This bug touches nothing hardware specific. In alternative timeline where mobile OSes arent fisher price parodies of proper operating systems, they could push the same image to all iphones and have a proper hardware abstraction layer take care of the specific details.
There is nothing fundamentally incompatible about the last couple of generation of iphones. ARMv8 CPU, PowerVR derived GPU. If the mobile computing space weren't driven by greed, this would be a non issue.
A Sandy Bridge era intel machine deployed in 2011 is easily capable of running the latest Linux, BSD or win10. And in the case of the first two, I'd wager it will continue to be viable for the foreseeable future.
It’s not economical to support devices used by less than 1% of the user base. Linux only manages it because community members step up to support older architectures. And sometimes when no one steps up the architectures are removed.
Supporting all of these is work. It makes development of new features harder, because it has to account for quirks of older hardware. Older hardware is also harder to get in the hands of developers and harder to test on. That’s why Linux has dropped support for 386, 486, IA-64 and other architectures.
There’s no point saying trillion dollar corporation etc. It comes down to some basic fact - phones must be built with SoCs, that’s the easiest way. The PC way doesn’t work at scale. Now that we are on SoCs you have to draw the line on support somewhere. Just because the costs imposed on future development aren’t obvious to us doesn’t mean they don’t exist.
I think 5 years minimum (and sometimes more) of OS updates is pretty good, FWIW.
It’s absolutely economical. Apple only has to support a tiny number of devices that they themselves manufactured, they have the easiest job in the world.
Think about how many devices Microsoft has to support in Windows, it’s orders of magnitude more.
Apple doesn’t want to support older devices because they don’t see a benefit to themselves.
5 years of support is pitifully short. Pretty much everything I own lasts longer than 5 years, my phone is one of the things I have to replace most often, not because the hardware is broken, but because it stops receiving updates.
>It’s not economical to support devices used by less than 1% of the user base. Linux only manages it because community members step up to support older architectures. And sometimes when no one steps up the architectures are removed.
Again, bugs are this are not hardware specific. You are not supporting "devices". You are supporting the OS which all of them run. Ideally (I'm not familiar with OSX/iOS internals) all they have to do is push out an update that contains the newly fixed libwebkit.so or whatever. They control everything on their own platform so they don't even have to deal with glibc breaking backcompat like we have to in the GNU/Linux world.
If they can't figure out a way to make changes like this universal across devices, it's either deliberate negligence or incompetence.
You're a special kind of clown claiming that it is not economical white Apple profits are somewhere between 20% and 26%. They could build an update, they just prefer making more money.
Shrug. That's their problem. Or it should be, at least.
Don't sell crap you can't support for a decent amount of time. Stop ruining this planet we live on by creating immense amounts of e-waste every few years.
We both know your argument is dishonest or at least naive, though. They could easily support updates if they want to. But it's about money. This way they are forcing people to buy a new phone every few years. It's clever, shame about the planet.
Dishonest? You're saying I'm lying to support a trillion dollar corporation I have no financial stake in and never have? Is such an accusation really in the spirit of this forum?
I will say that certain comparisons (eg. "The PC way doesn’t work at scale") are objectively wrong. Even Apple uses the PC model internally, despite not having an open bootloader or really supporting UEFI anymore. AFAIK, the XNU kernel even uses the same DeviceTree layout as Linux for supporting ARM SOCs. Apple hasn't really broken any new ground that can't be re-covered by modern operating systems.
Also, your claim that it's "not economical" is entirely unproven and arguably false. iPhones are still architecturally supported by Linux and will continue to be for a while (even longer on BSD). Other Apple products (eg. Apple Silicon) received community driver support entirely from donations and volunteer time. There's no reason to assume that iPhones lack community interest, especially since Apple has never given the iPhone community the same leverage they had on Mac.
If that's the sum of both arguments, then you're mostly just leveraging FOMO to support an unproven concept. At best you're jumping the gun, at worst you're twisting the facts to preclude discussion of open iPhone software alternatives.
Apple still sells previous phones as lesser, but still not very affordable, models. The iPhone 7 was released in September 2016 and discontinued in September 2019. It is also on iOS 15.8 so presumably also vulnerable to this. That would be about 4 years of security updates. Not the worst but not beating what e.g. Google promises for Pixel phones now.
I use a Pixel 4a as a second phone and consider Google’s approach to be rubbish…
3 years worth of updates is pretty shit… my son’s iPhone 5c got updates for over 5 years (and I think there were some security issues they patched after that even)
At the moment I’ve got a perfectly usable Pixel 4a that I’m going to have to replace as it’s not secure enough for work related stuff anymore
You can't seriously give Apple shit for this and at the same time praise Google. iPhones have, pretty consistently since the 5 or so, received 5 or 6 years worth of OS updates since the phone's release whereas with Android phones you'll receive 2. Only after years of complaining is Google finally promising to support it for longer. And that doesn't cover Samsung, etc...
