[derefr]

Here’s maybe a less-fraught analogy: say you have an autonomous car. Assume that the car’s autonomous-driving algorithms prevent it from hitting a person or another car no matter who’s driving, but don’t prevent it from, say, knocking down a telephone pole, or colliding with one of the support posts holding up a bridge.

Now, do you have the right to own and drive this autonomous car around on public roads, if you’ve modified the car to be an “open server” where anyone can anonymously connect to it from anywhere on the Internet and drive it around?

And, if not, then what’s the difference between that modification, and knowingly driving the car when it has an unpatched vulnerability allowing people to do the same?

And if you find that there is no difference, then what’s the difference between a vulnerable car that can DDoS physical infrastructure, and a vulnerable PC that can DDoS virtual infrastructure?

[tolien]

The missing part of your analogy is that in a safety-critical scenario like that, there's no way that the update to the car would be delivered alongside a change to make the UI go dark at night or a completely-rewritten version of the entertainment system. The second something went wrong with such a bundled update, the manufacturer would be annihilated by regulators around the world and/or by a collapse in consumer confidence.

MS could deliver security updates separately to feature changes but chooses not to. The Tragedy of the Commons is that well-publicised incidents like this (and the trend of updates to consumer software, supposedly under the guise of enhancing security, to bring about significant changes in appearance and behaviour) make people less, not more, inclined to defer updates to all software with the result that developers feel the urge to strong-arm users into updating.

[Reelin]

This is a completely disingenuous analogy. While both cases do involve a tragedy of the commons, in the autonomous vehicle example there is an additional immediate and severe risk of bodily injury or death to a human.

The only justifiable reason for updates to be forced in the example with the vehicle is the physical danger that could otherwise result, and that simply doesn't exist in the example with the home computer. To my mind, the line of thinking you are engaging in here is a perfect example of the rampant authoritarianism that seems to be so rife in the computer security community these days.