Ask HN: Any legal way against forced software upgrades and feature removal
It was reported here earlier today that Apple forced OS upgrades for some users without asking (https://www.macintouch.com/post/37381/macos-sonoma-forced-installs/).
There is also situation when upgrades remove features. For example 1Password deliberately crippled perfectly fine password sync for users because they wanted to force them to new, cloud (and subscription) based version.
Is there any legal way to fight against this ? I am in EU, but I am interested in other legislative as well The way to fight this has been out there since before most of these companies and products have existed – use FOSS. If you want more convenience and polish then just remember that you are trading it for privacy and autonomy. There is no middle option. Calling it "more convenience and polish" is a bit of an understatement. My experience with open-source software is that if it breaks or it's missing a feature and you want your needs to be addressed then you will have to hack on it yourself. While this is great for people who enjoy hacking it's not great once you get bored of it. I always enjoyed macOS (at least pre-Catalina) because it's Unix but without the requirement to constantly hack on the OS and userland like you have to do with Linux. That means I have all the development tools I appreciate but I can focus on what I actually want to do instead of fixing system-level bugs. When Catalina came out I stopped updating so I can't speak for how the OS is nowadays. I've needed 0 Seconds of hacking since using Fedora for 2 years.
Linux has evolved in the last 14 Years Every single one of the 6 desktop-class devices that I've used over the past decade have had multiple issues running Linux, some of which I was never able to resolve. This soundly refutes your point, because it's not enough for Linux to run well on one computer - it has to run well on most of them. I run it on a ThinkPad T470, I guess the Overlap between People Run Linux on a Laptop and it's a ThinkPad is pretty big Oh yeah? I tried Silverblue a couple years ago, and the Nvidia driver stopped working after a motherboard swap. I tried Kinoite but KDE Plasma's subpixel antialiasing looks terrible on HiDPI displays. Maybe that's some of the "convenience and polish" that you just have to sacrifice in order to use FOSS, but I could also just use software that's properly polished and not care whether it is FOSS or not. And no, I'm not rebuilding my computer for linux, you would not be the first person to point out that I should replace my Nvidia GPU with an AMD one. I will note though that GNOME is one of the nicest DEs I've ever used, at least back when graphics acceleration worked. Trackpads finally seem to be a first-class citizen, something Apple has already been doing for almost two decades (and, in fact, it's an Apple trackpad that works quite well with it). Was nvidia driver foss or proprietary? I think Silverblue comes preconfigured with the proprietary one, but I don't know how to check and also don't think it's possible to change it, since it's an immutable system. It worked fine until that happened and basically made it unusable since I don't have an iGPU. Maybe I'll try some other Fedora, or just go back to X11 on Arch, which worked well enough. I can easily trust my older relatives to do fine on macOS, Linux would be either painful or more realistically a no go. On the contrary, I let older relatives use Linux so I don't need to support macos and windows constantly breaking. In 5 years I've had 2 family support calls: one to setup a new WiFi on a Chromebook and one for turning the Chromebook on and off. I've tried to get multiple non-family members set up with Linux and have failed, with constant bugs from Linux, and confusion from the family members. Windows is far more reliable and easier for them to use. This clearly invalidates your point, and supports "Linux would be either painful or more realistically a no go", because it's obviously not enough for some relatives to be able to easily use Linux - most of them need to be able to. The fact that you have more capable-than-normal relatives or more Linux-friendly-than-normal hardware is irrelevant to the fact that most people do not. Depends on how old they are.
