Should OS makers, like Microsoft, be legally required to provide 15 years of security updates?
This seems backwards. Let’s just assume we’re always going to be willingly beholden to tech giants, and so we’re going to pass a law to make our masters treat us well.
Maybe instead campaign for a law that says all publicly funded computer resources must be reliably usable for 15 years. So you either go FOSS and save money too, or you get guarantees in writing before you hand over your hand over money to the people who won’t even let you see what their code is doing on your hardware.
You can already patch windows as much as you want.
People have had plenty of time to upgrade. 15 years is an incredibly long time to be supporting an OS. Even RHEL doesn’t do that.
I have no sympathy for anyone using microsoft products.
They made their bed, now they get to sleep in it.
I didnt my finance and IT team did.
If you ever want to create a google fan, make them use M365
seems you were already a Google fan, they are a unique breed of horrible.
Microsoft’s plan to end Windows 10 support next month — which may make an estimated 400 million PCs obsolete
I don’t get this. Can’t those PCs update to the new version? Yes, I am very aware that win11 is a shit show and win10 was better.
But Ubuntu also has a similar support policy for updates:
Ubuntu LTS versions get five years of updates, while non-LTS only gets nine months.
Would all the Linux versions out there be subjected the same 15 years of updates??
You don’t typically pay to run Linux distros. They’re open-source. I can’t imagine they’d be subject to this.
if anyone pays though they would need to keep a long-long-term-support.
Upgrades are more seamless as well, it’s definitely a bit more blurry of a process. Plus Ubuntu releases twice a year, so their versions are more like the equivalent of Microsoft’s service packs (or whatever they call them now) but on a rolling basis.
No, Windows 11 added extra, unneeded hardware requirements.
Obsolete in this case actually means obsolete. Windows 11 literally blocks the update because you do not meet requirements, such as not having a TPM.
Technically, there are ways to bypass this, but not for a casual user (and it probably breaks some ToS)
Yep, exactly this. You can bypass the TPM and Processor requirements, but at some point it will come back to bite someone in the butt.
Microsoft with the 24H2 update broke Windows 11 for older systems (like Core2Duo, which are already ancient) due to a lack of required processor instructions. I’ve seen systems running under QEMU, and also on newer systems like the AMD Ryzen Zen1 platform experience “Unsupported Processor” BSODs preventing the system from booting.
Even outside of that, Microsoft doesn’t deploy the yearly feature roll-ups to systems with unsupported hardware, even if Windows 11 is already installed. I’ve seen many unsupported systems end up stuck 1-2 builds behind, and they never see the update. They have to be manually updated using the same mechanisms that got Windows 11 installed in the first place.
Microsoft I believe, expects Windows 11 to be running on a minimum set of hardware, and that’s all they are qualifying it for. So older systems are going to eat it at some point if they are used in production.
The TPM checks are for security but, certainly not required if someone is willing to drop system security for some reason.
Apparently there’s a way to install Win11 and bypass all these requirements.
https://www.tomshardware.com/how-to/bypass-windows-11-tpm-requirement
Correct, the “obsolete” PCs can’t update to Windows 11. The Windows 11 update forces certain hardware support that a lot of devices don’t have. The security this hardware provides is mainly in someone physically removing data from your PC. As such it’s very business oriented but affects all versions of Windows 11.
It’s not business oriented, it provides a unique ID attached to the machine, cryptographically proven.
Next step is to use that unique ID to identify you on the internet and digital life. Ending all privacy.
You think this is far fetched? Kernel-level anti-cheat for games already does this and bans the machine from playing that game ever again.
Couldn’t you theoretically swap out the tpm chip? Or spoof/emulate it? If not, how do VMs run Win11, do they just inherit the host tpm chip and that’s that? I feel like this was the same goal of having a mac address on each device, and it became irrelevant in short order.
I think Microsoft should be punished with forcing to release the Windows kernel source code.
Please no, just imagine the influx of 0-days
I’ll bring the popcorn
No, OS makers should just not make their OS bloated with useless shit, stealing your data and have arbitrary system requirements. I think 15 years of OS updates is excessive unless we’re talking about servers or very specific workflows. IMO 5-10 years is enough.
That said, for some operating systems it doesn’t even make sense to support for THAT long, because how they are designed (A lot of Linux distros for example). It turns out, if you don’t break users’ workflow, they don’t mind to upgrade.
I agree with most of that, but there are loads of embedded systems still running the equivalent of Windows XP and they’re chugging along just fine. That OS still receives updates and ending that would break a lot of backend stuff. Mostly banking.
Boeing just started making planes which don’t rely on floppy disks for updates. That will continue on the older part of the fleet until it’s no longer feasible to procure the disks or the planes are no longer airworthy. I mean, why not? If you only need to store a few mbs for something critical, it’s not a bad choice of medium.
If a system is secure, reliable and works for decades without complaint, there’s no need to fix that.
15 years is too long, it doesn’t match the state of the industry or technological progress.
If anything this slows down innovation which leads me to suspect the 15 year idea was though of by someone who dislikes any technical changes.
15 years is actually reasonable.
I have a ten year old laptop with an i7 processor, 16 GB RAM, and 1 TB SSD. It still does most things, I bought it for initially just fine. Granted this was one of the best laptops you could buy at the time.
Apple stopped supporting it with a current version of macOS a couple of years ago sadly. It’s still possible to patch newer versions to install and run on the old machine, but it’s a bit of a hassle.
But unlike server aided services an OS still keeps working. You can use that PC for 10 more years, if you like.
I think there’s a discrepancy in the understanding of ‘support’ and what it entails in different technology fields. Demanding to receive NEW features for decades is not feasible in the current economic environment.
The biggest issue is security updates and a current internet browser.
Of course I can use a 30 year old computer that still works with the software it can run.
Pretty sure Rocky Linux provides updates for 10 years.
It’s not asking too much for multi-billion dollar corporations to provide 15 years of updates.
They have more than enough resources.
Or an established player in the market that wants to keep competitors out (but I guess in a way that is someone who dislikes change). While legislation like this can sometimes be great (e.g. the recent changes forcing longer support for mobile phones) there comes a point where it cuts the other way and it becomes an entry barrier.
Imo the better solution would be to legislate what happens after support ends. Like forcing the disclosure of at least some documentation that allows others to continue servicing the product or at least transfer out data and install other software on the device.
Before Microsoft demanded TPM 2.0, you could install the latest version of Windows on extremely old hardware. Easily reaching that 15 years. We had this already. And Windows 11 can easily run without TPM 2.0. Microsoft just has business reasons to demand it. So I don’t see how innovation is slowed down by this.
Fair like imagine if Microsoft was forced to support windows 8 for 15 years, a operating system people barely use, also some OSs arnt ran by huge companys
This comes after e-waste watchers revealed that 75 million iPhones could be rendered obsolete – tipping the scales at around 1.2 million kilograms of e-waste – following the release of iOS 26.
Not strictly true because the phones they counted here will still get security updates for 2-3 years AFAIK. 7 year old phones, mind you. But yeah, no more feature updates. Which are so meaningless these days anyway.
The security updates for old iOS versions are a sleight of hand. Most companies only support the three latest versions of iOS, so soon that will be iOS 17 as the minimum. I had a device stuck on iOS 15, which was released in 2016, and banks and other major apps dropped support. So while the phone did get security updates, it can’t run the apps I needed.
That’s the app devs being idiots.
My two local banks that I use support 15.1 and 16. My two globally useful neobanks support 13 and 16. None of them have any features that the one on 13 doesn’t have (in fact, that gets the most updates and has the most features of them all).
So iOS 16, which most apps still seem to support, at least ones that I use, supports devices as far back as the 6s, which came out in 2015. It also still gets security updates for now.
I just don’t get why Apple gets the most shit for generating e-waste on their phones when they actually have the longest lasting phones (barring tech enthusiasts flashing custom ROMs to old Androids, which is what, 1% of the population?)
What Apple REALLY should be getting shit for is software support for their Macbooks, particularly considering that with the Apple Silicon ones, the Linux drivers are still iffy for most things. They need to figure out a way to offer at LEAST 10 years, ideally 15 years of security updates for any device sold, since these devices are only meant to be used with their software, and one expects a computer to last longer than a smartphone, or at least how that’s how it was a few years ago still, when smartphones were still somewhat getting better year over year.
I think Apple is responsible by releasing new APIs that are only available on the specific iOS version. Rarely have they back ported functionality to older iOS versions. Apple draggles shinny new APIs in front of developers causing them to update the minimum version.
