Out of curiosity, when did you last pay for the upgrade, and when did you initially pay for the $60 fee?
I also paid for 1P on MacOs and iOS and was not happy moving to the sub model, and especially the major UX problems and total mess of browser extensions they had for about 9 months recently.
However, how long did you expect high security software to be continued to be supported and improved on your original license?
There's a couple of things with this, as I've been in an argument with someone else over this same issue in the other thread in the main news section.
Sometimes, being supported does not mean "is functional". I'm still on a mid-2011 MBA, running Sierra, using 1Password 6.8.9. I paid $36 for the license to 1P6 (it was on sale at the time). Sierra's last update was in September 2019. 1P6 had its last update in November 2020. I bought 1P5 when it came out, and through the upgrade process, landed on 1P6 6.8.9 which I have not had a single problem with it. The license for 1P6 and 1P5 have been in perpetuity for me. As long as I have that license, the program will continue to work. That last update for 1P6 was a security update, and since they stopped supporting 1P6 and focused on 1P7 and newer, that does not mean that 1P6 will not continue to work.
Why isn't that a problem? See below.
What is a reasonable amount to pay, given this stuff has to be patched immediately if there is a new vulnerability?
Seeing that 1P6 and older have affectively been dropped for support, that would then mean that the bulk of the users of 1Password are using 1P7 and newer, and will continue to do so until there are little to no users left using 1P6 and older. That actually is to the advantage of those 1P6 users, because if used properly, we would fall under the cloud (no pun intended) of Security by Obscurity. There would be so few of us using the program that no-one with any malicious intent would go after them because they wouldn't think that older versions would be used.
Case in point: I'm still on OS X 10.12.6, because 10.13.x (High Sierra) is incredibly unstable on my Mac, yet Sierra has been rock solid. There have not been any CVEs released for Sierra since 2019, as it is now falling under security by obscurity.
If kept locked down properly, everything kept local and secure locally, Sierra and 1P6 could work until this Mac dies, which it doesn't appear to be happening, as I'm now 10 years and 5 weeks into it.
My point: When it comes to a vulnerability, there is
remediation, and there is
mitigation. The patch is remediation, as it eliminates the vulnerability; working around the vulnerability and doing what can be done to secure the vulnerability from being exploited without being able to patch is mitigation.
We can do the latter without having to pay, which is how I'm still using Sierra, and 1P6 with all of its patches.
BL.
1password.community
