After Outrage, Logitech Gives Free Upgrade To Owners of Soon To Be Obsolete Device (gizmodo.com) 105
It looks like Logitech didn't anticipate the barrage of criticism it received after announcing this week that it would be intentionally bricking its Harmony Link hub next March. The company is now reversing course. Its Harmony Link will still die next summer, but if you own one, the company is happy to give you a free upgrade to the more recent Harmony Hub model. From a report: Originally, Logitech planned to only offer Harmony Link owners with active warranties free upgrades to its new Harmony Hub devices. But for people out of warranty -- possibly the majority of Harmony Link users, as the devices were last sold in 2015 -- they would just get a one-time, 35 percent discount on a new $100 Harmony Hub. However, after customer outrage, Logitech revised it plans and announced that the company will give every Harmony Link owner a new Hub for free. Additionally, users who had already used the coupon to purchase a new Hub will also be able to contact Logitech in order to obtain a refund for the difference in price. However, Logitech is still not planning to extend support for the Harmony Link. The company says, "We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018 -- we would be acting irresponsibly by continuing the service knowing its potential/future vulnerability."
Hilarious name (Score:5, Funny)
With all the drama that's happening with it, I find it funny that Logitech called the product "Harmony".
Re: (Score:2)
Harmony was acquired by Logitech about a decade ago.
Not to you know, ruin your joke...
Re: (Score:2)
With all the drama that's happening with it, I find it funny that Logitech has a product "Harmony".
Still doesn't change the irony of what's happening with it.
Re: (Score:2)
Re: (Score:2)
that is Are Money, or Harm On You?
idontgetit.
OurMoney?
Security is a cop out (Score:5, Insightful)
Re: (Score:3)
It's not so unbelievable that it's a firmware update problem. It could be that the changes they must make can't be fit into the space available on the device.
The point of this discussion, though, is that they intended to brick their own devices without fair compensation.
Re: (Score:2)
Re:Security is a cop out (Score:4, Insightful)
Note that some microcontrollers have a section of write-once memory specifically designed for security data such as certificates. If the engineers didn't think far enough ahead to 'what happens when this cert expires?' then this becomes a very plausible scenario.
Re: (Score:3)
Re: (Score:2)
mod parent up, he gave the only plausible technical reason I've heard for a cert expiring that would impossible to fix.
Re: (Score:2)
Yeah, who can blame the engineers for not thinking ahead a whole TWO YEARS in the future? My grandkids will be having grandkids by then. California will sink into the ocean. The Sun will engulf Mercury. Andromeda will collide with the Milky Way.
Re:Security is a cop out (Score:5, Insightful)
If the cert can't be updated, or if the cert server was taken down, it's conceivable that Logitech got themselves into a spot where they simply CAN'T make these things keep working.
If it's a trust chain to their own company, they should be running their own private CA and fully own the whole chain. The cert doesn't have to be trusted by a web browser.
Re: (Score:2)
Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.
Flash is cheap and stable enough that it tends to be used even if there is no plan to re-write it ever.
However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).
Re: (Score:2)
The parties I go to usually don't feature people smugly telling people to look something up when they don't know what they're talking about.
Re: (Score:2)
Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.
Or they've used the a chip where the programmer burns out a diode in the microcontroller, rendering it read-only.
However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).
My bet is it can only be programmed by cracking it open, and hooking up a manufacturer-proprietary programmer (it might be standard JTAG, though). Either way, it's not something consumers can do.
I'm sure there was a conversation along the lines of:
Engineer: "We'll have to spend an extra $0.20 per unit if we want firmware upgrades"
Manager: "That's too expensive, Engineer. Just do your job proper
Re: (Score:2)
Alas, the switch on SD cards is just advisory. It's up to the driver to detect the switch position and honor it. No matter what position the switch is in, if the driver issues a write command, the write will happen.
Other flash chips have an actual write signal. If that is physically disconnected (by a jumper for example), a write actually can't happen. Agreed, motherboards should have the write line jumpered.
Re: (Score:2)
It does at least help with user error as long as it's understood that the protection is limited.
