Most systems now "fail closed" because they are based on a code signing chain of trust that has no exceptions. It would be better if some portion of these systems were made to "fail open" - you don't want a botnet to take over in this situation but you should be able to delegate code signing duties to a new party when the original one goes under or stops supporting a device.
Dumping responsibility on "the community" could backfire in a big way. It sounds good at small scale but it becomes a form of entitlement if the whole industry does it.
It’s pointless anyway because there is always someone in the community who comes along and rips out support for old hardware. Because, you know, EOL, doesn’t matter that it’s a stationary target.
> What I am asking for: publish a basic GitHub repo with the hardware specs and connection protocols. Let the community build their own apps on top of it.
This concept works fine for the author's example of a kitchen scale, but fails when the device in question is something like a router that has secure boot with one key burned into e-fuses.
In that case we need both open software and a requirement that the manufacturer escrow signing keys with someone so that after EOL any software can be run.
Forcing the release of signing keys would be a security disaster. The first person to grab the expired domain for the auto update server for a IoT device now gets a free botnet.
The only real way to make devices securely re-usable with custom firmware requires some explicit steps and action to signal that the user wants to run 3rd-party firmware: A specific button press sequence is enough. You need to require the user to do something explicit to acknowledge that 3rd-party software is being installed, though.
Forcing vendors to release their security mechanisms to the public and allow anyone to sign firmware as the company is not what you want, though.
> Forcing the release of signing keys would be a security disaster. The first person to grab the expired domain for the auto update server for a IoT device now gets a free botnet.
Have you seen the state of embedded device security? It is already an unmitigated disaster.
Since you bring up botnets, there are far more exploited security vulnerabilities because a vendor EOLed support (or went bankrupt) and their firmware contained bugs that cannot be fixed because a signed firmware is required, or the source code was not provided than because their signing keys were leaked and someone is distributing malicious updates.
> Forcing vendors to release their security mechanisms to the public and allow anyone to sign firmware as the company is not what you want, though.
Yes, it is what I want. I am perfectly aware of the potential downsides and what I am proposing is worth it. The product is already EOL. In our current era of enshittification, vendor pinky promises to implement a user-bypass in their signed boot chain is not good enough. Look at the Other OS controversy on the PS3 if you want an example of this in practice, or Samsung removing bootloader unlocking in their One UI 8.0 update.
> The only real way to make devices securely re-usable with custom firmware requires some explicit steps and action to signal that the user wants to run 3rd-party firmware: A specific button press sequence is enough. You need to require the user to do something explicit to acknowledge that 3rd-party software is being installed, though.
The vendor has implemented an internal pad on the laser-welded, weather sealed, IP-rated smart watch that must be shorted to disable secure boot. Opening the device to access this will essentially destroy it, but we preserved the vendor's secure boot signing keys so missioned accomplished!
But you can still do both. Put a key into escrow that unlocks the device fully, but the key can only be used if the device is physically manipulated. This could mean holding down a button as it boots ups to put it into “enter the unlock key” mode. The mode is useless until the key is published and the key is useless without physical access to the device. And you don’t need to open anything. This could be a purely software thing. As long as you can somehow externally communicate with the device via a button, Bluetooth, Ethernet, etc. you can create a system that would allow this. Hell, you could use a magnet to trigger it.
I agree that devices shouldn’t be locked by the manufacturer AND I think that silently unlocking all devices all at once could do harm.
This is very much not an option on most embedded devices. They allow one key to be burned once.
IIRC, a certain Marvell SoC datasheet says multiple key slots are supported, but the boot ROM only supports reading the first entry (so really, only one key is supported).
Locked bootloader should just be competely forbidden, even for brand new devices. Hardware and phone owners have the right to make any change they see fit on their device, no matter if the manufacturer thinks it's ok or not.
> Now, I'm not asking companies to open-source their entire codebase. That's unrealistic when an app is tied to a larger platform. What I am asking for: publish a basic GitHub repo with the hardware specs and connection protocols. Let the community build their own apps on top of it.
The actual proposal in this blog doesn’t make much sense. Having the specs of a device isn’t going to change much because they can be determined by anyone examining the PCB. Most devices don’t have a simple connection protocol, like the Spotify Car Thing used as an example.
I understand the idea as "provide what is necessary for someone to reuse the hardware". Just the bare minimum, like how to flash a firmware and a minimal firmware.
Now for many products, nobody would spend the time needed to make it actually work, but for some it may be nice.
