Logitech Once Again Shows That In The Modern Era, You Don't Really Own What You Buy

from the sorry,-I-can't-do-that-Dave dept

Time and time again we’ve highlighted how in the modern era you don’t really own the hardware you buy. In the broadband-connected era, firmware updates can often eliminate functionality promised to you at launch, as we saw with the Sony Playstation 3. And with everything now relying on internet-connectivity, companies can often give up on supporting devices entirely, often leaving users with very expensive paperweights as we saw after Google acquired Revolv.

The latest example of this phenomenon is courtesy of Logitech, which annoyed consumers this week by announcing that it would be shutting down all support for the company’s Harmony Link hub. Released in 2011, the Link hub provided smartphone and tablet owners the ability to use these devices as universal remotes for thousands of devices. But users over at the Logitech forums say they’ve been receiving e-mails informing them these devices will be effectively bricked in the new year:

“This is an important update regarding your Harmony Link. On March 16, 2018, Logitech will discontinue service and support for Harmony Link. Your Harmony Link will no longer function after this date…There is a technology certificate license that will expire next March. The certificate will not be renewed as we are focusing resources on our current app-based remote, the Harmony Hub.”

Again there’s no monthly subscription fee for the service, and Logitech is compounding the problem by not really clearly communicating why it’s deciding to completely brick Link units. On the plus side, Logitech says it’s giving Link owners under warranty a Logitech Hub for free, and providing out-of-warranty Link owners a one-time, 35-percent discount on the Hub. But many users in the company’s forums and over at Reddit are questioning why the hardware needs to be crippled entirely (instead of just, say, ending formal support):

“This exact situation right here is why Ive always said ?if it requires a cloud service to function, I dont want it? hosting things locally on my own network is where its at.

Indeed. While this entire fracas was unfolding, several Reddit users discovered that the company was banning users from using the phrase “class action lawsuit,” which unsurprisingly is only making frustrated Link owners more annoyed.

Update: After some notable backlash, Logitech has announced that all existing Harmony Link owners will be upgraded to the company’s Harmony Hub, for free. Which is nice, but doesn’t really change the reality that you no longer actually own what you buy.

Filed Under: , , , , ,
Companies: logitech

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Logitech Once Again Shows That In The Modern Era, You Don't Really Own What You Buy”

Subscribe: RSS Leave a comment
42 Comments
Anonymous Coward says:

On the one hand, this was handled incredibly poorly by Logitech and there is certainly an issue with loss of functionality on purchased products.

On the other hand, unless we come across a paradigm change in the software/firmware/hardware interaction model (which may or may not be possible), this is also a necessary part of the process of “securing the internet of things,” another problem that Techdirt talks about a lot.

Because the reality is that devices we own have security holes. Probably all of them, but certainly most of them. And patching those holes requires a continuous level of development support. So given that we can’t require that all companies provide eternal security support for their products (it’s simply unrealistic to do so without the above paradigm change), we will have to make a choice.

We will either have an ever increasing number of insecure, internet connected devices that can be used by bad actors to cause any number of problems. Or we can routinely experience loss of functionality in older products.

And while certainly broader support of various open source firmware/software can provide some relief to this for tech-savvy consumers… it’s not the tech-savvy consumers whose devices are a major issue here.

Anonymous Coward says:

Re: Re:

Because the reality is that devices we own have security holes. Probably all of them, but certainly most of them. And patching those holes requires a continuous level of development support. So given that we can’t require that all companies provide eternal security support for their products (it’s simply unrealistic to do so without the above paradigm change), we will have to make a choice.

The choice is easy:

  • The company can support the device until reasonable consumers would have discarded it for other reasons.
  • The company can explicitly and publicly commit up front to not providing that support, so purchasers know before they buy that they product may be unnecessarily bricked at corporate whim. Hiding that type of warning in a EULA does not count.
  • The company can commit to not locking out interested users from self-supporting. This means, at minimum, that before the company-hosted cloud servers shutdown, the company releases to the community everything that the company’s own staff would need in order to stand up a replacement cloud data center: estimates on bandwidth, storage, and CPU requirements; dependency information; source to rebuild all relevant previously proprietary components; certificates to update the device or, if available, instructions on how a physically present owner can override the certificate check; information on how to redirect the device to use an alternate server of the owner’s choosing (whether self-hosted or run by a group of interested users).