Re: (Score:2)
Actual ROM is very rare and OTP (one time programmable) tends to be very small and for specialized functions.
Flash is cheap and stable enough that it tends to be used even if there is no plan to re-write it ever.
However, in such a case the firmware may have no functions to erase and re-write (including being laid out in such a way that it always has at least a stub that can complete an interrupted update rather than bricking).
OTP is not all that rare. And on extremely high-volume products, ROM is still a "Thing".
BTW, just because a microcontroller is Flash-based; doesn't mean the device itself has the ability to (re)program it. They can't assume that everyone has a JTAG programmer at their disposal, and even if the device itself can (re)program its own Flash, there has to be code to support the flashing, and SPACE to store a downloaded "Update" while the device continues to function and (re)program.
Considering the longstanding b
Re: (Score:2)
I never said OTP was rare, just that it tends to be small. I also already pointed out that self re-flashing might not have been designed for, including lacking the code.
The nice thing about NOR flash is that the chips are hardware self-sufficient. No need for special voltages, control circuitry, or external drivers. Flashing is accomplished through the correct sequence of memory accesses.
Re: (Score:2)
Oh, they intended to. But business things happen.
They could have a falling out with the technology provider (who provided the base hardware). The end result is the technology provider withdrew their software licenses and Logitech can no longer produce a firmware update - they have no license to use the tools.
So even if they wanted to update the certificate, they couldn't.
Or, perhaps the technology pro
Re: (Score:2)
Logitech is the EA of hardware. Purchase the competition to put them out of business.
We're bricking your device (Score:2, Insightful)
Here's a coupon to buy the new model.
Sure hope we don't brick the new one too.
Expiration Date (Score:2, Insightful)
Why are they building a non-renewable expiration date into a hardware product? And perhaps more importantly, what is the expiration date of the new hardware product? Do they even tell the users what that expiration date is when they purchase it?
Re: (Score:2)
They aren't. The best guess I've seen is that the product can only handle SHA-1 certificates, and the company is unwilling or unable to obtain a replacement SHA-1 that will be trusted by the cert store.
Re: (Score:2)
They aren't. The best guess I've seen is that the product can only handle SHA-1 certificates, and the company is unwilling or unable to obtain a replacement SHA-1 that will be trusted by the cert store.
It's likely a proprietary encryption algorithm, not something industry-standard like SHA-1.
And therein may lie the rub.
Re: (Score:2)
Printer cartridge manufacturers got away with it; now everyone thinks they can do it.
[eyes high-end HP inkjet with five FULL carts that won't work because they're past date, even if the printer could still be used... HP says "outdated so no drivers for you" and has deleted them from its website.]
King of Mediocre (Score:5, Interesting)
Logitech has been the King of Mediocre for years. Average products that, with a bit of effort, could be quality work. For example, wrist pads instead of some products that don't force the wrist to bend back. They destroyed the Squeezebox system by Slim Devices. (When they bought the company, I knew the days it would work were numbered.)
The only reason to buy from them is not doing enough research to find who has a better product that's not necessarily as visible in the marketplace. I won't touch their products anymore.
Re: (Score:1)
G900 is the best mouse on the market
Re: (Score:1)
Their mechanical keyboards rock as well. I can't comment on their other products, but their mice and keyboards are rock solid.
Re: (Score:1)
Their Harmony remotes are also good. I've been using them for 10+ years.
Being the family "tech and AV" support guy, I've setup mini home theaters (TV + blu-ray player + 2.1/5.1 sound + satellite/cable TV box + streaming device, etc.) for several family members. I always asked if they had any interest in a Harmony remote since they're juggling multiple remotes at that point. They all declined and proceeded to create legal sized sheets of hand-written instructions for all the manual remote juggling require
Re: (Score:2)
Are you able to point me to similarly priced products that are more reliable than these? (I've personally never had a problem with either, but I'd love to learn about better products.)
Yes the Microsoft $25 Mouse + Keyboard combos.
Re: (Score:2)
It must be a departmental thing. I have 3 Logitech devices on my work desk right now. A touchpad, track ball and mouse that get used depending on the application.
