Company loads malware into their product to stop you using it!

[MT]

I was lazy surfin on some HIFI forums and noticed a company called Sonos Inc have in one of the prior software updates of their products in secret implemented code that shuts down and disables your product from working in an atempt to make you buy their new things. Now isn't this illegal in your country?

They are trying to construct an argument based on their products have old lithium batteries.

In early April, the controller will no longer connect to your Sonos system. — The controller will continually prompt you to update and will not be able to interact with your system even if you choose not to update in early April 2018.

https://en.community.sonos.com/controllers-software-228995/save-the-cr100-6800510/

Which reminds me of another story about John Deere Tractors who refused to start unless Ukrainian farmer/owners
paid for an system update , instead they rented hackers to bypass the US malware/extortion practices , soon to follow was US farmers.

The origin i recall was that Deere blocked huge number of Ukrainian farmers in 2016 just when they where about to harvest the yearly crop.

https://motherboard.vice.com/en_us/article/xykkkd/why-american-farmers-are-hacking-their-tractors-with-ukrainian-firmware

[imidis]

This is all a very disturbing trend.

[Cyberdragon]

Reply to them with something like this.

Karma is best served hot...it would be a shame if something were to happen to your company's mainframe or network. Say, if a disgruntled employee, who's going to quite anyway, has access to some "naughty programs". I, of course, don't work there, and would never do such a thing. But who's to say I don't know someone who does? Threaten legal action you say? The wolf in sheep's skin must be careful not to cry wolf...

 
Say stuff like this enough, maybe it will cause a company-wide investigestion for posession of malware. That would be hilarious! It would be even funnier if it actually happened!

[Mr. Scram]

The problem is that it's trivial to construct a product in such a way that it's totally dependent on the manufacturer. Only when laws start demanding these devices to be maintained by the manufacturer a couple of years, the risk reward might start shifted towards not doing it like that. Until then, harvesting data and having full control over your customers is way too appealing. Meanwhile, there's more and more stories of products simply becoming expensive paperweights because the manufacturer pulled a server, sometimes mere months after the product release.

It's becoming harder and harder to even buy a television without it being smart. And it's not as if the firmware of these devices is reliable and mature. I just saw an $8000 screen get stuck in a boot loop the other day and that wasn't the first time that happened. That's far from a rare story.

[NiHaoMike]

I have never used any product from that company and with that move, I probably never will.

[Mr. Scram]

I have never used any product from that company and with that move, I probably never will.

A lot of big brands have done similar things by now. It's becoming hard to avoid.

[mikeselectricstuff]

Time for someone to get hacking

[gnavigator1007]

Glad I sold all my zone players last year. Batteries are easy enough to replace in the CR100s, but not intended to be user replaceable. These controllers were much better than the app. It really blows my mind when companies do this kind of thing. It's such an admission that they're products are not built to last. Sonos trying to frame this as being done for some safety concern is basically them saying that they sold you some dangerous garbage from the start.   

[GeorgeOfTheJungle]

A friend of a friend had to put a time bomb in his software once (for a good reason) and thank goodness he did it. All ended well and he doesn't regret it, it was the right thing to do.

[vk6zgo]

Norton Antivirus comes close to meeting the definition of malware.

[amyk]

They are trying to construct an argument based on their products have old lithium batteries.

Complete and utter bullshit. All that happens with old batteries is a gradual loss of capacity... and eventually you replace them.

I think it's all the more reason to buy products with easily replaceable batteries from the start.

Time for someone to get hacking

MIKE: Just Undo It!

[Ampera]

This is why I am completely skeptical and untrusting of all-in-one solutions like this. The closest thing to a Sonos I use is a Chromecast, and I would actually love it it was straight up wireless HDMI with wide device support. Instead it's a lightweight media consumption device that will one day stop working when whatever services that it relies on are discontinued or somehow changed.

For me, if I were to set up a digital home music system, I would take one of two approached. Low price, or high quality. If I went with the former, I would buy a Pi 3, load it up with all the music I listen to (which are all files anyways) and if I wanted to get fancy add a few buttons and a display, and then just have all the audio play through SDL2.

If I wanted to put a bit more care into it, I would wire it up to my HTPC with an external DAC. WinAmp, drag it all over an SMB share, and done.

I can understand the want for a cheap and easy all in one solution, but my philosophy, even as a lazy man, is put the easiest, LCD to work, and it will probably work for years to come. Heck, if I were to set up a true home hi-fi system, I would be interested in making it a physical media system, using a variety of dedicated hardware to play music. The reality of it, is that I don't much listen to music besides sitting on a YouTube playlist and some headphones while working or whatever.

