Sniip crashes on Android 7

[Kremmen]

Recently, the Sniip app required users to install an updated version. The updated version works fine for me except for actually paying a bill, which crashes it. This is, of course, the worst time for it to fail.

Unfortunately, Sniip support replied that they are only supporting Android 8+ now, despite having given no public notification of this and despite the app still being available for earlier Android versions from Google Play. If they knew what they were doing, the app would not be available to download for O/S versions that it won't run on. If the app was tested properly, you'd expect it to put up a message about not being able to run, not just crash. No idea if/when they really intended this change to happen, but it seems more likely that they are just trying to cover up for developer incompetence.

Anyhow, the upshot is that some users can enter bill information as usual, only to have the app blow up when they try to process the payment. Not a good look, especially for a financial services company.

 

[Daver6]

Given Android 7 is well and truly EOL and no longer supported, it's hardly surprising app developers couldn't care less about supporting it. I don't think this reflects poorly at all on Sniip. In fact, wasting resources supporting EOL operating systems would reflect poorly.

 

[Kremmen]

Given Android 7 is well and truly EOL and no longer supported, it's hardly surprising app developers couldn't care less about supporting it. I don't think this reflects poorly at all on Sniip. In fact, wasting resources supporting EOL operating systems would reflect poorly.

Initially, it would take almost no resources. They could have just allowed users to keep using the old version of the app, which was working fine. The forced update to the crashing app is the problem. Unless they change their API, those who are happy with the existing functionality could have just been allowed to keep using it.

Android 7 is still 4% of the market. Android 8 is only 6.6%. (according to AppBrain) Of course it's up to the company if/when to remove support. The important point is that customers should be informed of it. The first app I had which removed support a few months ago did so with proper notification. They simply told users what date Android 8 would be the minimum required and then set the supported versions appropriately on Google Play so that the new app couldn't be downloaded. (That financial company has a web site that has all the functionality of their app anyhow, so I just use that instead.)

It's really not that hard. Across all the Android phones I've had, I've never downloaded any app before and then had it crash because it doesn't work on my version. Pretty much everyone sets supported versions to prevent this.

 

[Dr Ralph]

No update required for me.

 

[Daver6]

Initially, it would take almost no resources. They could have just allowed users to keep using the old version of the app, which was working fine. The forced update to the crashing app is the problem. Unless they change their API, those who are happy with the existing functionality could have just been allowed to keep using it.

I don't believe you have different builds of an app for different OS versions on the Play Store.

Android 7 is still 4% of the market. Android 8 is only 6.6%. (according to AppBrain) Of course it's up to the company if/when to remove support. The important point is that customers should be informed of it. The first app I had which removed support a few months ago did so with proper notification. They simply told users what date Android 8 would be the minimum required and then set the supported versions appropriately on Google Play so that the new app couldn't be downloaded. (That financial company has a web site that has all the functionality of their app anyhow, so I just use that instead.)

Those are global numbers. Australia would be much more skewed toward newer versions.

As for being informed. You're using an EOL OS. It's safe to assume that at any minute things won't be supported.

It's really not that hard. Across all the Android phones I've had, I've never downloaded any app before and then had it crash because it doesn't work on my version. Pretty much everyone sets supported versions to prevent this.

Hard, no. Waste of a developers time and money supporting EOL OS'es, yes.

The bigger question you might want to ask yourself is why are you using such an old OS? There won't have been security updates for years putting yourself at a huge risk.

I know you'll disagree, but I fully support companies doing what Sniip has done. Spending time support ancient OS is expensive and of little value.

 

[Lynda2475]

Current version of Android is 13, developers usually aim to support currently version minus 2 (so version 11), fact that sniip is supporting as far back as 8 is already pretty good.

For security patches alone Id suggest you update your OS version.

FYI when a developer deploys an app to the store they can choose to limit which phone models and Os versions it is for - sniip may have chosen not to do this for really old model/OS.

 

[Kremmen]

I don't believe you have different builds of an app for different OS versions on the Play Store.

Most apps don't force updates, so you can just keep using the app that works on your device.
Also, there are sites that archive old versions and you can sideload those.

As for being informed. You're using an EOL OS. It's safe to assume that at any minute things won't be supported.

It's usual to assume that apps will keep functioning until the company informs users otherwise.

The bigger question you might want to ask yourself is why are you using such an old OS?

Not really a question. It's the latest my phone (officially) goes to. I have no particular reason to waste my time and money buying a new phone and chucking a perfectly good phone into landfill.

 

[Daver6]

Not really a question. It's the latest my phone (officially) goes to. I have no particular reason to waste my time and money buying a new phone and chucking a perfectly good phone into landfill.

The good reason to is so you're not using a phone full of security exploits.

 

[Lynda2475]

and chucking a perfectly good phone into landfill

There are recycling and refurbishing programs that ensure this doesn't happen.

 

[Kremmen]

The good reason to is so you're not using a phone full of security exploits.

I don't download dodgy apps, so not really an issue, as most exploits require a malicious app. I hardly use apps at all. I wouldn't have even downloaded Sniip if they had a web site.

 

[Daver6]

I don't download dodgy apps, so not really an issue, as most exploits require a malicious app. I hardly use apps at all. I wouldn't have even downloaded Sniip if they had a web site.

No need to download a dodgy app if the vulnerability is unpatched in the operating system. Secondly, how do you know what app is "dodgy" or not? How do you know if you your "trusted" app has been compromised in a supply chain attack? Do you know if your "trusted" app is using an old open source library that has vulnerabilities?

I'm not having a go at you here, but just giving you a heads up that you're no where near as safe as you seem to think you are.

 

[Kremmen]

No need to download a dodgy app if the vulnerability is unpatched in the operating system.

How else is the vulnerability going to matter? A well-behaved process can run as root with all possible permissions without any ill effect. You need a bad actor for the protections to be relevant. The exception is apps that process data directly from an external source. e.g. SMS, WiFi, media players.

Secondly, how do you know what app is "dodgy" or not? How do you know if you your "trusted" app has been compromised in a supply chain attack? Do you know if your "trusted" app is using an old open source library that has vulnerabilities?

If a trusted app that millions of people use gets compromised in a significant way, we'd hear about it. If Messenger or WhatsApp or Zoom have issues, that becomes public knowledge pretty fast. Zoom has had issues that were not even a big deal and were widely discussed. Nefarious data use by an app such as TikTok is way more of a risk that what you describe, but millions of people use it anyhow.

I'm not having a go at you here, but just giving you a heads up that you're no where near as safe as you seem to think you are.

Yes, really you are, and it's pretty irrelevant to the main point here. If an app that's worked for years suddenly breaks without notice when you are about to use it, that is an actual problem. Users downloading apps that contain malware that will use an O/S vulnerability is a far different issue to be harping on about.

 

[encryptededdy]

I don't believe you have different builds of an app for different OS versions on the Play Store.

I'm not sure if you can, but if the new release doesn't support your OS version (and is properly declared in the app's manifest), then Android 7 devices wouldn't have updated to it (in fact they cannot, as it would fail to install).

I guess it is an error on Sniip's part to ship an app that doesn't work on Android 7, whilst still declaring Android 7 support in its manifest (and thus on Google Play as well).

 

[Kremmen]

I guess it is an error on Sniip's part to ship an app that doesn't work on Android 7, whilst still declaring Android 7 support in its manifest (and thus on Google Play as well).

Exactly. They've now released a new version that Google Play correctly says isn't available for an Android 7 device. They still didn't communicate the change to users, though.