Google has confirmed to us that the Pixel 3 series has received its last update, marking the end of a three-year promise. But revisiting the 2018-era flagship, I still can’t help but be disappointed that Google didn’t try harder to keep it supported longer. Google may have met its marketing requirements, but as I’ve said before, it’s hypocritical for a company committed to sustainability and customer security to leave old smartphones behind so quickly. Revisiting it for the last few days, the Pixel 3 is still a perfectly good phone that could have years of life left in it. And, according to everyone I've spoken to, there aren't any good technical reasons for it being left behind. Google just doesn't care.

The Pixel 3 and 3 XL, by the numbers

The Pixel 3 and 3 XL probably weren’t Google’s best-selling models, and there were a few drawbacks to buying one, like the 3 XL’s monstrous bathtub notch and limited RAM for an Android flagship of the period. Google’s quality assurance (QA) back then was worse than it is now, and I actually had to exchange both the Pixel 3 and Pixel 3 XL that I purchased for coverage to get units that didn’t have issues — my first Pixel 3 had a strange blob of glass under the display, and my first 3 XL had a busted camera.

Left: My first, blobby-screened Pixel 3. Right: A broken Pixel 3 XL's camera

Frankly, in late 2018 and early 2019, the Pixel 3 wasn’t my first choice for a phone. I bought it for work, knowing that it would be handy for developer previews, betas, and early access to Android updates in general. But Google was up against the golden age of OnePlus devices like the OnePlus 6T and OnePlus 7 Pro, so it usually wasn’t a Pixel that was in my pocket — and if it was, it probably wasn’t alone.

Anecdotally, I didn’t like the screen in the Pixel 3, which was an LG-made OLED that crushed blacks pretty badly, didn’t get as bright as some other phones when outside, and was inconsistent at low brightness levels, with an annoying gradient visible in not-quite-black dark themes. Battery life was also poor for me from the start, and that only got worse with time. On top of that, the limited 4GB of RAM could mean apps got pushed out of memory faster than expected.

It wasn’t all bad, though. The Pixel 3 had a great camera, a fast chipset, I loved the software, and Google’s Assistant features like Call Screen would be worth a monthly subscription on any other phone. But, objectively speaking, the Pixel 3’s $800 launch price made it a bad deal for what you got.

All this is as true now as it was in 2018, but that doesn’t mean the phone is ready to be recycled.

Revisiting an overpriced phone from 2018

I get a kick out of seeing how far things have come by playing with older phones — we used to have a whole dedicated series for it here at Android Police, where I’d commit to using an antique without any backup and suffer the consequences for it. It gives you the perspective to better measure change over time and the motivation to dig deep since you’ll have to rely on it even as use cases, requirements, and even simple aspects of life might have changed since then. But coming back to the Pixel 3, I’m most stunned by how modern it feels.

All those issues I just mentioned are still around, and battery life was a particular point of frustration, but customers deal with much worse than that using budget phones, and the Pixel 3 has some other perks. For one, the Snapdragon 845 is still a very fast chipset — the phone never feels slow outside having to restart apps more frequently than you might experience on other devices. The camera is still very good, too, with hardware that’s nearly identical to the primary shooter still being used in the Pixel 5a.

Pixel 3 and Pixel 3 XL bookshelf (2)

I did have to stick closer to a charger than I’d like, but I’ve also been spoiled by the increase in battery life on more recent high-end phones. It might be missing 5G support, and there’s no ultra-wide camera or high refresh rate display, but the Pixel 3 doesn’t feel like an antique. It’s legitimately snappy, even today.

Usually, we think of phones that stop getting updates as being so old that you may as well just upgrade anyway, but the Pixel 3 isn’t like that. It may have been a bad deal at launch, but it wasn’t a bad phone, and it still isn’t today. I could easily see someone pleased with it hanging onto a Pixel 3 for another year or two very easily, but that wouldn’t be very wise.

Updates aren’t just for new features — they keep you safe

We get excited about updates for the new features they deliver, but the majority of Android updates are actually to protect your safety and security. Monthly patches usually aren’t delivering big new changes (outside things like Google’s Feature Drop updates), but they do fix vulnerabilities ranging from major to minor. In fact, Android’s monthly patches only originated because of one such vulnerability: Stagefright.

Phones don’t just make calls anymore. We use them for banking, investing, and we can even pay our taxes from them. They are as much general-purpose computers as our PCs at home. You might think your phone’s security doesn’t matter, but do you have a banking app installed? How much would it mess your life up if you lost access to your Google, PayPal, or Facebook account? That’s the access your phone provides, and that’s the risk you open when you start using a phone that isn’t updated. (I actually have a handful of separate insecure testing accounts specifically for using old phones.)

