Should OS makers, like Microsoft, be legally required to provide 15 years of security updates?
This is stupid.
15 years is a massive time to just update your OS.
15 years ago instagram didn’t exist, the iPad was new, and people were just updating from Vista to Windows 7. I think Hadoop was just created then.
That is a massive amount of time to support software that would have almost no architectural protection against things like heartbleed.
And yet people are bitching because Windows 10 is getting cut off after 10 years of support. Raise it to 15 and people will just bitch at the 15 year mark.
"Microsoft’s decision to end support for Windows 10 could make 400 million computers obsolete
This is more stupid, and I absolutely agree with the article it shouldn’t be legal to end support of an OS this quickly, mind you this is not update to a new OS, like is common on phones, but mostly security updates for the OS you purchased with the device.
I absolutely think 10 years should be a minimum, but for PC, I can easily see an argument for 15 years, as many systems are purpose built, and should keep working even if an OS is discontinued.A similar argument can be made for phones, but maybe that should just be 10 or maybe even just 5 years, which very few phones have. My vote is on 10 years, because what some companies have been doing for a long time, only supporting security updates for 3 years is not acceptable IMO. If the phone is free to install custom ROM unhindered, I would be more understanding, but phones are generally locked, potentially rendering them worthless if updates are not available.
I think I’d prefer if there was a minimum updates guarantee that OS sellers would have to disclose, but even then I’m more in favour of other companies being able to pick up the work by making sure devices have their bootloader unlockable after they don’t get any more updates for X amount of time, rather than add burden to OS makers, because forcing people to support a project for Y amount of years would really harm indie developers releasing Linux distros and the like
rather than add burden to OS makers
It’s not a burden for the OS maker, except when the OS is the product, and in that case it’s only fair.
With Android the phone maker adapt the OS to their phones and flavor of Android, if they can’t handle maintaining it, they can use vanilla. Google is the OS maker, and I think they can handle the burden.The EU has been so far bad at making sure FOSS isn’t seen as a paid product in the eyes of regulation, even in cases where it’s clearly unpaid, see here. They can’t be trusted to get this differentiation right.
Therefore, unlockable bootloader seems like the better idea. Get people to Linux and open Android variants if the closed-source companies won’t serve them.
I would prefer if they force the companies to unlock root and boot-loader, when they not ship security updates anymore for a device.
I’d add the hardware drivers must be open sourced at the end of support as well, and no drm, patent, reverse engineering legal protections for a out of support Device/chipset
Fuck it. Force them from release date. There’s no reason for them to dictate what you can and cannot run on the hardware you purchase. If they can’t compete by providing a better OS or software, and must rely on anti-competitive models to profit, then they don’t deserve to waste the planets resources.
No, OS makers should just not make their OS bloated with useless shit, stealing your data and have arbitrary system requirements. I think 15 years of OS updates is excessive unless we’re talking about servers or very specific workflows. IMO 5-10 years is enough.
That said, for some operating systems it doesn’t even make sense to support for THAT long, because how they are designed (A lot of Linux distros for example). It turns out, if you don’t break users’ workflow, they don’t mind to upgrade.
5 years for basic and 10 for lts seems fine. 10 years is a fucking long ass time.
I agree with most of that, but there are loads of embedded systems still running the equivalent of Windows XP and they’re chugging along just fine. That OS still receives updates and ending that would break a lot of backend stuff. Mostly banking.
Boeing just started making planes which don’t rely on floppy disks for updates. That will continue on the older part of the fleet until it’s no longer feasible to procure the disks or the planes are no longer airworthy. I mean, why not? If you only need to store a few mbs for something critical, it’s not a bad choice of medium.
If a system is secure, reliable and works for decades without complaint, there’s no need to fix that.
15 is an arbitrarily long time. I think forcing it to be open sourced upon the companies end of life is the better option
15 years is too long, it doesn’t match the state of the industry or technological progress.
If anything this slows down innovation which leads me to suspect the 15 year idea was though of by someone who dislikes any technical changes.
