cancel
Showing results for 
Search instead for 
Did you mean: 

SnoopSnitch App

cwrb
I plan to stick around

Anyone tried the android app SnoopSnitch?
If it works, it will list which security patches Rogers has not provided for your phone.
The quick test indicated I have 6 patches not provided from 2017 alone. It also indicated I had 30 inconclusive results.
We should be holding Rogers accountable for up to date patches to protect their customers.
Before using the app, you should review "wiki SnoopSnitch" for applicability and potential costs.

11 REPLIES 11

Re: SnoopSnitch App

RogersCilio
Retired Moderator
Retired Moderator

Hello @cwrb,

 

Unfortunately, we don't have any information on this app itself, however I'd like to help provide some clarification on your security updates, statement.

 

The Original Equipment Manufacturers (OEMs) are responsible for security updates, OS updates and bug fixes. It is their responsibility to begin software development. Once the software has been developed by the manufacturer, it's sent to Rogers/carriers, so that we may test the updates with our network to ensure system stability & identify any bugs. If there are bugs in the software we ask the manufacturer to fix them before moving on to the next step. Following that, the software is submitted to a regulatory agency to make sure the software meets FCC and Innovation, Science and Economic Development Canada’s (ISED) standards.  Once those approvals are received, then the software is rolled out by the OEM with the assistance of Rogers/carriers.

 

Hope this helps.

 

RogersCilio

Re: SnoopSnitch App

cwrb
I plan to stick around
Cilio, Thx for the detail ... but it doesn't help understand why there is such a delay in issuing security updates.
The reason a SnoopSnitch type app has been introduced is due too tardiness of security patch releases.
If I understand correctly, it is the OEMs responsibility to update customers via the ISP. Sounds like smoke and mirrors.
IMO, this is deflection.
Let's keep it simple...and easy to understand.
Why so late and who is responsible for the delays?

Re: SnoopSnitch App

RogersCilio
Retired Moderator
Retired Moderator

To reiterate @cwrb , speaking to software as a whole, the responsibility of any OS update, Security update or bug fix, begins with and entirely relies upon the OEM.


Now, as detailed above, there are multiple layers of testing and approvals required by each carrier and governing body at each turn. For instance, if an update is received from an OEM and carrier/network testing fails or the software does not meet a governing body's standards, then the software is sent back to the OEM for a fix.


All developing, testing and regulatory work that happens in the backend can lead to what the customer may feel or identify as 'delays'. But in reality, its OEM software development. And that stuff takes time Smiley Wink

 

RogersCilio

Re: SnoopSnitch App

Lurker
I'm a senior advisor

@cwrbwrote:
Cilio, Thx for the detail ... but it doesn't help understand why there is such a delay in issuing security updates.
The reason a SnoopSnitch type app has been introduced is due too tardiness of security patch releases.
If I understand correctly, it is the OEMs responsibility to update customers via the ISP. Sounds like smoke and mirrors.
IMO, this is deflection.
Let's keep it simple...and easy to understand.
Why so late and who is responsible for the delays?

To put it simply, the phone manufacturer is often the chokepoint in the Android ecosystem.

 

Google is constantly patching Android.  IF you have a Google phone (Nexus, Pixel), Google bypasses all of the other steps and patches your phone directly.

 

If you have another manufacturer (i.e. Moto, Samsung, LG, etc), they first have to decide whether they actually want to patch your phone, depending on how old it is.  If they are going to patch, because the handset makers often modify Android with their own tools and programs, they have to test the patch against their own version of Android.

 

If you like conspiracy theories, then the handset makers are slow to patch and update because they don't want you using old handsets.  They don't make money patching old phones.

 

 

Re: SnoopSnitch App

cwrb
I plan to stick around
My phone is an LG G6 ... quite new.

Again, this appears to be deflection. Either you treat security with a sense of urgency or you say 'not my problem'.
You ARE part of the problem or part of the solution.
Either the OEM or the ISP doesn't have a sense of urgency for security updates.
Looks like the OEMs and ISPs are only interested in selling.
Without apps like SnoopSnitch, attention wouldn't be drawn to this deficiency.
More customers need to voice their concern about after sales service.