We will either have an ever increasing number of insecure, internet connected devices that can be used by bad actors to cause any number of problems. Or we can routinely experience loss of functionality in older products.

I have a keyboard and mouse that are older than most still-functioning laptops (more than 10 years, maybe longer). They were built to last, and they have lasted well. Of course, the manufacturer at the time had no option to stupidly make them "Internet of Things" devices, so they’re classic "dumb" devices that cannot be remotely disabled at the manufacturer’s whim. Nothing in this announcement says that they needed to halt this line because of unfixable security vulnerabilities. It looks to me like they simply got tired of running the cloud server it required, didn’t want to let anyone else run the cloud server, and so decided to scuttle the whole project.

And while certainly broader support of various open source firmware/software can provide some relief to this for tech-savvy consumers… it’s not the tech-savvy consumers whose devices are a major issue here.

Non-savvy iPhone users loved using jailbreaks on their phone to enable installing third-party enhancements written by savvy non-Apple-approved developers. There’s no requirement that all customers be tech-savvy for this, only that there are some who are tech-savvy, willing to share, and that the device doesn’t make it unnecessarily difficult for the non-savvy to benefit from that sharing.

Anonymous Coward says:

Re: Re: Re:

I have a keyboard and mouse that are older than most still-functioning laptops (more than 10 years, maybe longer). They were built to last, and they have lasted well.

Obviously not a Logitech mouse. Don’t buy Logitech mice. There’s no internet-enabled bullshit, just crappy microswitches that will be glitching in a couple of years.

Of course, the manufacturer at the time had no option to stupidly make them "Internet of Things" devices

Not true. The CueCat, released 17 years ago (late 2000 during the dotcom boom), is the prototype of uselessly-internet-enabled things. They used cryptography to make sure nobody could use it without the service. The service, of course, had a security breach that exposed the private details of 140000 users. And it was all shut down in January 2002, which gives it a lifetime of less than 18 months. All devices were then bricks, except to a few techies who could mod them… liquidators were offering them for 30¢ each but I doubt people would’ve paid for shipping if they were free.

Anonymous Coward says:

Re: Re:

We will either have an ever increasing number of insecure, internet connected devices that can be used by bad actors to cause any number of problems. Or we can routinely experience loss of functionality in older products.

Or we can decide that maybe a universal remote control doesn’t require internet access. It might be nice to make it compatible with newer hardware (though it’s a problem entirely caused by AV-equipment companies’ refusal to use standards)… but we could have people insert an SD card to load new codes. Unless by "universal remote" they mean something that allows me to control all the devices of the universe from my couch, and that’s why internet access is needed…

Or as was already stated, they could drop support but release enough information for the community to take over. It’s Logitech that decided to keep all this stuff secret so far. PCs from 20 years ago can still get on the internet as securely as any other, as long as you find a recent and supported OS.

orbitalinsertion (profile) says:

Re: Re:

I will believe it has anything to do with patching security holes when i see it.

The general security problems with these sorts of devices are that they are IoT for no readily discernible reason in the first place (other than slurping your information and behavioral data), so one can secure them by not making them internet-connected. If someone really needs to turn on their TV while they are 500 miles away, give them that as an extra option instead of a main functionality, and don’t require the traffic go to a company server – there is zero need for that.

Another problem is that the code and settings should not be so laughably poor that a ridiculous little device could ever require so many software patches in the first place.

But the thing is, the number of IoT devices receiving security patches is laughably small, so claiming that as a reason for product EOL (literally, EOL), requires some evidence first and reasons why a patch or other fix is impossible next.

