ProgrammerHumor
iThinkGoogleDoesItWrong
Context:
Mediatek is a Chinese/Taiwanese Chip (SoC) vendor on mobile devices and TVs. Devices with their software rarely get updates unless they move 100KU or more. Devices with their SoCs are notorious for breaking compatibility with "The Platform" which is a surface for App Developers as they apparently know better than other vendors. However as a small OEM you are able to get your hands on it, but without support - hence the meme.
Qualcomm on the other hand is supreme and stays in "Vendor Implementation", however they don't even sign a contract with you unless you have a record of selling quality stuff already.
So get fucked I guess?
Discussion
I almost choked from all the laughing, thank you.
i don’t think i’m smart enough for this meme and that’s ok i accept that
I really don't get why HW vendors are so stupid that they didn't get until today that cooking their own shitty software (firmware) in their own basement isn't a competitive advantage but only makes the lives of everybody miserable. Why the fuck can't firmware be developed as any other proper software: As OpenSource?!
Besides that I don't understand why "SoCs" are to this day such trash where you need for every variant a whole custom software stack. We overcame this shit almost half a century ago with PCs, where you can use a generic OS and any combination of hardware devices without needed to explicitly support every single combination explicitly.
Putting all devices on a PCI bus isn't rocket science, nor is it especially expensive!
It almost looks like SoC are made on purpose closed throwaway devices. Imho we desperately need legal regulation to stop that madness; as the vendors won't change that voluntary it seems.
Mediatek has actually nice, cheap hardware. But it's unusable because of their massively fucked up software.
If only just one HW vendor would change for the good and become an OpenScource company their products would take world domination, like Linux did in the software space. I promise. But for some reason it seems nobody understands this. (Yes, it would need quite some upfront investment. But I say it would be worth it if the result would be absolute market domination in the long run!)
Having worked in a remotely related area, I instinctively want to agree with you. Vendors try to break these boundaries all the time because it is easier or just because that's how they approached it.
Google has been enforcing VTS on GSI testing exactly for this reason. If the core functionality doesn't work on GSI then they cannot be certified for new product launches. It might still be a problem for non-core functionalities.
I'm not sure how much of the problem still exists with the newer products launching within the past two year.
I can't elaborate much, but it is still a major problem even with the latest Dimensity chips. Low level firmware of which is so buggy it requires platform workarounds. Wild shit…
I guess Google themselves went with Qualcomm then Samsung for a reason. Mediatek had always tried to spend the bare minimum amount of effort to ship a product. Good to know that has not changed. I'm guessing lower tier vendors like Unisoc is the same or worse.
They are mostly gonna ship you pre-built binaries for everything, god forbid you need to fix any bugs they cooked up for you. But in a way that's better than rebasing git-less AOSP, shipped in a zip file, onto unknown version of upstream Android
¯\_(ツ)_/¯.Mediatek is special that way and likes to send you off with a hodgepodge of Android 14's build harness, with 1/4 of Android 12 HALs and sprinkle of Android 13's heavily modified apps and of course 3/4 of deprecated Android 12.1 HALs… like a good sport.
Oh! And the most interesting thing is that the "Security Level" is defined in the build harness so they're gonna totally lie to you about the patches applied to your device.
I could go on and on, sorry.
That's concerning. I'm aware that backports are a thing. But security patch level should be consistent.
Security patches are of 2 kinds, Google only tracks one of them.
This is defined in a single module which you can update at will and - of course - modify at will, even if you have not merged upstream changes which have fixed the CVEs.
>> Google tracks this Security Level <<
Now this is less crucial as gaining root-level access requires a platform vulnerability. HOWEVER you can still gain this access through bugs in hardware drivers (of which there are many).
People have successfully rooted their devices in the past by deliberately leveraging kernel vulnerabilities, therefore updates to kernel are crucial as well.
Kernel essentially determines the lifespan of your device. When it stops receiving upstream patches, you're done with updates as kernel version is very likely not going to be bumped to newer version. (ex. my device launched with 6.1 with Android 14, end of life of which is set to 2029-07-01)
Does it mean, if I have an older device, it never will be secure even if I install some custom ROM which updated to the latest Android?
Yup, maintainer would have to update the kernel themselves. More often than not, this effort has the perfect effect of making the device somewhat unstable in return.
Very interesting!
But what do you actually mean by:
So basically… Dudes in China sent us a zip file of the ENTIRE AOSP with .git directories removed and history effectively erased.
E: This is definitely not a Mediatek's fault directly, but rather got lost in the supply chain. As MTK refuses to give git access to independent, small parties, suppliers are given access then they are bound by contract not to disclose this history with other developers.
MTK is the most afraid to get their source code leaked to the public. From what I have seen, I'm not even surprised. We're meme-ing their "MTK enhance" comments/edits which fuck up the functionality in unimaginable ways.