Should OS makers, like Microsoft, be legally required to provide 15 years of security updates?
15 is an arbitrarily long time. I think forcing it to be open sourced upon the companies end of life is the better option
Campaigners urge EU to mandate 15 years of OS updates
Submitted 9 hours ago by SleafordMod@feddit.uk to technology@lemmy.world
https://www.theregister.com/2025/09/16/campaigners_urge_eu_to_mandate
Comments
Runaway@lemmy.zip 1 hour ago
Horsey@lemmy.world 2 hours ago
Dude, I’m so ready. Linux supports processors that old, by enthusiasts for free.
Petter1@discuss.tchncs.de 8 hours ago
I would prefer if they force the companies to unlock root and boot-loader, when they not ship new OS anymore for a device.
WhatAmLemmy@lemmy.world 6 hours ago
Fuck it. Force them from release sate. There’s no reason for them to dictate what you can and cannot run on the hardware you purchase. If they can’t compete by providing a better OS or software, and must rely on anti-competitive models to profit, then they don’t deserve to waste the planets resources.
Petter1@discuss.tchncs.de 6 hours ago
Fair enough, just thought proposal above would have higher chances to get approved 😇
interdimensionalmeme@lemmy.ml 4 hours ago
Abandonware must be open sourced, publishing a new version doesn’t count as a exception.
minorkeys@lemmy.world 4 hours ago
Or legislate that unsupported software becomes public domain or is open for development and the public can try and make the updates themselves.
Forcing people to upgrade entirely depends on the nature of the upgrades and the motive of the company. What we need is competition so there are alternatives for people to use if they don’t want to upgrade. But somehow Microsoft is not considered the monopoly of the PC OS market, despite being a monopoly, and uses that position to force changes nobody wants but them, like turning window into an AI data farming scheme that violates user privacy.
cmnybo@discuss.tchncs.de 3 hours ago
Just require any new operating systems to support 15 year old hardware. We should require manufacturers to provide 15 years of UEFI and firmware updates too.
panda_abyss@lemmy.ca 9 hours ago
This is stupid.
15 years is a massive time to just update your OS.
15 years ago instagram didn’t exist, the iPad was new, and people were just updating from Vista to Windows 7. I think Hadoop was just created then.
That is a massive amount of time to support software that would have almost no architectural protection against things like heartbleed.
Cricket@lemmy.zip 1 hour ago
Windows used to support really old hardware, I believe more than 15 years old until they introduced the new requirements for particular CPU models and TPM 2.0 chips. If anything, I feel that 15 years is too short. iPads and Hadoop have nothing to do with PC hardware.
Buffalox@lemmy.world 8 hours ago
"Microsoft’s decision to end support for Windows 10 could make 400 million computers obsolete
This is more stupid, and I absolutely agree it shouldn’t be legal, mind you this is not update to a new OS, like is common on phones, but mostly security updates.
JustARaccoon@lemmy.world 6 hours ago
I think I’d prefer if there was a minimum updates guarantee that OS sellers would have to disclose, but even then I’m more in favour of other companies being able to pick up the work by making sure devices have their bootloader unlockable after they don’t get any more updates for X amount of time, rather than add burden to OS makers, because forcing people to support a project for Y amount of years would really harm indie developers releasing Linux distros and the like
atomicbocks@sh.itjust.works 5 hours ago
Instagram has existed for 14 years and 11 months. I think you might be pushing it on the not 15 years.
But more importantly though, Windows XP was supported for 18 years…
So it’s not like it can’t be done.
CriticalMiss@lemmy.world 4 hours ago
My ThinkPad x230 will soon turn 13 (since it was manufactured, I picked it up second hand from a business that went bankrupt). It’s still alive and kicking, just not with Windows. The hardware is dated, but for what I do it’s good enough. I only replaced the battery and the screen. I don’t care for instagram or any of that crap, this machine chugged along for 13 years, it will chug at least for another 5. Don’t let hardware manufacturers normalize dunking perfectly capable good hardware into a landfill because it hurts their profits. If you need any further proof just look into the old Apple hardware modding and some of the stuff they pulled off.
Alphane_Moon@lemmy.world 6 hours ago
15 years is a massive time to just update your OS.
The last version of Windows 10 (22H2) is nothing like the RTM release from 2015 (1507). 1507 still has Cortana and their failed “Continuum” concept.
Essentially we are asking Microsoft to support Windows 10 22H2 for another ~5 years, which is reasonable considering 22H2 is a just under 3 years old.
ramble81@lemmy.zip 7 hours ago
And yet people are bitching because Windows 10 is getting cut off after 10 years of support. Raise it to 15 and people will just bitch at the 15 year mark.
Jesus_666@lemmy.world 6 hours ago
I think major factors in people bitching about the Windows 10 EOL is that a) Windows 10 was explicitly marketed as the final version of Windows and b) Windows 11 is so unappealing that even companies are reluctant to upgrade.
