As a consumer, I would like for my devices to not be security nightmares for, at least, the useful life of what I'm buying. Unless you plaster a giant warning on the product, ~5 years from the time of sale seems reasonable to me for many tech related things.
standard product lifetime seems reasonable. If IE6 has a security bug, the answer is "maybe use newer windows + edge". If xbox360 has a security bug, the answer might be "use xbox one".
This could expand to a question of "what is the expected lifetime of a product"... is it when the replacement is released (dont like the security bugs? get camera 2.0!)?, is it when the new camera becomes standard (there are 1000000 camera 2.0s out there, and 100 camera 1.0... maybe you should get on board)? Or is it when the failure rate of the product is above a threshold (Your camera 1.0 is even still working? most of them had their CPUs burn out by now, dont expect an update, in fact you should be grateful/amazed its still running)
Aging hardware is one thing ("modern security practices use a new cryptography algorithm that literally wont run on this device") but aging software is another ("we just dont want to update the software, buy our new product")
