Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.