Normally, that wouldn’t be a big problem. We had dud releases before. Windows Vista had few friends due to compatibility issues but was workable. Besides, 7 was launched shortly after Vista’s EOL. Likewise, Windows 8’s absurd UI choices made it deeply unpopular but it was quickly followed by 8.1, which fixed that. And Windows 10 again followed shortly after 8’s EOL (and well before 8.1’s).
Windows 11, however, combines a hard to justify spec hike with a complete absence of appealing new features. The notable new features that are there are raising concerns about data safety. In certain industries (e.g. medical, legal, and finance), Recall/Copilot Vision is seen as dangerous as it might access protected information and is not under the same control that the company has over its document stores. That increases the vector for a data breach that could lead to severe legal and reputational penalties.
Microsoft failed to satisfyingly address these concerns. And there’s not even hope of a new version of Windows releasing a few months after 10’s EOL; Windows 12 hasn’t even been announced yet.
It’s no wonder that companies are now complaining about Windows 10’s support window being too short.
krebssteven@lemmy.world 9 hours ago
What we REALLY need is to curb microsoft’s market dominance. If more alternatives for OS and usable replacements for MS office em would exist, this would not be a problem and would not need to hamper innovation for the sake of back porting (the main counter-argument as a dev).
Cricket@lemmy.zip 1 hour ago
Hmmm, I don’t agree. The trend is in the opposite direction. Microsoft Windows used to have a larger market share and supported hardware indefinitely. Now that their market share has shrunk, they are also limiting support for older hardware. This only shows correlation, not causation, but it does show that more competition has not improved the issue and that we need laws to do that instead. MacOS, the primary competitor to Microsoft Windows which also has Microsoft Office available, only supports their hardware for 6-8 years as well.
elucubra@sopuli.xyz 6 hours ago
Linux and all its flavors?
What’s wrong with libreoffice or anyoffice? For a large percentage of users, Linux is fine, especially as many applications have an online option. For the stuff I do, in Linux, online Office is more than sufficient.
An org I work with provides me with a 365 license, but I I’m more comfortable in Libreoffice.
Office is used bythe majority, but majority doesn’t mean they are right, they are simply more.
interdimensionalmeme@lemmy.ml 4 hours ago
The jank oh my god the jank
TankovayaDiviziya@lemmy.world 7 hours ago
Nothing says ‘circular economy’ like Microsoft stranding 400 million PCs
This might be a silly question but would this not be a good idea for a start up company that recycle computer parts?
Cricket@lemmy.zip 1 hour ago
would this not be a good idea for a start up company that recycle computer parts?
I really don’t think so. Computer recycling already seems to be a low profit business, as evidenced by there not being any large companies that do it (that I’m aware of). This number of computers flooding the market would probably make it even less profitable. Sure, it may be profitable for some small businesses, but nothing on the scale required to address the problem.
Jankatarch@lemmy.world 3 hours ago
Don’t manufacturers purposefuly destroy the computers and such just to ensure that doesn’t happen?
miked@piefed.social 33 minutes ago
No. Manufacturers have no say in what happens to computer hardware after is sold.
Some companies may destroy the hard drives to make sure no data gets out. Some companies will remove the memory as well.
darkreader2636@lemmy.zip 4 hours ago
that’s what the greatest technician that’s ever lived does.
DJDarren@sopuli.xyz 3 hours ago
There are dozens of us out here patiently awaiting a bunch of reasonably powerful new Linux machines.
vacuumflower@lemmy.sdf.org 8 hours ago
Of course. Make another regulation only big corps can follow. To punish them, of course. This is punishment.
freeman@feddit.org 9 hours ago
What would that mean for Linux distros? It seems like it could be a law that cuts off the competition. Like amazon who is very selectively for better working conditions when the know that no competitior can fulfull them.
ieatpwns@lemmy.world 9 hours ago
Would Linux even count since it’s foss?
Buffalox@lemmy.world 8 hours ago
I think it does in some cases, like if you buy a System 76 computer with PopOS, or you buy a server with Red Hat.
However if you install a Linux OS yourself, that is available free of charge, there isn’t any money to claim back, and it would be illogical if there should be demands on updates.I think logically there needs to be money involved, so if you download PopOS you’re on your own, but if you bought a computer with PopOS installed it is part of a package.
I’m not a lawyer, but from my experience this is how things typically work.
Buffalox@lemmy.world 8 hours ago
I think it would need to be a commercial product like Red Hat or preinstalled OS by the company that sell the computer.
With a FOSS distribution that is made freely available without charge, that people download and install themselves, people are probably themselves responsible for their choice of OS.tabular@lemmy.world 9 hours ago
Microsoft is so wealthy they could do that, and would even support such legislation if it could hinder their competitors such as smaller Linux distributions.
IHeartBadCode@fedia.io 8 hours ago
European e-waste campaigners are calling on EU leadership to force tech vendors to provide 15 years of software updates, using Microsoft's plan to end Windows 10 support next month — which may make an estimated 400 million PCs obsolete — as a textbook case of avoidable e-waste.
Windows 10 has already had 10 years of support. ESU extends this one extra year. If you have hardware that cannot meet Windows 11's requirements, there are other OSes available that will happily run on that hardware. Which is what brings us to the real issue.
