The researchers used the data gathered from app called Device Analyzer which give them an insight into how people use their smartphones and allowed them to extract patterns and trends. The researchers plan use this data set to make recommendations for the improvement of future smartphones and, if users of the app agree to it, they share this data with other researchers.
According to the study’s results the blame squarely lies on the smartphone manufacturers because most do not provide regular security updates. The researchers said that the onus for the delivery of updates in the Android ecosystem lies with them rather than Google, operators or users. They found that devices built by LG and Motorola, as well as those devices shipped under the Google Nexus brand are much more secure than others. “Google has done a good job at mitigating many of the risks and we recommend users only install apps from Google’s Play Store since it performs additional safety checks on apps,” Dr. Alastair Beresford noted. “Unfortunately Google can only do so much, and recent Android security problems have shown that this is not enough to protect users. Phones require updates from manufacturers, and the majority of devices aren’t getting them.” The researchers’ hope is that this study will help people when choosing a phone, i.e. that they will opt for devices made by those manufacturers who are more quick to update them. Conversely, they hope that the study will spur manufacturers and operators to deliver updates in a timely manner.