that’s just it, they’re targeting custom ROMs with this too. the number of security updates for AOSP is being cut by Google in order to make custom ROMs less secure, so that they can then close down the project while claiming it’s to protect users. make no mistake, the end goal here is make everyone who uses Android have to do so on their terms.
it’s why Linux phones being mainstream is an absolute priority.
the number of security updates for AOSP is being cut by Google in order to make custom ROMs less secure
Please don’t spread misinformation. Google didn’t cut security updates. You can still get monthly security updates on Custom ROMs.
Also it’s just on certified devices
Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices. source
This is probably where they got the 3 month number. It is fuckery and they are making the lives of custom rom developers more difficult than they need to be.
Over the last few years, AOSP has been shifting to a quarterly release cadence, meaning that new features and bug fixes are released every three months. link
They’re not releasing the list of vulnerabilities each month but instead doing it quarterly, so how are custom ROM devs supposed to patch vulnerabilities if google isn’t reporting them to manufacturers and developers like they’ve done for over a decade now?
Given how large and complex the Android operating system and its underlying components are, it’s not unusual to see a dozen or more vulnerabilities documented in a bulletin. However, the July 2025 bulletin broke this decade-long trend: out of the 120 bulletins published up to that point, it was the first ever to not list a single vulnerability.
Instead of bundling all available security patches into the next ASB, Google now prioritizes shipping only “high-risk” vulnerabilities in its monthly releases. The majority of security fixes, meanwhile, will be shipped in quarterly ASBs.
Use Custom ROMs with MicroG
Here is active and good custom ROMs
LineageOS (many devices) e/os (many devices) crDroid (many devices) GrapheneOS (only pixel)
that’s just it, they’re targeting custom ROMs with this too. the number of security updates for AOSP is being cut by Google in order to make custom ROMs less secure, so that they can then close down the project while claiming it’s to protect users. make no mistake, the end goal here is make everyone who uses Android have to do so on their terms.
it’s why Linux phones being mainstream is an absolute priority.
Please don’t spread misinformation. Google didn’t cut security updates. You can still get monthly security updates on Custom ROMs.
Also it’s just on certified devices
https://discuss.grapheneos.org/d/27068-grapheneos-security-preview-releases
This is probably where they got the 3 month number. It is fuckery and they are making the lives of custom rom developers more difficult than they need to be.
Here is a good information from LineageOS;
misinformation and grapheneos, again?
Wow you’re completely full of shit aren’t you
what do you mean?
https://www.androidauthority.com/android-risk-based-security-updates-3597466/
They’re not releasing the list of vulnerabilities each month but instead doing it quarterly, so how are custom ROM devs supposed to patch vulnerabilities if google isn’t reporting them to manufacturers and developers like they’ve done for over a decade now?
“Android Security Bulletins will still be released, and picked to all supported LineageOS versions monthly.” LineageOS
You are a slave
I just got my fairphone! It feels so free!