(no title)
kbuck | 3 years ago
This is a legislation problem IMO: companies need to be held to reasonable expectations when they sell a product. My ink cartridge shouldn't say it's "empty" when the page counter reaches 100 [and it's still actually full]. Neither should cloud devices go to the landfill because the company selling them decided that they don't want to support them anymore.
Companies foisting negative externalities on us (like more e-waste) in exchange for more profit are a blight and should be treated (and prevented) as such.
DyslexicAtheist|3 years ago
> because the company selling them decided that they don't want to support them anymore.
in IoT for consumer devices companies must ensure that a software is free of security issues. in some cases the support period of 3rd party dependencies is out of control of the vendor. and vendors usually don't control the upstream silicon and firmware. so if an SDK ships an outdated mbedtls and upstream refuses to patch their SDK also downstream will not be able to release a patch. and in that case the law says connectivity needs to be disabled for that appliance. the situation today is that vendors are only starting to realize that this is the future in which they operate. so while the appliance is still operable in a dumb-mode any smart-features will have to be reduced to the max time you can ensure support.
while this sounds like pretty normal and sane to most it absolutely isn't how IoT vendors in the past have operated. And i hope the minute RED directive kicks into gear by Aug 2024 consumers will start to sue them into oblivion if a vendor is for some reason unable to ship a security update.