“Two houses, both alike in dignity…” – “Romeo and Juliet,” prologue
It sucks working on a boring project. Let’s say that you’ve been working on the same product for a few years, but it hasn’t been selling well. Even so, you’re about to start on an update for it, even though that probably won’t sell well, either. You’ve got a boring few years of unremunerated drudgery ahead of you.
But at the last minute, your boss steps in and decides to reassign you to a new and exciting project. Hooray! The company is pulling the plug on the old gizmo and starting over with a clean-sheet design – and you get to lead the effort. Instead of facing another couple of years doing boring updates to a dead-end product, you’re finally able to work on something new and interesting!
You get home that night to tell your spouse the good news. “Hey, Honey, I’ve been reassigned to that cool new Project X we’ve heard rumors about!” Pop the champagne cork. This is why you became an engineer in the first place.
But your beloved life partner has a teensy bit of bad news for you. While you were at work today, the Maytag Repairman called and left a message on your answering machine. “We’ve decided to discontinue support for all Model 42 washing machines. This doesn’t mean Maytag has just decided to stop selling new ones – we’ve decided to stop acknowledging their existence in any way. In fact, we will disable your existing machine in 3… 2… 1…. Ping! Your Maytag washer is now deactivated. Thank you for being a Maytag customer, and have a nice day.” Click.
What the…? Can they do that? You run to the laundry room and discover that, yes, your washer has been bricked. It won’t turn on, respond to button presses, or even indicate that it’s plugged in. It’s a total loss, a big 120-pound cube of useless hardware. What are you supposed to do with it now? And how the heck does Maytag have the right to remotely disable a machine you’ve already bought? It was working just fine! You’re going to sue somebody!
If you haven’t figured it out already, these are two sides of the same story. You see, you’re a hardware/firmware developer for Maytag, and you’ve been working on that Model 42 for several years. For whatever reason, that model never sold very well, even though you (naturally) bought one for yourself, and encouraged your friends to do the same. But your employer made the business decision to pull the plug on it and to reassign you to the new and improved model. As for the customers? Screw ’em. There weren’t very many customers anyway (else why cancel the product), and they can always buy the new model that you’re developing. It’ll be better anyway.
Which side of this argument do you fall on? Is the company within its rights to discontinue an unsuccessful product? Or do existing customers have a valid expectation of continued support? Can a vendor remotely disable a device that’s already been sold? Or are service agreements inherently limited with no guarantee of future availability? And what if you, as a developer, are on both sides of the equation simultaneously?
This isn’t a hypothetical problem. It’s happening right now. As one example, Google recently discontinued service for its Revolv home-automation appliance. And in this case, “discontinue service” means, “remotely brick the device.” Understandably, some Revolv customers are up in arms about what they see as Google’s heavy-handed approach to end-of-life. The company didn’t just stop sending firmware updates or close the tech-support hotline; it actively disabled perfectly good devices in people’s homes. Such are the potential side effects of Internet-enabled devices.
On the flip side of the coin, other users have pointed out that high-tech products get killed off all the time. “Creative destruction!” they cry. Without a constant winnowing of the weak and the slow, our industry would never progress. Who can possibly afford to support every product they’ve ever made, for all time? Obsolescence is a way of life. That’s the price you pay for constant improvement.
Yet the Revolv case seems different. The device relied on an always-on connection to a centralized cloud server (as so many things do these days). The cloud connection allowed for occasional firmware updates, but it was also necessary for some of Revolv’s core functionality, such as remote access via cellphone app. But since Revolv wasn’t selling well (at least, not well enough to justify further support or development), Google decided to simply switch off the servers, simultaneously rendering each and every Revolv device in the field instantly useless. The company didn’t confiscate anybody’s hardware, but they might as well have. Without the cloud connection, even Revolv’s local features stopped operating. It is, in a word, bricked.
It’s one thing to jailbreak your smartphone, botch the firmware update, and brick your phone. It’s quite another for the vendor to remotely disable a fully legal, working, paid-for device that you haven’t tampered with. Or is it?
The question comes down to deciding whether what you bought was a physical device or a subscription to a software service. The device itself is unharmed; the electronics are undamaged. But without the service, the capabilities of that device have been vastly altered. You can’t even write your own replacement firmware for said device, because that might be illegal under the DMCA, rendering it truly useless.
Looking beyond this one product, could Microsoft remotely disable every Windows 10 PC around the world? Technically, it’s probably quite doable, given the average PC’s near-constant connection to Microsoft’s servers. Could Sony, Apple, General Motors, or Frigidaire do the same thing? Probably so, since PlayStations, iPhones, Cadillacs, and refrigerators are all also Web-connected. The EULA for each product probably contains fine print allowing this or similar “updates” while also absolving the vendor from liability for the consequences.
Is it legal? Hard to say. I’m certainly not qualified to render an expert legal opinion, and neither is hardly anyone else. Oh sure, we might all theorize and rant on Reddit, based on little more than personal hunches, anecdotes, and an innate sense of what’s right (not the same for everyone). But I suspect there’s no conclusive argument either way. Do you take the libertarian point of view, caveat emptor, you signed the small print when you bought the box? Or the opposite view that consumers should be protected against big, bad corporations? Or the more moderate view that bricking your customers’ gadgets might be technically possible and even legal, but it sure isn’t good for repeat business.
In the meantime, set aside a little extra time every morning before you go to work to say goodbye to all of your appliances, televisions, computers, and IoT gadgets. It may be the last time you see them alive.
10 thoughts on “The Maytag Effect”
What do you say, folks? Is it okay to instantly brick a customer’s device just because you’ve decided it’s inconvenient to continue supporting it? Or would it be better to just let the machines in the field die off naturally?
Of course remotely vandalising private property is unethical. The only bizarre idea is that it could be legal to do it remotely but illegal to do it in person.
I think it is a wake-up call for consumers to not buy, or rely on, cloud based products, or development tools. Especially if they are business critical.
PCB or FPGA development tools in the cloud? I don’t think so! I want that business-critical work done on a box with an air-gap from the internet thank you very much. If the cloud servers can go down at the whim of the vendor, I want my business to keep going even if they pull the plug permanently.
Ants need to be wary of the careless boots of giants!
Remember, there’s no such thing as “the cloud”, there is only someone else’s computer; and fundamentally they own and control it and its contents, not you.
Also, I predict that Microsoft’s unspoken new business model will be a combination of legalised information theft and ransom-ware. It is well documented that Windows 10 steals your personal information to sell for advertising purposes; even if you disable those options they get auto-re-enabled.
The licensing model going forward will be, pay the ever-increasing annual license fee, or we remotely brick your PC until you do. We used to call that sort of software ransom-ware.
You would have to be pretty naive to think Microsoft are giving away Windows 10 for purely altruistic reasons.
I can’t see any other fiscally plausible outcome than the one I predicted. It will be an absolute gold mine, but the plan requires that everyone is forced to “upgrade” at least a year before they start enforcement.
I was an avid Microsoft supporter, until Microsoft tried remotely hacking my PC (ironically) via the security-patch update procedure to install Windows 10 pop-up advertising malware (KB3035583) without my consent, they lost my future business and abused my trust.
Again, this is another wake-up call that business critical systems should not be cloud-based, or even have an internet connection. Vendors simply cannot be trusted with that access to your systems, the temptations are simply too great.
My business will transition from Windows 8.1 to Linux when the time comes, not to Windows 10.