The Computer Corner

COMPUETRS

By Charles Miller

 

“Sell It and Forget It” Policies Leave Tech Customers Vulnerable

 

A client of mine recently had a bad experience with Hewlett-Packard. She had a very expensive and relatively new color laser printer with a minor problem that should have been easily repairable, but HP told her that parts were unavailable for discontinued models and she would have to buy a new printer… and HP charged her 499 pesos just to tell her that. For decades, the manufacturers of consumer products have been getting away with the unethical practice of planned obsolescence, but today there is at least some news that this might be coming to an end for some products.

Quietly and out of the public eye, there has been an acrimonious battle fought between the US Food and Drug Administration (FDA) and the makers of medical devices. Today more and more medical devices, from big MRI machines to tiny blood pressure and blood sugar monitors, run on software connected to the Internet. The FDA has argued that the safety of these devices depends in part on the ability to audit the software for security vulnerabilities and to be able to fix any problems that are discovered. The manufacturers have fought against this tooth and nail, insisting that their software is proprietary and should remain secret. One person who apparently disagreed with this is former US Vice President Dick Cheney, who allegedly had his heart pacemaker replaced because of the possibility it could have been hacked from the Internet.

The FDA is moving forward with new rules that make a case for the safety of medical devices depending on an end to the confidentiality manufacturers sometimes use to hide their design flaws. Meanwhile, the governments of the US and other countries are putting their purchasing power behind new rules for what governments buy. New purchasing practices are beginning to require that any products containing software and purchased by the government must permit the buyer to audit that software for bugs or vulnerabilities and that there is some kind of update vehicle to fix any software problems found during the entire lifetime of the product.

The manufacturers of cell phones are the worst perpetrators of “sell-it-and-forget-it.” There are many serious security problems already discovered in the software running millions of older smartphones, yet the manufacturers appear unconcerned that hackers are actively looking for ways to exploit those known vulnerabilities. This could be as serious as China, Russia, or just a lone hacker using millions of cell phones to attack and shut down the electric power grids in all North America.

Slowly but surely I believe the winds are changing, and in the future the ability of manufacturers to sell-it-and-forget-it will probably be more constrained. Whether the product is a smartphone, pacemaker, or color laser printer, the makers of these and other Internet-connected products will be pushed to provide better continuing support than they do today.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com

 

Comments are closed

 photo RSMAtnWebAdRed13.jpg

Photo Gallery

 photo RSMAtnWebAdRed13.jpg
Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove