Should OS makers, like Microsoft, be legally required to provide 15 years of security updates?
Lifetime for security. Other features (new drivers…) you can pay for, but security is lifetime. You need to escrow enough money to provide this service or prove that nobody is using the OS.
All services required for use of the device are also lifetime - though they may charge a subscription price so long as that price is clear to the customer before the first sale and prices go up by inflation only. After 15 years they can drop the service if it is easy for a “normal user” to switch to a different subscription provider; and all source code required for someone “skilled in the art” to create and maintain their own service provider is publicly released under terms that allow modification and redistribution was released at least 5 years before killing their own service.
You are allowed to drop support for any protocol that is not latest recommended state of the art so long as you maintain what was recommended at time of release. If a newer protocol comes out you need not support it. (Which is to say you can be IPv6 only today, and if the internet switches to IPv12 in the future you don’t have to support that)
The above applies to anything network connected. OS, web browser, Security camera, thermostat…
No. Maintain your own OS. Any country or group of countries should be doing so.
Yes exactly :D https://en.m.wikipedia.org/wiki/Red_Star_OS
Please mandate open bootloaders on devices, that’s what we truly need.
Or legislate that unsupported software becomes public domain or is open for development and the public can try and make the updates themselves.
Forcing people to upgrade entirely depends on the nature of the upgrades and the motive of the company. What we need is competition so there are alternatives for people to use if they don’t want to upgrade. But somehow Microsoft is not considered the monopoly of the PC OS market, despite being a monopoly, and uses that position to force changes nobody wants but them, like turning window into an AI data farming scheme that violates user privacy.
Or legislate that unsupported software becomes public domain
Solves a lot of issues.
Mandatory open source public domain release at EOS.
At Win10 EOS, people would make Windows distros, and ReactOS would no longer have to be a clean room implementation.
Also this would be a success for Stop Killing Games.
That sounds like an insane duration, even LTS distros are not usually anything like 15 years
There are companies still running XP.
These multi-billion dollar corporations have more than enough resources to provide updates for 15 years.
There’s nothing insane about it, unless you’ve been conditioned to live vicariously through business owners.
Pretty sure postmarketOS isn’t made by a multi-billion dollar corporation. Such a requirement would mean ONLY multi-billion dollar corporations can release an operating system. You do not want to give them that power.
If it’s free software, then anyone can implement the fixes themselves.
Doing so with proprietary software would be illegal.
yeah but you don’t pay 150euros for it + all the ads and stuffs
but yeah, I don’t see the point of this, it’s clearly aimed at Microsoft, and at this point alternative solutions exist
I almost feel like the compromise we will eventually land on is that if an OS maker like Microsoft wants to continue advertising on your OS they have to take some liability for its security.
this isn’t about the age of the OS, it’s the age of the device. I can install linux on a device from 20 years ago if not more.
Ahh, so the win11 arbitrary hardware requirements bullshit
I don’t know. just the other day somebody on lemmy was asking about installing a 32bit distro on an old netbook and the majority of comments were discussing whether there was any practical reason for distros to continue 32-bit support.
That’s unfortunate, but still leaves you 20 years worth of devices if they drop 32-bit.
They didn’t say you could not do version upgrade…
Why only 15?
If the EU is going to pay for the developers, sure. I’d even go higher and say make it 50 years. Otherwise make your own OS or use Linux.
This is a prime example of legislators not understanding technology.
Nothing says ‘circular economy’ like Microsoft stranding 400 million PCs
This might be a silly question but would this not be a good idea for a start up company that recycle computer parts?
Don’t manufacturers purposefuly destroy the computers and such just to ensure that doesn’t happen?
No. Manufacturers have no say in what happens to computer hardware after is sold.
Some companies may destroy the hard drives to make sure no data gets out. Some companies will remove the memory as well.
that’s what the greatest technician that’s ever lived does.
would this not be a good idea for a start up company that recycle computer parts?
