Every year, I inevitably see sales on tech devices on Black Friday, Cyber Monday, and throughout the holiday shopping season. And every year, some of those “deals” make me cringe.
It’s important to avoid buying tech that’s already vulnerable—or is so old that it may soon have perpetual security vulnerabilities. Retailers often sell these devices at deep discounts to clear out their inventories.
Here’s how to avoid buying dangerously outdated tech, both during the holiday shopping season and throughout the year.
In this article:
- Avoid dangerously outdated Apple devices
- Beware of outdated Android and ChromeOS devices
- Don’t buy outdated Wi-Fi routers
- Other outdated tech to avoid
- What if I’ve already bought dangerous tech?
- Intego’s 2023 Black Friday/Cyber Monday deals
- How can I learn more?
Avoiding dangerously outdated Apple devices
First, let’s take a look at which Apple devices you should avoid buying—and why.
As a general overview, it’s important to understand that Apple only releases complete security updates for devices that can run the very latest Apple OS.
If you have a device that can’t run a fully patched OS, then using it as an Internet-connected device isn’t entirely safe; it’s more susceptible to hacking and malware infections.
This is demonstrably true for Mac, iPhone, iPad, and Apple Watch; if they can’t run the latest macOS, iOS, iPadOS, or watchOS, they’re no exception to the rule. (To date, there haven’t been reports of watchOS malware in particular. But nevertheless, it’s unwise to wear an Internet-connected smartwatch that’s known to have exploitable vulnerabilities.)
Unfortunately, Apple products don’t come with any guarantee of security updates until a specific date after a given model is first sold. Similarly, Apple doesn’t guarantee support for a specific number of years after the last date of sale; in fact, we’ve even seen Apple continue selling an expired (dangerous) product this year. So all we can do is extrapolate based on how long Apple has supported previous hardware, and generally try to avoid buying the oldest still-supported models.
Only the following Mac models can run macOS Sonoma:
- iMac: 2019 or newer
- iMac Pro: 2017
- MacBook Air: 2018 or newer
- MacBook Pro: 2018 or newer
- Mac mini: 2018 or newer
- Mac Pro: 2019 or newer
- Mac Studio: 2022 or newer
If you see a Mac on sale that’s older than this, don’t buy it. Not only is the hardware more than four years old, but it is already unsafe to use because it cannot run a fully patched macOS.
Similarly, if you find “deals” on Mac models first released around 2017–2019, even if they’re on the list above, consider the possibility that you may get just under a year or two of running a fully patched macOS; after that, they may only run a previous year’s not-fully-patched macOS. You’ll need to determine whether the sale price point makes it worth the risk of potentially not having a fully patched Mac in less than 1–2 years from now. (Technically, you might be able to run an newer macOS version on older Macs that don’t support it. However, it may not always be possible for third parties to modify future macOS versions to add backward compatibility.)
Let’s take a look at iPhones next. Only the following iPhone models can run iOS 17:
- iPhone XR
- iPhone XS Max and XS
- iPhone 11 Pro Max, 11 Pro, and 11, or newer
- iPhone SE (2nd generation) or newer
If you see an iPhone on sale that’s older than this, don’t buy it. (This includes, for example: iPhone X, iPhone 8 Plus and 8, and iPhone SE 1st generation.) Not only is such hardware six or more years old, but it is already unsafe to use because it cannot run a fully patched iOS.
Similarly, be cautious about “deals” on iPhone XR, XS, XS Max; these models were released in 2018 and have an A12 Bionic chip. It’s possible that if you buy one now, you may get less than a year or two of running a fully patched iOS; after that, these may only run a previous year’s not-fully-patched iOS. You’ll need to determine whether the sale price point makes it worth the risk of potentially not having a fully patched iPhone in less than 1–2 years from now.
And if you see anyone selling an iPod touch, don’t buy it; Apple discontinued the 7th-gen model 18 months ago, just three months before iOS 16’s release, and didn’t even offer iOS 16 for it. In other words, all iPod touch models can only run an outdated and highly vulnerable version of iOS; none of these devices are safe to use online in 2023.
