1. 33
  1.  

  2. 15

    I find it funny that most of these big tech companies claim they’re all in on going environmentally friendly, but yet you’re forced to throw a perfectly good piece of hardware into the trash after a few years. E-wasting doesn’t count because I feel most people don’t do this and e-wasting is arguably a joke. Most of your e-wasted stuff ends up on a boat to a developing nation where its ripped apart by hand and the toxic chemicals get into the local water supply.

    1. 3

      Consider a plausible alternative:

      Assume that a big vendor builds its hardware thick/strong enough to last for ten years physically. Say a phone with thicker, stronger glass in front, a battery design sized for longevity, a strong case made of thick metal, and a stock of spare parts large enough that even the average customer uses the device for ten years, the demand for repairs is 95% likely to be met. Assume it sells millions, like the real devices in the real world. Assume further that most buyers replace it after two or three years anyway, perhaps because some new apps ask for newer, faster CPUs or more RAM/storage. How much glass, metal, chemicals did the vendor waste on building longevity?

      It’s not obvious to me that catering to the people who want longevity is a net win over today’s state.

      1. 4

        What you are describing for a substantial part of this post is a rugged device, which is an entirely different class. You don’t need a strong metal case and a thick glass to keep a device safe that sits on the couch for most of the time.

        No one disagrees that when someone sits on it, it’s a tradeoff to make whether it breaks or not.

        The post is talking about software longevity, which is much easier to create.

        1. 2

          Actually, what I had in mind was a phone rugged enough to survive in a pocket for years without being bent out of shape or destroyed by a keyring, and with a battery designed to be charged n thousand times over many years instead of being designed for quick charging and maximum initial capacity.

          Are phones carried around in pockets a parficularly rugged class of device? I think not.

          EDIT: Wait, are you suggesting that manufacturers should provide software updates well after the end of a device’s expected physical lifetime?

          1. 4

            No, I’m suggesting that manufacturers should not block people from providing their own software updates.

            1. 1

              I think you mean “should not bootlock their devices”, right?

              As I understand it (from idling in the LineageOS irc channel) the big problem of devices like the one in the blog post is that the hardware is buggy and there’s no documentation, not even a sensible git commit log for the kernel source. MediaTek in particular has a rotten reputation among LineageOS contributors. Some/many devices are also bootlocked and that could be a big problem, but in a way it isn’t. The comparable devices that aren’t bootlocked, or for which security bugs are well known, don’t have a lot of LineageOS ports, see?

              Whether you’re killed by two bullets or three doesn’t make much difference, you’re just as dead.

              You could of course demand documentation, sensible driver code and an open booter. That at least makes it simple to spot unsuitable vendors.

            2. 1

              My old dumbphone (a Sony Ericsson w710i) is still alive and kicking after almost 15 years. I’ve dropped it countless times, I carry it in the same pocket as my keys. Battery life is still pretty good (I charge it once a week or so). I would definitely consider it “rugged”.

              1. 1

                Phone hardware tech took a giant step back in reliability with the advent of glass fronted touchscreens (don’t @ me). Older Nokias and Ericsson phones were really durable.

          2. 3

            Assume further that most buyers replace it after two or three years anyway, perhaps because some new apps ask for newer, faster CPUs or more RAM/storage.

            I don’t think that’s a given. Games consoles come to mind - developers are able to wring more and more out of the same hardware over its lifespan. There’s lots of room for creativity given that kind of constraint, and I’d love to see it happen in mobile development.

            1. 3

              No doubt a global recession will facilitate this…

              Consoles aren’t really analogous. The console makers often make decent amount of money from each game sold - the hardware is a loss leader - so it makes sense to provide games for as long as possible for each console generation.

              Phone/tablet hardware makers (apart from Apple) don’t make much money after the initial sale.

              1. 4

                Consoles aren’t really analogous. The console makers often make decent amount of money from each game sold - the hardware is a loss leader - so it makes sense to provide games for as long as possible for each console generation.

                They are - kind of. And they are a good example how long term stability yields improvements through giving people the possibility to gain experience.