Before Microsoft demanded TPM 2.0, you could install the latest version of Windows on extremely old hardware. Easily reaching that 15 years. We had this already. And Windows 11 can easily run without TPM 2.0. Microsoft just has business reasons to demand it. So I don’t see how innovation is slowed down by this.
Outside of aero and financial where it’s not uncommon for this to use 20+ year old tech.
If something isn’t hyper critical 15 is way too long
15 years is actually reasonable.
I have a ten year old laptop with an i7 processor, 16 GB RAM, and 1 TB SSD. It still does most things, I bought it for initially just fine. Granted this was one of the best laptops you could buy at the time.
Apple stopped supporting it with a current version of macOS a couple of years ago sadly. It’s still possible to patch newer versions to install and run on the old machine, but it’s a bit of a hassle.
Are we talking OpenCore Patcher? I was actually planning on trying that for my Early 2013 MBP, but I’m leaning more towards some Linux distro now, for the longevity of it, though I haven’t yet figured out which distro supports my MBP the best. Got any recommendations to share on some of this?
Yes, OpenCore Legacy Patcher.
Regarding Linux distributions, I don’t have a specific recommendation. You might be worse off with a distro that doesn’t include nonfree drivers for wifi, bluetooth, graphics by default. IIRC these MBPs use Broadcom Wifi chips. Ubuntu and derivatives would be my first try. Definitely read up on how to install Linux on MBPs. You probably might have to configure something in OpenFirmware/EFI.
15 years is too long, it doesn’t match the state of the industry or technological progress.
How is this too long? I would consider it a reasonable amount of time to receive security updates on a computer.
I have a notebook that I bought in 2012. It can run Ubuntu LTS 24.04, which is supported until 2034, without issue. There is no indication that the next release will stop supporting this hardware. I don’t see why Microsoft couldn’t provide this.
That sounds like an insane duration, even LTS distros are not usually anything like 15 years
this isn’t about the age of the OS, it’s the age of the device. I can install linux on a device from 20 years ago if not more.
I don’t know. just the other day somebody on lemmy was asking about installing a 32bit linux distro on an old netbook and the majority of comments were discussing whether there was any practical reason for distros to continue 32-bit support.
That’s unfortunate, but still leaves you 20 years worth of devices if they drop 32-bit.
These multi-billion dollar corporations have more than enough resources to provide updates for 15 years.
There’s nothing insane about it, unless you’ve been conditioned to live vicariously through business owners.
Pretty sure postmarketOS isn’t made by a multi-billion dollar corporation. Such a requirement would mean ONLY multi-billion dollar corporations can release an operating system. You do not want to give them that power.
Microsoft’s plan to end Windows 10 support next month — which may make an estimated 400 million PCs obsolete
I don’t get this. Can’t those PCs update to the new version? Yes, I am very aware that win11 is a shit show and win10 was better.
But Ubuntu also has a similar support policy for updates:
Ubuntu LTS versions get five years of updates, while non-LTS only gets nine months.
Would all the Linux versions out there be subjected the same 15 years of updates??
No, Windows 11 added extra, unneeded hardware requirements.
Obsolete in this case actually means obsolete. Windows 11 literally blocks the update because you do not meet requirements, such as not having a TPM.
Technically, there are ways to bypass this, but not for a casual user (and it probably breaks some ToS)
Yep, exactly this. You can bypass the TPM and Processor requirements, but at some point it will come back to bite someone in the butt.
Microsoft with the 24H2 update broke Windows 11 for older systems (like Core2Duo, which are already ancient) due to a lack of required processor instructions. I’ve seen systems running under QEMU, and also on newer systems like the AMD Ryzen Zen1 platform experience “Unsupported Processor” BSODs preventing the system from booting.
Even outside of that, Microsoft doesn’t deploy the yearly feature roll-ups to systems with unsupported hardware, even if Windows 11 is already installed. I’ve seen many unsupported systems end up stuck 1-2 builds behind, and they never see the update. They have to be manually updated using the same mechanisms that got Windows 11 installed in the first place.