My grandpa used to run on a linux pc we gave him. All he needed was a web browser, an email client and a word processor. And that's it. So Lubuntu did the job perfectly. Obviously more expectations may be harder to meet One of my relatives is in her early 20's and has a large amount of difficulty using Linux (even for relatively simple needs like what you describe above), despite dozens of "support interactions" and assistance. Other relatives are in their 40's and failed to use it as well. It's not enough for some people to be able to use Linux - if you want to recommend it for general use, it has to be usable for almost everyone. I installed Mint on two older relatives computers and they're both fine with it. They also do only browse, youtube, maybe open a PDF or edit a Word (rather, let someone else edit on their machine). Zero complaints for this use case. This is not the case for the majority of people or computers. Older relatives aren't the ones complaining about auto updates and having full control of their hardware/software. iOS, macOS, Windows and the rest are in fact built with them in mind. This conversation is naturally about more technically inclined users. I wouldn't really say so, updates break and change things for them all the same as they do for you and me, and just like us, they're unhappy about it. You simply won't usually hear their voices loudly on platforms like HN and the like. With proprietary software, how many times a producer did fix breakage or add missing feature for you because you bought a licence (subscription)? How fast was it? Nobody's done anything for me specifically, but if it's something multiple people need in their workflows, I've seen plenty of examples of things being added due to community demand. It's not fast, but nobody gave me a "do it yourself and open a pull request" attitude, which is one of my greatest gripes with open-source software. Was there something specifically negative about Catalina you were avoiding or did you just get tired of OS updates at that point. I wish there were legal protections against this kind of thing. Even worse, I’ve had updates break stuff that might never get fixed. For example, I have Roku TVs and a recent update broke CEC. The updates aren’t for my benefit, because my TVs worked fine from day one. Instead, the updates are to push more and more advertising and recommendations. It’s to the point where my TVs are slow, bloated, half broken trash. They’re definitely not what I bought off the store shelf. if you're a vendor and wish to sell IoT enabled consumer devices in EU 2025 then the Radio Equipment directive and the CRA force you to keep these _things_ updated in the name of security. And there is nothing that forces you (the vendor) to keep security upgrades separate from features. So in practice you can force upgrades that then cripple features (for monetization) and in the name of cybersec. :/ >I wish there were legal protections against this kind of thing. Even worse, I’ve had updates break stuff that might never get fixed. If we just make bugs illegal, there will be no more bugs. Roku is the worst thing to happen to TVs since motion smoothing. As others have said, stop using software that has that capability, or at minimum treat all SaaS (broadly defined) as a hostile actor and conduct yourself accordingly. It's miserable, but that's the ecosystem we've created. As long as we continue to incentivize companies by giving them money, they're going to keep treating us this way. It's actually to tech companies' benefit to actively alienate customers that don't want to fit the mold of how they want them to behave so they can maximize unit profitability. Also, a shout out to Duolingo who did exactly what is described here. I paid for the app and woke up one day to find I was forced to upgrade and when I did the app became something completely different where the previous "game" I was playing was gone. They of course ignored my complaints about it, and their app sucks anyway for learning so in a way I'm glad they broke the cycle. It's still a terrible way to treat customers. Sounds like a simple case of antitrust. But antitrust is really a political process, not a legal process. Or perhaps a better way to phrase it is that it is a political process that happens to go through the judiciary branch. > For example 1Password deliberately crippled perfectly fine password sync for users because they wanted to force them to new, cloud (and subscription) based version. I’m unhappy with 1Password’s direction and I’m no longer a user, but it’s important to note that at least on macOS and iOS they never forced anyone to update to the new versions. I didn’t stop using 1Password 7 when version 8 was relased. It continued to work fine even on Apple Silicon (without the need for Rosetta) and it will probably continue to do so for a good while. I can see a case against forced software upgrades, but it doesn’t seem right that a company should be unable to remove features. What if something turned out to be insecure, confusing, or detrimental? Should 99.999% of users be forced to deal with a feature they despise because one person wants it? This is false. They absolutely did force upgrades by crippling functionality on older versions and license modes. Specifically, at some point accessing 1Password through the share sheet was disabled. Clearly they did not force upgrades, since I didn’t do it. I only stopped using 1Password 7 a few weeks ago, after having moved my last items somewhere else. Your example doesn’t make sense, the share sheet wasn’t