For years, Apple has heavily touted the iPhone as the most secure, private smartphone on the market. Despite that claim, Israel’s NSO Group was able to compromise the iPhones of some of the most important people in the world remotely — raising questions about how secure the iPhone really is.
Apple is quick to update the iPhone’s software whenever one of these attacks is uncovered and supports its devices for far longer than any of its competitors, but these types of revelations reveal the cracks in how the company releases updates.
Unlike the apps on your phone, which update automatically from the App Store as they’re released, iOS updates are monolithic; the operating system must be updated all at once, and the phone restarted, rather than updating the individual apps that need fixing.
This method of updating feels outdated and doesn’t make much sense in 2021; you wouldn’t expect an update that adds new features or security to Slack’s chat app to require a computer reboot, yet iOS requires this for every update to the core apps on your phone, and is likely why many people put off updating until they get tired of tapping the ‘update later’ button.
Google’s Android operating system uses a modular approach to release updates to core apps without requiring a system update. If the phone app needs an update, for example, this is updated via the Play Store instead of an entire operating system release.
Google’s record on updating smartphone software isn’t great due to the sheer amount of smartphone manufacturers using Android and their lackluster attitude toward long-term support. But, this approach allows the company to quickly patch its apps for security flaws or add new features without a phone reboot — even if the manufacturer hasn’t updated the device to the latest operating system.
This has a huge advantage: Google can rapidly fix security flaws and make improvements, without needing to convince people to reboot their phones, or really know the update was installed at all. They get security fixes constantly, regardless of if the flaw is in the Messages app or the Phone app.