                The price of the platform[1] is roughly stable and the sturdiness of the platform is a major part of marketing and success. They just selected their item margin to be negative. Still, they are constantly being changed internally.

                Apple is a good example on the high end: their margins after sale aren’t that high and they struggle to sell monthly services. They are actively moving to improve that. Google has also made the model work for them: they get fees from vendors for certification and have vendors build the hardware platform from them.

                One could say that consoles are a prime example of someone looking at the problem an making their business work early!

                [1]: For those interested, there’s a good interview on the background of the XBox 360 with their German marketing manager, sadly in German: https://www.stayforever.de/2019/12/xbox-360/. Just as an example: he makes the interesting point that consoles built out of standard components can’t drop in price over their lifespan as components need to be constantly changed - they will just not be fabricated anymore. That’s also the reason why HD sizes get bigger over the lifecycles: the vendors just don’t sell smaller ones anymore.

                1. 1

                  Thanks a lot of expanding on this. Very interesting.

                  FWIW I’m a satisfied Xbox user and I really appreciate how easy it is to acquire older games at good prices without having to hunt around for used items[1]

                  [1] and yes I know this is probably bad for resale and for people owning physical media but it’s so damn convenient!

              2. 2

                Of course it’s not a given. The question is how often it would happen, and whether the percentage would be such that the resource waste would be larger than the waste due to the actual short lifecycles.

                1. 1

                  Games consoles come to mind - developers are able to wring more and more out of the same hardware over its lifespan.

                  The problem is that developers aren’t targeting a ten year old device, they’re targeting at most two year old devices. As long as only a tiny portion of their target market is using old devices, this won’t change. In the console case, the developer could motivate the extra optimization work with the knowledge that all their users would see the benefit since they’re all using known hardware.

                  It’d help if OS vendors would support devices for longer periods, of course. I think we’ll need to give them some slack for the initial period of mobile device growth, since device capabilities grew enormously year to year, but today I don’t it’s unreasonable to require OS updates for ten years.

                  1. 1

                    The problem is even worse then this: You don’t even have to look for old devices. Lower end devices are already in the range where you are targeting a spec from 5 years ago.

                    Apple got this a little in check by reminding developers that the devices get beefier for more multi-tasking, not for one application taking more space. I still run around with an iPhone SE and have absolutely not performance issues - I just have to use less background services over an X. So developers in that ecosystem are already used to supporting at least 5 year old devices.

                    But this problem is really hard if you want to enter the lower end market: Firefox OS for some parts tanked because it was mainly targeting cheap devices, a device class that well-paid developers would never use. For that reason, the reference devices were also much beefier then the deploy target, which lead to a very unusable ecosystem.

                    There’s a huge underserved market untapped because serving the top end pays well enough.

                    1. 1

                      Yeah, I was imagining a world where mobile devices have a 10-year lifespan and 10-year release frequency to match. I’m guessing batteries are the main thing holding that back at the moment (edit: or they could just be replaceable).

                2. 3

                  People can simply not use the device.

                  The correct way to vote with your wallet when nobody makes an item that has the attribute you want (longevity) is to not buy any more. Instead, what most people do is buy a new item, and complain on the internet.

                  Many times I have read and heard “watch what people do, not what they say”. Corporations do.

                  As long as consoomers continue to consoom, companies will continue to produce.

                  1. 1

                    but yet you’re forced to throw a perfectly good piece of hardware into the trash after a few years

                    at what point is it the ethical thing to do to force “perfectly good piece”s of hardware into the trash if not doing so compromises the security of how many “even better” devices. Is there a threshold? Is it based on the amount of securable but kept insecure devices? Is it based on the difficulty of the exploit? How do you measure that?

                    I would argue that if supporting a device causes other devices to be less protected against attacks, then that initial device is not “perfectly good”, but is in-fact broken and needs to be fixed or replaced.

                    While some attacks on TLS 1.1 are still very theoretical, we know that nation states probably have the means to break it at this point and if you keep supporting TLS < 1.2, then by the nature of downgrading attacks, you’re putting every device at risk, even if it would support later TLS versions.