But I agree that it is more complicated than it seems, and realistically that would be on a case by case basis.
Honestly between the ability to flash firmware, interface specs, and maybe PCB schematics that should be enough to use an old device for a motivated individual.
My personal pet example of this is old cameras, lenses, and digital backs. Plenty of great hardware out there that currently requires very extensive reverse engineering to use that would be made a lot easier with firmware & schematics.
One great example/case for this would be Aura Frames (recommended to me by a few folks here when I posted an Ask HN) [0]
If the company disappears... what happens to the devices and the cloud storage?
I've been really enjoying the product (it's really well done, the mobile app works perfectly well) but it's a scary thought.
I also found this Reddit thread [1] with some language from the company supposedly saying they would do their best to launch alternative tooling if they disappeared, but I can't find this language anywhere else online.
I have had an itch to disect an Aura frame and do something akin to the Tonie Box jailbreak. But I am too afraid of being responsible for bricking our frame and I can't justify spending the money on one just for R&D.
In my experience, whenever you mandate open source software, you get software so unusable that it might as well be closed-source. Like, it doesn't compile, and they ignore all bug reports.
if EOL hardware become open source and community can support it then community would extend that EOL product and making it extensively harder for older customer to buy new product
I love to see this future but knowing this, company would never do this
I totally agree with the frustration of having hardware I would like to keep using but can't because it got EOL. Like a smart speaker or something.
But I don't know if there is a pragmatic way to approach that. I mean, I could also say "it should be illegal to produce e-waste", but what does that mean and how do we actually do it?
If you aren't looking at capturing 100% ewaste, then simple laws around liability and penalties for reduced functionality is all you'd need.
Simple things like "if an electronic device, through no fault of the owner, can no longer perform it's main function, then the owner is due a full refund. A company may escape the refund by placing all software required to run the product in the public domain."
It'd miss cases like fly by night companies, but you could catch big players like google disabling their thermostats for non-hardware reasons.
The only thing you'd achieve doing that is to change the "main function" of a device to somethings silly, like a thermostat being sold as an art decor with the optional additional of functioning as a thermostat too.
> change the "main function" of a device to somethings silly, like a thermostat being sold as an art decor
that seems like it can be addressed by making sure that the regulators who enforce these laws have more object permanence than a 6 month old baby.
like, if I try to sell a "metal sculpture" that by sheer coincidence is capable of firing 9mm ammunition, I'm going to have the ATF knocking on my door real quick, and they're not going to be fooled by me claiming "no that's art"
This is why the legal system is run by people with brains and reasoning and not python scripts. A real person will see that a thermostat is actually a thermostat.
Given that Microsoft currently intends to productize Windows users' data to build AI that replaces their users' jobs, it seems reasonable to cannibalize those long-term objectives...
Oh no I’d love to watch Microsoft burn, but I’m pointing out that any open sourcing abandonware is not in any businesses corporate interests. They’d sooner ‘support’ software forever by a yearly pointless update.
Let’s all not forget the ones who wouldn’t want this to happen are the same ones who hold all the power. No government will ever force this.
Windows isn't hardware. If the laptops were only capable of running a particular version of Windows XP, then yes they should either be unlocked or their firmware open sourced to allow running something else.
> And here's the thing: with vibe-coding making development more accessible than ever, this isn't just for hardcore developers anymore. Regular users can actually tinker with this stuff now.
Have you tried pointing an LLM agent at a decompiled apk? It could probably write you protocol docs for it.
Dear EU Santa, please force Meta to open source the Facebook Portal as well so I can repurpose relatively decent hardware for something useful and fun, rather than e-waste.
I actually think this is a great idea. Not even for "Open Source".
Can you imagine if UBNT had to open source its EOL boot chain, so that Cambium was legally entitled to roll its firmware for old Unifi kit? And Vice Versa?
The result might not be "Old hardware supported by the community" the result might be "Eternal product updates so we can legally prevent Cambium from taking our customers"
Open source isn’t going to happen on any real scale, because pretty much any non-trivial commercial product is going to have a ton of third party IP that the manufacturer has no right to give you.
What manufacturers should be required to do, at a minimum, is remove any impediment to you running whatever alternative software you choose.
It's the bare minimum but not good enough imo. If your smart home products rely on an external server which no longer exists, the average person will never install a 3rd party firmware and self host the servers. They will just throw it in the bin.
