The Reality of Planned Obsolescence via Software…and How It Affects Your Security
I’m going to list off a few devices here. All of these have devices have three things in common. You can try and guess what those three things are before you read on and I tell you. I’ll bet that you can guess what one of them is, and maybe two, but the third thing you might not be able to guess. Alright, enough tease. Here’s the list:
- Barnes & Noble Nook Tablet
- Samsung Galaxy Nexus (GSM)
- Google Nexus 10 Tablet
- ASUS Transformer Pad TF701T
- Samsung Galaxy SIII
I know, you already got the first one: They’re all really old devices. The newest device on that list is from 2013 (!), and in the world of mobile devices, that’s ancient. What the Hell are you doing with such an old fogey of a device? Relax, I’m being fictitious. Using older devices should (key word) be a good thing, not a bad thing.
The second thing that all of these devices have in common is that they are all Android devices (yes, even the Nook Tablet is using a customized version of Android 2.3). So you probably guessed that one, too.
THE THIRD THING
But what you may not have known is that all of these devices…is that each one of them can now run either Android 5.1 or Android 6.0.
Technically, it’s versions of CyanogenMod–be it versions 12.1 or 13–but at the Dark Android Project, we know that running a custom ROM is better than running anything “official”.
How is this possible? These devices are…you know…”old”. They shouldn’t be able to run the latest versions of Android. And, wait, if they can run the latest versions of Android, why aren’t the original companies that built them releasing official new Android builds for them? Wouldn’t that be a good thing to do, especially since new versions of Android generally come with fixes that are essential to Android security (particularly when you consider Stagefright, Stagefright II, and other bugs)?Hey, with the Nook Tablet I can understand, the damned thing is over 4 years old, and Barnes & Noble certainly isn’t doing very well for themselves. So, sure, I don’t expect them to have a team at the ready for years to keep a device up-to-date with the latest Android (particularly if it’s not a great seller, which the Nook Tablet wasn’t, though I owned one at one point). But what the fuck is wrong with Samsung? Or Google? Or even ASUS? You’re telling me they can’t spare a couple of developers to keep Android up to snuff on their devices, when clearly some community fellows with a head for CyanogenMod can? I mean, if Samsung is going to make a habit of not supporting devices with Android on them only a couple years after release, for fuck’s sake, don’t buy their new refrigerators! In the case of Samsung, particularly (who technically also built the Google Nexus 10), they’re doing money hand-over-firs these days, and they can’t at least spare a couple of devs to keep the shit they offer current?
It’s all about one very simple and real business principle: “planned obsolescence“. This, of course, isn’t a new idea. It’s been around since the 1920’s and 1930’s (boy, it’s important to put that “19” in front of those decades now, huh?), and is generally believed to have started with the automotive industry. Well, I think it’s abundantly clear that it has invaded the electronics space. And while I’m sure there are plenty of cases that it could be made on the hardware-side of things, I want to concentrate more on the software-side when it comes to mobile.
Because really, when it comes to mobile devices, many of these devices (especially on the continued race to the bottom were on as far as prices/features) are built like rocks. They’re practically indestructible, and are fairly capable, as well. Consider that the Nook Tablet–over 4 years old now–is still getting developed for; obviously that’s because people still own them years later. The one caveat people mention to me about mobile devices not being near-indestructible that often gets made to is the prevalence of cracked screens. But I call “bullshit” on that whole thing. Over all of the mobile devices I’ve had and tossed around, dropped, banged up, etc., I’ve never ever had a shattered screen. Sure, I’ve obviously seen scratches, but never cracks. I think the people suffering from these cracked screens must be getting drunk and FUBAR and end up throwing their phones at the wall or something in a fit of rage. I’ve even tried giving a good punch to my “old” Galaxy Nexus with not cracks in sight (and I am–not proudly–quite capable of delivering a serious punch, mind you).
But I’m getting off topic. The point here is that there is no technical reason why companies like Samsung and the rest can’t continue to update these years-old devices. The reason that they don’t is because they need (yes, need) you to buy a new every year or two for their bottom lines to look good. They can’t have you walking around with a perfectly functional, secure, and up-to-date device for years on end. What would they sell you then? So they pull the old tac of stopping support for the device that you bought. In the cases of companies like Motorola/Lenovo, sometimes they’ll drop support after only a few months (consider the now infamous 2015 Moto E).