I really don’t think so. Computer recycling already seems to be a low profit business, as evidenced by there not being any large companies that do it (that I’m aware of). This number of computers flooding the market would probably make it even less profitable. Sure, it may be profitable for some small businesses, but nothing on the scale required to address the problem.
There are dozens of us out here patiently awaiting a bunch of reasonably powerful new Linux machines.
Dude, I’m so ready. Linux supports processors that old, by enthusiasts for free.
This would almost certainly rule out Linux as an option. What Linux vendor feels comfortable committing to something, anything, for 15 years?
Because Linux is free software, we can implement the fixes ourselves.
Doing so with Windows or Crapple would literally be illegal.
Yes, but to fulfill that requirement the company would have to be around to review the code changes and merge and provide QA. For 15 years.
People have had plenty of time to upgrade. 15 years is an incredibly long time to be supporting an OS. Even RHEL doesn’t do that.
European e-waste campaigners are calling on EU leadership to force tech vendors to provide 15 years of software updates, using Microsoft’s plan to end Windows 10 support next month — which may make an estimated 400 million PCs obsolete — as a textbook case of avoidable e-waste.
Windows 10 has already had 10 years of support. ESU extends this one extra year. If you have hardware that cannot meet Windows 11’s requirements, there are other OSes available that will happily run on that hardware. Which is what brings us to the real issue.
Microsoft’s near monopoly on consumer grade PCs and Apple’s vendor lock in. This is the core issue.
Companies can do this because there are no regulations to stop them. We call on European Commissioner Jessika Roswall to introduce EU Ecodesign requirements for laptops, guaranteeing at least 15 years of software updates. No more devices designed to break or become obsolete before their time
Ten years is a very long time for support. If you need support past that length, you need a different OS. Apple does good to keep Macs made in the last five to seven years still able to run their newest OS. They are some of the worse offenders on this. But even with a different OS, there’s still a limit to how far you can take hardware. You could put the best optimized software on really old hardware and that won’t change that the underlying CPU is old.
The older hardware gets the harder it is to keep supporting it. Case in point, there reason you can’t get TLS 1.2 that pretty much every site now requires onto Windows 95 era machine is the underlying hardware cannot keep up with the required computational needs to support that encryption. And if you happened to install Windows 95 onto modern hardware, the number of changes to the OS to get access to the underlying hardware is pretty much an upgrade to Windows 7.
Ten year old machines are doing alright for the time being, but we have to move on. TLS 1.3 is here, has been here since 2018. The stricter requirements for security, require more advanced hardware.
And I just mention TLS as a single example of what we’re talking about here. Modern hardware advances and attackers and users get those at the same time. While software security schemes do ensure security long after the hardware has become dated, there’s a point where it won’t matter anymore what software you toss onto the machine. It’s just so out dated it doesn’t matter, no software is securing it. Now that’s usually a lot longer than ten years, but it’s not much longer.
You can take a very lightweight Linux distro and pop it onto a Pentium 3 machine. It will technically run. But you are lacking SSE2 and even if you recompiled to remove SSE2 optimizations and strictly held to 586 ISA, you’re not going to enjoy the performance on the machine. For even the most simple tasks like unpacking a 7-zip. You will fare very unwell to some attacker who has a modern Threadripper machine.
I love old machines but the rest of the world is moving forward. Yes, software could technically cover for more than ten years, but not much more. But it’s silly to think that a Athlon 64 (2003), the oldest CPU you can technically get working on Windows 10 because of the NX bit requirement, would be able to keep pace on today’s multi megabyte sized website. Hell even the X2 models that were the first to be “dual core” would have issues with how modern web browsers handle things because Athlon 64 X2’s model for multiple processors is vastly different than how modern CPUs do it. It wouldn’t take anything for someone to feed it a website that would bring the system to it’s knees.
The thing is 15 years a very long time in the world of technology that’s ever evolving. Software can only go so far. 15 years is absolutely you need a different OS if that’s your requirement territory. But when you start hitting 20 years, your going to see breakage no matter what software you throw at it. It might be very slight at the 20 year mark. but each year after that it’s going to become more pronounced.
