96 comments

[ 3.2 ms ] story [ 177 ms ] thread
The title is a bit clickbaity. This is for Android versions 2.3.7 and lower, which was released in September 21, 2011.
I think the title is perfectly accurate. That is exactly what's going to happen.
I wouldn't go as far as saying "perfectly". What is "old"? I clicked thinking my Android 4 device (which I use daily) is fucked.
I wonder if iOS5 devices can still log into the apple store.
Good question. Maybe someone here can confirm. Is the app store covering so much ground as not being able to access the Google account? Maps, Gmail, analytics...
Actually, even though iOS5 was released in 2011, all devices that supported iOS5 were able to update to iOS6. I wonder, how functional an iOS6 device could be today.
The original iPad is stuck on 5.1.1 I think.
For kicks I pulled out an iOS 5.1.1 device and I was able to sign-in to the App Store and install an old version of an app using my current Apple ID. I'm genuinely surprised it worked.
Not as direct a question as it may seem: the iPhone 4s (IIRC the first device released with iOS5) could be upgraded as far as iOS9 but many Android devices never saw much by way of upgrades unless you count rooting them to install something manually. Though how well those devices run newer versions of the OS and newer apps is likely a question with many answers (most, but not all, negative).
That's typically an argument that "iDevices have more value because you can use them longer than Android". You can't have it both ways - "old android devices" in this context are devices older than iPhone 4s, and iPhone 4s themselves are not very much in use today, so it's that much less likely that Android phones would be.

Realistically, very few people will be affected, and the business backlash for Google is going to be 0. BUT, on the other hand, if anybody at all is going to be affected - those are probably some of the poorest and most vulnerable members of the society (which is also why they're going to not have a strong voice). The social cost, if any, will only be known by Google.

It could be much more exact by mentioning the version & date that it was released on.
It's click-baity because it withholds necessary information in order to get you to click on it.

Saying the version number or release date would stop most people from clicking on it, because it matters much less.

That's how all headlines work.
Nowadays, yes, but that’s not necessarily how they’re supposed to work.

A headline should give a reader actionable information, with the article itself serving to give more detailed context.

This headline doesn’t give actionable information, because you have no idea whether your android version is affected.

Not really, and they don't have to. A simple change would suffice:

> Old Android versions [from 2011 and earlier] will no longer be able to log into Google account

By that logic you have headlines like "Windows installs will now require a Microsoft account", with the article saying it only applies to Windows 11 Home. I tend to avoid reading articles where the headline deliberately avoid information in an attempt to get clicks.
Stochastic language ("Topitanians are strong"), "S is P" = "The median of S is P" = "Android 7 will..." (Very stretched interpretation.)

Logical language ("[All/Some] Topitanians are strong"), "S is P" = "All S are P" = "All old Android versions...". Without an explicit quantifier, a statement to be interpreted in logical language easily defaults to using the universal "All": the statement "Coal burns", if not stochastic (envisaging exceptions) but logical, is meant to express that all of the instances do.

"Old Android versions" does not default to "Some old Android versions".

This is very interesting, thank you for teaching me a bit about logic today. Also, it looks like the headline was amended.
The title of the page conveys more information, albeit in more words:

> Sign-in on Android devices running Android 2.3.7 or lower will not be allowed starting September 27

It's Android, release date of the OS doesn't matter so much as when was the last device that doesn't upgrade past 2.3.7 released and/or when did that device leave mass retail. Or some other threshold.

A ton of 2.3 devices weren't upgradable to 4. And there were a lot of devices made with 2.3 well after 4 was available. The numbers are probably small though, WhatsApp (where I used to work) ended support for 2.3.7 in early 2020 because the user numbers no longer justified the effort to keep that working. Usage was enough to justify almost a two year notice period though.

It's a sad state of Android ecosystem that on 10 years old hardware you can run only 10 years software because vendors rarely provide updates after end of sales date and at the same time they make it very hard to install something like LineageOS (e. g. use locked bootloader and closed-source drivers).

I have a 15 years old notebook and can install a modern Linux/FreeBSD versions on it, but I cannot upgrade 7 years old smartphone.