> We can and should praise Google for improving things, and use their new strong points to push Apple into improving too.
Over a decade of Nexus then Pixel devices being flashable has not moved any needle of Apple doing the same. Google promising 7 years is in line with Apple's 10 year track record of providing 6-8 years of updates, so it's more like Google aligning with Apple, not Google pushing Apple.
Still, a vague† promise in a blog post or keynote address is not going to fit the bill, at the very least it should be in the EULA or other contractually enforceable document, otherwise the promise is worth nothing.
Ideally I wish software would be treated as with e.g automotive or washing machine manufacturers, who in the EU have a legal requirement to provide parts for 10 years.
† I mean the promise is clearly worded but bears no weight, especially when pitted against Google's track record over the last decade of making grand announcements then puling the rug down the road.
Especially that a 10 years old phone was very weak in terms of hardware, we haven’t reached a more plateaus era back then. It’s much easier to update a phone in the last 5 years for 10 years, than doing the same in a 5 years earlier window frame.
But Android also lets you run custom builds, and my 2016 phone runs the latest OS. Sure not everyone does this, but unlike iOS I can take care of it myself.
> my 2016 phone runs the latest OS. Sure not everyone does this, but unlike iOS I can take care of it myself.
"not everyone" is an understatement.
That's a solution for you (and the dozens - dozens! - of people doing the same), in practice it is not for 99% of Android users, therefore, again in practice, there's a huge fleet of devices with out-of-date software out there.
> But Android also lets you run custom builds
That's not even counting that:
- many Android manufacturers make it non-trivial† to root/unlock/flash a build and/or make it blow a warranty fuse, and that's if it's even possible at all.
- usually the camera goes ape shit, and often loudspeaker audio quality too.
- unless you relock the bootloader it immediately compromises security and makes bootloader updates nontrivial as unlocking again clears the device.
Mind you, this is a fine, intellectually satisfying strategy for you and me to be able to flash open builds, but it's by and large an extremely fringe strategy, and it's been shown over a decade that it's staying that way.
† Often involving downloading random flashing tools from obscure forums, that run only on Windows, some of these being one shot and requiring to plug in magic numbers corresponding to your exact device, and if you screw it up the device is bricked (e.g Samsung). Or the unlocking is on a low-write-count chip and once you exceed that limit the device is bricked (e.g OnePlus). I know, I've been there, bricked a few, recovered only one through JTAG.
Does it really let you run custom builds when it zeroes out proprietary firmware blobs on many models, turning your fancy camera into a shitty basic one? Or what about the million proprietary blobs you would need for full functionality — will those also get patched?
Yes, but that is only one component of a modern phone. Basebands and system bootloaders, among other firmwares, don't receive updates. Those are regularly attacked.
Personally I don’t think Apple’s level of support is incredibly bad when you take a look at the used device market. Even with Apple’s famously high resale values, depreciation on smartphones is huge.
Don’t buy brand new old phones new from Apple, they’re a ripoff. If you buy either an iPhone 12 or 13 used for $250-350 you can basically plan on a $50 a year budget to have a smartphone that always has the latest OS judging by their expected remaining lifespans.
I think the big flaw with the status quo is e-waste more than cost to the consumer. I think an iPhone 6S or 7 are incredibly slow and outdated devices for today’s usage but in 5 years I don’t think we will be able to say the same thing about an iPhone 12 or 13. Smartphone hardware is far more mature now than it was even 6 generations deep into the iPhone product line.
We should be able to replace batteries for $20 and replace things like broken screens for not much more, and Apple should be enthusiastic about it considering how services are their bread and butter moving forward. Apple should be happy to produce fewer phones and keep more consumer dollars allocated toward the purchase of high margin digital goods.
You can yes, but the rumor is that Apple is focusing on adding them directly to your device, and if they integrate it deeply in the OS, then it will require the chips to run it. I’m sure you will be able to run old devices but without the latest Siri for example.
I still use a 6s and a fist Gen. se, I won’t say they’re terribly slow. It’s the apps, the modern apps, that make the device too slow. If you use not so many, it works quite very well. The only downside that the OS is not updated any longer. Although I got a security update recently, weeks ago.
Not yet, I believe. Revenue from iPhone sales is still quite fundamental to Apple‘s success, it‘s more than triple the revenue from all services combined (not including Google‘s search engine deal).
The 2020 SE is available from a wide variety of sources for 200USD (still new in box); it'll be supported until 2027. The 2022 SE is 400USD, supported until 2029.
By comparison the Android phones at this price point functionally went out of support 2 years before they even existed- not only is there zero support for them, but they ship with outdated OS versions to begin with. And no, "but I can go to XDA and get a shitty ROM at the cost of my camera" doesn't count as support.
