>Every manufacturer that abuses this mechanism for anything other than actual security updates should be fined in a way that registers on their stock price and if they do it twice they should be fined out of existence.
No fines, just allow the customer to send back the devices and get a full refund plus all costs covered by the manufacturer...it could be so easy.
Give back the HP and buy a Brother....that would be called a self regulating Market.
Brother apparently has been going down this path as well. I've read that they intentionally degrade print quality with third-party inks and other things [1,2]
>The punishment should be blunt, uniform, and intimidating! This is absolutely a situation for fines!
To cover refund is a much bigger "fine" and the money flows directly back to those who suffered, that's not the case with fines, and fines are mostly small change for big-corps.
Just extend the rights of Customers and everything could be fine.
This is a problem not solved by the market, for many reasons, but the most important one is that they all try to do this sooner or later. Shareholder value must increase and be found somewhere.
Only government regulations can keep capitalism in check, maybe an unpopular opinion on HN but it hurts startups too because the market is not penetrable for competition.
When business can affect polices in there favor. Good luck with that. You can see how well Gov. regulation is working out with John Deers control over farming equipment.
The real problem is that a certain political affiliation has opened the floodgates toward unbridled corporate meddling in politics.
If coroporations can set the rule due to legal bribery (lobbying) that's a larger systemic issue that only underwrites my point.
Fortunately there are other examples that show it can be done better, you may have to look for those examples either outside of the USA or in the past of the USA.
Some people requires market to work 100% perfect, or else government regulations. For some reason, government regulations are allowed to fail miserably (e.g. 18th amendment).
The market solution doesn't have to be your desired solution. Here it seems that some people doesn't care HP practices, so market provides shitty HP practices. They have easy options (bare minimum: don't buy HP), but they actively avoid them, so the market allows and encourages it.
The incentives of capitalism are such that unless there are very strict regulations, it degenerates in what the game of monopoly tries to convey in a visceral manner. A few people will own everything at the cost of everybody else.
Because protection against monopolies is dead in USA, we see exactly this play out.
Not true, and well known as not true for ages in the economic field. The primary source of monopolies are government regulations (e.g. patents, exclusive licenses, etc). In fact the words "monopoly" and "patent" started meaning "the government will allow this and only this business to do that thing, and will prosecute whoever tries to compete".
HP only have like 25% of the printer market. Realistic alternatives currently are: Brother, Epson, Kyocera, Ricoh and in some markets NEC. Anyone buying a HP today is asking for it.
What monopoly? You just can buy a printer with refillable ink tanks from several competitors, but also from HP. Then you pay the real price for the printer and the printer heads that need to be replaced occasionally.
These printers are sold below cost so that money can be made from the ink. Naturally, this needs some form of DRM. Capitalism offers you plenty of alternatives for printing at the best cost, these printers are actually good deals for people who rarely print.
>Only government regulations can keep capitalism in check
That's what i mean, a customer is allowed to return a device/car/whatever and get fully refunded if the initial function of a device changes with no technical advantage for the customer.
Fines brings the Customer nothing (aka you don't get your money back) and is mostly small change for the company, no need to change anything...but paying full refunds for let's say a 4yo device, that could hurt allot.
The onus is on the customers to realize that the has been an issue, and they would be eligible for a refund (minus inflation).
Then there are shipping costs, likely the customers bought it from a local retainer, that may or may not be in business... The endless emails and phone calls. Overall the customers are not in any position of power without a forced recall.
>The onus is on the customers to realize that the has been an issue,
If the customer has no issues there are no issues right?
>Then there are shipping costs, likely the customers bought it from a local retainer, that may or may not be in business...
Again it's an HP and you send it directly to them, the MANUFACTURER has to cover all costs. Your retailer has not made the update so he should have nothing to do with it.
>The endless emails and phone calls.
One email: My printer (serial-number) worked for two years with that toner, since your update it's not working anymore (error blablabla), roll back that update or send me a shipping label.
>Overall the customers are not in any position of power without a forced recall.
Time to change that then right? Restore the functionality of my device or take it back.
>If the customer has no issues there are no issues right
Customers have been conditioned to blame themselves for any device/product shortcomings, and consider themselves rather unworthy. Personally I have witnessed that first hand that end users consider both hardware and software too hard to use and any misgivings would be attributed to their own faults. That extends to all kind of hardware - including hand tools.
I got one of those too, and I got it because I didn’t want to worry about this kind of garbage from HP. It’s also a bonus that I haven’t had to refill the ink in a LONG time.