                    1. 23

                      at what point is it the ethical thing to do to force “perfectly good piece”s of hardware into the trash if not doing so compromises the security of how many “even better” devices. Is there a threshold?

                      The tablet in question is capable of running a present-day TLS stack. It doesn’t even really need ported; we’re taking about ARMv6 at worst, and raspbian already has a TLS stack working on that architecture. It just needs a release to be zipped up, signed, and distributed.

                      This really has little to do with TLS, and nothing up do with the website operators. They’re following best practice to ensure that rogue ISPs don’t modify their page in transit. I blame the OEM, and partly blame Google for tying TLS stack updates to the OEM.

                      1. 1

                        And you blame the customer, right? I assume the customer bought a tablet without even trying to choose the vendor with the longest support lifecycle. The blog post doesn’t say “I picked the vendor with the longest support lifecycle.”

                        EDIT: If that sounds unfriendly, that’s because my phone is from the vendor with the longest support lifecycle, and it’s not long enough for my taste, and I think that if more customers would care about the support lifecycle at the time of purchase then more vendors would promise two years and mine would promise four. Complaining years later is futile, just empty words. The time of purchase is when you can vote with your wallet.

                        1. 3

                          my phone is from the vendor with the longest support lifecycle, and it’s not long enough for my taste

                          Jolla still provides SailfishOS updates for its original Jolla phone which was released about 6 years and a half ago, so you probably didn’t choose the vendor with the longest support lifecycle :).

                          1. 1

                            I don’t recall seeing any Jolla phones at the time (around September 2018).

                          2. 2

                            The post addresses this and points out that even if they wanted, they couldn’t modernise/service the device themselves. That is independent of the support lifecycle.

                            1. 2

                              In that case the question to ask at purchase time is whether they could modernise or service the device themselves, and the posting doesn’t say “I was careful to buy a tablet with an unlocked bootloader and no MediaTek SoC” either.

                              1. 2

                                As suppliers rarely document their intended service period, this decision is hard to make. And this is essentially “blame the problem on the customer”.

                                1. 1

                                  I didn’t have much problem finding a phone vendor with a documented period, and reports from third parties that “my” vendor’s period was the longest I could expect to find.

                                  I suspect OP didn’t even bother to try, then complained about a lack of success.

                        2. 3

                          That’s a bad argument. Maybe some years ago it could have been decided that looking forward, TLS stacks should be easily upgradable. Maybe our whole OS design is flawed if we have to throw away heaps of just 2-3 year old devices if they can’t be reused. Oh wait, does anyone throw away a PC because they won’t get any updates to their OS? No, no one does.

                          Maybe Android was a bad idea.

                      2. 11

                        It is sad that a lot of devices are falling for this.

                        Though one should point out one thing: The reason is not just that people aggressively deprecate old TLS, it is that for too long it’s been standard practice to ship products with sub-standard / already outdated TLS. 10 years ago TLS 1.2 was already there (it’s been developed 2008), but for years to come products were shipped with TLS 1.0 only and never received an update for this.

                        AS a reminder, if you buy something today you may want to ask: “Does it support the latest version of TLS and other relevant standards?”

                        1. 4

                          That’s a good idea but how should this even work on a bigger scale?

                          I bought a new Android phone just 2 weeks ago. I did some research. It was supposed to support Android 9 (I couldn’t figure out how long this will be officially patched, I can only guess from older versions) but it shipped with Android 8. I sat through a few hours of n->n+1 updates until I arrived at 9.

                          I deliberately bought a device that’s supported by LineageOS now - but no one can tell if it support could be dropped at the same time or a little later than the official support. I doubt it, but I can’t know. From my point of view I already put up some effort to try to avoid it. But I’m so pessimistic that I still chose a model that’s a little older, and thus cheap, over a brand new phone. Because if I bought a 900 EUR phone that wouldn’t get any security updates after 2 years I might just find the company’s headquarter and throw it through their window.

