You can argue over what a reasonable EOL is, but all hardware is going to EOL at some point, and at that point, it isn't going to keep getting updates.
Throw enough money at a vendor, and I'm sure that you can get extended support contracts that will keep it going for however long people are willing to keep chucking money at a vendor -- some businesses pay for support on truly ancient hardware -- but this is a consumer broadband router. It's unlikely to make a lot of sense to do so on this -- the hardware isn't worth much, nor is it going to be terribly expensive to replace, and especially if you're using the wireless functionality, you probably want support for newer WiFi standards anyway that updated hardware will bring.
I do think that there's maybe a good argument that EOLing hardware should be handled in a better way. Like, maybe hardware should ship with an EOL sticker, so that someone can glance at hardware and see if it's "expired". Or maybe network hardware should have some sort of way of reporting EOL in response to a network query, so that someone can audit a network for EOLed hardware.
Okay so the 2015 EOL ones, yeah I can understand telling the customer to update their shit. They shouldn't have to support nearly 10 year out of date stuff.
I mean this is pretty standard in all industries regardless of whether it's a software flaw or a physical flaw in any other kind of product. What's the likelihood of a vacuum manufacturer replacing a part in a 15 year old product that had a 1 year warrantee even if it's a safety issue?
Can highly recommend ASUS, most of their models can be flashed with custom firmware that is supported beyond EOL. And their EOL cycle is also pretty long.
Commodity hardware & open source software for the win.
When my Western Digital NAS was never going to get critical security patches, I was so freaking glad to find out that they just used software raid... I threw the HDDs in a Debian server and never looked back.
It's certainly nice to have things that are turn-key, but if you can find your way around any OS, just avoid proprietary everything.
Same website (granted, different author, but), same inflammatory language, same vendor, referencing previous erroneous article...I'm not even gonna read this one. Just going to copy/paste my previous response from the previous post:
At a certain point it's the consumer's (and blog writer's) fault, and that's after EoL. Not patching a supported one and just getting rid of support, saying buy a newer one? Yeah, that's bad.
Continuing to not support an EoL model that you already don't support due to EoL (or even dropping support for an EoL model that no one expected you to support in the first place due to EoL)? Non-issue.
Instead of trusting DLink with an off the shelf NAS, it might be easier to build your own with a Raspberry Pi running openmediavault hooked up to a couple of USB hard drives. It's worked well for me for over 6 years now with no issue and could cost way less.
I hate to say it, but depending on manufacturers for this kind of stuff will always inevitably lead to these kinds of situations. This is why I always buy OpenWrt compatible routers and DIY my own NAS.
Over the years, I've experienced:
Netgear refusing to patch bugs like their IPv6 firewall essentially letting all traffic through on the R7800
QNAP shipping NASes with Intel CPUs that had clock drift issues so bad they essentially bricked themselves. They then refused to provide any kind of support for them.
After that I basically said, fuck it, I'll DIY my own and have been much happier ever since. If you have the know-how and the time, DIY is the way to go for longevity.
I think it's easy to blame a company for how they are handling this, but at the same time, if you're using a router that old you should probably already assume that it has vulnerabilities that haven't and probably won't be patched.