I have a Logitech Trackman Wheel USB (T-BB18) which I've been maintaining for years. A second one has come and gone since I got this one; it stopped responding when plugged into a USB port. I've had to replace the microswitches about five or six times now. They are made by Omron and they are garbage. Even the middle button fails rapidly, and I scarcely use that compared to the others. I only have two more microswitches left, so maybe I'll try to find something from some other brand with more longevity next
Obsolete Device (Score:3)
Yeah, keep writing those great headlines. A two year old TV remote is not an "obsolete device."
And this is why I don't trust companies with "smart" things. If it's going to be smart, it had better connect to my smarts, not some remote server. Amazon and Google have "smart" speakers that can't even find DLNA audio on your home network. How smart is that?
Re:Obsolete Device (Score:5, Insightful)
> If it's going to be smart, it had better connect to my smarts, not some remote server.
We've seen enough now that even the technologically illiterate should be starting to understand that if you buy something that requires an Internet connection, you're getting a service that can be terminated at any time.
And if there's no ongoing access fee... the probability of having the plug pulled on the system increases exponentially with time.
Re: (Score:2)
And so, since we now have an Internet of Things, with Internet connections on most every product we buy, we should expect all of them to be made inoperable by their manufacturer at its own convenience at a time of its choosing. We don't own anything, the manufacturer owns it.
Those people bought a device to fulfill a function, their aren't subscribing to some service - free or paid. The manufacturer is literally destroying their property, But you, it seems, are okay with that.
Re: (Score:2)
>But you, it seems, are okay with that.
You have drawn an incorrect conclusion.
Re: (Score:2)
More like he's warning people not to buy such a thing at all. If enough people refuse, they'll have to make devices that don't depend on phoning home.
Re: (Score:2)
It sounds like it serves as a remote control for the TV right in front of you and also a bunch of stuff you should be able to use your phone for.
Wiki page [wikipedia.org]: Devices that can be controlled with Harmony include TV's, cable boxes, game consoles, smart lights, smart thermostats, smart locks and other connected devices with Wi-Fi
I guess it can turn a dumb TV into something you can control with your phone, though there are cheaper option [amazon.com]
Re: (Score:2)
It's going to stop working. Support is being removed. That will make it obsolete. You may not think that's a great way to run a business, but that doesn't make the headline bad.
Re: (Score:2)
That's not what obsolete actually means - out of date and no longer bring used.
Let's not agree to use their words, because it is fraud. The word obsolete tries to put the blame in the customer for not being on the upgrade treadmill.
Re: (Score:2)
I do. Same reason I use my keyboard and not a touch screen to type.
Re: (Score:2)
Amazon and Google have "smart" speakers that can't even find DLNA audio on your home network. How smart is that?
To be fair to Amazon and Google, DLNA, UPnP, Airplay, and all those discovery based devices have always been a horrendous clusterfuck of working and not working. Doesn't matter if it's Google vs Sonos, Windows vs Samsung, or open source software vs open source software.
There is something seriously diseased in the way these things work.
Re: (Score:2)
A broken implementation can at least be worked around - just look at all the compatibility layers on other mature protocols. We also survived IE6 for over a decade alongside other browsers. An SMB share is actually not all that hard for a power user on Windows OR Mac, but I understand why that's at least not included.
Re: (Score:2)
A broken implementation can at least be worked around
I wish someone would get to work on that. Point is, calling out a device for not being able to do something no one else has gotten right isn't sound logic.
Re: (Score:2)
No one has gotten it right? There are lots of consumer products that at least work with it to some degree. Something is still better than nothing - especially when their reason is to lock it down.
I mean, there's no reason not to offer a USB port to index files from either.
Re: (Score:2)
Actually Apple had it working pretty much flawlessly in the late 80's (I used to admin a few thousand devices with a couple other people). DDP and related protocols.
I thought in the late 90's we'd have an IP version of that with mDNS, PDF printing everywhere, and everything would "just work" by 2005. Ha!
Re: (Score:2)
Because God does not shut them off for His own convenience (yet).
