A new Samsung Galaxy S22 (and above) has 5 years of support. 4 major Android updates and 1 year of security updates. For the Pixel 6/7/Pro (including the cheaper 6a), it's also 5 years, but only 3 major Android upgrades and 2 of security updates.
Not as good as an iPhone (5-6 years), but it's improving.
If you include years where you only get a security update, but not an OS update, then the 2014 iPhone 5s is still supported today, since it's last update was in August.
I don't know how to feel about those "security updates". That iPhone 5s is still running an outdated Safari browser, for example. The device isn't secure.
When I think about long term support, I'm thinking about the kind of support Windows, Linux LTS, etc, provide. When Apple, Samsung, etc, release the type of updates you mention, they're just fixing one of the many security problems the device has.
It's like fixing the lock on a door of a building full of broken windows and call it secure. I guess it's better than nothing, but it's not proper maintenance.
The changelog for iOS 12.5.6 mentions a fix for a Webkit exploit, so I guess Webkit was updated? The current version of Webkit/Safari doesn't run on iOS 12 (released in 2018) though (as far as I'm aware).
On a side note, if we want to use this a proof of good long term support, then Android is even better. Phones running Android 7 (2016) are using the latest Chrome/Webview version (108). The difference is that updates are delivered via the Play Store and not as system updates.
> The difference is that updates are delivered via the Play Store and not as system updates.
You're claiming that the security issue detailed in the article will be fixed through the Play Store, for devices no longer receiving updates from the device maker?
There are advantages to the iOS model of six years of full support followed by security updates for many years later, especially when an actively exploited issue is discovered.
that's an important distinction. i don't have an android, but i get the sense that by "supported" we are talking about continuing to receive security updates. i am not sure my assumption is correct, though. do new samsung phones stop receiving security updates in 5 years?
You get at least 5 years of security updates with a new Samsung flagship[0]. During those 5 years, you'll use 4 major Android versions (there's a new one each year, like iOS). The last year of support is essentially security patches for the Android version released in the previous year.
On top of this, since Android 10 (2019), some security and feature updates come directly from Google (delivered via the app store) and continue after the brand stops supporting the device.
These security updates Apple, Samsung, etc, release years after the phone reaches end-of-life are a bit misleading. The update for the iPhone 5S fixed an exploit on Webkit, but everything else remains unpatched. Same with the update Samsung released for the Galaxy S7 (released before they had a 5 year support policy)... it fixed a GPS bug. That's it.
So while these updates are better than nothing, it's important to understand that the device is not up-to-date or secure.
---
[0] The 50-100 dollars device sold in low income markets won't have the same level of long term support as $500+ devices. We can't compare them to Apple here as Apple doesn't compete in that market.
I'll repeat myself: long term OS support is better on iPhones. With this said, we must look at what the "security updates" are fixing.
Above you mentioned that the 5S received a security update in August. According to the changelog, all they fixed was an exploit on Webkit (essentially the browser). They didn't even update Webkit/Safari to the latest version (it doesn't work on iOS 12).
Do you know how Android would handle that security update? A simple app update via the Play Store, no restart required. Someone running Android 7, which was released 2 years before iOS 12, is using the latest version of Webview/Chrome (108)... in this regard, Android is actually better than iOS.
There's a big difference between iOS and Android here. On iOS, things like Safari, Photos, Camera, Mail, etc, are part of the system and fixes/new features are presented as part of an updated OS. On Android these things are updated individually via the store and, if applying the same thinking as Apple, receive many "major updates" and many "security updates" every year.
Another point to consider when comparing updates is that since Android 10 (2019) different parts of the system get updates directly from Google ( see: https://blog.esper.io/what-is-project-mainline/ ). A security update for WiFi/Bluetooth, for example, may not need a system update from the OEM.
Android's fragmentation problem forced Google to come up with other ways to update Android. Even for features, many (eg: the alternative to airdrop, a feature to detect/warn about earthquakes, covid app support, etc) are backported to outdated devices without Samsung, etc, releasing system updates.
I don't deny that Android is messier behind the scenes than iOS or am even saying that you should buy an Android device... but it's not as bad as you seem to think.
Not as good as an iPhone (5-6 years), but it's improving.