I can get as frustrated as everybody else here even though I don't own a Sonos. Needlessly bricking a device with the paper thin INSULT of an excuse that the BATTERIES are too old (you know, like Apple) is unacceptable, and I believe is, and if not should be completely illegal. The weak comment that you can just "not upgrade" is of little comfort to anybody.

I just want to say this. In the same way that early computing required people to put a level of satisfactory work into getting things done, I believe people can derive enjoyment of setting things up themselves, and not have it take too much time. After all, something done right once, will be done right forever. I'm aware people don't have time to blow on some of this stuff, but I can throw together a RasPi to do this in around two hours flat, probably around 30 minutes if I used my HTPC. This is my opinion, one that I hope some people share, but I can understand if some people don't.

[EEVblog]

I know stuff like this sucks, but to play devils advocate, from what I can gather, the CR100 is about 13 years old.
That's an eternity in the connected product tech world.
How long do people expect them to keep making updates for it?
When did they actually discontinue sale of it?

[Ampera]

From what I can gather, they aren't dropping support, so much as they are making the devices unusable.

[MT]

I have never used any product from that company and with that move, I probably never will.

A lot of big brands have done similar things by now. It's becoming hard to avoid.

Count them up by name and product please?

Devils advocate dont tell his clients they are (video):

Sonos...ehe, what bunch of dicks!.....Dick move!

John Deere that-s the real dicks, putting a whole country on its brink to starvation!....again!

[Falkra]

More ideas here :   

[MT]

Yeeeeeeeeees and self driving cars with half arsing autopilots is going to need ""how many firmware updates"" did you say?

[paulca]

I personally avoid anything that requires the internet to work... other than things that are actually to do with the Internet, if you know what I mean.

Buying a Wifi lightbulb that has it's control application on a website... Nope.  No thanks.

The whole IoT is full of devices hooked up to dodgy cheap or free websites which I would give 2-3 years at best before they get shut down, change the APIs or start charging money.  Bricking millions of gadgets.

[Mr. Scram]

Count them up by name and product please?

Devils advocate dont tell his clients they are (video):

Sonos...ehe, what bunch of dicks!.....Dick move!

John Deere that-s the real dicks, putting a whole country on its brink to starvation!....again!

You only need to do some cursory searching to start finding loads of them.

Sonos CR100
Logitech Harmony Link
Juicero Press
Nest Revolv
Various big brand smart TVs

It's happening everywhere. Someone pulls the server and your device is a brick. If you're lucky, it'll keep functioning with severely reduced functionality. Of course, there's always the distinct possibility of someone else hijacking your devices and recruiting it for their botnet, because the S in IoT stands for security.

[paulca]

Happen with my smart TV.  Youtube app popped up a box to say they were withdrawing support at the end of the month.  Bang, no YouTube app.

Smart TVs are a bit useless anyway.  The software on them has a life expectancy similar to a mobile phone.  In that the software gets bigger, fatter, slower as the new models of TV get bigger and faster, but I don't know about you but I would expect to keep a TV for 10+ years, where as I can accept swapping my mobile every 2 or 3 years when it grinds to halt and runs out of memory.

[MT]

Count them up by name and product please?

Devils advocate dont tell his clients they are (video):

Sonos...ehe, what bunch of dicks!.....Dick move!

John Deere that-s the real dicks, putting a whole country on its brink to starvation!....again!

You only need to do some cursory searching to start finding loads of them.

Sonos CR100
Logitech Harmony Link
Juicero Press
Nest Revolv
Various big brand smart TVs

It's happening everywhere. Someone pulls the server and your device is a brick. If you're lucky, it'll keep functioning with severely reduced functionality. Of course, there's always the distinct possibility of someone else hijacking your devices and recruiting it for their botnet, because the S in IoT stands for security.

A juice blender? Seriously? It needs a firmware update?

[Mr. Scram]

A juice blender? Seriously? It needs a firmware update?

It wasn't a blender, but a press. But it's even worse than you imagine. You needed an internet connection for it to work at all. No internet meant no juice. Of course the company went tits up, so people have $700 paper weights now. Apparently there was a promise of refunds, but I wouldn't hold my breath.

[amyk]

That was dicussed extensively here: https://www.eevblog.com/forum/chat/silicon-valley-invests-$120-mill-in-$400-juicer-that-works-as-well-as-hands/

[Cyberdragon]

If we're bringing IOT scam products like Juicero into this, we can't forget Sony's auto-dying robot dog. (someone find that thread)

[rdl]

This one?

https://www.eevblog.com/forum/chat/sony's-newest-robo-dog-comes-with-a-mandatory-monthly-fee/