Next, let’s look at iPads. Only the following iPad models can run iPadOS 17:
- iPad (6th generation) or newer
- iPad Air (3rd generation) or newer
- iPad mini (5th generation) or newer
- iPad Pro 10.5-inch
- iPad Pro 11-inch (1st generation) or newer
- iPad Pro 12.9-inch (2nd generation) or newer
Again, if you see an iPad on sale that’s older than this, don’t buy it. It is already unsafe to use because it cannot run a fully patched iPadOS.
Be cautious about buying any models on the older end of the spectrum, relative to age and processor generation. These include:
- iPad (6th gen) — A10 Fusion chip, released Mar 2018
- iPad (7th gen) — A10 Fusion chip, released Sep 2019
- iPad mini (5th gen) — A9 chip, released Mar 2017
- iPad Pro 10.5-inch — A10X Fusion chip, released Jun 2017
- iPad Pro 12.9-inch (2nd gen) — A10X Fusion chip, released Jun 2017
You may get another couple years of iPadOS updates for the following additional models, but the A12 line is also in my caution zone, given that the oldest currently supported iPhones (XR and XS) have a similar chip:
- iPad Air (3rd gen) — A12 Bionic chip, released Mar 2019
- iPad Pro 11-inch (1st gen) — A12X Bionic chip, released Oct 2018
- iPad Pro 12.9-inch (3rd gen) — A12X Fusion chip, released Oct 2018
If you see sales on any of the iPad models in the two lists above, consider that you might get less than a year or two of running a fully patched iPadOS; after that, it might only run a previous year’s not-fully-patched iPadOS. You’ll need to determine whether the sale price point makes it worth the risk of potentially not having a fully patched iPad in less than 1–2 years from now.
Thankfully, the Apple Watch lineup is much simpler.
Don’t buy any Apple Watch Series 3 or older. These devices are no longer getting security updates.
Be cautious about deals on Apple Watch Series 4. It’s over 5 years old; it could potentially get cut off from security updates less than a year from now, when Apple releases watchOS 11 next fall. So if you buy one, my advice is to only spend as much as you think less than a full year’s usage is worth.
Beware of outdated Android and ChromeOS devices
Android smartphones and tablets
If you’re thinking about buying a Google Pixel smartphone, check Google’s page that lists each model’s anticipated end of security updates. (Notably, Google has promised a stunning seven years of security updates for its new Pixel 8 Pro and 8 smartphones.) Even alternative Android operating systems like GrapheneOS (a privacy-focused, de-Googled version of Android) typically stick to Google’s official support timelines.
Other Android smartphone manufacturers will have their own separate policies on how many years of security updates they guarantee. For example, Samsung’s current policy is to offer security updates for five years from a smartphone or tablet’s initial date of sale. For other manufacturers, you’ll have to check their support sites for details.
Chromebooks and other ChromeOS devices
Google maintains a comprehensive list of all ChromeOS devices (including Chromebooks) and their anticipated final month of security updates. Conveniently, this page lists devices from all third-party manufacturers, too, making it relatively easy to find a particular product’s lifespan.
Before you buy a Chromebook, check the list to ensure that the model you’re considering has a year or more of updates remaining.
If you plan to use your new Chromebook for as many years as possible, you may wish to first search the list for models with several years of updates remaining. Then you can work backwards and try to find sales on those specific models.
Don’t buy outdated Wi-Fi routers
The current wireless network standard is called “Wi-Fi 6E;” it’s the latest version of the IEEE 802.11ax standard.
This year, many stores will try to sell you discounted Wi-Fi 6 or even Wi-Fi 5 (802.11ac) wireless routers or access points.
You should definitely avoid all routers designated as Wi-Fi 5 or 802.11ac. Why? You might assume it’s because it’s simply an older, slower standard. But the real reason is that routers based on this standard were mostly released between 2014 and 2019. That very likely means that many deeply discounted Wi-Fi 5 routers are either no longer getting firmware security updates, or could stop getting updates soon.