That's really an issue with the embedded ecosystem in general. Pre-Android devices were far worse.
Sure, pre-Android devices dropped support shortly after you bought them, but they were often still functional. Disabling Google login on an Android (non-AOSP) device effectively bricks it for most users.
I wonder what the technical reason behind this is?
Probably TLS version and maybe Google wants to drop Google Play Services from very old devices?
Those phones are insecure.
Only because Google stopped supporting them.
The actual problem is OEMs. These devices have no auto update, so Verizon/Samsung etc has to write the updates afaik.
Did Apple also drop support for equally old iPhones? I believe they provide security updates for at least 5 years, but I’m not sure.
I don't think Apple has any official "at least X years" support but they're generally pretty good about it. iOS 15 will be on the iPhone 6S when it launches this year, which will be a 6-year-old device at that point.
iOS 15 will support at least iPhone SE (1st gen), released in 2016 - so approximately 6 years of support indeed (if iOS 16 does not support the iPhone SE too).
Google almost never actually provides end-user device support though. It's on the device manufacturers and they lose interest in like 18 months, or perhaps in 36 months if you're lucky.
Yeah because everything after 2.3 isn't...

The reason is that it's not cost effective.

My guess: new TLS bug, or new WebView bug. These systems have no way to update without carriers back porting fixes, and Android H had such a small run that I doubt any carriers are willing to back port whatever fix is necessary.
Note that the original title is "Sign-in on Android devices running Android 2.3.7 or lower will not be allowed starting September 27". Android 3 was released February 22, 2011 -- I haven't seen any devices running Android that old in a while.
Four years ago, in some of the poorest developing nation markets on earth, the local currency equivalent of $60 Android phones for sale in local stores (random cheap Mediatek chipset and 3.5" screens), were running either Android 4.0 or 4.4
Can confirm this to be accurate. My own device is running 5.1.1
Yep, 4.X Android is still going strong, almost like Windows XP.

It's because it's the last Android version Google released without turning it unusable without Gapps.

It is simple to customise. Put any of the crazy CyanogenMod era skins on it, and then customise UI any way you want with your own brand look.

And it is simple to code for, unlike overengineered APIs of later Android versions, with simple raw filesystem access being a particularly highly sought feature.

That's interesting. If there are use-cases for this old version of Android, is there a reason that the people who want to build such devices, haven't created a "living" descendant OS forking off from Android 4.x, with the old APIs but a modern kernel et al? Sort of like the living GTK2 that stuck around for so long after GTK3.
You can add back the Gapps-free applications quite easily - clones of them are widely available in F-Droid, or as part of custom ROMs like LineageOS and formerly CyanogenMod.
Sure, but then why put Android 4.x on these newer devices, rather than putting F-Droid/LineageOS on them?
(comment deleted)
Post 4.X Android is almost a wholly different OS. It was the biggest API break, and a shift to much more over-engineered APIs.

Companies doing things like POS terminals, eKiosks, signage, set-top boxes, Android TVs, etc are not interested in that, and this is a big part of why 4.X is so prolific.

Then we're back to my original question: why is there no living descendant of the 4.x API, with modern security?
Good question. I know that some private CM forks of really old Android version is still kept alive by companies making things like POS terminals
Android 3 wasn't generally available for phones; it was mostly tablets.
Yes. Officially, every version up to Android 2.3 was for phones. Samsung wanted to make a tablet and made one with 2.2 and 2.3, even though Android did not officially support tablets for those versions. Android 3.x was a version just for tablets (Honeycomb). Android 4 (Ice Cream Sandwich) merged the phone ability of the 2.x branch with the tablet ability of the 3.x branch - 4.0 was the first Android version which officially supported phone and tablet.
IIRC, exclusively tablets. I seem to recall Google saying while they wouldn't prohibit phone use, they we're going to help manufacturers with it and that they'd have to wait for Android 4.
Honeycomb was even closed source except some GPL
Yeah, why was the title editoralized by removing the affected versions? It is the most important part of the announcement, and was present in the original title.
Yes, the submitted title ("Old Android versions will no longer be able to log into Google account") broke the site guidelines: "Please use the original title, unless it is misleading or linkbait; don't editorialize." We've fixed it now. Thanks!

https://news.ycombinator.com/newsguidelines.html

I wonder what proportion of android devices are running <3.0?
The stats from Google lump everything under 4.1 together at 0.2%.

