We’ve seen manufacturers abuse ongoing access to devices to turn off features the device came with at the time of purchase or convert one-time-fee features into subscriptions. One of my concerns is that security updates are strictly defined in a way that prevents this type of regulation from being used as cover for these shenanigans.
I just want to reaffirm the importance of this point. I've used an open source solution named Home Assistant[0] to manage my own network of IoT devices that I don't expose to the internet. I want to stay local because of the risks involved with the internet and with trusting companies to protect such private data.
As such, I look to purchase relativity open devices. But, companies want to keep trying to inject themselves as a middleman, sometimes after the fact. In that case I'm let with a device that becomes e-waste. I don't know what other actions are being taken in regards to subscriptions, but it's a problem here.
> One of my concerns is that security updates are strictly defined in a way that prevents this type of regulation from being used as cover for these shenanigans.
And then as a manufacturer you need to pay someone to certify that, or otherwise risk a class action lawsuit?
What about hardware that uses third party software? (Either because it's a genuine third party, eg when you put open source on your router, or because the manufacturer split into two companies to exploit a legal loophole?) Can open source software only make releases that update automatically after getting certified, or risk getting sued otherwise?
