Another “simple solution” that doesn’t take into account modern practices or logic. A main one being that just because the S-Series is not getting updates doesn’t mean the firmware it used is also dead or EOL. Then there’s is the fact they have 3rd-party software/code that Sangoma may not have to rights to distribute. Meaning they can ship it as binary but they can’t ship the exposed code because they don’t have the rights.
Then there is the whole modern phones aren’t the same as old phones from 10-15+ years ago. You just can’t go in and replace some lines here and there for various reasons. One of those reasons is that the provisioning URL may not be statically set.
Plus modern phones use a secure bootloader that checks things like checksums and validates the internal code before it does anything. If it sees that the trust chain or code has been modified there’s a pretty good chance that the phone won’t boot at all. Plus there’s no guarantee that the software might want to do more than you think it is and just changing a single URL might not remove all the other checks it does before even using that URL.
So in a nutshell, Sangmoa may not be able to release all of the firmware because they don’t have to rights to distribute code in a non-binary fashion. The missing code could really matter in this. There is also the chance that the code that could be released is intertwined with code that can’t be release and splitting them up will be a real PITA and not really possible.
Finally, this isn’t a solution that solve an the problem for all of the S-Series user base. This will require the users to have a specific skill set to do this and if they break things, they break things. Sangoma would not be on the hook for any failures that resulted in modifying the firmware stack on your own.
So there a plenty of reasons as to why this couldn’t happen as well plenty of reasons as to why it shouldn’t happen.
They’re rebranded Hanlong/Htek phones with the Htek firmware stack and Sangoma customizations on top. (This is not a secret; there are other threads that disclose this.) Maybe Htek isn’t putting out firmware for these models any more which would be the reason Sangoma isn’t either. I assume there’s nothing Sangoma can do about it and they certainly can’t release firmware source code.
The P-series phones are Sangoma’s own software. Probably a better chance of longer-term support with them.
I have to agree with @mwhite on this one. (checks, I didn’t catch on fire)
When Sangoma acquired Digium, they gained a hardware phone platform with a completely in-house software stack. The older S-Series phones were built by a contract manufacturer using a licensed software stack. Business logic dictates using what you own. Sangoma marked the S-Series end-of-life to focus on the hardware and software they actually control.
The broader tech industry is actively deprecating older SSL and TLS versions. Sangoma is updating their backends to match. Older TLS protocols have known attack vectors. Exposing them to the internet is essentially serving your data in clear text to a motivated attacker.
Patching the S-Series today would require new firmware for a product they have not sold in years. They likely no longer hold active contracts with the original manufacturer to even request those updates. This highlights the advantage of owning the code. If a current in-house phone goes EOL and needs a critical security patch, Sangoma can still write it if the financial motivation exists.
When hardware reaches EOL, enjoy it while it lasts. The speed of security deprecation can turn any device into a paperweight overnight. This exact scenario is why the right-to-repair movement pushes for legal exemptions allowing users to reverse engineer, patch, and maintain their own firmware. I’m told people in the land of kangaroos that have the skill can do this…
Side note: I never worked on the phones or redirect server so I don’t know exactly how they work but I assume it is just a 302 redirect. With a packet sniffer and a little code you could make your own and redirect DNS…