Microsoft's near monopoly on consumer grade PCs and Apple's vendor lock in. This is the core issue.
Companies can do this because there are no regulations to stop them. We call on European Commissioner Jessika Roswall to introduce EU Ecodesign requirements for laptops, guaranteeing at least 15 years of software updates. No more devices designed to break or become obsolete before their time
Ten years is a very long time for support. If you need support past that length, you need a different OS. Apple does good to keep Macs made in the last five to seven years still able to run their newest OS. They are some of the worse offenders on this. But even with a different OS, there's still a limit to how far you can take hardware. You could put the best optimized software on really old hardware and that won't change that the underlying CPU is old.
The older hardware gets the harder it is to keep supporting it. Case in point, there reason you can't get TLS 1.2 that pretty much every site now requires onto Windows 95 era machine is the underlying hardware cannot keep up with the required computational needs to support that encryption. And if you happened to install Windows 95 onto modern hardware, the number of changes to the OS to get access to the underlying hardware is pretty much an upgrade to Windows 7.
Ten year old machines are doing alright for the time being, but we have to move on. TLS 1.3 is here, has been here since 2018. The stricter requirements for security, require more advanced hardware.
And I just mention TLS as a single example of what we're talking about here. Modern hardware advances and attackers and users get those at the same time. While software security schemes do ensure security long after the hardware has become dated, there's a point where it won't matter anymore what software you toss onto the machine. It's just so out dated it doesn't matter, no software is securing it. Now that's usually a lot longer than ten years, but it's not much longer.
You can take a very lightweight Linux distro and pop it onto a Pentium 3 machine. It will technically run. But you are lacking SSE2 and even if you recompiled to remove SSE2 optimizations and strictly held to 586 ISA, you're not going to enjoy the performance on the machine. For even the most simple tasks like unpacking a 7-zip. You will fare very unwell to some attacker who has a modern Threadripper machine.
I love old machines but the rest of the world is moving forward. Yes, software could technically cover for more than ten years, but not much more. But it's silly to think that a Athlon 64 (2003), the oldest CPU you can technically get working on Windows 10 because of the NX bit requirement, would be able to keep pace on today's multi megabyte sized website. Hell even the X2 models that were the first to be "dual core" would have issues with how modern web browsers handle things because Athlon 64 X2's model for multiple processors is vastly different than how modern CPUs do it. It wouldn't take anything for someone to feed it a website that would bring the system to it's knees.
The thing is 15 years a very long time in the world of technology that's ever evolving. Software can only go so far. 15 years is absolutely you need a different OS if that's your requirement territory. But when you start hitting 20 years, your going to see breakage no matter what software you throw at it. It might be very slight at the 20 year mark. but each year after that it's going to become more pronounced.
Cricket@lemmy.zip 1 hour ago
Ten years is a very long time for support. If you need support past that length, you need a different OS.
I strongly disagree. Ten years should be the bare minimum required. Windows used to support hardware way longer than 10 years and probably more than 15, until Windows 11 came out.
The older hardware gets the harder it is to keep supporting it. Case in point, there reason you can’t get TLS 1.2 that pretty much every site now requires onto Windows 95 era machine is the underlying hardware cannot keep up with the required computational needs to support that encryption. And if you happened to install Windows 95 onto modern hardware, the number of changes to the OS to get access to the underlying hardware is pretty much an upgrade to Windows 7.
Windows 95 is a bad example since it’s a 30 year old OS. It’s a completely different era with different OS architecture and different OS environment. Let’s instead use an example of an OS from the time frame being discussed: Windows 7, released a little over 15 years ago. There’s very little reason why a computer that was made since Windows 7 was released shouldn’t be able to run Windows 11. I think that this is a profit maximization decision on Microsoft’s part (less hardware support, less development and testing cost). They basically said screw the customers and screw the environment.
Fyrnyx@kbin.melroy.org 3 hours ago
Well, maybe tell Microsoft and others to stop sucking in these technological advances they treat as shiny misunderstood toys that are forced down everyone's throats and make everyone's lives a lot harder than they're supposedly making easier.
bluGill@fedia.io 8 hours ago
Lifetime for security. Other features (new drivers...) you can pay for, but security is lifetime. You need to escrow enough money to provide this service or prove that nobody is using the OS.
All services required for use of the device are also lifetime - though they may charge a subscription price so long as that price is clear to the customer before the first sale and prices go up by inflation only. After 15 years they can drop the service if it is easy for a "normal user" to switch to a different subscription provider; and all source code required for someone "skilled in the art" to create and maintain their own service provider is publicly released under terms that allow modification and redistribution was released at least 5 years before killing their own service.
You are allowed to drop support for any protocol that is not latest recommended state of the art so long as you maintain what was recommended at time of release. If a newer protocol comes out you need not support it. (Which is to say you can be IPv6 only today, and if the internet switches to IPv12 in the future you don't have to support that)
The above applies to anything network connected. OS, web browser, Security camera, thermostat....
tekato@lemmy.world 18 minutes ago
If the EU is going to pay for the developers, sure. I’d even go higher and say make it 50 years. Otherwise make your own OS or use Linux.