Unfortunately, many router manufacturers won’t tell you when they’ve stopped releasing updates for a particular model; if you already own one, you just have to assume they’re no longer getting updates if it has been a year or more since they released the most recent update. If you haven’t bought the router yet, often the best you can do is to try to find information about the most recent firmware update for that model on the company’s support site.
This is why in 2023, I recommend buying routers designated as Wi-Fi 6E. You probably don’t really need the minor differences between the 6 and 6E standards. But buying 6E ensures that you have a router that was released as recently as possible. And that, more often than not, is the easiest way to identify that a router will continue getting firmware updates as far into the future as possible.
Identifying other outdated tech to avoid
As a general rule, I recommend buying the latest generation of any Internet-connected tech hardware, ideally soon after it’s released. This usually ensures that you’ll get the maximum years of security updates for that product.
There’s one exception to that rule, however. If you’re considering buying a device like a smartphone that’s one year (and one generation) old, that may be okay for your needs, too; just be sure you know roughly how long it will get security updates, and decide whether you feel it’s worth the trade-off between the lower price and shorter lifespan. Not everyone necessarily requires the maximum number of years of security updates, if you’re likely to trade in or sell that device (e.g. phone, tablet, or computer) in two or three years anyway.
Amazon Kindle e-readers
But Amazon Kindle e-readers in particular have a security update policy that I like. The company guarantees “software security updates until at least four years after the device is last available for purchase on our websites.” Amazon lists all the Kindle models that will get updates through at least 2026. Four years isn’t necessarily impressive, but I really appreciate that the policy is based on the last date of sale, not on the first date of sale for a given Kindle model.
(Imagine if Apple based its security update policy on the last-sold date; it could have avoided selling Apple Watch Series 3 past its expiration date, and could have given the last two iPod touch models additional years of full security updates, rather than merely three months after discontinuing them.)
Internet of Things (IoT) devices
As I mentioned in a similar article a few years ago, when it comes to so-called Internet of Things devices, you need to be especially careful. There are countless brands of cheap tech that will happily connect to your home network, but these devices sometimes have vulnerabilities that may never get patched. Unless you fully trust a device and its manufacturer, think twice about putting it on your home Wi-Fi network.
What if I’ve already bought dangerous tech?
Unfortunately, with many “Black Friday” sales now often extending back as far as November 1, you might have already purchased some tech items. And you might just now realize that they might be hazardous to your security and privacy, or might soon be.
What can you if you regret your recent purchase? It really depends on the retailer.
Amazon usually has a decent return window—though it may not necessarily extend past Christmas. With eBay, sellers choose whether or not to accept returns on a particular item; check the item’s listing for details.
Larger retail stores like Target and Costco tend to have reasonable return policies. Costco doesn’t sell much outdated tech other than Wi-Fi 6 routers (which are only arguably outdated; many network equipment manufacturers still sell Wi-Fi 6 products alongside Wi-Fi 6E products).
But you’re more likely to find old tech for sale at Target, especially in its online store. For example, I found iPhone 7, 8, 8 Plus, and X all being sold at target.com—even though none of these can run iOS 17, and are therefore less secure. In fact, iPhone 7 (released in 2016) is stuck all the way back on iOS 15. Amazon, too, notoriously sells old tech products as “new;” a quick search revealed iPhones as old as the 6S (2015) being sold as new.
Intego’s 2023 Black Friday/Cyber Monday deals
At least you don’t have to worry about Intego’s software being unsupported soon. Here are all of our Black Friday and Cyber Monday deals for this year—extended for Cyber Week through Sunday, December 3, 2023:
- First-time buyers (and past customers with expired subscriptions) can save up to 65% on Intego’s Mac Premium Bundle X9, the world’s leading Mac antivirus, firewall, and utility suite.
- You can also save 60% on Intego Antivirus for Windows, now at the incredible price of $19.99—that’s less than $1.67 per month!
- And if you need a VPN to use with your Mac or Windows PC, you can get Intego Privacy Protection VPN for only $9.99—that’s about 83¢ per month, an insanely great deal.
How can I learn more?
Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.
You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: