Slashdot Mirror

← Back to Stories (view on slashdot.org)

After Outrage, Logitech Gives Free Upgrade To Owners of Soon To Be Obsolete Device (gizmodo.com)

Posted by msmash on from the change-of-heart dept.

It looks like Logitech didn't anticipate the barrage of criticism it received after announcing this week that it would be intentionally bricking its Harmony Link hub next March. The company is now reversing course. Its Harmony Link will still die next summer, but if you own one, the company is happy to give you a free upgrade to the more recent Harmony Hub model. From a report: Originally, Logitech planned to only offer Harmony Link owners with active warranties free upgrades to its new Harmony Hub devices. But for people out of warranty -- possibly the majority of Harmony Link users, as the devices were last sold in 2015 -- they would just get a one-time, 35 percent discount on a new $100 Harmony Hub. However, after customer outrage, Logitech revised it plans and announced that the company will give every Harmony Link owner a new Hub for free. Additionally, users who had already used the coupon to purchase a new Hub will also be able to contact Logitech in order to obtain a refund for the difference in price. However, Logitech is still not planning to extend support for the Harmony Link. The company says, "We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018 -- we would be acting irresponsibly by continuing the service knowing its potential/future vulnerability."

105 comments

  1. Hilarious name by DontBeAMoran · · Score: 5, Funny

    With all the drama that's happening with it, I find it funny that Logitech called the product "Harmony".

    --
    #DeleteFacebook
    1. Re:Hilarious name by Gojira+Shipi-Taro · · Score: 1

      Harmony was acquired by Logitech about a decade ago.

      Not to you know, ruin your joke...

      --
      "Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
    2. Re:Hilarious name by Anonymous Coward · · Score: 0

      You're a stand-up comic's dream audience member.

    3. Re:Hilarious name by Anonymous Coward · · Score: 0

      Not to you know, ruin your joke...

      That makes no sense. I highly recommend going back to primary school and learning basic English grammar.

      By the way, the parent comment was not a joke, it was pointing out the irony in the name of the product.

    4. Re:Hilarious name by DontBeAMoran · · Score: 1

      With all the drama that's happening with it, I find it funny that Logitech has a product "Harmony".

      Still doesn't change the irony of what's happening with it.

      --
      #DeleteFacebook
    5. Re: Hilarious name by Anonymous Coward · · Score: 0

      As a Harmony user that doesn't own a link, but has been using Harmony products since before Logitech bought them.... They are one of the single greatest pieces of tech I have in my home. For those of you who don't have one.... They are an "activity" based universal remote. You plug in your devices in the setup wizard, specify the ports/inputs that each device is connected to and "program" the remote. So basically, all your (slashdot wink) wife/girlfriend has to do is press the "watch tv" button or "listen to CD" button. And whammo devices get turned on/off, set to the correct inputs and shot tends to just work.

        Extremely high Wife Approval Facter

      Beats the carp out of "device" based universal remotes where you need to know the device and multiple other settings to get an activity to work...

      My 4 yo can use it, my 6 yo can use it and most importantly my wife can use it. Yeah they're a bit pricey and IMHO well worth the money.

          For the higher end ones with the "hub" I can use my phone to control it if we cannot find the remote. ... Which with 2 kids and a women involved happens surprisingly frequently... While I was dissapointed in logitech's purchase of and initial product line after the takeover, I think that (few years ago they were going to kill it) Logitech Harmonys recent offerings have been pretty decent and improving. If they came out with a home hub that could replace a Wink or a Smarthings offering I would buy it. They offer some home automation capabilities but nothing that I know of that can completely replace either.

    6. Re: Hilarious name by arglebargle_xiv · · Score: 1

      Definitely. I've talked to one of the Harmony designers (from before Logitech bought them) about how they designed the thing. If you have any complaints about the Harmony remotes, look at what else was available at the time the Harmony came out. The Harmony guys used to take their competitors' products with them when they did demos, to show off just how absolutely terrible everything else out there was.

  2. Security is a cop out by Luthair · · Score: 4, Insightful

    Their security claim is bullshit, you can't tell me they shipped a device without a way to upgrade firmware.

    1. Re:Security is a cop out by Anonymous Coward · · Score: 0

      I read somewhere that there's an expired certificate involved. I don't know if it's a client cert or a server cert or what, but that actually kinda sorta makes sense. If the cert can't be updated, or if the cert server was taken down, it's conceivable that Logitech got themselves into a spot where they simply CAN'T make these things keep working.

      Now, granted, they'd have to have other screwups on top of an expired cert for this scenario to be valid, but I don't think it's unreasonable to believe they may have made those other screwups on top of an expired cert.

    2. Re:Security is a cop out by Anonymous Coward · · Score: 4, Insightful

      Note that some microcontrollers have a section of write-once memory specifically designed for security data such as certificates. If the engineers didn't think far enough ahead to 'what happens when this cert expires?' then this becomes a very plausible scenario.

