Comment 2c on a General Solution (Score 1) 392
Thoughts on a way to fix this sort of thing generally:
The government should define a minimum support window for software, say 5 years or so. From the point where you purchase a software product at retail (not resold), you are entitled to support for critical security flaws (ie: exploitable risks which you cannot mitigate with normal usage) during that period. At the vendor's option, that support can be either free software patches (with no degradation of functionality or additional licensing requirements/terms), full version upgrades (under the same conditions), or the release of the complete source for the product into the public domain (BSD-style). The last option would be the legally-mandated requirement if the vendor was unwilling or unable to supply one of the first alternatives. Companies could, of course, adjust pricing of their software as appropriate to comply with the mandate.
It's not a very clean solution, but it would do wonders to curtail the "forced paid upgrade" trend in software. Plus, companies with "good" support policies in place (both large and small) would benefit.