially since I used to have an Android device (Samsung Vibrant) that had better functionality in several ways (e.g. bigger screen, Swype keyboard, etc.). So unless Apple come out with something truly awesome and radically revolutionize iOS this year, I'd gladly return to Android as soon as I can get a "proper" Android phone (i.e. high-end, completely unbranded and unlocked, with plain-vanilla Android) that's worth busting out of the "iPrison" for; probably either an unlocked Galaxy S2 or the next Nexus-series phone.

Great editorial! Just got the Thunderbolt and it is going back tomorrow for the reasons you listed and the fact that at least 6 of the apps that I purchased will not run on my new phone.
So now I have a new phone with an outdated OS that can't run apps that I paid for. 4G is great but maybe it is time to look at the iPhone. I can't beleive I'm even considering that.

That's why it is an even bigger problem to get a phone with a locked bootloader. Samsung (and SE) need support for their openess, Don't buy an HTC :(

I agree with the editorial in general. But I have to say that it's pretty ironic that after ranting about the issue, and suggesting that consumers can influence manufacturers by not purchasing phones with outdated versions of Android, the author states that he purchased not one, BUT TWO, phones with outdated versions of Android.

Here, the security concerns seem to be presented as the most pressing problem related to these phones shipping with Android 2.2. However, the average consumer is not going to know about or understand this vulnerability. The only way they would is if mainstream tech sites (Endgadget, CNet, etc) start reporting on this huge flaw.

However, I looked through the last 4-5 phone reviews here on Android Central, and although it lists the phone as shipping with 2.2, there is no mention of the security-related issues with 2.2. Certainly nothing is mentioned in serious terms such as "sidejacking" and "authToken bugs". How are consumers supposed to understand the gravity of these flaws if reviewers don't even mention them or explain them in their reviews? More emphasis is placed in the review on Gingerbread containing Google Video Chat than patching the security hole.

So while manufacturers are at fault, it's clear that consumers, and even professional reviewers, are more enamored with the hardware improvements and interface toys than they are over security fixes.

I agree 100. I just got a Samsung Epic 4G from Sprint, switched from Verizon because of cost. I would love to see the updated version come to my phone becuase I am not comfortable voiding my warranty to root my phone. I could easily do it, but voiding my warranty doesn't do it for me. Just send me the best version you can already.

It was a pretty shitty move by Motorola with the Atrix, HTC with the new S range and LG with the 2X (G2X) to ship their new phones with Froyo. At least HTC already is giving out a Gingerbread update and apparently the LG 2X will get it "soon" too.

I still would not buy a Nexus S because it has no microSD card slot and it is now outdated a bit, being single core,though it still is very fast at doing whatever it needs to do.

Too bad a Nexus 3 will only come out for the "holidays" in December, hopefuly with a microSD card slot this time and HDMI out.

I'll be getting the Samsung Galaxy S II as soon as I have money, which could take a few months...

This is a really good article. It makes so much sense, I wish companies would pay attention to what we've been shouting about ever since Froyo came out.

I have the Samsung Vibrant and I have a great 2.2 rom, but the official wasn't released til about 9 months after Froyo was released. That's just ridiculous and I am switching to HTC once the EVO 3D comes out. Even though HTC might not get updates out as fast either, I think they're a little more consistent than Samsung. Plus everyones writes custom ROMs for HTC. My Vibrant has lost a lot of dev love lately so at least I'll have some good Gingerbread roms on the EVO 3D, not to mention it will ship with it.

Way to go on this Android Central.

To all the people saying every phone should get Stock/Vanilla Android.. How will that fix anything?

The manufacturers will STILL have to update their drivers and software, and test the new versions on their devices and release them --- if they want to update at all!

And then the carriers will still have to test and approve the updates, release them, fail the releases (which will be full of bugs) and pull/test/release again.. ---- if they want to update at all!

We don't need Vanilla Android. We need updates coming straight from Google, ie we need all phones to be like the Nexus phones, with the manufacturers just making the hardware, the carriers just providing the network, and Google providing the OS.

Otherwise we'll continue seeing this mess, vanilla or not.

Why doesn't AndroidCentral include past update history when they review a new phone? If it is bad, point that out and then DO NOT RECOMMEND THE DEVICE.

Jerry, you and Phil could make a big difference if you would include this in your reviews. Give a phone a 1 out of 5 if they are bad at updates. Everyone else would pick up on your article.

Yup. This is basically what I was saying in my post. This editorial makes these phones sound like security death traps due to 2.2, yet these same deathtraps come highly recommended in review after review on this site, with no mention of these security flaws.

So how is average Joe Shmoe supposed to know about it when they read these reviews? They won't.

That's an excellent idea; if a device has a history of timely updates (and quality support from the manufacturer), it gets recommended, and if not, it doesn't. And if there are any security flaws, then they need to be pointed out as well. That works for me...

Yeah it doesn't have to be malicious or condemning since you don't want to alienate the manufacturers that you work with. Just a simple rating system that makes manufacturers start competing with each others for "we have the most updates!"

Thanks for the great article Jerry. You perfectly sum up the main reasons why I'm still on my old Droid 1, and why I'm tempted to switch over to Sprint for the Nexus S 4G.

This has also been my major pet peeve: new phones should come out with the latest OS version. But I would add another one: they should also come out with radios that can work with the fastest data speeds available with the carrier. What's the point in buying a pretty expensive smart phone with 10 or 14 Mbps capability when T-Mo is already implementing 42 Mbps HSPA+ network? These phones deprecate fast enough even if they come out with the latest features, so why would I want to buy a handset that already feels deprecated when new?
If T-Mobile does not have enough common sense to do this, how can we expect them to start releasing new phones with the possible AT&T merger in mind: phones with the added AT&T bands? Yes, I know, I am just dreaming here. Any wonder T-Mo has been losing customers?

"Any wonder T-Mo has been losing customers?"

If they are losing customers, it's not because their phones top out at 14.4Mbps. Who the hell needs faster than that? That's faster than the vast majority of home Internet connections.

So say we all!

great editorial Jerry! here's hoping they listen.. the issue I see is we are but a few out of the many that don't care or even realize there is this issue..

I agree with the editorial, but refusing to buy new phones will not help to put pressure on the carriers. Subsidized new phones are an expense, not a source of revenue, for the carriers. Unless you cancel your service, you aren't hurting the carrier.

I wish Google's strategy with the Nexus One had actually worked. Buy the phone outright, and then choose your carrier. That way you can pressure the manufacturers and the carriers independently, and do so with a pure vanilla Android phone that was guaranteed to get timely updates.

Right now, if Google were to come out with a Nexus phone with a physical keyboard -- like they were promising for the Nexus Two -- I would buy it immediately at full price. Instead, I'm probably going to get a Droid 3, despite my dislike for Blur...

Google's market cap is $167B. Sprint's market cap is $15B. Google should just buy Sprint and then offer a full line of pure Android (no-Blur, no-TouchWiz, no-bloatware, no-BS) phones that get updated with new Android versions as soon as they're released.