    3. Re:Security is a cop out by omnichad · · Score: 4, Insightful

      If the cert can't be updated, or if the cert server was taken down, it's conceivable that Logitech got themselves into a spot where they simply CAN'T make these things keep working.

      If it's a trust chain to their own company, they should be running their own private CA and fully own the whole chain. The cert doesn't have to be trusted by a web browser.

    4. Re:Security is a cop out by Luthair · · Score: 2

      They could disable the date check...

    5. Re:Security is a cop out by phayes · · Score: 1

      mod parent up, he gave the only plausible technical reason I've heard for a cert expiring that would impossible to fix.

      --
      Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
    6. Re:Security is a cop out by Anonymous Coward · · Score: 0

      That said, it would have been cheaper to get the cert extended for the next century than to provide this upgrade to everyone would it not?

    7. Re:Security is a cop out by Khashishi · · Score: 1

      Yeah, who can blame the engineers for not thinking ahead a whole TWO YEARS in the future? My grandkids will be having grandkids by then. California will sink into the ocean. The Sun will engulf Mercury. Andromeda will collide with the Milky Way.

    8. Re:Security is a cop out by tlhIngan · · Score: 1

      Their security claim is bullshit, you can't tell me they shipped a device without a way to upgrade firmware.

      Oh, they intended to. But business things happen.

      They could have a falling out with the technology provider (who provided the base hardware). The end result is the technology provider withdrew their software licenses and Logitech can no longer produce a firmware update - they have no license to use the tools.

      So even if they wanted to update the certificate, they couldn't.

      Or, perhaps the technology provider went bankrupt and doesn't exist anymore. When Logitech went to update the certificate and generate new firmware, the tools couldn't talk to the license server and they ended up with the same problem.

      Think about it this way - if they just wanted to kill the devices, they could just keep quiet and let the devices die on their own. Instead they decided to publish a notice about it, and even do a make-good offer at the same time by offering the current hardware (which is unrelated to the hardware that's being obsoleted) to users.

      It's not a decision anyone takes likely - even if they stuck to their guns and offered free ugprades to those with units in warranty, it still costs money to do, and you're getting an upgrade to current hardware.

      There aren't many competitors to what Harmony does - you can have a universal remote control, but those are generally pretty terrible without significant customizations, and the higher end remotes cost a significant amount of money (thousands). So offering free upgrades isn't something you take likely

    9. Re:Security is a cop out by Anonymous Coward · · Score: 0

      Not as simple as that may sound. Normally the apps are going to use the devices certificate store to know which certs to trust. Having an app install a root cert to trust is not trivial, at least on iOS. As such you would have to walk the user through downloading and installing the root and intermediate certs and then "trusting" them.

    10. Re:Security is a cop out by Anonymous Coward · · Score: 0

      No, you don't have to install a certificate to the system, an app can do its own validation with its own certificate chain, using the system APIs to do the work.

      You only need to install a cert to the system if you want to make the device available to _other_ apps, like a stock we browser.

    11. Re:Security is a cop out by Hylandr · · Score: 1

      Logitech is the EA of hardware. Purchase the competition to put them out of business.

      --
      ~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
  3. screw DJI by Anonymous Coward · · Score: 0

    Bricking a product should be illegal. I'm talking to you DJI!

  4. But I can tell you that! by Anonymous Coward · · Score: 0

    Not only is it possible to have non upgradable firmware, it is possible to do so as a security decision.

    I certainly cannot confirm Logitech is hindered by anything other than their own cheapness, but it is possible they made a decision to deliberately keep their systems from being at risk by preventing alteration. It is also possible there is some unconsidered technical limitation, like with open firmware that doesn't work on all devices or the issues with the blockchain on bitcoin.

    History is full of such examples. So yes, I can, stop being foolish and ignoring history.

    1. Re:But I can tell you that! by Anonymous Coward · · Score: 0

      Not only is it possible to have non upgradable firmware, it is possible to do so as a security decision.

      Apparently OP has never heard of the concept "Security by Obscurity" which as you mentioned history is full of examples, it was the defacto standard for everything security in the past (I'd argue that it's still mainstream today).

    2. Re:But I can tell you that! by kriston · · Score: 2

      It's not so unbelievable that it's a firmware update problem. It could be that the changes they must make can't be fit into the space available on the device.

      The point of this discussion, though, is that they intended to brick their own devices without fair compensation.

      --

      Kriston

    3. Re:But I can tell you that! by Luthair · · Score: 1

      All they apparently need to do is replace a security certificate.

    4. Re: But I can tell you that! by Anonymous Coward · · Score: 0

      The point of this discussion, though, is that they intended to brick their own devices without fair compensation.

      Then the question should be less a denial that they could do something, and more a focus on what they should do, or not do.

      That is a difficult matter to solve, especially in this case where there is some allegation that it is a matter of licensing a product from a third party, which means Logitech may be limited in their options, they can't force somebody to sell them something, and yet if we are expecting Logitech to comply with our laws, is it right to leave this third party with what is effectively a means of coercion upon Logitech?