implemented in 1Password 8. https://1password.community/discussion/122959/where-is-share... https://1password.community/discussion/129044/share-sheet-ex... Your claim was that "at least on macOS and iOS they never forced anyone to update to the new versions" In support of that you have exclusively discussed 1Password 7 and 1Password 8. You cite the fact that you're still on 1Password 7 as "clear[]" evidence that this never happened. The OP said: > For example 1Password deliberately crippled perfectly fine password sync for users Which happened from 1Password 7 to 8. So yes, of course I mentioned that transition. That is the new version. But that’s the same for all previous ones; they never forced you to upgrade, old versions didn’t stop working on their own. They might have stopped being compatible with certain OS upgrades, but that’s not deliberate crippling or forcing updates. What’s your point? You replied but offered no argument or rebuttal. All you’ve done so far is disagree without advancing the discussion, which is a waste of time for everyone involved. It simply isn't true that the only breakage ever in the history of 1Password happened between 7 and 8. As a result, it simply isn't true that you can assume that is the only transition under discussion. You have become hyperfixated on an issue of utter irrelevance to the broader topic. Bottom line: if your claim is never then you don't get to arbitrarily pick your two comparison points. Password sync was crippled within 1Password 7 (Google seems to indicate specifically with 1Password 7.8 but I don't personally recall) by way of an automatic iOS app update and removal of the previous version of the desktop browser extension. Subsequently, there were limitations that didn't previously exist on using passwords from Dropbox vaults. If you wanted to continue using that functionality, you were forced to upgrade to a cloud-based vault. > I clicked the “X” dismiss button. But Apple somehow assumed that that meant “yes, install it immediately” because 20 minutes later I got a “you must restart” notification and when I restarted, the system was running macOS 14.2.1. That definitely sounds like a bug to me, not a product decision. Real shitty though. Apple definitely better than Microsoft when it comes to shoving updates down your throat, but as others have said, yes the ultimate answer is to use FOSS. For my use, I appreciate regular updates, they rarely cause me trouble, and don’t want to have to be a linux sysadmin for my daily driver anymore. But I understand the desire for crystal clear control. Apple is usually pretty good about this, so this failure really is a stain. I hope they fix it. That’s my assumption - I imagine there’s general “prepare the update” path that gets canceled explicitly by clicking a “no” button and can easily imagine that kind of logic missing close the window or whatever. In America, almost certainly not, for a few reasons: 1. Almost every consumer agreement contains an arbitration clause. This means the number of consumers that actually can sue becomes incredibly small. 2. Security updates are real. In which case, let's say a company wants to add or remove a feature you may, or may not, want. If there was such an obligation to support exactly the same feature set, the company would be obliged to bring security patches to every major version of a software platform - which is possibly, technically, impossible. Imagine Apple being forced to provide individual security updates for iOS 15.4, 15.5, 15.6, 16.0, 16.1, 16.2... all the way back to iOS 11 I suppose. Most likely, this actually would slow down innovation. Let's make modern WebKit run on iOS 11 - what could go wrong? 3. Some features may need to be removed in the future due to patent lawsuits (like Apple vs Massimo removing the Blood Oxygen sensor in future models). Other times, the design of a system needs to be changed, or wireless compliance logos need to be updated, or radio strength needs to be reduced (Apple in France lawsuit), or so forth. There's also public interest reasons for updates - for example, if a flaw was found in iOS that allows bypassing anti-theft locks. There's also legitimate corporate interests in the eyes of the law - like fixing a copy protection loophole. There's also features in a platform that have recurring costs and licensing from third parties, that may expire [1]. Then what? 4. As much as we gripe about Apple and 1Password, they are really the exception to the rule right now. The main problem that legislators are concerned about is that most devices don't get updated, particularly cheap IoT devices or Android phones after a few years. Putting new rules on getting updates out is the opposite of the public interest concern at the moment. [1] Edit for this hypothetical: Imagine that your music player shows cover art. That's almost always provided by a company called Gracenote and it requires a license. Let's say a manufacturer's device, 8 years down the road, has that license expire. Is that reasonable, or does Gracenote need to be paid for, by the manufacturer, forever, for using their API? It's removing a feature "you paid for" if it goes away. You can see how this becomes sticky quickly. For (1), I feel like that wouldn’t hold up in court. If everyone were to go to arbitration, they would literally be unable to afford it, so it also sounds like a dumb business move. You'll have to negotiate the terms of use with the software provider. There's a good chance somewhere deep in the T&Cs a clause exists regarding changing the product as their business evolves to provide the "best experience" for the majority. Their argument for deprecating features might be legacy development and support costs. Dropbox I wish I could just use Dropbox as it existed 10-years ago. "Just a folder that syncs". I don't need Paper and all the other features that have come since then. Note: I'm not knocking Dropbox, there's just some products that are great and don't need enhancing. I wish I could buy that version. I use rsync.net for this. Just a remote ZFS. Accessable anywhere ssh is usable. Sadly, not really. Academically, there is what I would consider a good tentative argument that these folks are "access[ing] a computer with authorization and [using] such access to . . . alter information in the computer" without consent. 