I would link to it but Google removed the chart from the web a while ago and just tells you to look at it in Android Studio's new project wizard.

Imagine if it was your 10 year old Tesla!
Imagine if it was your Tesla after 10 years of no software upgrades.

(Except all Teslas are still receiving updates.)

And also signing into Google on Tesla accomplishes what exactly?

They still updating that original roadster ?
Is there really anything to update in the Roadster? It's very barebones.
This assumes that your phone hasn't had any updates for 10 years.

If your Tesla had no updates for 10 years, you probably would also be wise to not check your email on it.

I have a Nexus S with a decent battery; and while it _can_ log in, the relevant Google services and apps that it ships with are broken beyond usability.

It would be nice if Google endeavoured to keep old Android working and security patched, rather than force a faster e-waste cycle.

Android 2.3+ accounts for less than 0.2% of devices. It doesn't really force an e-waste cycle when its that microscopic already. The e-waste cycle has already occurred.

By that logic we'd still be supporting the Space Shuttle, the NES, the Sega Genesis, the Apple II, the Altair, the 80286, the Laserdisc player, the Video CD, the Kodak cameras... We should never drop legacy, ever.

Plus, your Nexus S actually got 4.1.2, which means it's still supported even after this.

I'm not sure that logic holds - many of the devices you mention will still work (space shuttle aside) - whereas that will not be the case with these older android devices.

While it may be 0.2%, it'd be interesting to see what numbers that actually equates to.

Android 8.0 is not supported anymore, and it suffers from very serious security vulnerabilities.

Versions up to 8.0 constitute around 20% of the phones (as of June 2021¹), which creates a significant amount of e-waste, particularly embarrassing when considering phones like the Nexus 5x, which is a perfectly usable model.

[¹] https://www.statista.com/statistics/921152/mobile-android-ve...

I'm talking mainly about the OG article (which discontinues 2.3 and earlier from Google Services), not Android's terrible long-term support compared to iOS which wholly deserves criticism.

But they can still access Google.

The Nexus 5X would be a perfectly usable model, but some fail over time due to a SOC with defective "big" CPU cores (IIRC).
How many gajillion Android devices are sold per year? It seems misleading to use a percentage of a giant unknown number.

Edit; if there are 3 billion active android devices, this is putting 6 million into landfill?

It's not like they still won't work. You won't be able to sign into your Google account on them, but you can still use the web browser.

Honestly, if having every other app than Google drop support for your device didn't motivate you to upgrade, Google dropping support probably won't either.

With a cap kit, battery replacement (if relevant), then the NES, Genesis, Apple II, Altair, 286, Laserdisc, Video CD, and Kodaks still work just fine.

Importantly: they are repairable.

My Nexus S is a paperweight because Google kept it relatively closed. My BlackBerry Priv is even worse, since I can't root it.

Repairability seems like only half the story. The devices you list are all mostly non-networked; nobody cares about security vulnerabilities in your NES because it isn't connected to the Internet and handling highly confidential information. That's not true of your smartphone.

Unfortunately, the reality with online devices is that:

a) They are sufficiently complex that they have an indeterminate (and effectively unending) supply of vulnerabilities

b) Effective vulnerability management requires vendor support

c) The market favors one-time ("sale") models, not ongoing ("subscription") models

As a result, vendors support devices for a fixed amount of time, often subject to arbitrary constraints (like going out of business or unexpectedly high costs of fixes).

From a consumer perspective, this usually manifests as computing devices getting worse over time--less performant, less secure, and surprising and arbitrary end-of-lifing.

