I'm not sure 7 years is necessarily the ideal number, but overall I love this idea, since companies currently have no built-in incentive to provide long-term software updates (and, arguably, have a strong disincentive, as not providing software updates may make it easier to sell profitable hardware upgrades).
On the Apple side it generally hasn't been so bad (the iPhone SE has gotten 5 years of updates, which is pretty much unheard of in the smartphone world), but Android still remains pretty miserable in this regard. You're lucky if you get one major version upgrade during the life of your phone.
I've just had the unpleasant surprise that, even when you do flash your 3 year old flagship phone to get at least some semblance of security updates, Google is now rolling out hardware attestation for SafetyNet, which is likely to be impossible for anything but the stock Android to satisfy, and means, among other things, that contactless payments are suddenly unusable.
So I now, in an attempt to continue using a perfectly functioning device for more than three years, have the rather ridiculous choice between using my phone without security updates, which banks and various apps will consider safe, or using my phone with security updates, which banks and various apps will consider unsafe.
Yet how long will it be until manufacturers simply start disabling devices more than a few years old altogether, or crippling them, in the name of security?
> among other things, that contactless payments are suddenly unusable
Yep! One major "other thing" is Snapchat, which really sucks since it's a communications/messaging app that can't be used in a Web browser either, so if you ever start to fail SafetyNet, you'd better hope you have some other means of contacting all of your friends on it.
> I'm not sure 7 years is necessarily the ideal number, but overall I love this idea, since companies currently have no built-in incentive to provide long-term software updates
Nonsense.
What is the incentive to provide short-term updates?
What is Apple's incentive to provide 5 years of updates?
while i definitely love a little push away from ecocidal insanity, this is not the right goal & not the right direction.
manufacturers should be able to do whatever. they can keep devices secure as long as they want, support as long as they please.
but once they stop being the agent of support for a device, right to repair needs to kick in. consumers need to be given the means to run their own software on devices, need to be granted access to the hardware, to the degree they purchased the device under. unlock the bootloaders, provide some kind of modifiable kernel to run the device, and let the world begin to pick up & maintain the post-market rubble left in capitisms wake. right to repair.
I think it would be better to be 10 years from launch and 5 years from "unlaunch".
Also, if the company goes bankrupt the source code and necessary tools should become open source or even public domain as to allow third parties to keep providing updates.
I had similar ideas for what a regulator can do to protect our consumer rights (including right to repair):
- All devices should come with unlocked bootloader. No exceptions.
- OS updates should be mandated for a certain period. Especially security updates.
- Standardisation: An open standard API for device drivers should be mandated for the hardware components used so that system developers can easily create support for any OS, and don't need to resort to reverse engineering.
- Copyright restrictions on software code should be valid only for a certain period and become public domain (open source) after that. (It should definitely not be 75+ years of copyright that is currently mandated for films and books).
I doubt only the EU consumers will benefit. GDPR was a giant pain in the a for lots of companies (as it should be; if you're collecting data, then that means some responsibility), but ultimately it was a tide that raised all boats if no special effort was undertaken to identify only EU users and deny the benefits to everyone outside that group.
18 comments
[ 3.1 ms ] story [ 61.7 ms ] threadOn the Apple side it generally hasn't been so bad (the iPhone SE has gotten 5 years of updates, which is pretty much unheard of in the smartphone world), but Android still remains pretty miserable in this regard. You're lucky if you get one major version upgrade during the life of your phone.
So you dont have to flash your 3 year old flagship phone with lineageos just to get them...
So I now, in an attempt to continue using a perfectly functioning device for more than three years, have the rather ridiculous choice between using my phone without security updates, which banks and various apps will consider safe, or using my phone with security updates, which banks and various apps will consider unsafe.
Yet how long will it be until manufacturers simply start disabling devices more than a few years old altogether, or crippling them, in the name of security?
Yep! One major "other thing" is Snapchat, which really sucks since it's a communications/messaging app that can't be used in a Web browser either, so if you ever start to fail SafetyNet, you'd better hope you have some other means of contacting all of your friends on it.
Nonsense.
What is the incentive to provide short-term updates?
What is Apple's incentive to provide 5 years of updates?
manufacturers should be able to do whatever. they can keep devices secure as long as they want, support as long as they please.
but once they stop being the agent of support for a device, right to repair needs to kick in. consumers need to be given the means to run their own software on devices, need to be granted access to the hardware, to the degree they purchased the device under. unlock the bootloaders, provide some kind of modifiable kernel to run the device, and let the world begin to pick up & maintain the post-market rubble left in capitisms wake. right to repair.
Also, if the company goes bankrupt the source code and necessary tools should become open source or even public domain as to allow third parties to keep providing updates.
- All devices should come with unlocked bootloader. No exceptions.
- OS updates should be mandated for a certain period. Especially security updates.
- Standardisation: An open standard API for device drivers should be mandated for the hardware components used so that system developers can easily create support for any OS, and don't need to resort to reverse engineering.
- Copyright restrictions on software code should be valid only for a certain period and become public domain (open source) after that. (It should definitely not be 75+ years of copyright that is currently mandated for films and books).
Oh wait, because of their Draconian taxes and regulations they have none since they've been unable to compete. My bad.
https://en.wikipedia.org/wiki/Brussels_effect