      One element of fairness is disclosure, after all.

    5. Re:But I can tell you that! by Anonymous Coward · · Score: 0

      The article suggests that the problem is a certificate with an expiration in 2018. It seems a bit duplicitous to sell a product with a limitation like that, and with no way to get a fresh certificate, in 2011, let alone as recently as 2015. If the fixed certificate expiration is a design decision, they should have printed that on the packaging, at the very least.

  5. Wait.... by Anonymous Coward · · Score: 0

    So all they would have to do is renew an SSL certificate and have it provisioned...? Cool.

  6. We're bricking your device by Anonymous Coward · · Score: 2, Insightful

    Here's a coupon to buy the new model.

    Sure hope we don't brick the new one too.

  7. Expiration Date by Anonymous Coward · · Score: 2, Insightful

    Why are they building a non-renewable expiration date into a hardware product? And perhaps more importantly, what is the expiration date of the new hardware product? Do they even tell the users what that expiration date is when they purchase it?

    1. Re:Expiration Date by chrylis · · Score: 1

      They aren't. The best guess I've seen is that the product can only handle SHA-1 certificates, and the company is unwilling or unable to obtain a replacement SHA-1 that will be trusted by the cert store.

    2. Re:Expiration Date by Anonymous Coward · · Score: 0

      The product uses a 3rd party server in order to look up new codes and fix any of the old codes that may have been broken.

      Any product that uses a 3rd party server has the potential to be shutdown at any time and for any reason. Benevolent companies sometimes allow for the server code to be opensourced or made freeware, but in this case, they may well have some sort of licensing agreement with the companies that sell the hardware that the remote works with.

      I'm not sure why they can't update the certificate, but there's many possible reasons including that the hardware had it programmed in or that the necessary keys to create a replacement cert that expires further off was destroyed about the time they made the decision.

    3. Re:Expiration Date by TheFakeTimCook · · Score: 1

      They aren't. The best guess I've seen is that the product can only handle SHA-1 certificates, and the company is unwilling or unable to obtain a replacement SHA-1 that will be trusted by the cert store.

      It's likely a proprietary encryption algorithm, not something industry-standard like SHA-1.

      And therein may lie the rub.

    4. Re:Expiration Date by Reziac · · Score: 1

      Printer cartridge manufacturers got away with it; now everyone thinks they can do it.

      [eyes high-end HP inkjet with five FULL carts that won't work because they're past date, even if the printer could still be used... HP says "outdated so no drivers for you" and has deleted them from its website.]

      --
      ~REZ~ #43301. Who'd fake being me anyway?
  8. Why? by Anonymous Coward · · Score: 0

    I don't know why, but I never forget companies that pull these kinds of stunts. And remember to never buy anything from them again.

  9. Wait, what? by Anonymous Coward · · Score: 0

    We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018 -- we would be acting irresponsibly by continuing the service knowing its potential/future vulnerability.

    How is it legal to make a "business decision" to brick a customers device without telling them in advance that it has a predefined end of life? Where I'm from Logitech would be liable under the consumer guarantees act to replace the device or provide a refund if it stopped working within a reasonable period of expected lifespan, regardless of any advertised warranty, unless they explicitly specify and end of life date before the purchase.

  10. King of Mediocre by TheWanderingHermit · · Score: 4, Interesting

    Logitech has been the King of Mediocre for years. Average products that, with a bit of effort, could be quality work. For example, wrist pads instead of some products that don't force the wrist to bend back. They destroyed the Squeezebox system by Slim Devices. (When they bought the company, I knew the days it would work were numbered.)

    The only reason to buy from them is not doing enough research to find who has a better product that's not necessarily as visible in the marketplace. I won't touch their products anymore.

    1. Re:King of Mediocre by Anonymous Coward · · Score: 1

      G900 is the best mouse on the market

    2. Re:King of Mediocre by Anonymous Coward · · Score: 0

      Being a fan of "low-end" hardware (not everyone can afford the expensive stuff), I always insist on getting Logitech keyboards and mice, because they've worked the best in my personal experience. I believe that you can get a K120 keyboard for $20, and an M185 mouse for $10. Are you able to point me to similarly priced products that are more reliable than these? (I've personally never had a problem with either, but I'd love to learn about better products.)

    3. Re:King of Mediocre by Anonymous Coward · · Score: 1

      Their mechanical keyboards rock as well. I can't comment on their other products, but their mice and keyboards are rock solid.

    4. Re:King of Mediocre by Anonymous Coward · · Score: 0

      Well, "King of Mediocre" is pretty good if you competition is "King of Crap".
      Doubt an expensive Razer mouse because it was comfortable and I thought for the price it can't be utter crap.
      Well, the middle mouse button failed after 18 months of light use.
      At least I got all my money back, and bought a Logitech mouse for half the price with longer warranty.
      Will see how that turns out. Not sure if I'm hoping for finally getting a mouse that doesn't fall apart from looking at it the wrong way or getting a new mouse for free every few years...
      But it's still embarrassing, my first optical mouse has been in heavy use for about a decade and is still working fine (in light use only nowadays, even mice deserve retirement). 8x decrease in quality/longevity for at most 30% decrease in price just doesn't seem like a good deal to me.

