Fuchsia has separated the drivers from the kernel[1], enabling proprietary drivers that are never updated to become acceptable. This can result in Blueborne[2], GPU vulnerabilities[3], and any other proprietary driver remaining permanently vulnerable as the hardware manufacturer has no incentive to update the driver.
In Fuchsia's model, you can run the latest OS with these vulnerable, non-updated drivers, or your device ODM could even release nothing and you don't have the GPLv2 to fall back on to get the Board Support Package for your hardware to build your own updates with.
I see that as a sort of capitulation. What is actually needed is manufacturers who remain responsible and responsive when it comes to the quality of their drivers. They need to support them much longer than they currently do, and they need to release security fixes promptly.
I think having a sandboxed driver model is a great idea in general, but this will only encourage hardware manufacturers to care even less about supporting their drivers beyond the initial more-or-less-working release.
> What is actually needed is manufacturers who remain responsible and responsive when it comes to the quality of their drivers. They need to support them much longer than they currently do, and they need to release security fixes promptly.
That requires a level of investment in engineering competence that they aren’t doing because there is little incentive.