If this concept gets popular enough eventually the majority of users will start using the same old model Android phone(Nexus 5, etc.). That's when all of the unpatched vulnerabilities will become a serious problem that's difficult to fix.
It's not difficult to fix. It's just that corporations want you to throw out and buy a new phone every year. This is what happens when you let the same company make the software and the hardware.
> This is what happens when you let the same company make the software and the hardware.
Not sure that follows, it seems a quite Android-centric view? (Which I guess is valid in the context of this discussion...)
Apple do a remarkably good job (in my opinion) of providing software/security updates to older iOS devices. iPhones as old as an SE or 6S are still getting current versions of iOS.
I have a _much_ harder time keeping similar aged Android devices up to date (My Galaxy S6Edge has been stuck on Android 7 forever. I'd need to root it and install a 3rd party ROM to upgrade it. I haven't done that because I use it still as a mobile app test device, and I don't personally "trust" not stock OS installations to be particularly valid test devices for work apps...)