                        2. 7

                          I was expecting a proper rant, but this is a very good write down of a frustrating situation. There’s one thing I don’t agree with:

                          As a consumer, I would love to pay a little more for devices like these that continue to be repairable and update-able.

                          The ability to self-service and repair should always be free. Otherwise, people that are mostly reliant on in (low income, etc.) will miss out.

                          1. 3

                            Agree that the right to repair should be free. Lumping reparability and updateability in the same sentence maybe wasn’t the best choice in hindsight. With that sentence, I was considering the burden on the producer to support the software years down the line, but maybe with right to repair you don’t need that. If I can throw my own ROM on here, what would I care if Google supports it any longer.

                            1. 2

                              Maybe OP meant that the total cost of the device can be a bit higher, to cover stuff like added support for updating the software, and engineering for repairability.

                              1. 2

                                Same, same, but different. This will end up in classes of devices, where the higher priced ones give you better access. Freedom to tinker should be a fundamental given.

                                1. 2

                                  That’s pretty much what happened here; this looks like a $75 tablet from a drugstore that never had any appreciable vendor support.

                                  1. 2

                                    I agree in principle - if these requirements were enshrined in law, every manufacturer would have to abide by them and the cost would be spread out.

                                    As it is, I suspect a very small minority of consumers (including those with low income) are planning on keeping these devices much longer than 3 to 4 years.

                                    1. 7

                                      As it is, I suspect a very small minority of consumers (including those with low income) are planning on keeping these devices much longer than 3 to 4 years.

                                      This might be true in the US, but if you ever go to countries where our “low income” is a high income, this reverses. I travel Southern Africa a lot (due to having family there) and it’s amazing how much of a repair culture exists there. The attitude that repair is optional (also for cars and such) is hugely damaging there. It gets worse when parts, tools and services aren’t readily available/can’t be kept in stock.

                                      1. 1

                                        That’s a good point, I confess to having a very 1st world outlook in this case.

                              2. 5

                                A practical work around may be to set up an http to https proxy on your local network. Maybe mitmproxy could do the job? I never tried setting that up, I may be wrong

                                1. 1

                                  You are correct, I was personally going to make a comment about socat or literally a reverse proxy of any sort.

                                  1. 1

                                    I think this won’t work for Google Play because Android heavily uses certificate pinning.

                                    edit - I may give it a try though

                                  2. 2

                                    TLS implementations must be kept fresh continually. Yet other protocols don’t change as much; OP was still able to connect to Wifi, just HTTPS was broken. I understand the need for HTTPS from a privacy standpoint, but I’m still not convinced that static pages MUST provide HTTPS ONLY.

                                    When providing HTTPS, you must still trust the initial HTTP redirect not to be MITM-ed, or you need to have your site HSTS-preloaded. If you would answer the initial HTTP request with the actual page, but with a special tag that lets the browser know that HTTPS is also available, wouldn’t that satisfy both privacy needs and backwards compatibility?

                                    I already do this on a page where I offer both HTTP and HTTPS, but when you load the page over HTTP, one of the resources on the page is an empty CSS file, and it is always retrieved over HTTPS, with an HSTS header. This causes the browser to load subsequent requests over HTTPS, if supported.

                                    See also this discussion: https://lobste.rs/s/xltmol/this_page_is_designed_last#c_keojc6

                                    1. 4

                                      When an HTTP site is MITM’d, you don’t choose what is on it. It doesn’t matter you intended it to be a static site that doesn’t handle sensitive data. It’s attacker’s site now, and it can ask for and serve whatever it likes.

                                      https://doesmysiteneedhttps.com

                                      you must still trust the initial HTTP redirect not to be MITM-ed

                                      That’s why every single site has to have HTTPS, no exceptions, because the goal is to drop support for insecure HTTP completely to close that vulnerability.

                                      1. 4

                                        I’m somewhat sympathetic to that point of view, but it doesn’t do much to address the article’s point - that to have actually secure, or at least secure as we can get, HTTPS everywhere, then every device that accesses the internet needs to be on a continuous upgrade path to keep the HTTPS stack up to date. Conversely, any device whose updates get stopped will eventually no longer be able to access the internet at all. Including to pick up new updates. Seems like a rather high price to pay to ensure that somebody’s cat picture blog can’t be tampered with.