You had a strong first paragraph, but your second is going too far. A Pixel 6a is $349 and supported until 2027. A galaxy A15 is $175 and supported until the end of 2028 or early 2029. The full feature updates don't go quite as far, but they're still offered for multiple years into the future.
While Google promises, Apple actually has a decade long track record of updating older phones for 5 or more years. We don’t know if Google will actually follow through on their promises or the execs in charge in 5 years will feel differently. But I personally bet $1000 that the iPhone 13 will get 5 years of OS updates minimum.
Google is not promising this out of the goodness of their heart. They're just getting ahead of what the EU is planning to mandate [0], and doing that to get some good marketing while they're at it.
So, while Google's track record leaves a lot to be desired, in this, I think they'll keep their promise, either because they actually care, or because the EU will force them to. Either way, we, the end users, will benefit from it.
And this will apply to all electronic device makers. That's probably why Samsung also increased their updates policy to five years as well.
>Google is not promising this out of the goodness of their heart. They're just getting ahead of what the EU is planning to mandate
If that was the case then why did Google exceed the requirement by 2 years? Additionally, Google is providing 7 years of OS upgrades and 7 years of security updates. Google could have easily just do what they did with the Pixel 7 and offer 3 years of OS upgrades and 5 years of security updates, thus, meeting these EU requirement of 5 years of updates. So to claim that Google offering an industry leading 7 years of OS upgrades and 7 years of security updates is not out of the "goodness of their heart" is being disingenuous IMO.
Do you really think the cost of the class action lawsuit and settlement and the bad publicity for not adhering to their 7 years of support would not exponentially exceed the cost of a team of engineers tasked with supporting updates for their Pixel phones?
As for "promises" - why hasn't any other OEM matched or exceeded Google? Apple should have been the first one to step up the very next day.
Google doesn’t have enough e-fuses to update the pixel phones for seven years, the marketing department is incompetent and didn’t talk to literally the only engineers they should have.
It's fine for a vendor to completely abandon 10 year old hardware but if you can still pay 30% App Store tax/pay for iCloud/etc, the security fixes should be backported as well. The current situation is charging full price for inferior (or maybe even dangerous) product: Apple wants to have its cake and eat it too.
I don't totally follow this argument. the 30% app store commission, iCloud subscription, etc. does not only fund security fixes for the OS and core services. I don't think the average consumer thinks that's what they're paying for either. waiving the fee for EOL'd devices would create a perverse incentive of its own.
I do wish apple would follow google's example and commit to a service lifetime upfront, but other than that, I don't object to their model. in practice, it vastly exceeds the level of support for any android phone other than the pixel 8, and we have yet to see whether google actually follows through on that.
Also it means that at some point, Apple would have to actively block some legacy devices from using iCloud, app store, apple music, any app with subscrpitions etc which would effectively make the device pretty useless.
App Store purchases aren't tied to a particular device; you can buy an app on an old device and keep using it when you get a newer device. Do you have a coherent, reasonable suggestion for how Apple could modify their business model without completely breaking it, or are you just desperate to shoehorn complaints about the App Store fees into the conversation?
Easy: offer a discount if purchase is made on an unsupported device, just like how grocery stores offer discounts for food that's about to expire.
I don't think there is a real concern about app store economics collapsing, the app marketplace business is very lucrative. We can see this in related cases: you can avoid certain iOS taxes by purchasing your subscriptions on the web: Twitter Blue is $11 on iOS and $8 on the web. Spotify used to be $12.99 for iOS sign-ups and $9.99 on the web.
Why should users pay full bundled iOS tax that supports security updates, if they are getting none?
> Why should users pay full bundled iOS tax that supports security updates,
I don't think I've ever seen someone express the expectation that Apple's App Store fees are for the purpose of supporting iOS development and maintenance. Mostly I've seen and heard the expectation that those fees are connected to running the App Store itself (payment processing, hosting, app review, etc.) and beyond that, vague profiteering. iOS itself isn't a subscription service, and Apple seems quite happy to sell you devices even if you don't spend money in the App Store. So you seem to be stretching a bit by attributing those fees to iOS maintenance and then turning around to say that unsupported iOS versions should get a discount on the fees for any services that still work.
Your purchases carry forward to newer devices, no? If nothing else, people would keep an older device just to make purchases and then install it on their newer iPhone.
They're not charging you, the user that 30%. They're charging the developer. Yes that does trickle down to you in the developer's pricing, but, in this instance, a phone no longer receiving security updates is not an inferior product from the point of view of the transaction in question.
What does this mean? The App Store fees are paid by the developers / vendors. Are you saying they should pay less proportionate to the number of times their apps are downloaded to older devices?
I think it’s a completely valid point. Apple is still making (potentially a lot) of money off these old devices yet isn’t willing to fully support them. It seems very unethical.
