> If you are paying for a subscription there isn’t necessarily an incentive to provide security updates even more
I'm not so sure - it'd be much easier to write the email saying "Sorry, we screwed up and got a critical security but wrong, but here's an update that fixes it." if a significant portion of your users are paying a subscription - compared to writing that same email just as marketing are preparing to try and convince everybody to pay for a new upgrade...
> That being said, security updates should be part of the price you already paid, since a security flaw is a flaw in their original software.
If that was how everything worked - our industry would be _very_ different. If everybody who ever charge money fo a piece of software was on the hook forever for all flaws it might have, you'd only ever be able to buy software from Apple or Oracle or Microsoft - there would need to be almost as any lawyers as developers in any software company.
I understand your idea - but it's the same idea as people who call up my work saying "Hey, the app you made us doesn't work any more, you need to fix it!" and everybody here is like "Who the hell are _they???_ Never even heard of them." and it turns out its a 32 bit iOS app that they paid for in 2013 and we haven't heard from since (and there's only 3 people left in the whole company who were around in '13, and none of them are iOS devs). We do not fix that for them as "part of the price they paid".
I'm not so sure - it'd be much easier to write the email saying "Sorry, we screwed up and got a critical security but wrong, but here's an update that fixes it." if a significant portion of your users are paying a subscription - compared to writing that same email just as marketing are preparing to try and convince everybody to pay for a new upgrade...
> That being said, security updates should be part of the price you already paid, since a security flaw is a flaw in their original software.
If that was how everything worked - our industry would be _very_ different. If everybody who ever charge money fo a piece of software was on the hook forever for all flaws it might have, you'd only ever be able to buy software from Apple or Oracle or Microsoft - there would need to be almost as any lawyers as developers in any software company.
I understand your idea - but it's the same idea as people who call up my work saying "Hey, the app you made us doesn't work any more, you need to fix it!" and everybody here is like "Who the hell are _they???_ Never even heard of them." and it turns out its a 32 bit iOS app that they paid for in 2013 and we haven't heard from since (and there's only 3 people left in the whole company who were around in '13, and none of them are iOS devs). We do not fix that for them as "part of the price they paid".