Should OS makers, like Microsoft, be legally required to provide 15 years of security updates?
This will kill small firms developing new OSes.
Please mandate open bootloaders on devices, that’s what we truly need.
15 years. 15 years. She got one of your kids got you for 15 years
Why only 15?
This seems backwards. Let’s just assume we’re always going to be willingly beholden to tech giants, and so we’re going to pass a law to make our masters treat us well.
Maybe instead campaign for a law that says all publicly funded computer resources must be reliably usable for 15 years. So you either go FOSS and save money too, or you get guarantees in writing before you hand over your hand over money to the people who won’t even let you see what their code is doing on your hardware.
You can already patch windows as much as you want.
You can? How do you do that?
By replacing it with something better.
Yeah, I’ll just call up the CTO and ask for a new deployment of 300,000 VMs lmfao
Microsoft’s plan to end Windows 10 support next month — which may make an estimated 400 million PCs obsolete
I don’t get this. Can’t those PCs update to the new version? Yes, I am very aware that win11 is a shit show and win10 was better.
But Ubuntu also has a similar support policy for updates:
Ubuntu LTS versions get five years of updates, while non-LTS only gets nine months.
Would all the Linux versions out there be subjected the same 15 years of updates??
You don’t typically pay to run Linux distros. They’re open-source. I can’t imagine they’d be subject to this.
if anyone pays though they would need to keep a long-long-term-support.
Upgrades are more seamless as well, it’s definitely a bit more blurry of a process. Plus Ubuntu releases twice a year, so their versions are more like the equivalent of Microsoft’s service packs (or whatever they call them now) but on a rolling basis.
Correct, the “obsolete” PCs can’t update to Windows 11. The Windows 11 update forces certain hardware support that a lot of devices don’t have. The security this hardware provides is mainly in someone physically removing data from your PC. As such it’s very business oriented but affects all versions of Windows 11.
It’s not business oriented, it provides a unique ID attached to the machine, cryptographically proven.
Next step is to use that unique ID to identify you on the internet and digital life. Ending all privacy.
You think this is far fetched? Kernel-level anti-cheat for games already does this and bans the machine from playing that game ever again.
Couldn’t you theoretically swap out the tpm chip? Or spoof/emulate it? If not, how do VMs run Win11, do they just inherit the host tpm chip and that’s that? I feel like this was the same goal of having a mac address on each device, and it became irrelevant in short order.
No, OS makers should just not make their OS bloated with useless shit, stealing your data and have arbitrary system requirements. I think 15 years of OS updates is excessive unless we’re talking about servers or very specific workflows. IMO 5-10 years is enough.
That said, for some operating systems it doesn’t even make sense to support for THAT long, because how they are designed (A lot of Linux distros for example). It turns out, if you don’t break users’ workflow, they don’t mind to upgrade.
5 years for basic and 10 for lts seems fine. 10 years is a fucking long ass time.
I agree with most of that, but there are loads of embedded systems still running the equivalent of Windows XP and they’re chugging along just fine. That OS still receives updates and ending that would break a lot of backend stuff. Mostly banking.
Boeing just started making planes which don’t rely on floppy disks for updates. That will continue on the older part of the fleet until it’s no longer feasible to procure the disks or the planes are no longer airworthy. I mean, why not? If you only need to store a few mbs for something critical, it’s not a bad choice of medium.
If a system is secure, reliable and works for decades without complaint, there’s no need to fix that.
I think Microsoft should be punished with forcing to release the Windows kernel source code.
Please no, just imagine the influx of 0-days
I’ll bring the popcorn
15 is an arbitrarily long time. I think forcing it to be open sourced upon the companies end of life is the better option
Then you can have a company that acquires the original failed company and provides “support” in the form of one bugfix per year.
All of these solutions are gamable except for requiring that the solution be open source from the get-go.
15 years is too long, it doesn’t match the state of the industry or technological progress.
If anything this slows down innovation which leads me to suspect the 15 year idea was though of by someone who dislikes any technical changes.
Outside of aero and financial where it’s not uncommon for this to use 20+ year old tech.
If something isn’t hyper critical 15 is way too long
15 years is too long, it doesn’t match the state of the industry or technological progress.
How is this too long? I would consider it a reasonable amount of time to receive security updates on a computer.
I have a notebook that I bought in 2012. It can run Ubuntu LTS 24.04, which is supported until 2034, without issue. There is no indication that the next release will stop supporting this hardware. I don’t see why Microsoft couldn’t provide this.
15 years is actually reasonable.
I have a ten year old laptop with an i7 processor, 16 GB RAM, and 1 TB SSD. It still does most things, I bought it for initially just fine. Granted this was one of the best laptops you could buy at the time.
Apple stopped supporting it with a current version of macOS a couple of years ago sadly. It’s still possible to patch newer versions to install and run on the old machine, but it’s a bit of a hassle.
But unlike server aided services an OS still keeps working. You can use that PC for 10 more years, if you like.
I think there’s a discrepancy in the understanding of ‘support’ and what it entails in different technology fields. Demanding to receive NEW features for decades is not feasible in the current economic environment.
The biggest issue is security updates and a current internet browser.
Of course I can use a 30 year old computer that still works with the software it can run.
Pretty sure Rocky Linux provides updates for 10 years.
It’s not asking too much for multi-billion dollar corporations to provide 15 years of updates.
They have more than enough resources.
IBM providing 10 years for RHEL is doing most of the heavy lifting in the case of rocky linux
Or an established player in the market that wants to keep competitors out (but I guess in a way that is someone who dislikes change). While legislation like this can sometimes be great (e.g. the recent changes forcing longer support for mobile phones) there comes a point where it cuts the other way and it becomes an entry barrier.
Imo the better solution would be to legislate what happens after support ends. Like forcing the disclosure of at least some documentation that allows others to continue servicing the product or at least transfer out data and install other software on the device.
Before Microsoft demanded TPM 2.0, you could install the latest version of Windows on extremely old hardware. Easily reaching that 15 years. We had this already. And Windows 11 can easily run without TPM 2.0. Microsoft just has business reasons to demand it. So I don’t see how innovation is slowed down by this.
Fair like imagine if Microsoft was forced to support windows 8 for 15 years, a operating system people barely use, also some OSs arnt ran by huge companys
I would prefer if they force the companies to unlock root and boot-loader, when they not ship security updates anymore for a device.
Fuck it. Force them from release date. There’s no reason for them to dictate what you can and cannot run on the hardware you purchase. If they can’t compete by providing a better OS or software, and must rely on anti-competitive models to profit, then they don’t deserve to waste the planets resources.
Fair enough, just thought proposal above would have higher chances to get approved 😇
You start high and negotiate down. If you start low, you’ll get even less
😄I guess, I am bad in capitalism 🤣🙃
Nah, you’re a good person. But there’s lots of bad faith people out there. You have to defend yourself against them
I’d add the hardware drivers must be open sourced at the end of support as well, and no drm, patent, reverse engineering legal protections for a out of support Device/chipset
😍yess!
Abandonware must be open sourced, publishing a new version doesn’t count as a exception.
deleted by creator
I have no sympathy for anyone using microsoft products.
They made their bed, now they get to sleep in it.
I didnt my finance and IT team did.
If you ever want to create a google fan, make them use M365
seems you were already a Google fan, they are a unique breed of horrible.
Oh you… recongising one is better than the other is not support for either.
The company that pays me so I can provide for my family and live a life moved from workspace to office and I think it is worse by a long shot.
That sounds like an insane duration, even LTS distros are not usually anything like 15 years
These multi-billion dollar corporations have more than enough resources to provide updates for 15 years.
There’s nothing insane about it, unless you’ve been conditioned to live vicariously through business owners.
Pretty sure postmarketOS isn’t made by a multi-billion dollar corporation. Such a requirement would mean ONLY multi-billion dollar corporations can release an operating system. You do not want to give them that power.
If it’s free software, then anyone can implement the fixes themselves.
Doing so with proprietary software would be illegal.
this isn’t about the age of the OS, it’s the age of the device. I can install linux on a device from 20 years ago if not more.
Ahh, so the win11 arbitrary hardware requirements bullshit
I don’t know. just the other day somebody on lemmy was asking about installing a 32bit linux distro on an old netbook and the majority of comments were discussing whether there was any practical reason for distros to continue 32-bit support.
That’s unfortunate, but still leaves you 20 years worth of devices if they drop 32-bit.
There are companies still running XP.
yeah but you don’t pay 150euros for it + all the ads and stuffs
but yeah, I don’t see the point of this, it’s clearly aimed at Microsoft, and at this point alternative solutions exist
I almost feel like the compromise we will eventually land on is that if an OS maker like Microsoft wants to continue advertising on your OS they have to take some liability for its security.
They didn’t say you could not do version upgrade…
Or legislate that unsupported software becomes public domain or is open for development and the public can try and make the updates themselves.
Forcing people to upgrade entirely depends on the nature of the upgrades and the motive of the company. What we need is competition so there are alternatives for people to use if they don’t want to upgrade. But somehow Microsoft is not considered the monopoly of the PC OS market, despite being a monopoly, and uses that position to force changes nobody wants but them, like turning window into an AI data farming scheme that violates user privacy.
Or legislate that unsupported software becomes public domain
Solves a lot of issues.
This is a prime example of legislators not understanding technology.
