The following security updates require Ubuntu Pro with 'esm-apps' enabled: Learn more about Ubuntu Pro at https://ubuntu.com/pro. Or "a risky move by Canonical"

I'm the IT-guy for my family and all our devices run Ubuntu. Older laptops have become various monitoring devices, or donated to organizations, etc. We have way more than 5 physical devices that I maintain for the family. (This article is not going to discuss the Ubuntu-based cloud, VM and container images I also maintain)

My typical setup was that the laptop and tablet devices were set for autoupdate and let them notify me on issues with upgrades. I could remote in and solve issues, etc....

It was great, until Ubuntu's updates started bricking the newer HP laptops with the RTW networking chips.

Bricking, as in, couldn't even boot past the enable networking stage. It was bad and even getting into recovery mode and running updates via wired cables didn't work.

It got to the point that it required re-installation from USB. Diagnosis was tricky and it turned out to be caused by an incompatibility between the newer HP hardware and the kernel pushed by Canonical/Ubuntu. Diagnosing that, solving that, and helping release a fix to the community felt great. I was happy to do so because it felt like there was a partnership between Canonical and the OpenSource community. The timeline between noticing a problem and diagnosing and submitting that fix to the community was hours.

So I was very surprised to see that a security update was being withheld. So I looked into Ubuntu Pro and found the terms of service state the following:

6) During the term of this Agreement, Canonical may request Customer’s confirmation of its compliance with this Agreement or, if Canonical reasonably suspects that Customer is not in compliance with this Agreement, audit Customer’s use of the Services to confirm compliance. If any audit reveals that Customer was not in compliance with the Agreement, Customer will immediately come into compliance. If Customer’s confirmation or an audit reveals that additional Fees are due, Customer will pay such Fees and interest (at the rate applicable to past due amounts), within 30 days of the date of Canonical’s invoice. If the additional Fees exceed the Fees originally invoiced for the period covered by the audit by 5%, Customer will reimburse Canonical for the costs of the audit.
7) Canonical may charge interest on any past due payment amounts, plus any related collection and legal costs. Such interest will accrue at the annual rate of 2% above the base rate of the Bank of England in force from the due date until the date of payment, or the highest rate allowable by applicable law (if lower). Interest will accrue on a daily basis, whether before or after judgement.

I've seen that before. And I've seen software organizations make it extremely easy to create accounts and install services. Microsoft back in the 1990s was doing this and many students adopted Microsoft Windows as their OS of choice. But then Microsoft would come to the school and state something like: "We think there are enough students and teachers using Microsoft Windows that are violating our terms of service. They (and thus your school) are liable for our audits. If you just pay us a million dollars per year, we will avoid a costly audit that you will pay for."

Many schools, universities, colleges just decided to pay that blackmail. Many did not and I recall reading a ton of blogs about the time and effort spent to prove to Microsoft that they were in compliance, just to get another audit a year later. It gave Microsoft money, but ultimately spelled their doom as a dominant player in the Internet space.

At about this time Linux was introduced and that anger at Microsoft breathed fire into the Linux movement and the numerous distributions that started.

I tried a bunch of different Distros and settled on RedHat as the best at the time and RedHat became my default installed OS. It was a partnership again. And I enjoyed being part of a community and solving core kernel issues and submitting patches again.

Fast forward to RedHat becoming the dominant OS in the Linux server market. I believe they were close to 80% of the market when RedHat announced they were no longer going to support a community version directly and asked people to buy a subscription.

This pissed off the OpenSource community. And so this breathed fire into the numerous alternative distros ... one being a newly released Ubuntu. I settled on it as the operating system of choice and set about replacing all of the RedHat servers with Ubuntu ones. Eventually RedHat realized their mistake and released/supported CentOS, but by then it was too late and Debian distros were now dominant in the workspace of Linux users.

So what's happening with the push now from Canonical to adopt Ubuntu Pro that comes with the above TOS? This is a very risky move by Canonical to push adoption by withholding security updates.