Android was originally designed, above all else, to be widely adopted. Google was starting from scratch with zero percent market share, so it was happy to give up control and give everyone a seat at the table in exchange for adoption. […]
Android still uses a software update chain-of-command designed back when the Android ecosystem had zero devices to update, and it just doesn’t work. There are just too many cooks in the kitchen: Google releases Android to OEMs, OEMs can change things and release code to carriers, carriers can change things and release code to consumers. It’s been broken for years.
I couldn’t have said it better. The headline seems apt, too. I usually don’t write about security. 1) My experience is limited; 2) iOS isn’t perfect, either; and 3) it’s not quite a dynamic, cutting-edge topic. But the number and scale of issues on Android is getting ridiculous. Google made the trade-off between rapid scale and solid security. Scale won. And so “open” is now also a double-entendre.