    5. Re:King of Mediocre by Anonymous Coward · · Score: 0

      It must be a departmental thing. I have 3 Logitech devices on my work desk right now. A touchpad, track ball and mouse that get used depending on the application.

      I had a MX518 that was provided to me at work and loved it until it died. I now have a M510 mouse. It's everything I liked about the MX518 plus wireless. (I'm not a gamer so I never used the DPI buttons).

      At home I have a Bluetooth keyboard that lets me pair with up to 3 machines and switch with a key combo. Making it easy to switch between my HTPC and phone.

    6. Re:King of Mediocre by Woldscum · · Score: 1

      Are you able to point me to similarly priced products that are more reliable than these? (I've personally never had a problem with either, but I'd love to learn about better products.)

      Yes the Microsoft $25 Mouse + Keyboard combos.

    7. Re:King of Mediocre by Anonymous Coward · · Score: 0

      I'd love to find a trackball better than the M570, but I have yet to do it. I've been a track baller for all of my PC life, starting with one of their original big, chunky models from the early 90s. I would love for someone to come out with a gamer focused trackball, but that market is likely just me.

    8. Re:King of Mediocre by LT218 · · Score: 1

      Their Harmony remotes are also good. I've been using them for 10+ years.

      Being the family "tech and AV" support guy, I've setup mini home theaters (TV + blu-ray player + 2.1/5.1 sound + satellite/cable TV box + streaming device, etc.) for several family members. I always asked if they had any interest in a Harmony remote since they're juggling multiple remotes at that point. They all declined and proceeded to create legal sized sheets of hand-written instructions for all the manual remote juggling required to switch between the various media sources.

      I wait until their birthday or Christmas comes along and gift them a mid-level Harmony and set it up for them. When I check back with them after a few months, they love it and wish they'd gotten one from the outset. One family member even had me setup additional Harmony remotes for their other TV rooms.

    9. Re:King of Mediocre by Anonymous Coward · · Score: 0

      I'm with you. Logitech keyboards and mice for like $20 (combined) off the shelf at Walmart have been my go-to for many years now.

    10. Re:King of Mediocre by Anonymous Coward · · Score: 0

      True but I love my K400

    11. Re:King of Mediocre by drinkypoo · · Score: 1

      It must be a departmental thing. I have 3 Logitech devices on my work desk right now. A touchpad, track ball and mouse that get used depending on the application.

      I have a Logitech Trackman Wheel USB (T-BB18) which I've been maintaining for years. A second one has come and gone since I got this one; it stopped responding when plugged into a USB port. I've had to replace the microswitches about five or six times now. They are made by Omron and they are garbage. Even the middle button fails rapidly, and I scarcely use that compared to the others. I only have two more microswitches left, so maybe I'll try to find something from some other brand with more longevity next time. On the other hand, it will probably just fail again, and it's not super hard to remove the microswitches since there's room for a solder sucker.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    12. Re:King of Mediocre by Anonymous Coward · · Score: 0

      I've rarely had problems with Logitech hardware. The biggest thing is that some of their keyboards lack all the standard keys, but that's something that you can determine before buying. Both my Trackman and my K120 keyboard have been working for years with no signs of breakage. The Trackman was a bit more expensive, but not really that expensive, I see them retailing for about $25.

      I may get a second of each if I decide to put my raspberry pi back in the kitchen.

    13. Re:King of Mediocre by Anonymous Coward · · Score: 0

      Haven't found anything that compares with their Harmony remote line. Rock solid and extremely well designed. And that line is what this post is about, not their keyboards...

  11. Obsolete Device by omnichad · · Score: 2

    Yeah, keep writing those great headlines. A two year old TV remote is not an "obsolete device."

    And this is why I don't trust companies with "smart" things. If it's going to be smart, it had better connect to my smarts, not some remote server. Amazon and Google have "smart" speakers that can't even find DLNA audio on your home network. How smart is that?

    1. Re:Obsolete Device by Baron_Yam · · Score: 4, Insightful

      > If it's going to be smart, it had better connect to my smarts, not some remote server.

      We've seen enough now that even the technologically illiterate should be starting to understand that if you buy something that requires an Internet connection, you're getting a service that can be terminated at any time.

      And if there's no ongoing access fee... the probability of having the plug pulled on the system increases exponentially with time.

    2. Re:Obsolete Device by careysub · · Score: 1

      And so, since we now have an Internet of Things, with Internet connections on most every product we buy, we should expect all of them to be made inoperable by their manufacturer at its own convenience at a time of its choosing. We don't own anything, the manufacturer owns it.

