Systems disabling themselves when out of date

Posted Jan 23, 2009 0:22 UTC (Fri) by giraffedata (guest, #1954)
In reply to: LCA: The security panel by dlang
Parent article: LCA: The security panel

I hope no one seriously proposed that distributors should distribute software that disables the system, as a means of improving security in spite of the owner of that system.

A more legitimate take on this self-destructing system idea is that it's a service to owners who don't want to inadvertently run a vulnerable system. It might even make sense as a default configuration, but as long as a user who has considered what it means to run out-of-service software can easily turn off the feature, I don't see it as a heinous thing.

If I could buy a carton of milk that won't open after its expiration date, I wouldn't mind that one bit. It would save me some ruined cereal.

to post comments

Systems disabling themselves when out of date

Posted Feb 2, 2009 5:55 UTC (Mon) by gdt (subscriber, #6284) [Link]

This was my suggestion. It is difficult in a Q&A to give a complete system specification, but the notion is that the machine's access to the Internet be curtailed when a distribution is used past its end of support date. I've floated this idea before, see the Fedora Devel "autodie" discussion.

It has been well known for decades that software is not a static construction. Even the old "waterfall model" textbooks warn that most of the cost of software is in its ongoing maintenance. The necessary corollary is that using unmaintained software has an increasing risk of incorrect operation.

For Internet-connected software that risk rises considerably after the end of manufacturer support. Internet-connected systems see continuous testing of their security and eventually a known, unpatched flaw will be exploited. In my role in a large ISP I see a lot more "1000-day exploits" of Linux systems than I see "0-day exploits". Which is not to say that I'm not massively appreciative of SELinux's role in subduing 0-day exploits in Fedora (hint, hint Ubuntu).

I don't understand why people mutter about DRM when I put this forward. Implementing the feature in the operating system leaves the user in control. They can disable the feature or upgrade their software, both with no fear of legislative penalty. That is not the case with DRM.

The risks of enforcing distribution expiry lie more with the fact that computers do things, and those things may be important, and interrupting those important things may have a higher risk than preventing misuse of old software. Good user interface design of the "autodie" feature is an important way to minimise that risk.