Some websites bring my 9800X3D to its knees
Ten years is a very long time for support. If you need support past that length, you need a different OS.
I strongly disagree. Ten years should be the bare minimum required. Windows used to support hardware way longer than 10 years and probably more than 15, until Windows 11 came out.
The older hardware gets the harder it is to keep supporting it. Case in point, there reason you can’t get TLS 1.2 that pretty much every site now requires onto Windows 95 era machine is the underlying hardware cannot keep up with the required computational needs to support that encryption. And if you happened to install Windows 95 onto modern hardware, the number of changes to the OS to get access to the underlying hardware is pretty much an upgrade to Windows 7.
Windows 95 is a bad example since it’s a 30 year old OS. It’s a completely different era with different OS architecture and different OS environment. Let’s instead use an example of an OS from the time frame being discussed: Windows 7, released a little over 15 years ago. There’s very little reason why a computer that was made since Windows 7 was released shouldn’t be able to run Windows 11. I think that this is a profit maximization decision on Microsoft’s part (less hardware support, less development and testing cost). They basically said screw the customers and screw the environment.
Well, maybe tell Microsoft and others to stop sucking in these technological advances they treat as shiny misunderstood toys that are forced down everyone’s throats and make everyone’s lives a lot harder than they’re supposedly making easier.
I am not arguing against the idea of upgrading at all or avoiding security at all. What I am always tired of, is just seeing the direction Microsoft takes and then telling people to shove off into their shitty new ecosystem for the sake of security. Like no, you’re watering down your OS and dumbing down everything while telling millions of users like “well, uh, like it because we’re Microsoft so fuck you”.
And nothing is improving or giving people the strong urge to immediately upgrade because of said directions and choices.
Which is why we have this delayed lapse in people just stretching out these support cycles who’re not interested in hopping to the next OS, because they aren’t liking what they see and sometimes experience on another’s computer that has that latest OS version.
By the time Windows 10 is truly done, Windows 11 has its announcement for the last of its updates and by the time Microsoft moves to 12 in however they handle it, maybe then.
What we REALLY need is to curb microsoft’s market dominance. If more alternatives for OS and usable replacements for MS office em would exist, this would not be a problem and would not need to hamper innovation for the sake of back porting (the main counter-argument as a dev).
Linux and all its flavors?
What’s wrong with libreoffice or anyoffice? For a large percentage of users, Linux is fine, especially as many applications have an online option. For the stuff I do, in Linux, online Office is more than sufficient.
An org I work with provides me with a 365 license, but I I’m more comfortable in Libreoffice.
Office is used bythe majority, but majority doesn’t mean they are right, they are simply more.
LibreOffice is okay for some stuff, but shows its limitations pretty quickly once you use it for more serious tasks.
- Writer is the best of the suite and has deleted comments for me several times without ability to recover.
- The spreadsheet is a toy compared to Excel spreadsheets used in pretty much any business.
- The presentation software produces ugly results by default.
The only things LibreOffice has going for it, is the price and that the UI doesn’t change. LibreOffice has no good mobile apps.
Better alternatives to Microsoft Office are Google Docs etc. and Apple’s iWork suite. Both have good compatibility with Microsoft’s files and run great on mobile.
Google has ease of use, easy sharing and collaboration. Apple’s iWork has great usability and features and produces beautiful results by default. The suite comes free with every Apple device. Google Docs is free to use as well.
That’s of course ignoring the workhorse called Outlook. You can kind of approach its features with a handful of other applications, but won’t reach the same functionality.
LibreOffice has one unique application in its suite: Base local database. Microsoft Access and FileMaker used to very popular, but faded into the background over the last decade.
The jank oh my god the jank
I have had more issues with formatting between ms 365 desktop and ms 365 online than I’ve had with libreoffice
Windows is far more jank than a lot of Linux distros/desktop environments.
Like…
- Multiple different right click menus?
- No consistent and cohesive design language even throughout system or first party apps?
