> Somebody has to pay for the support. There is no free meal.

The problem is not that people need a free meal. The problem is that people need the ability to eat some other food when the OEM's restaurant is closed or unsatisfactory.

We don't care about their licenses; that's their problem. If they need firmware with a license that allows them to redistribute it there are plenty of free ones to choose from.

And you can't wait until after they're dead to have them do something. By then they're gone or judgment proof because they're already bankrupt. Especially when you're talking about companies that aren't in the jurisdiction because you can't even make them do anything when they're already not shipping products to you anymore. It has to be from Day 1.

If they were trying to save costs they would ship the community firmware on the device to begin with because then they wouldn't have to write and maintain their own. The community welcomes them to externalize those costs onto the people with better incentives to improve the software.

What they're actually trying to do is obsolete the devices faster because then they won't add new protocols or other software-only features to older devices so you have to buy a new one, or only expose features in more expensive models that the less expensive hardware would also be capable of doing. Which is all the more reason for us to not have that.

And if they were required to allow anyone to replace the firmware then you would get companies reflashing and selling them that way from the store because the free firmware has more advertisable features. There's a reason you can go to major PC OEMs and pick between Windows, Linux and "don't even install one" and the reason is that if you give customers a choice, they generally don't want their software to be made by the OEM.

> How on earth is embedded creds in any way: "no known bugs"?

You misunderstand how organizational knowledge works. You see, it doesn't.

Some embeds the credentials, someone else ships the product. The first person doesn't even necessarily still work there at that point.

Remember that time NASA sent a Mars orbiter to Mars and then immediately crashed it because some of them were using pounds and the others newtons? Literally rocket scientists.

The best we know how to do here is to keep the incentives aligned so the people who suffer the consequences of something can do something about it. And in this case the people who suffer the consequences are the consumers, not the company that may have already ceased to exist, so we need to give the consumers a good way to fix it.

> Manufacturers have never had to care about security because no Gov agency would ever mandate secure firmware.

The problem is that "secure firmware" is a relativistic statement. You ship something with no known bugs and then someone finds one.

What you need is not a government mandate for infallibility, it's updates. But then vendors want to stop issuing them after 3 years, meanwhile many consumers will keep using the device for 15. And "require longer support" doesn't fix it because many of the vendors will go out of business.

What you need is the ability for consumers to replace the firmware.

That solves the problem in three ways. First, when the company goes out of business you can still put a supported third party firmware on the device. Second, you can do that immediately, because the open source firmwares have a better security record than the OEMs to begin with. And third, then the device is running a widely used open source firmware instead of a custom device-specific proprietary black box, which makes it easier for the government or anyone else who is so inclined to find vulnerabilities and patch them.

> maturing technology for swapping batteries as a refuelling strategy

This seems like a non-problem to begin with. There are electric semis with a 500 mile range, which at 60 MPH is over 8 hours of driving, i.e. the legal maximum in most places. The same trucks can also add 300 miles of range in 30 minutes, which adds five hours of driving in the time it takes for a typical lunch break. Why do you even need to swap the batteries?

Class 8 trucks are solved. Volvo, Freightliner and Tesla all make electric semis. They're not a large percentage of the installed base yet but there there is nothing that needs to be invented, only adopted, and the latter will pick up as the battery costs continue to decline.

Chemical feedstocks are only a small percentage of the petroleum market. The large majority is fuel. If you stop burning it there is plenty of supply and you're not worried about whether you can get any from Iran.

China can't stop you from using solar panels you've already installed and you could manufacture new ones somewhere else.

Solar actually makes a lot of sense for a significant fraction of the grid. It's specifically excellent for electrifying transportation, because most cars are stationary at an office park during the majority of sunlight hours. Install chargers there and you solve the problem of people in apartments not having them at home and you don't have to worry about the intermittency because you're literally using it to charge batteries. Solar is cheaper at the cost of intermittency, so for the things where intermittency doesn't really matter it makes obvious sense.

When it sucks is when you need reliable power in winter at night. Which is what nuclear is good at. But then... you can use both, each one for the thing it's better at.

The trouble with your analogy is that physical reality works the same way. People have been committing mail fraud since the advent of post offices. Spies have been planting bugs on delivered goods since the invention of bugs. The thing that causes this isn't digital devices, it's long-distance delivery of goods and messages.

Meanwhile installing software on your own device is the thing that isn't that. They're preventing it even when you're the owner of the device and have physical access to it. They're not installing a lock so that only you can get in, they're locking you out of your own building so they can install a toll booth on the door.