Tech
Legislators Push to Make Companies Tell Customers When Their Products Will Die
On Tuesday, two Massachusetts lawmakers introduced two bills to the state’s House and Senate that, if passed, would create a state law requiring companies to tell customers when service on their connected products will end. It is an effort meant to tamp down on cybersecurity risks and also boost consumer protections. With knowledge about future support, consumers can confidently buy a device knowing how long they can expect it to reliably work, and when to plan for its eventual obsolescence.
The pieces of proposed legislation, collectively named An Act Relative to Consumer Connected Devices, were introduced by Massachusetts state senator William Brownsberger and state representative David Rogers in their respective chambers.
“Our daily lives have become intertwined with smart devices,” Rogers says in a statement emailed to WIRED. “Once a company decides it will no longer provide software updates for those devices, they become ticking time bombs for hackers to exploit. We must ensure consumers are given the tools to understand their devices and the risks, before they purchase them.”
State senator Brownsberger’s office has acknowledged our request for comment but he has not yet responded.
The bills arrive nearly a year after a joint report by the advocacy groups Consumer Reports, US PIRG, and the nonprofit Secure Resilient Future Foundation that encouraged lawmakers to support policy that would inform customers when their connected products were going to stop working. That includes a broad array of smart home devices, like Wi-Fi routers, security cameras, connected thermostats, and smart lights. While it is a proposed state law for now, supporters hope it will inspire more legislation like it in the near future.
“Almost everybody has a story about some device that they love that suddenly stopped working the way they thought it would or has just straight up died,” says Stacey Higginbotham, a policy fellow at Consumer Reports. “Your product is now connected to a manufacturer by this software tether that dictates how it’s going to perform.”
The laws in the Massachusetts acts, if eventually passed, would require manufacturers to clearly disclose on product packaging and online how long they will provide software and security updates for a device. Manufacturers would also need to notify customers when their device is approaching the end of its service life and inform them about features that will be lost and potential security vulnerabilities that may arise when regular support ends. Once a device stops getting regular updates, it’s more prone to cyberattacks and becoming a vector for malware.
“This is an issue that is becoming more and more pronounced as the internet of things ages,” says Paul Roberts, president of the SRFF and a resident of Massachusetts who worked with the lawmakers. “This is inevitable. We can’t just leave them out there connected and unpatched.”
Wi-Fi has been commonplace in the home and the office for over two decades, meaning there is a rapidly growing population of old devices still connected to the internet that likely haven’t received security updates in years. These zombie gadgets—routers, sensors, connected appliances, home security cameras—have been left vulnerable to attack by their unsuspecting owners.
“We’re trying to reduce the attack surface,” Higginbotham says. “We cannot prevent it, but we do want to give consumers the awareness that they could be hosting something. Basically, they have an open door that can no longer be locked.”
The bills’ focus on cybersecurity also has the benefit of catching the eye of people who might worry about that kind of thing—like US legislators.
“I’m hoping legislators are able to pretty easily wrap their arms around this and understand the problem here,” Roberts says. “And get behind the solution.”
In this episode of Uncanny Valley, we get into how the Elon Musk-Sam Altman trial goes way beyond their rivalry and could have major implications both for OpenAI and also the AI industry at large.
Source link
The general cyber security threat to UK organisations remains “widespread and significant” with 43% of businesses, 28% of charities and 69% of large firms having suffered either a data breach or cyber attack in the past year, and 29% of respondents saying they were experiencing incidents at least once every week.
This is according to the UK government’s latest Cyber Security Breaches Survey for 2025-26, which comes at the tail-end of a 12 month period that saw a series of high-profile incidents targeting the likes of Marks & Spencer, Co-op Group, and Jaguar Land Rover, as well as amid elevated concern over the impact of offensive artificial intelligence (AI) – which was the subject of a warning from government ministers earlier in April.
“These figures are a stark reminder of the importance of having robust cyber security measures. All business leaders should be gripping this issue and taking action now, especially as AI is making the threat more acute. Quite simply, firms cannot afford not to take these steps,” said cyber security minister Liz Lloyd.
Lloyd has today written to the CEOs and chairs of over 180 of Britain’s largest businesses to urge as many as possible to sign on to the government’s Cyber Resilience Pledge, which was announced at the National Cyber Security Centre’s (NCSC’s) annual CyberUK conference in April and is set to launch later in the year.
Organisations signing up to the Cyber Resilience Pledge will have to take three firm actions to improve their security:
- Make cyber security a board-level responsibility;
- Sign on to the NCSC’s Early Warning service, which is free;
- Obtain the NCSC’s Cyber Essentials certifications across their supply chains.
Lloyd said that doing so would help businesses significantly strengthen their defences and keep themselves, their customers, and the wider economy, safe. “Businesses are not powerless,” she said.
An improving picture?