      Those people bought a device to fulfill a function, their aren't subscribing to some service - free or paid. The manufacturer is literally destroying their property, But you, it seems, are okay with that.

      --
      Starships were meant to fly, Hands up and touch the sky - Nicky Minaj
    3. Re:Obsolete Device by Baron_Yam · · Score: 1

      >But you, it seems, are okay with that.

      You have drawn an incorrect conclusion.

    4. Re:Obsolete Device by wonkey_monkey · · Score: 1

      It's going to stop working. Support is being removed. That will make it obsolete. You may not think that's a great way to run a business, but that doesn't make the headline bad.

      --
      systemd is Roko's Basilisk.
    5. Re:Obsolete Device by omnichad · · Score: 1

      That's not what obsolete actually means - out of date and no longer bring used.

      Let's not agree to use their words, because it is fraud. The word obsolete tries to put the blame in the customer for not being on the upgrade treadmill.

    6. Re:Obsolete Device by sjames · · Score: 1

      More like he's warning people not to buy such a thing at all. If enough people refuse, they'll have to make devices that don't depend on phoning home.

    7. Re:Obsolete Device by Anonymous Coward · · Score: 0

      Who uses remotes any more? Modern smartphones often include the necessary IRDA information to control them. In fact my LG phone has a quick remote function that allows me to do that with minimal hassle.

    8. Re:Obsolete Device by thegarbz · · Score: 1

      Amazon and Google have "smart" speakers that can't even find DLNA audio on your home network. How smart is that?

      To be fair to Amazon and Google, DLNA, UPnP, Airplay, and all those discovery based devices have always been a horrendous clusterfuck of working and not working. Doesn't matter if it's Google vs Sonos, Windows vs Samsung, or open source software vs open source software.

      There is something seriously diseased in the way these things work.

    9. Re:Obsolete Device by omnichad · · Score: 1

      A broken implementation can at least be worked around - just look at all the compatibility layers on other mature protocols. We also survived IE6 for over a decade alongside other browsers. An SMB share is actually not all that hard for a power user on Windows OR Mac, but I understand why that's at least not included.

    10. Re:Obsolete Device by omnichad · · Score: 1

      I do. Same reason I use my keyboard and not a touch screen to type.

    11. Re:Obsolete Device by interkin3tic · · Score: 1

      I'm struggling to understand WHY it required an internet connection.

      It sounds like it serves as a remote control for the TV right in front of you and also a bunch of stuff you should be able to use your phone for.

      Wiki page: Devices that can be controlled with Harmony include TV's, cable boxes, game consoles, smart lights, smart thermostats, smart locks and other connected devices with Wi-Fi

      I guess it can turn a dumb TV into something you can control with your phone, though there are cheaper options
      Why would you control your game consoles through something like this? Just seems like it would add latency and an extra step to fail.
      Is there a smart thermostat or lock you can't control from your phone without this thing?

      None of that seems like it needs an internet connection.

    12. Re:Obsolete Device by thegarbz · · Score: 1

      A broken implementation can at least be worked around

      I wish someone would get to work on that. Point is, calling out a device for not being able to do something no one else has gotten right isn't sound logic.

    13. Re:Obsolete Device by omnichad · · Score: 1

      No one has gotten it right? There are lots of consumer products that at least work with it to some degree. Something is still better than nothing - especially when their reason is to lock it down.

      I mean, there's no reason not to offer a USB port to index files from either.

    14. Re:Obsolete Device by bill_mcgonigle · · Score: 1

      Actually Apple had it working pretty much flawlessly in the late 80's (I used to admin a few thousand devices with a couple other people). DDP and related protocols.

      I thought in the late 90's we'd have an IP version of that with mDNS, PDF printing everywhere, and everything would "just work" by 2005. Ha!

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    15. Re:Obsolete Device by Anonymous Coward · · Score: 0

      IR? Remotes?
      The mouse and keyboard on the coffeetable use RF.

  12. what joke? by Anonymous Coward · · Score: 0

    that is Are Money, or Harm On You?

    idontgetit.

    1. Re: what joke? by Anonymous Coward · · Score: 0

      bah ram yew!

    2. Re:what joke? by FatdogHaiku · · Score: 1

      that is Are Money, or Harm On You?

      idontgetit.

      OurMoney?

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  13. I actually bought a Harmony Hub and Smart Remote by Anonymous Coward · · Score: 0

    So, I actually bought a Harmony Hub and Smart Remote and decided against setting it up until I could figure out how to use it locally without the cloud (it's a fucking remote). Nowhere on the box does this remote say it requires the internet. I feel like this is false advertising and a bait and switch. It's a remote control that tethers a giant fucking box to the device it controls and uses IR. Why the fuck would that need the internet? It doesn't; they just want to enable new, ahem business models, like forcing you to buy a new one when they arbitrarily sunset what you paid for. We need strict penalties for this type of misleading behavior.

  14. Designed obsolesence by david.g.holt · · Score: 0

    Nothing lasts forever but the earth and sky,....

    1. Re:Designed obsolesence by careysub · · Score: 1

      Because God does not shut them off for His own convenience (yet).

      --
      Starships were meant to fly, Hands up and touch the sky - Nicky Minaj
  15. Precedent Principle by Elixon · · Score: 2

    The dangerous thing here is that this company didn't say - it is bad to intentionally brick the fully functional (non-subscription) product after the warranty expired - they fully maintain their current position. They just shut up critics by sending them a new product (that they will brick soon anyway). After few "responsible" shut downs it will become a norm.

    Are you looking forward to your car being bricked because some company just made "the business decision" [sic] that you need to buy another one?

    --
    Well, I've got to get back to work. When I stop rowing, the slave ship just goes in circles.
    1. Re:Precedent Principle by Nidi62 · · Score: 1

      Are you looking forward to your car being bricked because some company just made "the business decision" [sic] that you need to buy another one?

      I think they called that "Cash for Clunkers"

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    2. Re:Precedent Principle by Wintermute__ · · Score: 1

      No. Cash for Clunkers did not force anyone to buy anything. Simply gave an incentive to do so (and destroyed a whole lot of perfectly serviceable vehicles).

    3. Re:Precedent Principle by Anonymous Coward · · Score: 0

      Well they had to get the old still fixable by Joe Schmoes off the road. /s

    4. Re: Precedent Principle by Anonymous Coward · · Score: 0

      It's called a 2009 Ford F150 with a "discontinued" electrical part. So sorry, the heater blows hot all the time, how about a new truck?

    5. Re:Precedent Principle by Nidi62 · · Score: 1

      No. Cash for Clunkers did not force anyone to buy anything.

      Directly no, it did not. However, by removing a lot of perfectly serviceable cars from the used car market it forced people down the road (see what I did there?) to purchase new rather than used cars.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  16. "Business decision" my arse ! by Anonymous Coward · · Score: 1

    We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018

    So they want us to think this "Business decision" was basically a cost saving exercise?
    Let's think for a moment, what saves a company more money ? Is it A: Renewing an encryption certificate or B: Not renewing it, and then giving away your new product for free to existing customers.

    Or is it C: Intentionally brick your 2 year old product in a half-arsed effort to force customers to your new product. Even with a 35% discount they'll still be making a profit on them.

    For some reason Logitech thought their customers would roll over and take it, and seem very suprised by the backlash.
    Ho hum, another company to add to my shitlist.

  17. what Logitech should do by Anonymous Coward · · Score: 2, Insightful

    "OK, we can't support this thing forever, here's all the source code and protocol manuals so you can set up your own servers to make it do whatever you want"

    1. Re: what Logitech should do by Anonymous Coward · · Score: 0

      As a Harmony fan, security geek this is 100% the right thing to do. Though I think that the free hub is a close second

    2. Re:what Logitech should do by Anonymous Coward · · Score: 0

      That assumes they can. They may have licensed bits of hardware and/or software from someone else who wouldn't appreciate it being open sourced. Unfortunately, "just open source it" isn't always an option.

      I might have thought about customers all chipping in to pay for the cost to renew the cert. No, they shouldn't really have to, but you could always leave the door open for getting a free hub replacement for people who want to take the more principled approach. Not sure what it costs to renew a cert, but let's say it's $100, so if you could find 100 Link users willing to chip in a dollar, you're in business. As long as there are users willing to pony up the cash to renew the cert, Logitech will do it, and just let everything else about the device slowly rot until it finally stops working of its own accord and people replace it.

    3. Re:what Logitech should do by Agripa · · Score: 1

      That assumes they can. They may have licensed bits of hardware and/or software from someone else who wouldn't appreciate it being open sourced. Unfortunately, "just open source it" isn't always an option.

      That makes a convenient excuse for Logitech. Why should that exonerate them of malice?

  18. ROM by Anonymous Coward · · Score: 0

    Read Only Memory. Look it up.

    1. Re:ROM by sjames · · Score: 1

      Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.

      Flash is cheap and stable enough that it tends to be used even if there is no plan to re-write it ever.

      However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).

    2. Re:ROM by sl3xd · · Score: 1

      Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.

      Or they've used the a chip where the programmer burns out a diode in the microcontroller, rendering it read-only.

      However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).

      My bet is it can only be programmed by cracking it open, and hooking up a manufacturer-proprietary programmer (it might be standard JTAG, though). Either way, it's not something consumers can do.

      I'm sure there was a conversation along the lines of:

      Engineer: "We'll have to spend an extra $0.20 per unit if we want firmware upgrades"

      Manager: "That's too expensive, Engineer. Just do your job properly for a change."

      VP: "Manager, your leadership saved the company $100k. Have a $50 gift card!"

      --
      -- Sometimes you have to turn the lights off in order to see.
    3. Re:ROM by Anonymous Coward · · Score: 0

      You can use flash and prevent people from ever rewriting it. SD cards normally have a hardware switch that prevents anything from being written to it.

      It's been my feeling for quite some time that things like motherboard firmware should have a physical switch that disables writing to it when the user isn't specifically wanting to flash it specifically to make it impossible for malware to write to it. I'm guessing that it's not done because of the cost and inconvenience, but at this point.

    4. Re:ROM by sjames · · Score: 1

      Alas, the switch on SD cards is just advisory. It's up to the driver to detect the switch position and honor it. No matter what position the switch is in, if the driver issues a write command, the write will happen.

      Other flash chips have an actual write signal. If that is physically disconnected (by a jumper for example), a write actually can't happen. Agreed, motherboards should have the write line jumpered.

    5. Re:ROM by Anonymous Coward · · Score: 0

      I was wondering about that, but couldn't find a particular reference quickly. I think my Kanguru flash drive has a similar problem, it looks like it's locked, but it's not a real lock, it's up to the driver to respect it.

      Still, it is better than nothing, assuming that the OS is respecting it, breaking it would require malware to target that as well as deliver some sort of payload to the stick.

    6. Re:ROM by TheFakeTimCook · · Score: 1

      Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.

      Flash is cheap and stable enough that it tends to be used even if there is no plan to re-write it ever.

      However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).

      OTP is not all that rare. And on extremely high-volume products, ROM is still a "Thing".

      BTW, just because a microcontroller is Flash-based; doesn't mean the device itself has the ability to (re)program it. They can't assume that everyone has a JTAG programmer at their disposal, and even if the device itself can (re)program its own Flash, there has to be code to support the flashing, and SPACE to store a downloaded "Update" while the device continues to function and (re)program.

      Considering the longstanding bugs in my Harmony Remote, I would say that self-programming was not a design consideration.

    7. Re:ROM by sjames · · Score: 1

      I never said OTP was rare, just that it tends to be small. I also already pointed out that self re-flashing might not have been designed for, including lacking the code.

      The nice thing about NOR flash is that the chips are hardware self-sufficient. No need for special voltages, control circuitry, or external drivers. Flashing is accomplished through the correct sequence of memory accesses.

    8. Re:ROM by sjames · · Score: 1

      It does at least help with user error as long as it's understood that the protection is limited.

  19. This issue is far bigger than Logitech by King_TJ · · Score: 5, Insightful

    The reason there's so much outrage over a glorified TV remote control system is the principle of the whole thing. It reminds people that no matter how much you spend on an electronic gadget, if it relies on a "cloud based" back-end in some manner, you don't *really* own or control it. You just paid to use the thing for as long as the manufacturer deems it worthy of continuing to allow it to operate for you.

    Perhaps the most extreme example of this today is the Tesla Motors electric car? You can spend 6 figures on the performance version of a Model S and yet it's still subject to firmware updates Tesla pushes out to it. Not only can they cap and uncap your driving range at will, but they routinely make use of a feature that locks you out of all remote control to your vehicle (commonly done when a Tesla service place has the car overnight for maintenance). The reasoning is sound enough; they don't want you trying to manipulate things like the power windows or horn or lights while it's being worked on. But it still proves they have the "master switch" to turn your ability on and off to communicate with your vehicle that you paid for.

    And here's an example of them turning off the "emergency braking" feature on the Model 3's for owners:

    https://jalopnik.com/tesla-tem...

    I've been saying for years that companies are being "penny wise, pound foolish" trying so hard to "cloudify" their operations. There are things that lend themselves well to being cloud-hosted, like email. (Whether you run your own mail server or not, you're still pushing and pulling everybody's content over the Internet, through other email servers that you don't control at all. And typically, the amount of time your in house I.T. staff will have to spend to address Exchange server related issues doesn't make good economic sense vs. outsourcing all of those issues up to the chain and paying for the mail hosting.) But typically, you're giving too much control and trusting too much security to 3rd. parties. Where I work, we have a DropBox business subscription. Great product and solves a lot of issues for us, but they just did a price increase that will cost us thousands more per year. It was already a pretty hefty expense that keeps going up as the company adds contractors or freelancers who need to share team folders with our employees. Before long, it'll reach a point where it's financially more sensible to host the content ourselves with a "private cloud". Except now, it's a MASSIVE hassle to retrain everyone on a new product and migrate all the data to a different platform. Could have all been avoided if we just tried to do this ourselves from the start, rather than being tempted by the instant gratification of DropBox.

    1. Re:This issue is far bigger than Logitech by Anonymous Coward · · Score: 0

      lol wut? terrible analogy and comparison, but it is a car analogy, so 1 point awarded.

    2. Re: This issue is far bigger than Logitech by Anonymous Coward · · Score: 0

      Where's BadAnologyGuy when you need him? It's like someone giving you a ham sandwich when what you really needed was a kidney transplant

  20. We are altering the deal. by Anonymous Coward · · Score: 0

    Pray we don't alter it any further.

  21. What happens when the free one is bricked later? by Anonymous Coward · · Score: 0

    Will consumers STILL get a new one?

