Community

EricV1

I have a Z1, that is uptodate (all system patche from sony applied, systeme said to be up-to-date when manually checked) and still is is vulenrable to:

The vulnerability quadrooter from checkpoint still mention the phone is affected by following CVE:
CVE-2016-2059
CVE-2016-2504

Beside this one the bluetooth bug called blueBorne is probably there as it needs a linux kernel fixes that has been issued in 2017

BlueBorne Vulnerability Scanner by Armis says the phone is vulnerable

Then of course for WiFi : you have Krack weher all wpa cleint should patches their wpa_supplicant code that is used by android.

So far no word for a fix comming from sony.

EricV1

@uliwooly wrote:
@EricV1
You are in luck, you can get in contact with Sony Android Devs
/t5/Developer-World/ct-p/DeveloperWorld
Just wondering, which devices that were released in 2013 will get this security updates? And which devices with Snapdragon 800 will get those security patches?
I'm not trying to argue with you, I genuinely want to know which other devices

Two of the patches are not related to snapdrgon AFAIK (except for the quadrooter). And again, I do not care if other brand are doing the same thing, they are just palin wrong. How long have been customer accepting to pay for a PC every two year. It will happen with the phone now that you have plenty of RAM and CPU power.

If some other brand are doing the same bad jobs that's their problem. My problem is that my perfectly working phone has security flaws that enable to take the remote control of my phone (see blueborne demo video here here).

Uliwooly

@EricV1

So there are no brands that released a phone in 2013 that are going to release any security patches?

Does that mean that no company care about their customers?

This is going in circles.

EricV1

@uliwooly wrote:
@EricV1
So there are no brands that released a phone in 2013 that are going to release any security patches?
Does that mean that no company care about their customers?
This is going in circles.

I do not care what other are doing, I just wants Sony to support its customer for sever security issues. And BTW, no new android release does not mean no security patches... So I think your prof are rather weak.

Uliwooly

@EricV1

I have given you information and I even asked you if you know of any other phones that were released in 2013 that will get this patches but it seems that there aren't, I don't think it's ok to assume that Sony doesn't care about customers when

The Xperia Z1 got 2 major Android updates and was supported for 2 years.