On Tue, May 16, 2017 at 3:13 AM, Richard Gaskin via use-livecode <use-livecode@lists.runrev.com> wrote: > > Might it be (again, we can't know for sure until we talk with each vendor) > that they simply soldered too little RAM onto the motherboard and provided > no means of updating the OS because they weren't thinking long-term? > Hmmm sounds so simply, but I think when you are talking about any machine worth more than $1000, especially from any reputable provider (i.e. one that would win a government contract) then a huge amount of thought and design has gone into all the compromises necessary to achieve the 'current objective' whilst achieving an acceptable ROI. In every case, I'm sure there'd be a desire to make it more modular, add more RAM, add more software features, or make it smaller or lighter, but just like the other Post about Tom Pitman and his need to reduce 257bytes of code down to 256 because that was all that was physically available; there will always be some constraint where today's technology and hindsight make it easy to say 'if only they did this/that/the other'. > > If hardware vendors are looking for control over their platforms, perhaps > they should be looking at open source OSes so they have access to the source > code, ensuring that it will do always be able to do what they need. > Again it sounds good but my own prediction is that open source OSes for 'the internet of everything' will be opening the floodgates for exploitations that will effect a wider portion of the community, more and more often. I'm particularly thinking of cheap Chinese smart phones and TVs. My parents have gone through several cheap Chinese smart phones (Huwei to name one brand) that have all ended up getting to an OS version and then can no longer be upgraded. The phone still makes phone calls; no software makes a phone conversation any better. That's all my parents, and the vast majority of the population needs. They are not going to buy another phone just because the OS has EOLed. The phone gets upgraded only when it's no longer fit for purpose - battery doesn't last long enough. Same with Smart TVs but on a much worse scale. Few companies, and certainly no cheap Chinese brand company has any interest, once they've sold you a TV and made a slim margin of profit on it, in keeping the OSes up to date. How often does Linux get a security update, yet how often does your Smart TV tell you you need to update it's Linux based OS? You really think the population is regularly going to check the Smart TV Firmware date and as soon as it gets to the point it no longer can be updated, or is 6/8/12 months behind Linux, they'll trash it and buy a new one? In most cases it's not even the device that tells you it's OS has EOLed, it's some other vendor's software (Google Maps/Neflix) that tells you you can't download the latest version because you aren't running the latest OS.
Cars, cameras, fridges and a whole heap more are starting to run Linux/Android and be network connected; unfortunately the bottom line, not security, is the driving factor for this choice. As I said, I predict this will increase the number of EOLed OSes available to unscrupulous entities to exploit. _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