While the headline statistics give Westminster good reason to keep banging the drum for cyber security, digging deeper, the data show evidence of an improving picture in some regards. The percentage of businesses affected by cyber incidents was roughly in line with the 2024-25 survey period, and down from a high of 50% in 2023-24.
Ransomware attacks against businesses also seem to have dropped a little, with 1% of respondents saying they had been affected by ransomware, down from 3% a year ago, while the prevalence of phishing attacks – although not significantly down on 2024-25 – is way down on 2023-24, affecting 38% this year compared to 42% 24 months ago. And impersonation breaches or attacks affected 12% in 2025-26, down from 17% in 2023-24. Charities – which the government accounts for separately in the report – have also seen significant drops in impersonation attacks or breaches.
This said, phishing attack volumes remain high and are still the most prevalent form of cyber incident, experienced by 38% of businesses and 25% of charities, as well as the most disruptive. Those who took part in qualitative interviews for the report tended to agree that phishing attacks had gotten easier to commit, and were becoming more sophisticated, which was contributing to the increase.
The number of businesses reporting that cyber attacks or breaches led to loss of revenues – or impact to share values – has risen from 2% last year to 5% this year, while the number reporting they experienced reputational damage is also up, from 1% last year to 3% now.
The M&S effect
Picking apart its data, the government said that recent high-profile incidents – like the M&S attack – did not seem to be feeding through in terms of causing a wider shift in resilience. It said that while one might have expected such incidents to spur an increase in vigilance, prioritisation and action on cyber issues has not moved substantially, and long-standing issues such as the resilience gap between large firms and SMEs persists.
Indeed, SME cyber hygiene has been declining on a number of measures after improving in the previous report – the number undertaking risk assessments or putting cyber risk policies or business continuity plans in place seems to be dropping.
TrendAI cyber strategy director, Jonathan Lee, said: “This highlights how awareness of cyber risks still hasn’t fully converted into mitigating action, with no overall reduction in the level of successful cyber attacks year on year.
“While boards report taking more responsibility for cyber risk, it’s worrying to see a year-on-year rise in the proportion of organisations that report seeing government advice and initiatives about cyber security but go on to do nothing in response. This isn’t just on UK businesses and charities. Government needs to do a better job with streamlining schemes, brands and channels to make for a single, coherent national voice on cyber literacy that’s accessible – not just geared towards CIOs,” said Lee.
Lee warned that the UK’s fast-digitising society is being built on “fragile foundations”, particularly with so many business leaders seemingly in awe of AI to the exclusion of the risks it poses.
“While that’s good news for the government’s stated aim of making the UK the fastest country in the G7 to roll out AI, it’s a clear risk as long as complacency about cyber risks is commonplace,” he noted.
After suggesting a wood-burning stove, and a mini bellows, you should have seen this coming. What you need to complete the full-fire package is Cooking On Fire, a gorgeous book of recipes and techniques for cooking over an open flame. Cooking on Fire has a good mix of recipes, ranging from simple and delicious veggies to slow-cooked meats that require hours. There’s also plenty of background on different types of fires and cooking techniques, as well all the equipment you might want to cook various things (for example: spits, forked sticks, cast iron pans, and so on). It’s everything you—er, sorry, your outdoorsy friend—need to get started cooking on fire.
What I really want to try is the fire inside a log technique pictured on the cover, but I haven’t gotten around to that yet. So far I’ve only had a chance to make the grilled pork belly, with grilled carrots and “Krabbelurer” griddle cakes for desert. All of them were excellent, though of course, perhaps that universal rule applies more so here than with any other form of cooking: Your results may vary. In the end, though, this isn’t really a gift about cooking. It’s gift to remind us all to slow down and take your time, with food and everything else.
Musk v. Altman Kicks Off, DOJ Guts Voting Rights Unit, and Is the AI Job Apocalypse Overhyped?
China’s brain-control weapons race being led by Harvard scientist who was jailed in US
Markets are underpricing the risk of Middle East pullback in AI, says tech investor Jack Selby
PSL 11: Hyderabad Kingsmen opt to field after winning toss against Multan Sultans
Trump administration in advanced talks for a rescue package for Spirit Airlines, source says
UK inflation accelerates after Iran war drives sharp rise in fuel prices
-
Sports1 week agoPSL 11: Hyderabad Kingsmen opt to field after winning toss against Multan Sultans
-
Business1 week ago
Trump administration in advanced talks for a rescue package for Spirit Airlines, source says
-
Business1 week ago
UK inflation accelerates after Iran war drives sharp rise in fuel prices
-
Entertainment1 week agoAnne Hathaway shares major news about ‘Princess Diaries 3’
-
Tech1 week agoMicrosoft faces court battle in £2bn Windows Server class action | Computer Weekly
-
Business1 week agoGold prices in Pakistan Today – April 23, 2026 | The Express Tribune
-
Tech1 week agoBlackbox replaces two racks of HPE storage with 8U of Everpure | Computer Weekly
-
Fashion1 week agoBangladesh RMG units call for allowing local FOC raw material sourcing