Microsoft I believe, expects Windows 11 to be running on a minimum set of hardware, and that’s all they are qualifying it for. So older systems are going to eat it at some point if they are used in production.
The TPM checks are for security but, certainly not required if someone is willing to drop system security for some reason.
TPM is more about securing data from PC owners rather than for them. Since it’s there anyways, it is used to support bitlocker, but the reason they are pushing it so much is because it might (depending on whether it actually is secure) be able to allow content providers to allow users to view their content without needing to give them access to copy or edit it.
And there isn’t any guarantee that the uses that do benefit the user’s security don’t have some backdoor for approved crackers to get in. Like doesn’t the MS account store a copy of the recovery key for bitlocker? Which is nice for when the user needs it, but also comes in handy if MS wants to grant access to anyone else.
Correct, the “obsolete” PCs can’t update to Windows 11. The Windows 11 update forces certain hardware support that a lot of devices don’t have. The security this hardware provides is mainly in someone physically removing data from your PC. As such it’s very business oriented but affects all versions of Windows 11.
It’s not business oriented, it provides a unique ID attached to the machine, cryptographically proven.
Next step is to use that unique ID to identify you on the internet and digital life. Ending all privacy.
You think this is far fetched? Kernel-level anti-cheat for games already does this and bans the machine from playing that game ever again.
Couldn’t you theoretically swap out the tpm chip? Or spoof/emulate it? If not, how do VMs run Win11, do they just inherit the host tpm chip and that’s that? I feel like this was the same goal of having a mac address on each device, and it became irrelevant in short order.
Or legislate that unsupported software becomes public domain or is open for development and the public can try and make the updates themselves.
Forcing people to upgrade entirely depends on the nature of the upgrades and the motive of the company. What we need is competition so there are alternatives for people to use if they don’t want to upgrade. But somehow Microsoft is not considered the monopoly of the PC OS market, despite being a monopoly, and uses that position to force changes nobody wants but them, like turning window into an AI data farming scheme that violates user privacy.
Mandatory open source public domain release at EOS.
At Win10 EOS, people would make Windows distros, and ReactOS would no longer have to be a clean room implementation.
Also this would be a success for Stop Killing Games.
Or legislate that unsupported software becomes public domain
Solves a lot of issues.
This will kill small firms developing new OSes.
What we REALLY need is to curb microsoft’s market dominance. If more alternatives for OS and usable replacements for MS office em would exist, this would not be a problem and would not need to hamper innovation for the sake of back porting (the main counter-argument as a dev).
Linux and all its flavors?
What’s wrong with libreoffice or anyoffice? For a large percentage of users, Linux is fine, especially as many applications have an online option. For the stuff I do, in Linux, online Office is more than sufficient.
An org I work with provides me with a 365 license, but I I’m more comfortable in Libreoffice.
Office is used bythe majority, but majority doesn’t mean they are right, they are simply more.
LibreOffice is okay for some stuff, but shows its limitations pretty quickly once you use it for more serious tasks.
- Writer is the best of the suite and has deleted comments for me several times without ability to recover.
- The spreadsheet is a toy compared to Excel spreadsheets used in pretty much any business.
- The presentation software produces ugly results by default.
The only things LibreOffice has going for it, is the price and that the UI doesn’t change. LibreOffice has no good mobile apps.
Better alternatives to Microsoft Office are Google Docs etc. and Apple’s iWork suite. Both have good compatibility with Microsoft’s files and run great on mobile.
Google has ease of use, easy sharing and collaboration. Apple’s iWork has great usability and features and produces beautiful results by default. The suite comes free with every Apple device. Google Docs is free to use as well.
That’s of course ignoring the workhorse called Outlook. You can kind of approach its features with a handful of other applications, but won’t reach the same functionality.
LibreOffice has one unique application in its suite: Base local database. Microsoft Access and FileMaker used to very popular, but faded into the background over the last decade.