If this was my area at Rogers, I would want to show customers how Rogers was not responsible for the delays.

Re: SnoopSnitch App

BS
I'm a senior advisor

@cwrb

 

I have to agree with you on everything you say.

 

Companies are very good at divesting themselves of responsibility in these types of situations.

 

Oh, it is the OEM, it is Android, they say it is the provider, etc.

 

Yes, they have to all work together to get security patches and features and patches out, but note, I said, "they have to all work together".  It seems that once one of them says, we don't do it anymore, then Rogers rights off any responsibility of even advising us that our product is no longer in support.

 

Companies like Microsoft on an OEM computer, the companies work together to ensure that products are functional and secure, and yes, they eventually deprecate support for various features over time, but Microsoft has a complete list of when it will happen and when you buy a product, you know its life cycle when you get it (so therefore, no surprises for the consumer).

 

An example is a PCMCI card in my older Lenovo, the chipset was produced by a company that eventually was purchased by Intel.  Intel supported through Microsoft a generic driver for the product, but Intel has stated that they will not be producing any OEM drivers anymore as the technology has been deprecated now.

 

So my own position on this, is that Rogers needs to be communicating directly via a common web page, like they do the patch releases and indicate that the security patches are no longer in - on the web stie for upgrades at Rogers on the Forum, as an example, LGG4 provides no information that it is no longer in support, just what the last version was.

 

Your LgG6 says Oreo coming soon - what ever that means.

 

We shouldn't have to go on a scavenger hunt across manufacturers, media and rogers forums and sites and support to get the answer that our phone is out of support.

 

I can understand that as phones age, that features will drop off, and that the risk becomes mine if I continue to use it, but 2 years full depracation on Lg G4 and LG G5 - Rogers can always put the pressure on them, or at least keep us educated on these facts.

 

I can see why you are frustrated, and the answers given so far basically say, "that is the way it is".

 

Bruce

Re: SnoopSnitch App

cwrb
I plan to stick around
Thx Bruce.
Having ranted about lack of timely securityupdates, I must admit I am not really concerned to date.
Periodically, I install and run an anti-virus app and don't find any problems.
As long as this continues, there is less urgency for timely security updates.

The good thing about capitalism is innovation is inevitable.
The problem with capitalism is planned obsolescence is also inevitable.
The challenge for the consumer is to find the affordable balance.

Re: SnoopSnitch App

Lurker
I'm a senior advisor

@cwrbwrote:
My phone is an LG G6 ... quite new.

Again, this appears to be deflection. Either you treat security with a sense of urgency or you say 'not my problem'.
You ARE part of the problem or part of the solution.
Either the OEM or the ISP doesn't have a sense of urgency for security updates.
Looks like the OEMs and ISPs are only interested in selling.
Without apps like SnoopSnitch, attention wouldn't be drawn to this deficiency.
More customers need to voice their concern about after sales service.

If this was my area at Rogers, I would want to show customers how Rogers was not responsible for the delays.

There is, literally, NOTHING Rogers can do if LG doesn't push the security update.  

Re: SnoopSnitch App

cwrb
I plan to stick around
You are clearly indicating the OEM is the problem.
IYO, does Rogers exhibit a sense of urgency, when security updates are made available from OEMs?

Re: SnoopSnitch App

Lurker
I'm a senior advisor

In my experience, once the OEM pushes the patch, carriers are fairly responsive in their testing and push.

 

I can't specifically say with Rogers, as I am with Big Blue for my cellular service.

 

When I had a Moto X, Moto was always the weak link in the update chain.  Updates would take many months after Google had published their fixes.   Its partially why I switched to a Pixel - Google simply does an end run around everybody and pushes updates themselves.

Re: SnoopSnitch App

cwrb
I plan to stick around
Thx.
I will do more research before buying my next phone.
I will definitely buy from an OEM that delivers fixes/updates directly to their phone owners.
Thx for your candid comments. Refreshing.
Topic Stats
  • 11 replies
  • 4467 views
  • 4 Likes
  • 4 in conversation