You might argue that a more open device ecosystem allows open source contributors to fix vulnerabilities. This is true, to a degree, but only to a degree--just as (past some point) it isn't worth it for a vendor to keep patching a long-obsolete product with a tiny userbase, it's similarly true that an esoteric open source product won't attract a robust community that can meaningfully support it.

While free software advocates like to say "But at least it would be up to me to patch it," in practice, for most users (who aren't going to write their own patches, or hire a team of professionals to do so!), predictability, transparency, and fairness are the critical components in the products they use, not "openness" per se.

Debian can run on any i386 compatible device. That's 25+ years of support for general computing devices.

If phones had followed a similar open architecture as PCs then they might have enjoyed such support, as well.

No not anymore, the Linux kernel even doesn’t support the 80386 at this point.

i386 is kept as the arch name, but the baseline has went up.

Jessie needs at least a Pentium, and Stretch needs an i686.

There's still NetBSD and FreeDOS.
That's a fair point. I don't think the issue is that open source software has fewer dead ends--it's easy to adopt an open source tool that later loses critical mass--but rather that proprietary hardware+software combinations result in a distinctly frustrating outcome of "my hardware still works, but the software is no longer supported".
> Android 2.3+ accounts for less than 0.2% of devices. It doesn't really force an e-waste cycle

Because it is already forced in multiple ways and most devices which can run only 2.3 are already on landfills.

There are billions of Android devices. A tenth of a percent of billions is double-digit millions.

Google+ userIDs were for a long time effectively new Gmail and Android registrations. Those peaked at about 3 billion before the automatic assignment of a G+ account was broken in 2015. Conservatively, there are likely well over 6 billion such registrations, which would be 12 million Android 2.3 devices.

Small fractions at Google scale are large numbers.

Realise too that Android shows up in numerous devices, including some embedded tools, as well as tablets, e-readers, and other systems a casual reader might not be aware of.

What the parent is saying is that even though you can still login, the functionality of the other gapps has been hobbled for a long time. I can confirm a variety of problems with old Android 4-6 devices. This includes a no longer functional Play store on a couple of devices, YouTube app slowly but surely failing etc.
Can a person download Google Chrome without Google Play Store / Google Account?

I tried and failed.

You can sideload the APK downloaded online from APKMirror, and that will work.
Why would you do that? There's a million webview based browsers readily available for download from f-droid or directly from github
Because Chrome would give you an updated browser engine. I don't think I want a gingerbread webview, thanks.
(comment deleted)
I know this is for a very old version of andriod, but man, it would be really nice if they just said 'android x has these spec requirements, you can try to update any device to any version at your own risk.

Why do smart phone manufacturers get to decide what version of andriod I can run?

> but man, it would be really nice if they just said 'android x has these spec requirements, you can try to update any device to any version at your own risk.

You can try and run an android GSI, if your device is recent enough to support those. Though even GSI's come in a variety of 'flavors', so they're not literally one-size-fits-all.

> Why do smart phone manufacturers get to decide what version of andriod I can run?

Because they (and the chip vendors) are the ones writing drivers and never upstreaming them or porting them to new enough kernels to support newer Android versions.

If you want a device with lifetime updates, consider a GNU/Linux phone, Librem 5 or Pinephone.
Alternately, consider postmarketOS for your older devices. Though I doubt that any device which shipped w/ Android 2.3 or earlier would run pmOS all that well; even if you managed to get all the hardware working with free drivers, tight limits on RAM and internal storage are generally a showstopper.
There's no evidence that those phones will support indefinite updates, and plenty of reason to think that they won't.
Running mainline kernel pretty much guarantees lifetime support. It does not matter whether the companies who made the smartphones will exist. My 12-year laptop works fine with latest Debian.

https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

No, it doesn't

Linux has dropped plenty of obsolete hardware over time. Things like AGP, 386 processors and many others

If my phone gets a lifetime as long as the 386 got, I will be perfectly happy with it.
This could cause some problems for archiving and preserving historic apps, famous persons' devices, and data from those devices.
hackernews: I can't believe 10+ year old hardware and software is forcefully made obsolete

also hackernews: man do I hate working on and maintaining legacy stuff