Android isn't exactly known for being a paragon of security. The number of unpatched critical CVEs in the wild at any given moment is staggering. At worst this is a step sideways.
Huawei's drivers, which is what led GCHQ to probe into Huawei's code and write a rather uncharitable report on what their coding practices look like [1], are not. Admittedly, as members of the public we can only take their word for it that they found shoddy code by any reasonable standard. But if the latter is true and any indicator of how they'll maintain their own fork of Android, it's doesn't inspire much confidence.
> Sure thing, but at least Android is open source.
Some of it. Certainly not many of the hardware drivers. There's a reason that updates are dependent on hardware vendors and mobile network operators and that most phones don't have fully functional Lineage builds.
Yeah, well... I think we can agree that it's more open source than other Phone Operating Systems. And that's besides the more important point here, which is that Huawei's developers reportedly write insecure looking spaghetti code.
And mine is that Google has large swaths of OSS code to show that they're competent at writing secure code, whereas there's a report out that Huawei is writing spaghetti code that is so poorly written that even security experts can't make up their mind to say whether it's secure or not except to say that they need to get their act together.
Huawei's drivers, which is what led GCHQ to probe into Huawei's code and write a rather uncharitable report on what their coding practices look like [1], are not. Admittedly, as members of the public we can only take their word for it that they found shoddy code by any reasonable standard. But if the latter is true and any indicator of how they'll maintain their own fork of Android, it's doesn't inspire much confidence.
https://www.theregister.co.uk/2019/03/28/hcsec_huawei_oversi...