this post was submitted on 26 Aug 2024
238 points (99.2% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54746 readers
222 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I completely agree with you in principle for people who want their software updated, but there is some software that is standalone and doesn't depend upon changing codecs/APIs etc. Something like myfitnesspal or a thermomix shouldn't be a subscription, there is no major updates to how someone tracks their exercise uses a hot blender that justifies it beyond users being locked in.
In the example of thermomix, you've already paid top dollar for the hardware, getting locked out of functionality you've paid for stings.
I won't dispute that both of these likely abuse the subscription model for their benefit. But they definitely have a social responsibility (and in many cases a legal responsibility) to keep updating the software in these products and the network infrastructure that go with them. The internet of things is one of the most vulnerable attack vectors we have. It has been exploited many times not just to attack individuals, but to create massive bot nets that can target corporations or even countries. The onus is on the manufacturer to continuously keep that at bay. You know what they say - the "S" in "IOT" stands for security.
I mean, it would be zero cost if it was a fucking normal device. Someone had the idea that a juice squeezer or a toaster should be online... for... what, exactly? Remove the online (or even better, remove the software), you completely remove the cost that you want impugn on the user with "subscriptions".
No argument there. But apparently there's a market for it.
I agree that IOT things need to be secure. Is it really too much to ask that apps/devices are made secure from the ground up?
To stay on the thermomix, all the subcription is is a connection to their servers to give access to their live step by step recipes. Surely that's just a secure end-to-end encrypted connection? I'm not a developer but it doesn't sound like buyers should be expected to pay the manufacturer to maintain beyond buying a thermomix/upgrading to new versions of the hardware when they want to access any new features.
In a way, yes. They can and should definitely be made with security in mind from the ground up. But they will never be totally secure, and a necessary part of what constitutes a "secure product" is to continuously and quickly patch security issues as they become known.
I would bet it's still a bit more than that. But even if it's just a secure end-to-end encrypted connection, here is the list of vulnerabilities fixed in OpenSSL (which is probably what they use for secure encrypted connections). It's five so far in 2024. Then there's some OS kernel below that which can have security issues as well. The Thermomix probably also has user authorization components and payment methods, plus various personal information that has to be protected under GDPR.
Hmmm.. okay it sounds like the subscription model does actually make some sense for devices that need to maintain an internet connection/IoT applications. Thanks for taking the time to enlighten me.
In the olden days software used to be sold by individual major versions. You paid for version 9, you paid for version 10. Or you skipped versions you didn't need. You could use versions side by side. The newest installed would import its data from the older ones. etc.
App stores have made this very awkward or almost impossible. There's no concept of separating major versions. You'd have to buy and install completely different apps to be able to pay for them separately and to use them side by side, but if they're separate apps they can't import your data from each other. Not to mention that people seem to hate having "too many apps" for some reason.
Software subscriptions switch the "support per major version" to "support per time of use". It's obviously shittier but it's more realistic than a one-time price and expecting to use the app in all future versions in perpetuity. The one time price would have to be very large to be realistic.
This is an interesting point as well. Before, if you weren't happy with an update or whatnot, you could just keep running the older version. But nowadays that's impossible in many cases.
TBF in most cases forced app obsolescence is on the developers. Some of them are super aggressive and will force you to update without really needing it. Like, come on, package tracking app, I really don't believe you're unable to show me the package pick-up barcode without updating. 🙄
But yeah, on iOS it's completely impossible to get older versions, once you've updated something that's it. And even on Android I've noticed that it's become impossible to downgrade some apps even if I have the old apk, the Google installer simply fails to install it if I've ever had a newer version installed.