For customers still using a Pixel 3 — who, I should stress, paid $800 or more for their phone — the handset is still about as secure as other Pixels right now. Admittedly, the most recent update was for an earlier patch level than other currently supported Pixels have, but we’re still in a close-enough window. But with each new month, it will fall further behind. There’s no hard and fast rule for when a phone becomes “insecure,” but it’s a sliding scale that builds up as its software is left behind.

At one point, Google considered quarterly updates good enough for enterprise use, though some companies are too lazy to meet even quarterly updates reliably. As the days tick by, though, it’s just a matter of which vulnerabilities are discovered and how strong of an exploit they provide.

Pixels and other recent Android devices do have one advantage in that they offer Mainline and APEX modules to update core parts of the Android system separately from the OS itself; Google can roll out a lot of fixes and security patches via that method as well as Play Services. We’ve reached out to Google to confirm what Pixel 3 owners can expect in that regard, and we’ll be sure to update if we hear back. But a phone that’s “left behind” in 2022 is in a better position than one that stopped getting updates in 2017.

Ultimately, an out-of-date Pixel is probably more secure than most other Android phones, but the clock is still ticking. Without system-level patch support, some vulnerabilities can’t be fixed, leaving customers increasingly less secure.

Damn the schedule, it’s too soon for the Pixel 3 to die

Using the Pixel 3 and 3 XL again over the last week — preferring the smaller 3 for its size compared to modern flagships — I was stunned at how fast the “old” phones were. Yes, they were a bad deal when they came out, and we should all be very thankful Google finally learned the value of a dollar with the new Pixel 6. But the Pixel 3 is faster than plenty of mid-range phones still being released today.

2018 was the year of the iPhone XS, a phone that cost $200 more than the base model Pixel 3 and $100 more than the Pixel 3 XL, and it’s still getting updates. In fact, the last iOS update included the iPhone 6s, a phone from 2015. I know that Google only committed to three years of updates at launch, but there’s nothing to keep the company from voluntarily pushing past that number.

Qualcomm has confirmed to me that it is still able to deliver Qualcomm-specific software updates for the Snapdragon 845, and while kernel-level support will be an issue for the chipset beginning with Android 13, things right now under Android 12 are just fine. Google absolutely could deliver security patches for the Pixel 3 series until Android 13 lands.

Pixel 3 and Pixel 3 XL bookshelf (1)

Furthermore, Esper.io’s Mishaal Rahman recently pointed out that Google has been providing Android updates without officially updated BSPs (read: firmware-level software) for recent Android versions on some devices, including the Pixel 5, all without Qualcomm’s help. That means, if Google wanted to, it could probably find a way to push updates out past Android 12 (barring any really big technical hurdles or requirements and the kernel situation), but updating the Pixel 3 series until this fall is at least within easy reach.

With these options for updates available, there’s only one conclusion to draw: Google just doesn’t want to keep updating the Pixel 3. That three-year promise has been satisfied, and it's not making more money from Pixel 3 customers. Why go above and beyond?

I should stress that the Snapdragon 845 that's in the Pixel 3 and 3 XL will almost assuredly get community support for a long time. Customers willing to unlock their bootloader and install a ROM can probably carry on for quite a while, though the security in a situation like that isn't the same, and it's a situation that would require at least maintenance and attention on a customer's part.

I spend a lot of time thinking about the impact of software updates, in part because it’s something a lot of people don’t pay attention to. Once a phone stops getting them, technophobes might be happy that things stop moving and changing, but far more importantly, the clock starts ticking. With the slow buildup of security vulnerabilities, when will that abandoned phone stop being safe to use? With Google now giving up on the Pixel 3 series with its three-year update promise fulfilled, millions of perfectly capable phones are going to become unsafe over time.

Efforts like Project Mainline mean this is a better situation now in 2022 than it would have been half a decade ago, but security issues are still going to creep slowly in, and the implicit guarantee of security provided by system-level updates is now gone. At best, they’ll get recycled or tossed in a drawer as customers replace them; at worst, they’ll end up in a landfill — and that’s assuming the people using them care about their security and are aware of the risks over time. For all these reasons, Google can and should push beyond its minimum commitment.

I was underwhelmed when Google merely added an extra year of security patches with its Pixel 6 commitment — a tiny step that has already been eclipsed by Samsung. I’ve said it before, and I’ll say it again: Set a better example, Google.