Ideally we should just be designing products so they don't have external dependencies. A smart speaker should be able to stream over the local network on a standard protocol which doesn't rely on an external server existing. A lightbulb should be able to be paired using a generic standard without running through the OEMs servers.
Thankfully for some devices this does seem to be the trend. Matter over Thread smart devices are not dependent on proprietary hubs, apps, or external servers.
Nice concept, yet, this isn't realistic but for a few special cases.
In simple terms, if a company has a continuum of products of a certain category over time, the designs (hardware, software, manufacturing, testing, etc.) are typically evolutionary in nature.
This means that product B inherits from product A, C from B, etc. When product C goes to market, A and B might be EOL. Open sourcing anything related to product C means relinquishing their intellectual property.
Nobody in their right mind would do that unless a unique set of conditions are in place to have that make sense. In general terms, this does not happen.
I disagree. The average consumer needs to be educated that if a remote server can brick a device you have already paid money for, you do not own it. It has been leased.
The economics of leasing vs buying are well understood by the general public. Allow them to make an honest decision at the time of purchase.
> The average consumer needs to be educated that if a remote server can brick a device you have already paid money for, you do not own it. It has been leased.
This isn't even the case: generally leased things have to work for some defined period of time ("the least period").
I also think a distinction should be drawn between things bricked because they require a server connection, vs devices bricked because the rightful owner has chosen to do so because they have been stolen.
How about requiring all APIs to be open? Companies are free to run/maintain/drop servers and apps, but we'd have the ability to use the hardware we bought, if we write our own apps.
That might actually be good for security. If APIs must be public, proper cloud security becomes necessary (rather than relying on obscurity).
Phones that don't get updates for 12 months also should be required to unlock their bootloaders, so a 3rd party ROM can be installed, or at least Magisk can be loaded.
Mediatek devices are beyond hope, but some could be saved this way that are otherwise trash.
I think you should be allowed to stop supporting a hardware device without open sourcing the software, full stop. I just think that's the least bad option.
I'd be fine if manufacturers had to have some kind of standard "nutrition facts" label of what will happen to its functionality if support is ended.
Instead of trying to regulate everything, perhaps it would be better if consumers educated themselves and did not buy devices that do not run locally using open protocols in the first place. For me, it's a hard requirement -- I will not buy a "smart" anything device that isn't supported offline by Home Assistant. This restricts my choice set, but so be it. Sometimes, it means doing more work. I won't buy a Ring camera, so I had to build my own system using generic RTSP cameras, some hard drives and a PC.
A huge feature of copyright is that it is time-limited. When the copyright period expires, it passes into the public domain and belongs to everybody.
There are two major things that undermine this for software: copyright durations, and lack of source code. Software copyright durations should be at most a few years, and to be eligible for copyright, software should have its source code published or at minimum held in escrow, so that when the copyright expires it is still useful.
We already require patents to be published in exchange for the protection we give them; software copyright needs to be the same.
Do you know what the single, most effective way to ensure end-of-life projects open sources the software and hardware? It's if it's *open source*.
Not assurances that if they meet their funding goal they'll open source. Not a pinky promise to open source in the future. Not magnanimous decision by upper management to open source if the business fails.
It's open sourcing from the outset so that people who invest in their technology can be assured they've fulfilled their promise to the community.
Pay for products that produce open source software and hardware. Pay artists that put out libre/free work. Demand projects that ask for money and "will open source in the future" open source now before taking your money.
In my view, finger wagging at corporate entities not open sourcing their products after end-of-life amounts to posturing.
One time I worked at a non-SV megacorp and they estimated the cost of open sourcing one project. It would've taken between 2 and 6 months and cost mid-six figures. Even if they wanted to pay for this when the product is about to be abandoned, they literally can't if they licensed some non-free IP.
walterbell | 4 hours ago
herf | 4 hours ago
ktallett | 4 hours ago
m463 | 4 hours ago
...although it could be "no more product support, talk to random people on github"
actually, don't know why there couldn't be legislative or tax support for these kinds of things.
irjustin | 3 hours ago
What are you hoping for with tax support?
m463 | 2 hours ago
nevermind, government rarely does this right.
0xbadcafebee | 10 minutes ago
wmf | 3 hours ago
wang_li | 3 hours ago
kogepathic | 3 hours ago
This concept works fine for the author's example of a kitchen scale, but fails when the device in question is something like a router that has secure boot with one key burned into e-fuses.
