I want to understand why Android handles updates so poorly. I remember in Heartbleed times many Android users were left with faulty OpenSSL versions, because the manufacturers didn't release an update for their device.<p>Why can't Android just update the OpenSSL library in such a scenario, just like GNU/Linux does, for example?