With today’s brand new premium flagship phones like theor Samsung Galaxy S22 Ultra costing over $1000 and even for a whopping $899, buying the latest and greatest phones just isn’t an option for many of us. So it’s tempting to turn to older or used phones instead that you can buy cheap on eBay. And why not? The hardware is usually more than capable of handling what you need, and it’s more environmentally friendly to keep using phones for longer, rather than sending them to the landfill.
The problem is that phones released years ago can run outdated versions of Android, which means they often lack critical security updates that can protect you and your data from prying eyes. prying. While the hardware itself can often still be used, especially if you don’t fancy the best cameras or the fastest processors, the lack of security support means older phones could be much less certain. If you’re concerned about security and privacy — and you should be — here are some things to consider.
What is a security patch for a phone operating system?
Whenever hackers find a new hole in your phone’s software to exploit, phone manufacturers usually fix it, and that patch is sent to your phone to make sure no one can take advantage of it. This is a security patch. You will probably have received many of these over time, as cybercriminals are always trying to find new ways to circumvent your phone’s security. It’s a continuous cycle of identifying threats, resolving them, and then finding the next one.
Most of the time, you’ll never know, but it’s what keeps your phone up to date and protects it from known threats.
Why do manufacturers stop sending security patches?
Manufacturers like Samsung, Sony, Google, and OnePlus only support a phone for so long. Every new phone released and every new version of Android requires a new threat assessment and patching. It’s a lot of work, and it means finding and fixing these holes for every handset for years and years just becomes impossible.
As a result, Google and phone makers eventually have to discontinue support for older handsets, usually once a device is two or three years old. These handsets will then no longer receive security updates, which means that when a threat is detected on this phone, it simply will not be fixed.
So is using an outdated phone safe?
Like Christoph Hebeisen, Director of the Security Intelligence Company Look forexplained, “We don’t consider it safe to run a device that doesn’t receive security patches. Critical security vulnerabilities become public every few weeks or even months, and once a system is no longer supported, users who continue to use it become susceptible to exploitation of known vulnerabilities.”
According to Hebeisen, a vulnerable phone could allow full access to everything on your phone, including your personal and work emails, contact details, bank details or the audio of your phone calls. A hacker could continue to have access to this information as long as you continue to use the compromised handset.
Paul Ducklin, principal researcher at security firm Sophos, agrees. “If your phone has a software vulnerability that crooks already know how to exploit, such as to steal data or plant malware, then that vulnerability will be with you forever,” he said.
How do I know if my phone is too old?
Finding out if your phone is still supported and receiving security patches is often not straightforward. To start, go to Settings and check your software updates. Install the latest version available. Usually this will give you an indication of when the phone was last updated. If your phone says it has the latest operating system software, but the latest version was installed months or even years ago, that’s bad news. Your phone is probably no longer supported.
Unfortunately, manufacturers don’t give you a warning telling you when they’ve dropped support for a phone, so you either find out by a rude awakening like I mentioned above, or you find out by other ways.
A good rule of thumb is that a phone will no longer be supported if it is two or three years old. However, this varies from company to company. Google’s older Pixel phones typically received three years of software updates, but that’s increased to five years of guaranteed updates with the latest Pixel 6 and 6 Pro. Google also requires manufacturers to provide at least two years of device updates. Apple, by comparison, has always been providing software updates for phones for almost seven years because it has relatively few models to deal with. The latest version of iOS 15 can be installed on the iPhone 6S from 2015.
Finding out if your Android phone is supported will take some digging. I found Nokia’s tool to see updates for its phones after going through a series of support pages on its website. Samsung sent me their list after contacting their PR team, and it is available online here. Google has a page that clearly tells you when your Pixel or Nexus phone loses security support. (Spoiler alert: All Nexus phones and the first three generations of Pixels, including 2018’s Pixel 3, are no longer supported.) Your best place to start is your phone’s manufacturer’s website support pages. telephone.
You may not immediately notice if your phone is outdated. The most obvious sign that you’re running old software may be when you’re looking for new apps to download. Many apps will simply be incompatible due to your phone’s software and hardware limitations and you won’t be able to install them.
How do I know if my phone has been hacked?
It’s hard to say if you’ll ever notice if your phone’s security has been compromised. Cybercriminals don’t exactly let it be known that they’ve accessed your device, so you’ll have to look for signs. Popups that may appear on the phone are a big giveaway, as are apps that suddenly appear that you haven’t downloaded.
Also, watch out for unexplained high data usage, as malicious apps may be using a lot of data in the background. Other indicators can also include abnormally high battery usage and poor performance, but both of these can also be attributed to using older hardware that degrades over time.
How can I protect myself if I have an old phone?
As Hebeisen says, the best way to protect yourself is to simply not use a phone that is no longer supported. If you’re short on money, can’t afford to upgrade yet, or are temporarily using an old phone for some reason, there are a few things you can do that might help.
First, you need to make sure that the latest software is installed on the phone. If you bought it second-hand, make sure to completely factory reset the phone. Make sure to only download apps from the Google Play Store (rather than third-party or unofficial app stores) and definitely avoid installing apps by downloading the APK file from a website. This can often be a way for malware to sneak into a phone.
You can help protect your personal information by simply not giving too much away. Don’t do any phone banking, sync your company email accounts, or send sexy photos or have sexy video chats until you’re back on a protected device. (Even over the phone, it’s important to practice safe sex.) According to Hebeisen, if you don’t take such precautions, “it could allow an attacker to observe and manipulate almost anything that happens on the device”. It’s a cold shower, right there.