Precedent Principle (Score:3)
The dangerous thing here is that this company didn't say - it is bad to intentionally brick the fully functional (non-subscription) product after the warranty expired - they fully maintain their current position. They just shut up critics by sending them a new product (that they will brick soon anyway). After few "responsible" shut downs it will become a norm.
Are you looking forward to your car being bricked because some company just made "the business decision" [sic] that you need to buy another one?
Re: (Score:2)
Are you looking forward to your car being bricked because some company just made "the business decision" [sic] that you need to buy another one?
I think they called that "Cash for Clunkers"
Re: (Score:2)
No. Cash for Clunkers did not force anyone to buy anything. Simply gave an incentive to do so (and destroyed a whole lot of perfectly serviceable vehicles).
Re: (Score:2)
No. Cash for Clunkers did not force anyone to buy anything.
Directly no, it did not. However, by removing a lot of perfectly serviceable cars from the used car market it forced people down the road (see what I did there?) to purchase new rather than used cars.
"Business decision" my arse ! (Score:1)
We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018
So they want us to think this "Business decision" was basically a cost saving exercise?
Let's think for a moment, what saves a company more money ? Is it A: Renewing an encryption certificate or B: Not renewing it, and then giving away your new product for free to existing customers.
Or is it C: Intentionally brick your 2 year old product in a half-arsed effort to force customers to your new product. Even with a 35% discount they'll still be making a profit on them.
For some reason Logitech thought their custo
what Logitech should do (Score:2, Insightful)
"OK, we can't support this thing forever, here's all the source code and protocol manuals so you can set up your own servers to make it do whatever you want"
Re: (Score:2)
That assumes they can. They may have licensed bits of hardware and/or software from someone else who wouldn't appreciate it being open sourced. Unfortunately, "just open source it" isn't always an option.
That makes a convenient excuse for Logitech. Why should that exonerate them of malice?
This issue is far bigger than Logitech (Score:5, Insightful)
The reason there's so much outrage over a glorified TV remote control system is the principle of the whole thing. It reminds people that no matter how much you spend on an electronic gadget, if it relies on a "cloud based" back-end in some manner, you don't *really* own or control it. You just paid to use the thing for as long as the manufacturer deems it worthy of continuing to allow it to operate for you.
Perhaps the most extreme example of this today is the Tesla Motors electric car? You can spend 6 figures on the performance version of a Model S and yet it's still subject to firmware updates Tesla pushes out to it. Not only can they cap and uncap your driving range at will, but they routinely make use of a feature that locks you out of all remote control to your vehicle (commonly done when a Tesla service place has the car overnight for maintenance). The reasoning is sound enough; they don't want you trying to manipulate things like the power windows or horn or lights while it's being worked on. But it still proves they have the "master switch" to turn your ability on and off to communicate with your vehicle that you paid for.
And here's an example of them turning off the "emergency braking" feature on the Model 3's for owners:
https://jalopnik.com/tesla-tem... [jalopnik.com]
I've been saying for years that companies are being "penny wise, pound foolish" trying so hard to "cloudify" their operations. There are things that lend themselves well to being cloud-hosted, like email. (Whether you run your own mail server or not, you're still pushing and pulling everybody's content over the Internet, through other email servers that you don't control at all. And typically, the amount of time your in house I.T. staff will have to spend to address Exchange server related issues doesn't make good economic sense vs. outsourcing all of those issues up to the chain and paying for the mail hosting.) But typically, you're giving too much control and trusting too much security to 3rd. parties. Where I work, we have a DropBox business subscription. Great product and solves a lot of issues for us, but they just did a price increase that will cost us thousands more per year. It was already a pretty hefty expense that keeps going up as the company adds contractors or freelancers who need to share team folders with our employees. Before long, it'll reach a point where it's financially more sensible to host the content ourselves with a "private cloud". Except now, it's a MASSIVE hassle to retrain everyone on a new product and migrate all the data to a different platform. Could have all been avoided if we just tried to do this ourselves from the start, rather than being tempted by the instant gratification of DropBox.