These companys don't care about the reputation of their domains anymore at the moment they start to send spams. However, email senders (SendGrid, Mailgun etc.) care about the reputation of their IP addresses.
I usually check the "Received" header and report to the email service provider. Once in a while I receive a response saying the case is properly handled.
These providers are the only ones that care about their reputation and thus may take some action. Investors? Nope.
> Is there good public discussion on root expiration?
Haven't seen a specific one but I guess the most relavant public discussion on root CA-led device bricking issues might have occurred around the time when DST Root CA X3 (naturally) expired - that's around September '24: https://letsencrypt.org/2023/07/10/cross-sign-expiration.htm...
I personally believe most issues blocking old device reuse can be solved by manufacturers returning the root permission back to users, so that users can install modded systems with up-to-date stuffs. However, it's a pity that manufacturers aren't willing to do it, as it hurts their interest on selling new devices. Will laws on "right to repair" work? Time will tell.
I'm worried about the situation when Dark Patterns are not widely recognized enough as a malicious practice for users.
Half a month ago I see someone on Twitter defending its own product design as "transparent and nothing hidden" - the "$0 now, then $15/month in 14 days" description where all text after "$0" are small and in grey. I don't think it maintains trust between the product and users, and thus it doesn't seem like a good thing.