18 U.S.C. § 1030(e)(6). However, private federal prosecutions aren't really a thing. And I think you'd be hard pressed to get the FBI or USAO to take a novel application like this and expend resources on pursuing it. Have you considered filing in small claims and getting your $80-or-so 1Password license fee back? Even if there was, and after a long, arduous class action where the company was found guilty, the penalty for violating it would have to far exceed the expected recurring revenue from forcing updates. Automatic updates are a system setting that you can just turn off. I’m not sure how you hit this path if you don’t have it turned on. That said on a dialog like this anything other than an affirmative confirmation should be considered to not be a confirmation, and that specific failure seems like a general bug rather than anything nefarious. There are plenty of times users may want to delay an update even if they have auto updates enabled, and if one of the obvious ways to do that doesn’t I’m sure it would be annoying for them as well. Switch to android and become a happy power user! It's an open and better ecosystem for almost everyone involved - users, developers and phone makers. I think you forgot the /s tag? As a longtime android user, google is one of the worst offenders in this. One of the recent OS updates broke my bluetooth connection to my car, and that was the only new "feature" that I noticed. Both platforms have their own problems unique to them, but both platforms do share this issue. Actually no. Google is merely the developer of AOSP (Android Open Source Project). The actual implementation and pushing of updates is up to your OEM or phone maker. Some OEMs are graceful in pushing updates, others aren't. But none to my knowledge pushes forced updates that user can't disable? Besides, you can always Flash/Root/etc. in the Android world with the power user shoes when something goes wrong, you can't do that in the Apple world. This was on a pixel, so the update was from google. And I don't want to root the phone, I just want it to work. Im not sure I would want root access to my car. Sounds like a liability nightmare in the event of a crash. Let’s please not turn this into a flamewar. There are dozens of reasons to not use Android, like there are dozens of reasons to use it. It’s a personal choice. When someone asks “how can I avoid this one thing”, the answer isn’t “switch to this alternative which has seventeen different problems you’ll dislike more”. The OP is asking a question on Hacker News. Surely they have heard of Android. They might even use it, since the given example concerns macOS, to which Android isn’t an alternative in the slightest. Given that the OP is asking about a problem caused by not having enough control over the software they're running, it's entirely valid to respond by suggesting software that gives the user more control. But realistically for the end user, an Android device only gives the impression of control, does not mean it will never update and keep working. Given that the OP is asking for legal guidance and not a software recommendation, it is entirely invalid and unhelpful to respond by suggesting any software. That’s particularly wrong when that software is not a real alternative, has a different set of constraints, and we have no idea if the OP uses it. As is already obvious by the conversation that is forming, the commenter’s post isn’t even a universal truth. They made an argument which doesn’t apply at all and we’ll end up with a bunch of unproductive comments. Flamewars only produce anger and division. Don’t start them. Android and Google Android are the different things. I just was nagged to deinstall an app because Google, despite disabled Google Protect, d€termined it knows better. I think you can disable automatic updates and it won’t prompt you to upgrade anymore. If the update was already pending, then I can imagine it’s harder to stop (or not possible as the installation is already in progress). Regarding 1password, I also hate the way they moved to a sub. I had a “lifetime” license before and unfortunately was forced to either update or leave. I opted to leave and started using a different app for passwords. That's one of the main reasons why I use NixOS (for Windows non-FOSS apps too): the apps have no permissions to self-upgrade, only root can do that. Mobile is more difficult, the easiest way: buy a Huawei without Google services Sony did lose its appeal during the PS3 OtherOS lawsuit (it ultimately settled) ... but for the macOS case can you not just reinstall? There may be a difference between inconvenience and impossibility. You also need to show actual harm in a lawsuit. Inconvenience is not harm. "You increased my version number!" is not harm. "Your update put me out of business