So theoretically - and I tried this a couple of years ago - I could still download the “last compatible version” of an app if it’s available on the store for my old 2010 iPad 1st generation running iOS 5.
This device had 256Mb RAM and 400Mhz 32 bit processor. Should Apple still support this with security updates?
It’s an issue of expectations. If Apple advertises security support then it’s fraudulent to not deliver it; on the other hand, if they advertise an EOL date, then I’d agree there’s no reasonable expectation of security updates. But what they actually do is neither, they communicate very little, supporting some past iOS versions fully and others to degrees that only they know, resulting in them profiting off a reputation for backporting security updates while not actually binding themselves to deliver it, or, often, doing so.
Like the battery issue, I feel the whole issue is communication. Apple needs to communicate when they EOL OS versions. You don’t otherwise know it, partly because EOL OS’s, including this phone’s, still get security updates, just not all of them.
They do communicate it in every major release, including which devices are supported. Many major vendors release security updates for EOL devices when doing so would greatly increase the security posture of those devices and comes at little to no cost to the vendor. Notably Cisco, Microsoft, Apple, and Samsung come to mind.
Is the implication that once a device is EOL that a vendor should never release an update for that device again?
They only communicate it after the fact, when the new OS is impending release. There’s no way to know at time of purchase how many years your device will be supported.
I feel like Apple changed the dynamics of smartphone market from company-issued devices like BlackBerry to BYO with the iPhone essentially on purpose so they don’t get stuck providing decades of enterprise support promises like companies like Microsoft.
Companies purchasing bulk orders of hardware probably wouldn’t tolerate a vendor unwilling to make any sort of concrete support promise for the contract. But a company who employs iPhone users can basically put the responsibility on the user and simply block access to non-compliant devices.
> Is the implication that once a device is EOL that a vendor should never release an update for that device again?
It seems typical for vendors use "EOL" to refer to end of support life, not merely discontinuing sales of the produce. Most notably, that's how Microsoft generally frames EOL for major Windows releases, hence expectation of jumps in PC sales corresponding to EOL of XP, 7, and 10.
They communicate OS version device compatibility, I’m talking about communicating OS version EOL. For example, Windows 10 EOL is 2025-10-14, and we know this years in advance. For Apple, not only do we not get advance notice, we don’t even know when it’s already happened.
No, I’m not implying there’s something wrong with shipping the occasional update to EOL devices.
Correct. The issue is it is not commonly known that Apple isn't actually backporting fixes for exploits while it has been claiming to update the phones: this is earth-shaking[^1] news
[^1] It would be completely reasonable to say "Earth-shaking? Really? You expect security backports for a decade?" I've been in mobile my whole career, iOS for 7 years, starting from jailbreaking the original iPhone, then worked on Android itself for 7 years. I am sure significant decisions were made assuming this was the case.
Google no longer offers security patches directly, but since you control the phone sufficiently to install your own OS, the community can come together and keep security updates flowing. You could do it yourself if you wanted.
Apple devices make this sort of community maintainership effectively impossible.
I know this means practically nothing since only nerds can actually install a third-party ROM, so for the general populace only the "default" security patch window matters, but for the hacker news crowd it seems like it might be a meaningful difference.
But it is effectively impossible on Android as well. Let's ignore for a minute the fact that practically no one can install a custom ROM.
The bigger problem is that a huge bunch of software running on the phone is fully proprietary and closed source, and there are many many different versions for different phones around - making it virtually impossible to do any meaningful reverse engineering. So sure, your main OS may be up to date, but the baseband OS and virtually all of the device drivers will be left vulnerable, and they have just as much if not more access to the data on your device.
It's all well and good to say "oh you can just install a custom ROM". But you (and many here) can do that. Because you're technically inclined. But the vast majority have users have no idea what the hell you're talking about. They barely know what a security update is or what version of Android they're using, let alone being able to find, choose, and install a ROM.
Can we just choose to stop suggesting it as a legitimate solution cause outside of this bubble, it absolutely is not.
people don't know how to install Windows either. In theory they could go to a shop to update their phone like their are doing with Windows but the reality is that nobody cares about updating their phone.
Is the only standard to which we hold one company whatever the other does? Is there no room for higher principles here, in your view? The competition between consumer brands is all that matters?
Huh, it can be totally earth shaking or completely normal depending on time and place. In current market place of smartphones it is more towards earth shaking than normal.
You don't have to agree but resell value of older iPhone being much-much higher than Android tells customer values the support and quality of iPhone.
There is nothing fundamentally incompatible about the last couple of generation of iphones. ARMv8 CPU, PowerVR derived GPU. If the mobile computing space weren't driven by greed, this would be a non issue.
A Sandy Bridge era intel machine deployed in 2011 is easily capable of running the latest Linux, BSD or win10. And in the case of the first two, I'd wager it will continue to be viable for the foreseeable future.