    This 'service slavery' for devices is a business model that needs to die by fire.

  22. Don't be that guy. by Anonymous Coward · · Score: 0

    I bet your fun at partys.

    1. Re:Don't be that guy. by sjames · · Score: 1

      The parties I go to usually don't feature people smugly telling people to look something up when they don't know what they're talking about.

  23. Logitech would not be doing this, by Anonymous Coward · · Score: 0

    If there weren't a large pot of gold at the end of this horse shit rainbow!

    They are closing down the old system because they discovered a way to profit in a significantly greater fashion.

    This is what would motivate a company to commit Hara Kari like this.

  24. The Problem Is by Anonymous Coward · · Score: 0

    I completely agree it was a total dick move by Logitech to brick the devices, and they should have seen the backlash coming a mile away. The problem is that there really aren't any other alternatives to the Harmony unless you're willing to pay a couple hundred dollars more. Universal remotes are a dime a dozen, but none of those remotes allow you to control multiple devices simultaneously like with the Harmony. So, as much as I would love to give someone else my business because Logitech software is a total shitshow, or do it on principle because they're bricking a perfectly functional device for no legitimate reason, there is no one else that offers a comparable product to the Harmony at comparable prices.

  25. Hardware Specs by Anonymous Coward · · Score: 0

    Soon to be lots of these things around to be had for little or nothing. Recycle, Reuse, Re-purpose? I don't know much about it so I can't suggest smart ideas; but here goes:
    Weather station.
    Thermostat w/ remote relay.
    WIFI, IR, etc sniffer/bug.
    and when your tired of hacking it:
    Hockey Puck!

    Wish I had one to play with. But with this return I guess they might take them all back? I should read the story.
     

  26. Re: I actually bought a Harmony Hub and Smart Remo by Anonymous Coward · · Score: 0

    Well I kind of agree with your point, the thing is unless the device has the ability to store every single device combination/serial/IR codes in existence a
    AND knows which inputs you've got them plugged into, it needs a connection to the interwebs.

  27. Re:Obsolete Device. All IoT are already obsolete by Anonymous Coward · · Score: 0

    These companies are assholes.Anything cloud based is a ticking time bomb. WTF would you tolerate a house infrastructure product that only has 2 year lifespan? eg Wemo anything, apple homekit, google home, alexa etc. Garbage. Provide a minimum 10 year guarantee or don't even start your sales pitch.

    If you lose internet connection your house dies and goes into a horrible fallback situation. I have a Wemo light for the front door. The silly thing goes into panic mode when it loses internet. Then it broadcasts itself on Wifi. Then it ignores commands from my phone app. I literally got it as an experiment to have a light that turns on after sunset and off at sunrise. All this while I have a working wifi that my phone could use to talk to the wemo link and light. The internet connection is so its "cloud compliant". Epic failure.

    Rules of using IoT:
    The developers of these products are NOT engineers. They do NOT understand the phrase "graceful failure" or "reliability". These products are NOT tested. They are perpetually BETA. Firmware updates WILL vanish well before the hardware dies. These products are ALWAYS remotely killswitch compliant. They ALWAYS have crappy security.

    In short, you are better off building something yourself. Look at Raspberry PI / Arduino. If you can't update the firmware using a reasonable Linux then its "instajunk".

    (Yeah I like caps, but unfortunately because you are likely using IoT your gadget to stop me has already been bricked due to business synergy and end of quarter "reasons")

  28. Most IoT gadgets are obsolete at the design stage by Anonymous Coward · · Score: 0

    These companies are assholes.Anything cloud based is a ticking time bomb. WTF would you tolerate a house infrastructure product that only has 2 year lifespan? eg Wemo anything, apple homekit, google home, alexa etc. Garbage. Provide a minimum 10 year guarantee or don't even start your sales pitch.

    If you lose internet connection your house dies and goes into a horrible fallback situation. I have a Wemo light for the front door. The silly thing goes into panic mode when it loses internet. Then it broadcasts itself on Wifi. Then it ignores commands from my phone app. I literally got it as an experiment to have a light that turns on after sunset and off at sunrise. All this while I have a working wifi that my phone could use to talk to the wemo link and light. The internet connection is so its "cloud compliant". Epic failure.

    Rules of using IoT:
    The developers of these products are NOT engineers. They do NOT understand or care about the phrase "graceful failure" or "reliability". These products are NOT tested. They are perpetually BETA. Firmware updates WILL vanish well before the hardware dies. These products are ALWAYS remotely killswitch compliant. They ALWAYS have crappy security. 2 years is "lifetime".

    In short, you are better off building something yourself. Look at Raspberry PI / Arduino.

    (Yeah I like caps, but unfortunately because you are likely using IoT your gadget to stop me has already been bricked due to business synergy and end of quarter "reasons")

  29. Decommissioned over an SSL certificate renewal by Anonymous Coward · · Score: 0

    Called it.