back to article Meet the Internet of big, lethal Things

Silicon Valley’s desire to open up the software that controls heavy vehicles has come under criticism from industry experts. This week the Electronic Frontier Foundation (EFF) renewed its call for the legal protection that manufacturers use to safeguard automotive software to be relaxed. For three years, farm machinery maker …

  1. Oh Homer
    Big Brother

    Do you own it, or not?

    If you do, then you should have full and unrestricted access to and control of your own legally purchased property.

    Period.

    1. Dr Stephen Jones
      FAIL

      Re: Do you own it, or not?

      Just like you should be able to shout "Fire!" in a crowded cinema.

      1. Oh Homer
        Big Brother

        Re: "shout fire"

        What sort of property is "shouting fire"?

        If the right to own property were predicated upon the likelihood that merely owning something unavoidably causes harm, then all property would have to be abolished, since even a plastic spoon can be used to kill people.

        In fact you don't need any physical device merely to cause harm, you can just do it with your bare hands.

        Should we cut off everyone's hands too? While we're at it, we may as well cut out everyone's tongue, given that entire nations have been known to be subject to genocide using nothing more than propaganda.

        You can play that futile "risk reduction" game that treats all humanity like children or criminals, for the sake of a handful of idiots or real criminals, but the outcome will not change. People will just find new and inventive ways of being stupid and/or criminals, and meanwhile the rest of us are forced to live like serfs, supposedly "for our own good".

        Sorry, but no.

        1. Anonymous Coward
          Anonymous Coward

          Re: "shout fire"

          This is not the reasoning behind the lockdown. The reasoning is, however, that the folks that cry loudest for the ability to modify their property themselves are the first to call on the courts for damages because the manufacturer failed to protect them from their own stupidity when things go awry.

      2. BitDr

        Re: Do you own it, or not?

        @ Dr Stephen Jones

        Non sequitur.

    2. John Lilburne

      Re: Do you own it, or not?

      You do not have "full and unrestricted access" to modify your car. You cannot physically modify it so that it is a danger to others, and the police will impound any such vehicles they see. I don't think there is any fundamental difference to welding spinning knives to the wheels, and getting some script kiddy to modify the engine management system.

      1. This post has been deleted by its author

      2. Updraft102

        Re: Do you own it, or not?

        "I don't think there is any fundamental difference to welding spinning knives to the wheels, and getting some script kiddy to modify the engine management system."

        Really?

        You don't?

        For one thing,"welding spinning knives to the wheels" has nothing to do with copyright law, which is what we're talking about here. Safety rules are a completely separate thing. If you wanted to weld knives to the wheels of a car that was never driven anywhere, but was instead used in static display, it would be just fine.

        Second, it's wrong to assume that every modification is the work of some "script kiddie" who is merely screwing around with things. A lot of the aftermarket engine electronic modifications are on par with OEM stuff in their sophistication, and they're necessary to retune the ECU to work with engines that are modified with new hard parts (which themselves have nothing to do with software). Electronic engine controls are not some mystical, unknowable black art that mere mortals could never understand-- the internal combustion engine is a mature technology, and its various characteristics are very well understood by people outside of the company producing the vehicle.

        If there are safety or environmental concerns about any such modifications, those are completely separate issues, and they have nothing to do with copyright law. Many of the modifications you derided as the work of "script kiddies" have been verified to be in compliance with California's tough air quality standards; these items are advertised as having an "E.O. number" that signal that the item is certified as not negatively affecting emissions. It can be done-- it actually is done, all the time, in the existing automotive aftermarket.

        The very idea that software (any software) must never be tampered with in order to avoid running afoul of copyright law should never have been entered into law in the first place. So long as the person doing the tampering doesn't try to distribute a modified derivative work that contains copyrighted material, people should be able to do anything they want, copyright wise, with the software running on their own computer/car/DVD player/router/IoT thing. They don't own the software (if they did, they would be able to distribute modified copies as they saw fit), but they do own the specific instance of that software that is installed on their equipment. Microsoft's interests are not harmed if I modify the hell out of Windows on my own PC; if I don't try to distribute any of their code, modified or otherwise, there's no copyright issue. In a country with sane copyright laws, that is.

        The copyright laws in the US are just insane... the DMCA stands as one of the worst pieces of law enacted in modern times, and it should be repealed immediately, if not sooner. Either that, or we should just go ahead and transfer ownership of the entire country to the RIAA and MPAA (and a little slice to John Deere) and be done with it.

      3. Paul Hovnanian Silver badge

        Re: Do you own it, or not?

        "welding spinning knives to the wheels"

        But that's pretty much what a combine harvester is.

    3. Harry the Bastard

      Re: Do you own it, or not?

      you do, you are absolutely entitled to write your own software, if you can't manage it that's tough, deere is under no obligation to help you, and nor should it be

      the eff's ludicrous position, apparently supported by some down-voting twats, is that if you buy a product x that should entitle you to the producer's source code and other proprietary info so you can make your own changes to it

      by that logic eff should be demanding that buyers of iphone's have the right to apple's source and info so that they can make changes to their "purchased property", which is exactly what many government's would like

      1. Mage Silver badge

        Re: Do you own it, or not?

        I think EFF's position is extreme.

        John Deere are wrong too.

        However while I don't think companies should be compelled to supply source (unless it's entirely a FOSS), copyright law is inappropriate.

        Also the DMCA shouldn't exist at all. It's plain wrong.

        People do need to be able to run diagnostics (that should be available for free), for safety reasons!

      2. MacroRodent

        Re: Do you own it, or not?

        the eff's ludicrous position, apparently supported by some down-voting twats, is that if you buy a product x that should entitle you to the producer's source code and other proprietary info so you can make your own changes to it

        Interface information world be enough. Software makes possible to hide what used to be observable and measurable. For example, tractors have a power output shaft and attachment points in the rear for attaching tools. Is someone measuring them for the purpose of making custom machinery somehow infringing on Deere's rights?

