@mcc this should be illegal.

@mhoye @mcc it’s irresponsible to allow children’s information to be stored on network-connected devices that are years out of date on security patches. while one could argue that we should mandate longer lifespans, that the software should be maintained for 10 years instead of 3, the idea that we should allow arbitrarily decrepit computing devices to be used indefinitely is intuitive but also dangerous.

@glyph @mhoye @mcc Wait, what's dangerous about supporting devices for longer? The major attack surface is Chrome itself, so common across all hardware. Google may not want to do it and the fact that they don't is a product choice on their part.

@mirth @mhoye @mcc my point is that, at *some* point, the devices are too old to be supported. The kernel is also a significant attack surface, and there are ABI stability issues with device support. There’s nothing dangerous about supporting them for longer, only costly. And maybe Google should be paying that cost for longer, I don’t know what their margins are like. It’s fine to say that 3 years is too early, my contention is only that “forever” is too long to expect.

@glyph @mhoye @mcc I don't think anyone is arguing the support window should be forever, what I'm hearing is that Google is sunsetting hardware built from components that have perfectly good upstream and vendor support, and in fact components that are still on sale in other models. That seems wrong to me.

@glyph @mhoye @mcc There is of course some ongoing cost with maintaining each model, and someone has to pay for that, but I would expect it to be minimal due to the high parts commonality between machines. Perfect kind of thing to build into subscription business. Only have to patch broken WiFi or whatever so often. Looking at a popular ten year old C720 it's a Haswell Celeron CPU, 2GB RAM, Broadcom BCM4313, etc. All very common stuff.