In that case we need both open software and a requirement that the manufacturer escrow signing keys with someone so that after EOL any software can be run.
Aurornis | 3 hours ago
The only real way to make devices securely re-usable with custom firmware requires some explicit steps and action to signal that the user wants to run 3rd-party firmware: A specific button press sequence is enough. You need to require the user to do something explicit to acknowledge that 3rd-party software is being installed, though.
Forcing vendors to release their security mechanisms to the public and allow anyone to sign firmware as the company is not what you want, though.
Retr0id | 3 hours ago
kogepathic | 2 hours ago
Have you seen the state of embedded device security? It is already an unmitigated disaster.
Since you bring up botnets, there are far more exploited security vulnerabilities because a vendor EOLed support (or went bankrupt) and their firmware contained bugs that cannot be fixed because a signed firmware is required, or the source code was not provided than because their signing keys were leaked and someone is distributing malicious updates.
> Forcing vendors to release their security mechanisms to the public and allow anyone to sign firmware as the company is not what you want, though.
Yes, it is what I want. I am perfectly aware of the potential downsides and what I am proposing is worth it. The product is already EOL. In our current era of enshittification, vendor pinky promises to implement a user-bypass in their signed boot chain is not good enough. Look at the Other OS controversy on the PS3 if you want an example of this in practice, or Samsung removing bootloader unlocking in their One UI 8.0 update.
> The only real way to make devices securely re-usable with custom firmware requires some explicit steps and action to signal that the user wants to run 3rd-party firmware: A specific button press sequence is enough. You need to require the user to do something explicit to acknowledge that 3rd-party software is being installed, though.
The vendor has implemented an internal pad on the laser-welded, weather sealed, IP-rated smart watch that must be shorted to disable secure boot. Opening the device to access this will essentially destroy it, but we preserved the vendor's secure boot signing keys so missioned accomplished!
IgorPartola | 46 minutes ago
I agree that devices shouldn’t be locked by the manufacturer AND I think that silently unlocking all devices all at once could do harm.
razighter777 | 3 hours ago
kogepathic | 2 hours ago
IIRC, a certain Marvell SoC datasheet says multiple key slots are supported, but the boot ROM only supports reading the first entry (so really, only one key is supported).
realusername | 36 minutes ago
Aurornis | 3 hours ago
The actual proposal in this blog doesn’t make much sense. Having the specs of a device isn’t going to change much because they can be determined by anyone examining the PCB. Most devices don’t have a simple connection protocol, like the Spotify Car Thing used as an example.
palata | 3 hours ago
Now for many products, nobody would spend the time needed to make it actually work, but for some it may be nice.
But I agree that it is more complicated than it seems, and realistically that would be on a case by case basis.
buildbot | 2 hours ago
My personal pet example of this is old cameras, lenses, and digital backs. Plenty of great hardware out there that currently requires very extensive reverse engineering to use that would be made a lot easier with firmware & schematics.
gregsadetsky | 3 hours ago
If the company disappears... what happens to the devices and the cloud storage?
I've been really enjoying the product (it's really well done, the mobile app works perfectly well) but it's a scary thought.
I also found this Reddit thread [1] with some language from the company supposedly saying they would do their best to launch alternative tooling if they disappeared, but I can't find this language anywhere else online.
[0] https://news.ycombinator.com/item?id=45341781
[1] https://www.reddit.com/r/homeautomation/comments/1b8vei3/wha...
baaron | 3 hours ago
gregsadetsky | 2 hours ago
Anybody else want to crowdfund? :)
P.s. if you end up absolutely bricking it, but at least get one great blog post out of it, it’s still worth it ha
lacker | 3 hours ago
tonyhart7 | 3 hours ago
I love to see this future but knowing this, company would never do this
palata | 3 hours ago
But I don't know if there is a pragmatic way to approach that. I mean, I could also say "it should be illegal to produce e-waste", but what does that mean and how do we actually do it?
cogman10 | 3 hours ago
Simple things like "if an electronic device, through no fault of the owner, can no longer perform it's main function, then the owner is due a full refund. A company may escape the refund by placing all software required to run the product in the public domain."
It'd miss cases like fly by night companies, but you could catch big players like google disabling their thermostats for non-hardware reasons.
fermuch | 2 hours ago
evil-olive | 2 hours ago
that seems like it can be addressed by making sure that the regulators who enforce these laws have more object permanence than a 6 month old baby.
like, if I try to sell a "metal sculpture" that by sheer coincidence is capable of firing 9mm ammunition, I'm going to have the ATF knocking on my door real quick, and they're not going to be fooled by me claiming "no that's art"
BobbyTables2 | 59 minutes ago
Why would the ATF go after them instead of YOU?
