this post was submitted on 26 Aug 2024
239 points (99.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
241 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I think a common factor on why torrents are having a resurgence and illegal streaming services are getting more traction, is subscription fatigue. Subscription fatigue doesn't only contain itself to streaming services, movies or music, nowadays you're also expected to subscribe to every app you download. Whether it's a meditation app, a budgeting app (looking at YNAB that went from a one-time purchase to a really expensive subscription model), the Adobe suite, the MS Office suite, your Peloton bike that you've already paid hundreds of dollars for (referencing the earlier article on them establishing a startup fee for buying used bikes), or a podcast app where the money doesn't even go to the podcasters themselves.

Is there a peak for this? I feel like subscriptions are becoming more of a rule than an exception. Having the ability to directly purchase digital goods seems more like a thing of the past. It's just so stupid. But apparently people don't care? They just keep paying for this? Apparently it's still worth it for companies to establish a subscription model, even if there are no benefits for the customer, just the company. What are your thoughts? What can we do to stop it?

you are viewing a single comment's thread
view the rest of the comments
[–] overload@sopuli.xyz 21 points 3 months ago* (last edited 3 months ago) (9 children)

I completely agree with you in principle for people who want their software updated, but there is some software that is standalone and doesn't depend upon changing codecs/APIs etc. Something like myfitnesspal or a thermomix shouldn't be a subscription, there is no major updates to how someone tracks their exercise uses a hot blender that justifies it beyond users being locked in.

In the example of thermomix, you've already paid top dollar for the hardware, getting locked out of functionality you've paid for stings.

[–] tias@discuss.tchncs.de 0 points 3 months ago (5 children)

Something like myfitnesspal or a thermomix shouldn’t be a subscription, there is no major updates to how someone tracks their exercise uses a hot blender that justifies it beyond users being locked in.

I won't dispute that both of these likely abuse the subscription model for their benefit. But they definitely have a social responsibility (and in many cases a legal responsibility) to keep updating the software in these products and the network infrastructure that go with them. The internet of things is one of the most vulnerable attack vectors we have. It has been exploited many times not just to attack individuals, but to create massive bot nets that can target corporations or even countries. The onus is on the manufacturer to continuously keep that at bay. You know what they say - the "S" in "IOT" stands for security.

[–] overload@sopuli.xyz 5 points 2 months ago (2 children)

I agree that IOT things need to be secure. Is it really too much to ask that apps/devices are made secure from the ground up?

To stay on the thermomix, all the subcription is is a connection to their servers to give access to their live step by step recipes. Surely that's just a secure end-to-end encrypted connection? I'm not a developer but it doesn't sound like buyers should be expected to pay the manufacturer to maintain beyond buying a thermomix/upgrading to new versions of the hardware when they want to access any new features.

[–] tias@discuss.tchncs.de 1 points 2 months ago* (last edited 2 months ago) (1 children)

Is it really too much to ask that apps/devices are made secure from the ground up?

In a way, yes. They can and should definitely be made with security in mind from the ground up. But they will never be totally secure, and a necessary part of what constitutes a "secure product" is to continuously and quickly patch security issues as they become known.

Surely that’s just a secure end-to-end encrypted connection?

I would bet it's still a bit more than that. But even if it's just a secure end-to-end encrypted connection, here is the list of vulnerabilities fixed in OpenSSL (which is probably what they use for secure encrypted connections). It's five so far in 2024. Then there's some OS kernel below that which can have security issues as well. The Thermomix probably also has user authorization components and payment methods, plus various personal information that has to be protected under GDPR.

[–] overload@sopuli.xyz 2 points 2 months ago

Hmmm.. okay it sounds like the subscription model does actually make some sense for devices that need to maintain an internet connection/IoT applications. Thanks for taking the time to enlighten me.

load more comments (2 replies)
load more comments (5 replies)