> One of my concerns is that security updates are strictly defined in a way that prevents this type of regulation from being used as cover for these shenanigans.
And then as a manufacturer you need to pay someone to certify that, or otherwise risk a class action lawsuit?
What about hardware that uses third party software? (Either because it's a genuine third party, eg when you put open source on your router, or because the manufacturer split into two companies to exploit a legal loophole?) Can open source software only make releases that update automatically after getting certified, or risk getting sued otherwise?
And then as a manufacturer you need to pay someone to certify that, or otherwise risk a class action lawsuit?
What about hardware that uses third party software? (Either because it's a genuine third party, eg when you put open source on your router, or because the manufacturer split into two companies to exploit a legal loophole?) Can open source software only make releases that update automatically after getting certified, or risk getting sued otherwise?