Is it safe to use an old, outdated, or used Android phone?


Would you share pictures like this if you knew hackers can see everything on your phone?

Andrew Hoyle / CNET

With today’s high-end flagship phones like the iPhone 13 Pro Where Samsung Galaxy S21 Ultra costing over $ 1000 and even the recent one Google Pixel 6 Pro at $ 899, buying new phones isn’t for everyone. It is therefore tempting to turn to older or even used phones that you can buy cheaply instead. And sure, you can get a used Samsung Galaxy, Sony, or HTC phone which seems like a steal for the lower price, but is it actually safe to use them?

It is both cost effective and more environmentally friendly to keep using phones for longer. The problem is, phones released years ago run outdated versions of Android, which means they often don’t have critical security updates that can protect you and your data from prying eyes. . While the hardware itself is often good to use, especially if you don’t fancy the best camera systems or the fastest processors, the lack of security support means older phones could be much less sure. If you’re concerned about security and privacy, here are a few things to consider.

Read more: Here’s what $ 650 in used phones buys you on eBay

What is a security patch for a phone operating system?

Whenever hackers find a new hole in your phone’s software to exploit, phone makers usually fix it, and this fix is ​​sent to your phone to make sure no one can take advantage of it. It is a security patch. You will likely have received a lot of them over time, as cybercriminals are always trying to find new ways to get around your phone’s security. It’s a continuous cycle of identifying threats, resolving them, and then finding the next one.

Most of the time you’ll never know, but it’s what keeps your phone up to date and protects it from known threats.

Why are manufacturers stopping sending security patches?

Manufacturers like Samsung, Sony, Google, and HTC only support a phone for such a long time. Every new phone and every new version of Android requires a new threat assessment and new fixes. It’s a lot of work, and it means finding and fixing those holes for every handset spanning years and years becomes simply impossible.


The HTC One M8, released in 2014, is no longer officially supported and is not receiving security patches.

Andrew Hoyle / CNET

As a result, Google and phone makers ultimately have to end support for older phones, typically after a device is two or three years old. These handsets will then no longer receive security updates, which means that when a threat is detected on that phone, it simply will not be fixed.

So, is it safe to use an outdated phone?

As Christoph Hebeisen, director of security intelligence firm Lookout, explained, “We don’t consider it safe to run a device that doesn’t receive security patches. Critical security vulnerabilities become public every few weeks or months, and once a system is unsupported, then users who continue to run it become susceptible to exploiting known vulnerabilities. ”

According to Hebeisen, a vulnerable phone could allow full access to everything on your phone, including your personal and work emails, contact details, bank details, or the audio of your phone calls. A hacker could continue to have access to this information as long as you continue to use the compromised handset.

Paul Ducklin, senior researcher at security firm Sophos, agrees. “If your phone has a software vulnerability that crooks already know how to exploit, for example to steal data or implant malware, then this vulnerability will be with you forever,” he said.

Read more: Best portable chargers and power banks for Android phones in 2022


Check if the latest software version is installed on your phone.

Andrew Hoyle / CNET

How do I know if my phone is too old?

It is often not easy to know if your phone is still supported and to receive security fixes. To start, go to Settings and check your software updates. Install the latest version. Usually this will give you an indication of the last phone update. If your phone says it has the latest operating system software, but the latest version was installed several months or years ago, that’s bad news. Your phone is probably no longer supported.

Unfortunately, manufacturers don’t notify you when they’ve dropped support for a phone.

A good rule of thumb is that a phone will no longer be supported if it is two or three years old. However, this varies from company to company. Older Google Pixel phones typically have three years of software updates, but that’s increased to five years of guaranteed updates with the latest Pixel 6 and 6 Pro. Google also requires manufacturers to provide at least two years of updates for devices. Apple, by comparison, is still providing software updates for phones that are more than five years old because it has relatively few models to deal with. Latest iOS 15 can be installed on iPhone 6S from 2015 ($ 210 on eBay).


Despite installing the latest software, the latest security update for this Galaxy S6 was applied in 2018. This means that there are two years of new exploits that this phone is susceptible to.

Andrew Hoyle / CNET

To find out if your Android phone is supported, you’ll have to dig. I found Nokia’s tool to see updates for its phones after going through a series of support pages on its website. Samsung sent me its list after contacting its PR team, and it’s available online here. Google has a page that clearly tells you when your Pixel or Nexus phone will lose security support. (Spoiler alert: All Nexus phones and the first three generations of Pixels – including the 2018 Pixel 3 – are no longer supported.) Your best place to start is to check out the support pages on the company’s website. manufacturer of your phone.

You might not immediately notice if your phone is outdated. The most obvious sign that you are using old software may be when you are looking for new apps to download. Many apps will simply be incompatible due to your phone’s software and hardware limitations, and you won’t be able to install them.

How do I know if my phone has been hacked?

It’s hard to tell if you’ll ever notice if your phone’s security is compromised. Cybercriminals don’t exactly make it known that they’ve accessed your device, so you’ll need to look for signs. Pop-ups that can appear on the phone are a big gift, as are apps that appear suddenly and you haven’t downloaded.

Also, be careful of unexplained high data usage, as malicious apps may be using a lot of data in the background. Other indicators can also include unusually high battery usage and poor performance, but both of these can also be attributed to using older hardware that degrades over time.

Read more: Best Android VPNs of 2022

How can I protect myself if I have an old phone?

As Hebeisen says, the best way to stay safe is to simply not use a phone that is no longer supported. If you’re running out of cash, can’t afford an upgrade yet, or temporarily using an old phone for some reason, there are some things you can do that might help.


The Galaxy S6 was released in 2015, giving it six years. Most phones are only supported for two to three years.

Andrew Hoyle / CNET

First of all, you need to make sure that the latest software is installed on the phone. If you bought it second-hand, be sure to completely reset the phone. Make sure you only download apps from the Google Play Store (rather than third-party or unofficial app stores) and definitely avoid installing apps by downloading the APK file from a website. This can often be a way for malware to sneak into a phone.

You can help protect your personal information by simply avoiding giving away too much. Don’t do any banking over the phone, sync your business email accounts, and send sexy photos or video chat until you’re back on a protected device. (Even over the phone, it is important to practice safe sex.) According to Hebeisen, if you do not take such precautions, “it could allow an attacker to observe and manipulate almost anything that happens on the site. device”. It’s a cold shower right there.


Comments are closed.