YouMobile on Facebook YouMobile on Google+ Follow YouMobile on Twitter

Google won't fix Jelly Bean WebView security issues and Here's Why

25 January, 2015 Android

JB

 

There have been recent concerns over the security issues in the rather outdated WebView mode in Android Jelly Bean (v4.1 - v4.2 - v4.3). Due to its outdated nature, it is facing security issues, which would otherwise be a non-issue on newer versions of Android.

 

Google has responded to these concerns by basically saying they won't be updating the WebView in Jelly Bean. But while that may not be what people have been expecting, Google does have a reasonable explanation for it.

 

jelly bean

 

Starting KitKat onwards, the WebView component, that is the browser that you see within apps that open links in their own built-in browser instead of sending you to your default browser, runs on the newer Chromium engine, which is the same as in the Google Chrome browser. However, Jelly Bean and older versions of Android use WebKit engine, which is pretty vast and being updated by hundreds of developers since it's open source. So, it is not easy or secure to update a part of that engine for Google.

 

Secondly, even if Google does release an update, it is entirely in the hands of the OEMs to deliver the update. For phones that are still running Jelly Bean when there have been two major updates of Android since, it's unlikely that OEMs are going to release any updates for them, meaning the security update may never reach the users.

 

Source

 


Please Follow Our Community Guidelines or your comments will get deleted or blocked
Description

youmobileorg
Posts: 5008





© 2018 YouMobile Inc. All rights reserved