SchemaLoad | an hour ago
hsbauauvhabzb | 3 hours ago
Open source windows 10 would cannibalise Microsoft’s long term objectives.
ezst | 2 hours ago
godzillabrennus | 2 hours ago
hsbauauvhabzb | 37 minutes ago
Let’s all not forget the ones who wouldn’t want this to happen are the same ones who hold all the power. No government will ever force this.
SchemaLoad | an hour ago
Retr0id | 3 hours ago
Have you tried pointing an LLM agent at a decompiled apk? It could probably write you protocol docs for it.
natas | 3 hours ago
It is if you buy carefully: I don't buy hardware that can't be used with linux or whatever I deem necessary. And then, there's the car...
ellisd | 2 hours ago
protocolture | 2 hours ago
Can you imagine if UBNT had to open source its EOL boot chain, so that Cambium was legally entitled to roll its firmware for old Unifi kit? And Vice Versa?
The result might not be "Old hardware supported by the community" the result might be "Eternal product updates so we can legally prevent Cambium from taking our customers"
bigfatkitten | 2 hours ago
What manufacturers should be required to do, at a minimum, is remove any impediment to you running whatever alternative software you choose.
SchemaLoad | an hour ago
Ideally we should just be designing products so they don't have external dependencies. A smart speaker should be able to stream over the local network on a standard protocol which doesn't rely on an external server existing. A lightbulb should be able to be paired using a generic standard without running through the OEMs servers.
Thankfully for some devices this does seem to be the trend. Matter over Thread smart devices are not dependent on proprietary hubs, apps, or external servers.
robomartin | 2 hours ago
In simple terms, if a company has a continuum of products of a certain category over time, the designs (hardware, software, manufacturing, testing, etc.) are typically evolutionary in nature.
This means that product B inherits from product A, C from B, etc. When product C goes to market, A and B might be EOL. Open sourcing anything related to product C means relinquishing their intellectual property.
Nobody in their right mind would do that unless a unique set of conditions are in place to have that make sense. In general terms, this does not happen.
seemaze | 2 hours ago
The economics of leasing vs buying are well understood by the general public. Allow them to make an honest decision at the time of purchase.
jen20 | 2 hours ago
This isn't even the case: generally leased things have to work for some defined period of time ("the least period").
I also think a distinction should be drawn between things bricked because they require a server connection, vs devices bricked because the rightful owner has chosen to do so because they have been stolen.
drpixie | 2 hours ago
That might actually be good for security. If APIs must be public, proper cloud security becomes necessary (rather than relying on obscurity).
chasil | 2 hours ago
Mediatek devices are beyond hope, but some could be saved this way that are otherwise trash.
wilg | 2 hours ago
I'd be fine if manufacturers had to have some kind of standard "nutrition facts" label of what will happen to its functionality if support is ended.
drnick1 | an hour ago
JimDabell | an hour ago
There are two major things that undermine this for software: copyright durations, and lack of source code. Software copyright durations should be at most a few years, and to be eligible for copyright, software should have its source code published or at minimum held in escrow, so that when the copyright expires it is still useful.
We already require patents to be published in exchange for the protection we give them; software copyright needs to be the same.
galangalalgol | an hour ago
IgorPartola | 44 minutes ago
galangalalgol | 34 minutes ago
vivzkestrel | 53 minutes ago
- this also extends to software
- when it has been 25 yrs since a game has released, you are no longer making money from your game big time
- companies should be forced to open source their games at this point in time
- so that we can revive games that companies like ubisoft keep shutting down and removing from steam libraries completely
realusername | 34 minutes ago
abetusk | 30 minutes ago
Not assurances that if they meet their funding goal they'll open source. Not a pinky promise to open source in the future. Not magnanimous decision by upper management to open source if the business fails.
It's open sourcing from the outset so that people who invest in their technology can be assured they've fulfilled their promise to the community.
Pay for products that produce open source software and hardware. Pay artists that put out libre/free work. Demand projects that ask for money and "will open source in the future" open source now before taking your money.
In my view, finger wagging at corporate entities not open sourcing their products after end-of-life amounts to posturing.
0xbadcafebee | 15 minutes ago