THE WASHINGTON POST – Readers regularly ask a version of this question: My phone is five or seven years old or even longer in the tooth. Is it safe to keep using it?
Yes, it probably is – with some caveats. Apple, Samsung and other phone manufacturers keep remotely fixing the security flaws in their phones’ software for years.
That keeps your old phone safer from hackers.
It isn’t easy to tell exactly how old is too old to be secure.
Digital security experts told me that generally, an Android phone is secure to use for four years or more after it was new. An iPhone is secure for seven or eight years or potentially longer.
Not everyone wants to hold onto a smartphone for that long. And the older your phone, the more you may run into problems including apps that stop working as you expect.
But if you choose for financial or other reasons to keep your phone for years, most people don’t need to worry.
And it’s worth considering a used phone if you can’t stomach a USD1,000 new one. I also have two demands for phone manufacturers and regulators:
Smartphones are born with a death date – beyond which they’ll be less safe because the companies stop fixing security vulnerabilities. Smartphone companies should be required to tell you that death date when you buy a phone.
And when phone makers stop releasing security fixes for your phone, they should relinquish control so independent tinkerers can keep your old phone healthy.
With your car, you choose how long you’re willing to keep it running safely. With your smartphone, the manufacturer and other companies make that choice for you. The distinction doesn’t make sense.
SECURITY UPDATES ARE WHAT YOU REALLY CARE ABOUT
In general, it is quite safe to keep using your phone as long as it’s receiving regular software security updates from the manufacturer.
For example, Apple is still updating the security of software for iPhones that are up to eight years old. Let’s say you have a six-year-old iPhone X. You can’t update to the newest iPhone operating system iOS 17. But Apple continues to make security and other critical software fixes for iOS 16, which is probably powering your iPhone X. Apple is still updating the security for iOS 15, too.
Most experts said those security updates make your eight-year-old iPhone safe to use, unless you know that you’re a high-value target for hackers.
One exception was information security company Red Queen Dynamics CEO Tarah Wheeler.
She said we use our phones so much, and the security of newer devices is so much better, that it may not be worth keeping old phones for many years.
If you have an Android phone from Samsung or another company, it’s more complicated to figure out if your older phone is secure enough to keep using.
Samsung said it will generally keep fixing security flaws for up to five years for its newer smartphones. You need to dig into the fine print, though.
If you see your Samsung phone on this list for twice-a-year security updates, that’s a sign that Samsung is losing interest in your device and it’s on the path to becoming
less secure.
If your Samsung phone isn’t on that list at all, it may be unsafe.
Your Android phone may have less frequent security fixes than Samsung discloses, depending on your wireless carrier. Apple also may update the security less often for older operating systems like iOS 15 and 16.
Most security experts said that’s still plenty secure for most people.
YOU SHOULD BE ABLE TO KNOW YOUR PHONE’S ‘DEATH DATE’
Once a company stops updating the software security, your phone is more vulnerable to hackers, said Secure Repairs founder Paul Roberts whose organisation advocates for gadget longevity.
This is effectively a built-in death date for your phone.
Roberts wants manufacturers to state that date on the box when you buy a phone. If you’re buying an iPhone 15 right now, for example, Roberts wants Apple to disclose that it’s committed to fixing any software security holes until 2030 or whenever.
Roberts also said that once Apple, Samsung or other phone makers lose interest in updating the security of their old phones, they should let other people take over.
He said there are plenty of qualified professionals or hobbyists who would be happy to keep software up to date and secure for decade-old or older phones.
Again, this is how cars work. Once your car warranty expires, maybe the dealer is no longer responsible for fixes. But you can take it to an independent repair shop for as long as you want. Not everyone wants to keep their phone for years and years. But Roberts said that it should be your choice.
OTHER FACTORS YOU SHOULD CONSIDER
Even after your phone stops getting security updates from the manufacturer, it might still be safe enough if you’re just using your phone to listen to music, scroll Instagram or shop online.
The downside is that if your phone is at least a few years old, it may need more care.
Batteries wear out, parts break and apps might not update.
Replacing parts is often a good, affordable choice.
In other cases, your phone may not be worth repairing.
When it’s time to throw in the towel, you still might not need a brand new phone.
A two- or three-year-old used phone could be a significant upgrade with lower costs to your wallet and our planet. – Shira Ovide