Yeah Apple rapidly dropping support with Intel Macs is really terrible. I have a 2018 Mac mini that is already obsolete, what a joke. That was the last Mac I buy.
The shiny new APIs are rarely required for most apps tbh. Hence Revolut having a fully functional neobank app with minimum iOS version of 13 (meaning you could run it on a 10 year old device right now). Wise actually has less functionality theoretically, but it requires iOS 16. Neither one of them does anything special in the client anyway, probably could make the same apps on iOS 10 APIs and not notice a difference, but nobody uses that anymore anyway.
I understand games, VR apps (lol vision pro) and such requiring the shiniest new APIs… Hell, even things like video players, etc - maybe Apple added some fancy new video codecs, etc. But basic business apps have no real reason to switch to the newest target version every year or 2.
This is a prime example of legislators not understanding technology.
No. Maintain your own OS. Any country or group of countries should be doing so.
Yes exactly :D https://en.m.wikipedia.org/wiki/Red_Star_OS
That sounds like an insane duration, even LTS distros are not usually anything like 15 years
These multi-billion dollar corporations have more than enough resources to provide updates for 15 years.
There’s nothing insane about it, unless you’ve been conditioned to live vicariously through business owners.
Pretty sure postmarketOS isn’t made by a multi-billion dollar corporation. Such a requirement would mean ONLY multi-billion dollar corporations can release an operating system. You do not want to give them that power.
If it’s free software, then anyone can implement the fixes themselves.
Doing so with proprietary software would be illegal.
There are companies still running XP.
this isn’t about the age of the OS, it’s the age of the device. I can install linux on a device from 20 years ago if not more.
Ahh, so the win11 arbitrary hardware requirements bullshit
I don’t know. just the other day somebody on lemmy was asking about installing a 32bit linux distro on an old netbook and the majority of comments were discussing whether there was any practical reason for distros to continue 32-bit support.
That’s unfortunate, but still leaves you 20 years worth of devices if they drop 32-bit.
They didn’t say you could not do version upgrade…
yeah but you don’t pay 150euros for it + all the ads and stuffs
but yeah, I don’t see the point of this, it’s clearly aimed at Microsoft, and at this point alternative solutions exist
I almost feel like the compromise we will eventually land on is that if an OS maker like Microsoft wants to continue advertising on your OS they have to take some liability for its security.
15 is an arbitrarily long time. I think forcing it to be open sourced upon the companies end of life is the better option
Then you can have a company that acquires the original failed company and provides “support” in the form of one bugfix per year.
All of these solutions are gamable except for requiring that the solution be open source from the get-go.
Or legislate that unsupported software becomes public domain or is open for development and the public can try and make the updates themselves.
Forcing people to upgrade entirely depends on the nature of the upgrades and the motive of the company. What we need is competition so there are alternatives for people to use if they don’t want to upgrade. But somehow Microsoft is not considered the monopoly of the PC OS market, despite being a monopoly, and uses that position to force changes nobody wants but them, like turning window into an AI data farming scheme that violates user privacy.
Mandatory open source public domain release at EOS.
At Win10 EOS, people would make Windows distros, and ReactOS would no longer have to be a clean room implementation.
Also this would be a success for Stop Killing Games.
Or legislate that unsupported software becomes public domain
Solves a lot of issues.
I would prefer if they force the companies to unlock root and boot-loader, when they not ship security updates anymore for a device.
I’d add the hardware drivers must be open sourced at the end of support as well, and no drm, patent, reverse engineering legal protections for a out of support Device/chipset
Fuck it. Force them from release date. There’s no reason for them to dictate what you can and cannot run on the hardware you purchase. If they can’t compete by providing a better OS or software, and must rely on anti-competitive models to profit, then they don’t deserve to waste the planets resources.
Fair enough, just thought proposal above would have higher chances to get approved 😇
You start high and negotiate down. If you start low, you’ll get even less
Abandonware must be open sourced, publishing a new version doesn’t count as a exception.
deleted by creator
Dude, I’m so ready. Linux supports processors that old, by enthusiasts for free.
This would almost certainly rule out Linux as an option. What Linux vendor feels comfortable committing to something, anything, for 15 years?
Because Linux is free software, we can implement the fixes ourselves.
Doing so with Windows or Crapple would literally be illegal.
Yes, but to fulfill that requirement the company would have to be around to review the code changes and merge and provide QA. For 15 years.