Anonymous Coward says:

People are

Easy to fool, because of their massive ignorance. It is just how things go, nothing is going to change. For every expert telling the government how things would probably work best there are 10 experts paid by a company to say the opposite.

And people wonder why no one takes the experts seriously or believe them when they “bust out that science”.

It is just too easy to sell you cardboard and call it something else.

Roger Strong (profile) says:

Re: Re: Re:

Yup!

Sadly, Petrov died in May. And that item on Petrov’s resume isn’t unique.

There was also the 1995 Norwegian rocket incident. The first and only known incident where any nuclear weapons state had its nuclear briefcase activated and prepared for launching an attack.

And over on the American side…

The New Yorker: Nukes of Hazard

In 1960, the computer at the North American Air Defense Command (NORAD) in Colorado Springs warned, with 99.9-per-cent certainty, that the Soviets had just launched a full-scale missile attack against North America. The warheads would land within minutes. When it was learned that Khrushchev was in New York City, at the United Nations, and when no missiles landed, officials concluded that the warning was a false alarm. They later discovered that the Ballistic Missile Early Warning System at Thule Airbase, in Greenland, had interpreted the moon rising over Norway as a missile attack from Siberia.

In 1979, NORAD’s computer again warned of an all-out Soviet attack. Bombers were manned, missiles were placed on alert, and air-traffic controllers notified commercial aircraft that they might soon be ordered to land. An investigation revealed that a technician had mistakenly put a war-games tape, intended as part of a training exercise, into the computer. A year later, it happened a third time: Zbigniew Brzezinski, the national-security adviser, was called at home at two-thirty in the morning and informed that two hundred and twenty missiles were on their way toward the United States. That false alarm was the fault of a defective computer chip that cost forty-six cents.

Other sources:

Wikipedia: List of nuclear close calls

Union of Concerend Scientists: Close Calls with Nuclear Weapons (PDF)

tiaraa (user link) says:

agen bola online

Jangan lewatkan juga promo dan bonus menarik SPESIAL HANYA UNTUK MEMBER KAMI yang antara lain :

  • freechip setiap hari
  • mix parlay gratis
  • cashback 5% – 15% khusus sportsbook dan tangkas
  • cashback casino 3%
  • komisi rollingan casino 0.8%
  • bonus TO poker 0.3%
    So tunggu apa lagi ? PASTI LEBIH MENGUNTUNGKAN BERMAIN DI SARANA365 http://www.arenasarana.com
ROYALKASINO (user link) says:

MARI GABUNG DI ROYALKASINO.COM

Kini Anda dapat bermain Kasino dengan mudah, bisa dimainkan via Handphone. Download game nya dan menangkan permainan nya.
Dengan minimal deposit yang cukup terjangkau Rp 25.000, Anda sudah dapat bermain Casino online, seperti Baccarat, Roulette, Slot Game, Sic Bo, dan Dragon Tiger.
Dapatkan juga bonus menarik bisa kamu dapatkan dengan mudah dari kami yang antara lain :
– Komisi rollingan 0.8%
– Cashback 2.5% setiap minggu
– Bonus referral 1% seumur hidup
Yuuukkk Gabung sekarang juga , coba keberuntugan kamu bermain di http://WWW.ROYALKASINO.COM, menangkan taruhannya hingga ratusan juta.
Untuk info lebih lanjut silahkan hubungi Customer Service 24/7 nonstop melalui :
* BBM : D61DA887
* Whatsapp : +855968397588
* Skype : royal kasino
* Livechat : http://royalkasino.com/royalkasino/index.jsp

coward (anon) says:

I think everyone is ignoring part of their announcement

Not to minimize or disagree with any of the IoT threads, but the announcement says “There is a technology certificate license that will expire next March”. I’m guessing there is some piece of patented tech in the device and Logitech is either unwilling or unable to renew the license. Its possible the patent is on the cloud side, or that Logitech is worried that the patent holder will go after users of the device once the license expires (we’ve seen that happen before).