- Having to search online for an exe download page, download, open downloads folder, double click, click next through an installer? Then each app having to have its own update process, often that always runs in the background to check (or none at all)?
- Updates that happen when you don’t want them to, take forever, and break things?
- Fucking ads everywhere?
- Web results in your start menu before actual stuff on your system
- Multiple settings apps?
- Sleep that doesn’t work?
- Convoluted process for setting things as the default app?
- Dark mode that’s only functional for some apps?
It’s actually incredible how much money Microsoft has, and how much more they spend than probably all Linux DEs combined, but they’ve still yet to fix so much low hanging fruit.
Hmmm, I don’t agree. The trend is in the opposite direction. Microsoft Windows used to have a larger market share and supported hardware indefinitely. Now that their market share has shrunk, they are also limiting support for older hardware. This only shows correlation, not causation, but it does show that more competition has not improved the issue and that we need laws to do that instead. MacOS, the primary competitor to Microsoft Windows which also has Microsoft Office available, only supports their hardware for 6-8 years as well.
Edit: just to add, if anything, this actually shows that more competition and reduced market share probably increases the pressure to cut support for older hardware because it probably becomes less profitable to do so.
I didn’t go into the specifics but I was thinking more in line with prosumer friendly linux distributions that can be dropped in to replace win 10. I know stuff like linux mint exists for that case.
Got it, thanks for the clarification.
I think Microsoft should be punished with forcing to release the Windows kernel source code.
Please no, just imagine the influx of 0-days
I’ll bring the popcorn
15 years is too long, it doesn’t match the state of the industry or technological progress.
If anything this slows down innovation which leads me to suspect the 15 year idea was though of by someone who dislikes any technical changes.
Before Microsoft demanded TPM 2.0, you could install the latest version of Windows on extremely old hardware. Easily reaching that 15 years. We had this already. And Windows 11 can easily run without TPM 2.0. Microsoft just has business reasons to demand it. So I don’t see how innovation is slowed down by this.
Fair like imagine if Microsoft was forced to support windows 8 for 15 years, a operating system people barely use, also some OSs arnt ran by huge companys
15 years is too long, it doesn’t match the state of the industry or technological progress.
How is this too long? I would consider it a reasonable amount of time to receive security updates on a computer.
I have a notebook that I bought in 2012. It can run Ubuntu LTS 24.04, which is supported until 2034, without issue. There is no indication that the next release will stop supporting this hardware. I don’t see why Microsoft couldn’t provide this.
15 years is actually reasonable.
I have a ten year old laptop with an i7 processor, 16 GB RAM, and 1 TB SSD. It still does most things, I bought it for initially just fine. Granted this was one of the best laptops you could buy at the time.
Apple stopped supporting it with a current version of macOS a couple of years ago sadly. It’s still possible to patch newer versions to install and run on the old machine, but it’s a bit of a hassle.
But unlike server aided services an OS still keeps working. You can use that PC for 10 more years, if you like.
I think there’s a discrepancy in the understanding of ‘support’ and what it entails in different technology fields. Demanding to receive NEW features for decades is not feasible in the current economic environment.
The biggest issue is security updates and a current internet browser.
Of course I can use a 30 year old computer that still works with the software it can run.
Pretty sure Rocky Linux provides updates for 10 years.
It’s not asking too much for multi-billion dollar corporations to provide 15 years of updates.
They have more than enough resources.
IBM providing 10 years for RHEL is doing most of the heavy lifting in the case of rocky linux
Or an established player in the market that wants to keep competitors out (but I guess in a way that is someone who dislikes change). While legislation like this can sometimes be great (e.g. the recent changes forcing longer support for mobile phones) there comes a point where it cuts the other way and it becomes an entry barrier.
Imo the better solution would be to legislate what happens after support ends. Like forcing the disclosure of at least some documentation that allows others to continue servicing the product or at least transfer out data and install other software on the device.
Outside of aero and financial where it’s not uncommon for this to use 20+ year old tech.
If something isn’t hyper critical 15 is way too long