for a week" is harm. That’s what class actions are for. The aggregate harm exists, though per-person is nearly none. I’m confused about your statements regarding 1Password. I am still using 1Password 7 with the exact same sync that I always have since the day that I bought it. Nothing has ever changed. This is the so called "enshittification" that's happening market wide. Vendor lock in sucks -- regardless whether it's Amazon, AWS, Apple or 1Password. The only real solution is to take your money and go elsewhere. Stop buying Apple products, say. Hell, I've even experienced vendor lock-in on FOSS products when the program crippled something I needed to use, or refused to fix an issue that caused me hours of tedious work-arounds. Or they decided to go closed source and go to a subscription model. (Their choice, but I'm not using it). There's definitely a trend of FOSS products and older trivially priced products being bought up by companies that re-release in subscription models. So frustrating. I always get recommendations on the Play Store for World of Goo, an amazing game from 2008 that you can now only play if you're a Netflix subscriber. The 1.7 star rating has convinced no suits that that might not be what people what. On iPhone I used to use Frame Grabber all the time. It was free and the full source on GitHub. They sold the rights to a company who now charges $20/year for the same thing. No ill will to the original developer, but jeeze. $20 to get a slightly better quality frame from a video vs just screenshotting your phone? No thanks. This sucks. I honestly think that software should have a 25 year copyright at most, and the source code should be released after copyright expires. So windows 95 source code would have been released in 2020. Wouldn't help you. Source code without the tools, and environment to build it is useless. Plus, source code from some random thing from 25 years ago is usually lost. Certainly I don't have source code for a bunch of things I wrote 25 years ago. And for the things I do have, good luck finding a machine that'll read my floppy disks. Yes, FOSS. /thread tl;dr: the world is messy, automations and remote control by vendors has shown to be the only working method vs. individual responsibility/organisational responsibility, and the law isn't against that (at least not in the EU so far). Longer wall of opinion: There isn't, mainly because that would cut both ways: you'd get the same constructions as budget airlines where the core product would seem to be what you want, but everything becomes a paid add-on. Right now it's an embedded cost or hidden cost, and there is no service fee. For companies like Apple that can work because the products as sold as a single SKU while that hasn't worked for others (and they tried!) like Windows + Hardware, Android + Hardware etc. It never worked out because the ongoing cost and service requirements aren't something the consumer is willing to pay for separately and the vendor can't eat that cost because they don't sell it as a single product with a single business case. Technically we could go to a model where this actually gets done: There is a small subset of a niche of a fraction of the market that does want (some of) it, but it nearly never covers the cost to the extent where you get everything you want (i.e. Framework; Fairphone, you get modules and software you can almost self-compile, but the NDAs around MRC, ME, PHYs and GPUs makes it impossible to really do all feature and functionality control yourself). The same applies to computers and software if you treat them as a black box but are interconnecting them, you now get dependencies, network effects and "your problem is everyones problem". This means that if not enough participants play by the same rules to a high enough degree, the system doesn't work at all and everyone feels that pain. Even things like MTA-TLS, basic PKI, or even basic hygiene like not operating an open relay or open proxy is a bar 'professionals' are unable to consistently pass... We need protections from ourselves and each other (in terms of hosts) and the last few decades have shown that individual responsibility and corporate policy are not working out. Ideally, if someone really wants this, they would be doing this by not accepting an EULA that has automations they don't want, and go back to first principles where they do have that control, but without attestation they would not be allowed to participate in shared systems (like the internet). To make further discussion easier, we could make a simple base case like "the OS used to support exFAT but after this automated patch it no longer does". Perhaps the license expired, perhaps it was vulnerable to a zero touch exploit and the cost was too high to fix it and the impact on the brand was too high to leave it in. Not sure what other reasonings we could come up with, but there are similar things related to RSR, MRT and the likes were existing functionality might be impacted in some way shape or form. > Ask HN: Any legal way against forced software upgrades and feature removal Resistance is futile. You will be assimilated. /s Fixing bugs sucks, that's why we rewrote the "app".
CADT
The problem with this is the same as it was 50 years ago: all users will now need to know a lot of things in-depth for realistic use of such compositions. And people just do not care, and do not want to spend time, energy or other forms of effort/resources on such things. - Hardware and Software is separate
- Support and Services are separate
- Features are paid for separately