> On Android, it is normal for vendors to add device-specific code to the kernel.
https://i.imgur.com/DnRNrZe.png
Normal for Android : Normal in general :: Madness : Sanity
> This code is a frequent source of security vulnerabilities.
If the first sentence was the shot, that's the chaser.
The irony of Google security blog giving advice to a problem that the company is responsible for it happening in first place.
Had they placed update requirements as part of the Play Store contract, vendors would be more keen in providing the said updates.