First we buy a gadget. For the next few years, the manufacturer releases an occasional software update that fixes bugs and protects us from vulnerabilities. One day, those updates stop coming. According to conventional wisdom, that’s the time to buy a new device.
But what if it isn’t?
The truth is, upgrades needn’t be so automatic. We can often delay them if we follow some best security practices and take control of our personal tech. After all, it’s unrealistic for everyone to upgrade on a tech company’s schedule — some devices, including expensive Android phones, cease getting software updates after only two years. Not all of us have the time or money to buy new products that regularly.
At the same time, we don’t want to hold on to our gadgets so long that they become vulnerable to bugs, cyberattacks and other flaws. Software upgrades are typically necessary for those reasons. Everybody needs to be able to use technology safely to live and work, said Hilary Shohoney, the executive director of Free Geek, a nonprofit that repurposes outdated machines for schools and senior citizens.
“We have to ride the line between what the reality is for a lot of people and recognizing that everybody has to engage in the digital world,” she said. “It’s not a fair thing to say you need the best computer to get the best security.”
So how do we walk that line? While a new gadget must be bought eventually, there are some ways to keep your devices running safely even when the manufacturer stops providing software updates. Here’s what you need to know.
Follow Best Security Practices
Consider how we use technology nowadays. On computers, lots of what we do, from turning in homework to editing spreadsheets, happens through a web browser. On phones, we heavily rely on both the web and apps.
So staying safe online without direct help from a manufacturer largely involves taking steps for browsing the web and using apps. Here are some things to pay attention to:
-
Keep your browser up to date. Staying on top of browser updates will offer some protection from malicious websites. Trustworthy browser companies like Mozilla, the maker of Firefox, update their apps to work on computers that are more than 10 years old.
-
As always, avoid suspicious behavior. Don’t open messages or click on links from unknown senders, and, if possible, use only apps offered by trusted brands, said Sinan Eren, an executive at Barracuda Networks, a security firm.
-
Be on the lookout for shady apps. Android devices are more susceptible to malware than Apple phones partly because they can be set up to install apps from unauthorized app stores. In addition, many manufacturers stop supporting Android devices after only two years. Google declined to comment. Owners of outdated Android devices can add a layer of protection by installing a malware-scanning app from brands like Malwarebytes, NortonLifeLock and Lookout.
-
Secure your online accounts. Even if your device’s software is outdated, setting up your online accounts with two-factor authentication — a security practice that generates a unique code via an app or a text message whenever you log in to a site — can help prevent inappropriate access to your account in the event that your password is stolen.
Doing all of the above will reduce risk, but won’t eliminate it. Dan Guido, the chief executive of Trail of Bits, an internet security firm, said outdated devices remained wide open for attackers to exploit because of known vulnerabilities inside old software.
“Unsupported devices are a stable target — a sitting duck — for attackers,” he said.
Install a Different Operating System
There are more advanced steps that can keep a device functional and secure past its supported life. One involves replacing the manufacturer’s software system with an alternative.
Ms. Shohoney’s nonprofit, Free Geek, based in Portland, Ore., revives old personal computers by installing a copy of Linux, the open-source operating system known for robust security and used for basic tasks like browsing the web, exchanging email and composing documents.
Installing a different operating system requires some technical know-how, but myriad resources and tutorials online offer step-by-step instructions for adding Linux to outdated Windows and Mac machines.
Smartphone owners have fewer options. For Android, LineageOS, an open-source mobile operating system, has received positive reviews for its robust security.
Outdated Apple mobile devices, however, can’t be easily modified to install an alternate operating system. In fact, security experts recommend against “jailbreaking,” or injecting unauthorized software, because it can weaken the Apple device’s security.
Repurpose Your Old Device
We can also take steps with our hardware, like replacing an aging battery, to keep our devices going. But over time, when the cost, effort and risk add up and make resuscitating a device impractical, upgrading is your best bet.
That doesn’t mean we have to haul our devices to a recycling center. By turning off an outdated iPad’s internet connection, for instance, you can safely use it for light tasks like playing music or jotting down recipes, said Kyle Wiens, the chief executive of iFixit, a company that offers tools and instructions on repairing tech products.
“If it’s not connected to the net, it doesn’t matter that it’s out of date,” he said.