ProgrammerHumor
iThinkGoogleDoesItWrong
Context:
Mediatek is a Chinese/Taiwanese Chip (SoC) vendor on mobile devices and TVs. Devices with their software rarely get updates unless they move 100KU or more. Devices with their SoCs are notorious for breaking compatibility with "The Platform" which is a surface for App Developers as they apparently know better than other vendors. However as a small OEM you are able to get your hands on it, but without support - hence the meme.
Qualcomm on the other hand is supreme and stays in "Vendor Implementation", however they don't even sign a contract with you unless you have a record of selling quality stuff already.
So get fucked I guess?
Having worked in a remotely related area, I instinctively want to agree with you. Vendors try to break these boundaries all the time because it is easier or just because that's how they approached it.
Google has been enforcing VTS on GSI testing exactly for this reason. If the core functionality doesn't work on GSI then they cannot be certified for new product launches. It might still be a problem for non-core functionalities.
I'm not sure how much of the problem still exists with the newer products launching within the past two year.
I can't elaborate much, but it is still a major problem even with the latest Dimensity chips. Low level firmware of which is so buggy it requires platform workarounds. Wild shit…
I guess Google themselves went with Qualcomm then Samsung for a reason. Mediatek had always tried to spend the bare minimum amount of effort to ship a product. Good to know that has not changed. I'm guessing lower tier vendors like Unisoc is the same or worse.
They are mostly gonna ship you pre-built binaries for everything, god forbid you need to fix any bugs they cooked up for you. But in a way that's better than rebasing git-less AOSP, shipped in a zip file, onto unknown version of upstream Android
¯\_(ツ)_/¯.Mediatek is special that way and likes to send you off with a hodgepodge of Android 14's build harness, with 1/4 of Android 12 HALs and sprinkle of Android 13's heavily modified apps and of course 3/4 of deprecated Android 12.1 HALs… like a good sport.
Oh! And the most interesting thing is that the "Security Level" is defined in the build harness so they're gonna totally lie to you about the patches applied to your device.
I could go on and on, sorry.
That's concerning. I'm aware that backports are a thing. But security patch level should be consistent.
Security patches are of 2 kinds, Google only tracks one of them.
This is defined in a single module which you can update at will and - of course - modify at will, even if you have not merged upstream changes which have fixed the CVEs.
>> Google tracks this Security Level <<
Now this is less crucial as gaining root-level access requires a platform vulnerability. HOWEVER you can still gain this access through bugs in hardware drivers (of which there are many).
People have successfully rooted their devices in the past by deliberately leveraging kernel vulnerabilities, therefore updates to kernel are crucial as well.
Kernel essentially determines the lifespan of your device. When it stops receiving upstream patches, you're done with updates as kernel version is very likely not going to be bumped to newer version. (ex. my device launched with 6.1 with Android 14, end of life of which is set to 2029-07-01)