                                        1. 2

                                          It’s a shame that devices without updates stop working, but we as an industry haven’t figured out yet how to make an actual long-lived device. So far we’ve only succeeded by ignoring the problem and keeping insecure software unpatched. That’s not a wise strategy for connected devices.

                                          Breaking every “cat blog” sounds extreme, but OTOH it makes insecurity/software obsolescence visible. Hopefully, it will make users demand maintained software and force vendors to start taking responsibility for software they ship.

                                      2. 3

                                        I appreciate your opinion that static sites don’t need HTTPS, but many sites that are used daily by many people (like banks, access to government services etc) do use HTTPS almost exclusively - because that’s where it’s useful.

                                        1. 3

                                          Or because the site won’t make life easy for ad-inserting middleboxes. Middleboxes that modify the HTML are a pain, both for the end-user and the web site’s support staff, if any.

                                          1. 2

                                            I keep hearing that argument, and I’m just happy I live in a competitive broadband market where any ISP that tried that sort of thing would go out of business …

                                            1. 3

                                              I saw advertising in my own presentation material at a conference once. The conference venue hasn’t gone out of business. My web sites use HTTPS now.

                                              1. 2

                                                I assume for conf venues, that’s not much of an issue. HTML for slidedecks is a fringe thing and even then, it’s probably Google Slides or Powerpoint online.

                                                As a conf organisers “venue has terrible practices for IT events” is my standard. One of my preferred ones is the capped internet with a max capacity of 255 devices…

                                      3. 1

                                        Off topic, you may want to run a spell checker over your posts.

                                        On topic, yes, this is annoying!

                                        1. 3

                                          Thanks, I’ll run one on it and make some corrections. I wrote it in vim, in which I’ve still not found a good spellcheck workflow.

                                          1. 10

                                            What’s wrong with the built-in :set spell?

                                            1. 1

                                              I set F3 to toggle spell check on and off, it really helps me keep it off except for spell checking passes.

                                        2. 1

                                          Maybe you can install a current version of LineageOS or PostmarketOS on this device to make it last a few years more, if the hardware is supported at all. Yet another reason why portable devices are in need of an entirely free software stack.

                                          1. 3

                                            The post says they would do if a root were available.

                                            1. 2

                                              Ah, I didn’t properly understand what they meant by that

                                              1. 1

                                                Happens! <3

                                                1. 2

                                                  Does unlocked bootloader really equal root?

                                                  Honest question, I put LineageOS on a Nexus 5X a while ago and the TWRP firmware asked me if I wanted root, to me that’s a sign that it wasn’t rooted at that time. Or was it rooted for the time of applying the other image and then not?

                                                  1. 3

                                                    You are correct that unlocked bootloader ≠ root. Especially devices made in more recent years have made the distinction a bit more clear, and there are semi-supported ways of unlocking the bootloaders on many devices, which then in turn makes it easy to install root.

                                                    However, a decade ago, the situation was very different, and the typical device was locked, without the OEM providing a way to unlock. Thus, tinkerers were usually forced to look for security bugs in the firmware, and they would typically use those to obtain root, and unlock the bootloader at the same time, which is why the two terms are often conflated.

                                                    1. 3

                                                      It’s also interesting that “rooting” an iPhone is called “jailbreaking”, after the first implementation of it, which was literally called “jailbreak”.

                                                      1. 2

                                                        Very good explanation, thanks! Roughly what I had guessed (especially that nowadays a few more devices seem to be unlocked) but as I have personally not owned a lot of Android phones I never investigated a lot of details.

                                                        1. 1

                                                          Another confusing conflation of terms to be aware of if you aren’t already: carrier unlocked ≠ unlocked bootloader, but “unlocked device” is sometimes used to describe both of them.

                                                          1. 1

                                                            That’s true, but at least in Germany I hadn’t heard about “carrier locked” in many, many years. Not even sure it was a thing since Android.