Ninja (profile) says:

If it was a subscription based system then it would make more sense and it should not be expensive but if you paid full, 1-time price for it then it should work until it breaks. If online connectivity is absolutely needed then let private servers be used. Or don’t sell at all.

It’s clearly another example on how the private sector can’t adhere to good practices by itself and needs to be regulated.

The Wanderer (profile) says:

All devices which require specific online services for their functionality should come with service agreements which contain a clause stating (in effect) “if we ever choose to stop providing the service which enables this device to work, we will release all information necessary to enable others to provide a replacement service”. The absence of such a clause should be treated as reason to refuse to purchase the device.

(Ideally the absence of such a clause would even be treated as sufficient to invalidate the agreement and require the refund of the purchase price, but it’s a bit unlikely that courts would take it that far.)

Peter (profile) says:

You Do Really Own What You Buy: If you buy a horse, the previous owner has no right to drop by an shoot it to force you to buy another one!

The Supreme Court of the United States of America disagrees with Logitec: the justices have “a long tradition of ownership known as “first sale,” which does not allow owners to automatically control a product past its first sale: If a farmer buys a horse from a breeder, the breeder no longer has any say about what the farmer does with the horse. The same goes for CDs, books and works of art.”
https://www.insidehighered.com/news/2013/03/20/supreme-court-sides-against-textbook-publishers-resale-imported-works

John85851 (profile) says:

Re: You Do Really Own What You Buy: If you buy a horse, the previous owner has no right to drop by an shoot it to force you to buy another one!

This would be a good argument except many companies have already thought of it: this is why so many transactions are now called “licenses” instead of “purchases”. There’s no “first sale” doctrine for “licenses”.

Anonymous Coward says:

Re: Re: You Do Really Own What You Buy: If you buy a horse, the previous owner has no right to drop by an shoot it to force you to buy another one!

The FTC could slap companies down if they’re misrepresenting licenses as sales. Actually, these are sales, it’s just that they’re not sales of useful products unless one licenses some software and accesses the manufacturer’s servers (agreeing to any associated license terms). It’s doubtful that ads are making this clear, or that manufacturers will do anything for people who disagree with those post-sale terms, but so far consumer protection agencies haven’t been doing anything about it.

Anonymous Coward says:

Re: You Do Really Own What You Buy: If you buy a horse, the previous owner has no right to drop by an shoot it to force you to buy another one!

The Supreme Court of the United States of America disagrees with Logitec: the justices have "a long tradition of ownership known as “first sale,” which does not allow owners to automatically control a product past its first sale

How does that disagree with Logitech? The owners could use their hardware as a doorstop, melt it down for recycling, whatever. It sucks that the hardware is basically useless without the service they’re going to shut down… but "you don’t own what you buy" is a figurative statement, not a literal one. In your example, the horse-breeders have no post-sale responsibility to the purchasers; is there any case law saying Logitech does? (I think we’re likely to see some, but based around false advertising rather than first sale–when Logitech says their thing will let you control all your devices, do they announce the caveat "as long as we feel like running the servers"?)

united9198 (profile) says:

Ownership

Most people would be shocked to learn that GM claims that THEY own the software on the car you paid for and they have the rights to all the data that is collected and transmitted to them on an hourly basis. They are taking your data and selling it for a lot of money and you have no “opt out” privileges. As we move forward, the ownership of software/data/ etc will become increasingly cloudy. Washington DC has been totally asleep at the switch on this and perhaps has no ability to comprehend the impact.

Green Eggs and Ham (profile) says:

Encryption is Fools Gold

If software can be installed remotely, then that device has a back door. Your trust in those controlling the installation is as certain as the future. The future is trending towards increased computer attacks, despite increased security controls. The problem is that the only change in security is the level of sophistication, but sophistication is just a brain game and not the fundamental solution to security. Don’t be a fool. The fundamental solution to security is embedded right into the concept of security, accessibility. If something is accessible in theory, then its accessible and sophistication is a fools game. True security is inaccessibility, this is either by zero knowledge or by being logically not accessible.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...