But oh my. The quality of the printing is terrible.
That's the first stop, and the second is to make sure you run it at or near 20 degrees Celsius to get the ink to flow properly otherwise quality will suffer.
If you don't understand a system it's by definition not secure, keep your hands away or start learning your stuff, or at least don't call it secure (the big word that includes many different meanings)
You are not wrong but also not right, it's something different.
For example FreeBSD has a MAC framework (a massive one btw) and also the "SELinux/SEBSD" framework on top of it (FLASK/TE), but you don't need to use it (not on Linux nor on FBSD).
OpenBSD has no MAC implementation, and with that no framework (SE*) on top of it, but has different/other way's to secure a system.
And TBH i have seen just 3 Customers until now who really develop highly secure/complicated policies (Two use MLS and one uses Brewer-Nash)
I think MAC should be used much more, but it's time intensive and hard to do it right, also to keep the policies clean and understandable need's LOTS of documentation and dedication.
What massive MAC framework does FreeBSD has? Last I heard SELinux was attempting to be ported (SEBSD) but that was never finished?
The 'different/other/ ways to secure the system are inferior since they offer no protection if root is compromised.
I don't think MAC is as hard to use as it was, there are so many policies and issues known this much later, but people still just disable it by default because they don't want to put in the time.
That's NOT what i said, the FreeBSD MAC implementation is big and pretty much feature complete, NOT SEBSD.
>The 'different/other/ ways to secure the system are inferior since they offer no protection if root is compromised.
There is no such thing as "inferior" but different approaches, from completely deleting root as a user to using Container/Jail/Zones, Sandbox's, VM's etc. MAC is one of just many methods and OpenBSD voted against it and went another route (and that is totally fine and understandable).
>I don't think MAC is as hard to use as it was
MAC is still very hard, you are talking about SELinux that is just one implementation called FLASK/TE.
Try to implement Brewer-Nash MAC-policy on a Fileserver and i will see you sweating ;)
But as you can see, there is you and me (in this thread) who understand what a MAC even is, and that on HN....that just tells you how many people really have even a understanding what it even is.
> That's NOT what i said, the FreeBSD MAC implementation is big and pretty much feature complete, NOT SEBSD.
It is what you said. I never said you claimed SEBSD.
You said FreeBSD has a massive MAC framework. I was asking which one, and the only one I know of is SEBSD, which is not at all massive.
You are saying now FreeBSD has its own MAC framework, but I've never heard of it. What is it called?
> There is no such thing as "inferior" but different approaches,
Well that's not true. A screen door vs a heavy deadbolted door is clearly an inferior approach, not just a different approach to security, and that analogy extends to OS security technologies.
MAC is the only system that can 100% protect against an attacker getting remote root.
> There is no such thing as "inferior" but different approaches,
I've been dealing with MAC for 20 years, so I don't find it hard at all, and if people are willing to put in the effort to learn it the reward is worth it. But this is a world where most people want to get home to watch their latest story instead of doing any kind of mental work, and admins are no different.
This is frustrating. I don't know why you are trying to explain things when the issue is you simply were not clear with your first comment, and then acted like I misquoted you.
> SEBSE is a Framework, MAC is an implementation, those are two different things on different levels.
This is incredibly wrong unless you are referring to something other than mandatory access controls when you say MAC.
MAC is a concept. SELinux AND SEBSD are implementations. And yes, you can say they are implementations of FLASK, or call them frameworks, but semantics aside none of that changes that SELinux and SEBSD are implementations of a concept.
Saying MAC is an implementation is just flat out wrong.
And for what it's worth, I was correct when I said it was SEBSD, even though it isn't called that anymore. That's what the project started off as before it was merged: http://www.trustedbsd.org/sebsd.html
> Yeah no you don't since you don't even know the difference of SELinux and the/a MAC implementation.
>Linux Security Modules (LSM) is a framework allowing the Linux kernel to support without bias a variety of computer security models. LSM is licensed under the terms of the GNU General Public License and is a standard part of the Linux kernel since Linux 2.6. AppArmor, SELinux, Smack, and TOMOYO Linux are the currently approved security modules in the official kernel.
I have no idea why you think linking that proves some kind of point, it only proves to me that as I said you are very much out of your depth in joining this conversation.
We've banned this account for breaking the site guidelines badly and repeatedly in this thread, and for ignoring our many requests to stop doing that.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