IT’S NOT JUST ANDROID
And don’t go thinking that Apple is immune to this either. It has been widely theorized, and now practically proven, that Apple is purposefully slowing down your iPhone by–through all ironies–making updates to iOS only work properly on newer devices, leaving your older iPhones in the dust, regardless of the fact that the new versions of iOS could run perfectly fine on your older iPhone, and that your older iPhone may be in perfect condition (for example, I recently held a much-used, and yet in beautiful condition iPhone 3GS, just the other day).
To add onto the mountain of shit being produced by tech companies, it’s actually much worse than the fact that these companies need you to buy new devices annually or bi-annually. These companies, who are all public (as in, you can buy stock in the companies), have to make moves to please their investors. The easy way to please investors is to show growth numbers (and showing earnings doesn’t hurt either). Also, it helps to show “new products”, and software and operating systems can certainly count as a “product”. So just to please investors and show growth and new products, the likes of Alphabet/Google, Apple, Samsung, and the others will release new versions of operating systems loaded with unnecessary and largely meaningless features (minus the security updates, which, if they were honest, don’t need entire OS updates to implement, they just do it at the OS level most of time to feed the scheme I’m describing to you) that makes their spreadsheets looks good, and then they double-up on making investor calls look good by showing pie graphs with adoption numbers of new versions of Android or iOS…which in turn generally guarantees that their have been new devices sales by the percentages shown.
It’s all a scam.
IT GETS WORSE
And while the ridiculous schlepping of updated devices that don’t need updating (nor warrant it through most concepts of anything remotely like subjective value) through software-based planned obsolescence is bad enough, it’s actually much, much worse.
Millions of people just can’t afford this “buy a new device ever year” plan. And with mobile providers dropping their 2-year contract deals that used to allow people to get new phones at heavily discounted prices (which they had confused for the real price), the average person’s only hope is in the fact that the price of quality phones is dropping significantly (even though you usually can’t purchase these great low cost phones in the US). Even Apple knows this is a problem, which is why they started their “iPhone leasing program” where people pay a monthly fee to always have the latest-and-greatest iPhone (while never actually owning one…so much for status symbols).
And because millions of people can’t afford this, the entire mobile device ecosystem is in danger due to the fact that most people just won’t get the latest security updates and bug fixes by the nature of planned obsolescence from these insane tech companies. Frankly, the entirety of the World Wide Web is in danger because of this.
Why do you think Microsoft was still sending out security updates to Windows XP, over a decade after it was released? Because they knew how much infrastructure and business relied upon Windows XP. The world as a whole literally needed security patches for Windows XP, long after it officially went out of its last support phase. Entire businesses and banks (not that banks crashing would be a terrible thing) could have been shut down without those updates.
And as more and more of our interconnectedness and business is done on mobile devices, the more and more important it becomes that every single mobile device is continually updated with the latest security updates. But that’s not going to happen because…planned obsolescence. Because…profit margins.
You know, I agree with the great (seriously) Ayn Rand when she said, “‘Profit’ is not a dirty word”. She’s right. It isn’t. But “value” isn’t a dirty word either. “System security” aren’t dirty words. “Updates” isn’t a dirty word. But apparently Scamsung (sic), Alphabet/Google, and Apple seem to think they are.
WHAT YOU CAN DO ABOUT IT
Fortunately, things like CyanogenMod exist, and the developers that work on it give a shit about this sort of thing. They care about updates. About building things to last instead of building them to fail.
At the Dark Android Project, I often talk about the importance of purchasing devices that either have a community built around them that will pick up the “update slack” when the manufacturer moves on to their next block of sensors…err…mobile device (like the Nexus devices do…including the Nexus 10, as we proved here), or purchase from manufacturers that have good track records of keeping their devices updated for the long haul. I’m very particular in what I recommend as far as hardware on this website, and checking in here–or listening to my tech podcast, Sovryn Tech–is a good start if you want to see what’s worth investing in. I’ve also recently started a security consulting company–Sovryn Tech Solutions–where you can also hire me to keep you up to date on these matters as an individual or a company.
In short, be an educated consumer. Stop giving money to companies (as much as possible) that have preposterous planned obsolescence models built into what they do. This madness has to stop.