      3. Updraft102

        Re: Do you own it, or not?

        The "downvoting twats" of which you speak might also have an actual understanding of what Deere is trying to do rather than your strawman characterization of people "demanding the source code."

        Deere is trying to claim ownership not only of the software, but also of any engine parameters used by the software. They're claiming that if you want to change something in (for example) one of the fuel delivery curves, you're infringing upon their copyright. Anything that would change any of the engine parameters is, in the claims of Deere, a copyright infringement. No one's talking about the code or the source; Deere is trying to copyright things like air to fuel ratios, which is way outside of the scope of copyright law.

        It gets even more absurd than that. Deere is claiming that only equipment they've approved should be able to be connected to a Deere engine, because reading the diagnostics information with anything they haven't approved is a copyright violation. They claim to own the data about how your engine is running... mass air flow ratios, intake air charge temperatures, coolant temperatures, air:fuel mixtures, exhaust gas temperatures... all run of the mill diagnostic parameters that have now somehow been elevated to the same level as program code.

        Do you have any idea how absurd that is? It would be like the maker of your car telling you which repair shops you may go to, because unapproved repair facilities (even if they happen to use the same equipment as the carmaker's approved shop) violate the carmaker's copyright the moment their "unapproved" diagnostics instruments are switched on.

        Diagnostic equipment is not disassembling the code contained within the ECU; it's detecting the data within that computer, not the running program code. Deere is trying to claim that ALL of it is copyrighted! It would be as nuts as an operating system maker deciding that they not only own the code that makes up the OS, but also all of the data contained within it.

        Even MS has never claimed outright to have full ownership rights to all data contained on every Windows PC... they give themselves the right to snoop around and see what is in there, but they've never claimed that all of that data is the sole property of Microsoft, Inc. and not the user of the PC who put that data on that PC. That, essentially, is what Deere is claiming, and you're defending it and calling people 'twats' if they disagree with you.

        1. Loud Speaker

          Re: Do you own it, or not?

          Even MS has never claimed outright to have full ownership rights to all data contained on every Windows PC - But there are still more updates to Windows 10 in the pipeline.

          The situation here is quite clear -John Deere (Ford Motors) is arguing in bad faith. Since the dawn of time, farmers have modded their own equipment. John Deere is probably after owning your harvest as well as patenting the gearbox ratios. Guess which side Trump will back.

        2. hoverboy

          Re: Do you own it, or not?

          Would this then apply also to aircraft? It takes huge resources to certify class A or B flight controller software. And yes, the FAA very definitely do stop you from going to anyone who doesn't have full approval to even change the oil. Software is only ever OEM.

    4. Cynic_999

      Re: Do you own it, or not?

      Quite a few devices are factory sealed so the user has no access. Many of the mains connectors I use have moulded plugs & sockets so I have no access to the wire-to-terminal connections. Cases are glued together because the user is not expected to ever open it up. Electronics are potted in silicon or epoxy for sound engineering reasons. Heck, I own my double-glazed windows, but that does not mean I should expect to have easy access to the space between the panes.

      Firmware can be thought of in the same way. Just like the above examples, you do have access, just not easy access. I can cut open a glued or moulded housing, and I can reverse-engineer protocols and firmware.

      1. Anonymous Coward
        Anonymous Coward

        Re: Do you own it, or not?

        Quite, but no one's going to suggest being sued for copyright violation for rewiring your toaster's plug. That is what JD are suggesting here.

        1. Charles 9

          Re: Do you own it, or not?

          The point about the theater is that rights are never absolute...because they CLASH. The 1st Amendment says Congress can make no law abridging freedom of speech, yet because other people's rights are involved, SCOTUS ruled in the Schencker decision that speech can be abridged if they interfere with other people's rights.

          1. Anonymous Coward
            Anonymous Coward

            Re: Do you own it, or not?

            Right. Shouting "fire" in a public theater is not protcted, but how about shouting "no more war"?

            Actually during World War I in the US the latter could get you a federal prison term under the Espionage Act. But was that right?

            The vehicle software copyright controversy isn't that different from the one over medical devices.

            For those who've never seen Karen Sandler's talk on that topic:

            https://youtu.be/qW1h1s_ojpM

        2. Ian Michael Gumby
          Boffin

          Re: Do you own it, or not?

          Quite, but no one's going to suggest being sued for copyright violation for rewiring your toaster's plug. That is what JD are suggesting here.

          Hardly and its a bad example.

          Here's a better one.

          Suppose you created the OS and control system logic for a self driving and fully automated garbage truck that goes down the street and picks up the trash. You sell it to a city and one of their IT guys decide to get in to the code and make some unauthorized changes because the city didn't want to pay you for the customized software enhancements.

          Now suppose someone hacked the garbage truck and decided to drive it down the freeway rear ending a fuel tanker causing a massive explosion. Boom!. People get killed and seriously injured because some script kiddies thought it would be fun until something went wrong.

          Now... how long do you think you have before some lawyer decides. That you and your company are liable? The truth is that within 5 minutes of this hitting the airwaves, there will be a rabid pack of lawyers hitting the ER trying to sign as many people up to make sure that they are the lead litigant's attorney on this case.

          That is JD's fear.

          Someone does an unauthorized code mod and JD is still going to be sued.

          Now if you were JD, how do you protect your product from being misused?

          If you're going to argue this, you need to also put yourself in JD's shoes.

          1. IT Poser

            Re: Do you own it, or not?

            Ian,

            John Deere is trying to lock people into only using their authorized mechanics, the fear of hacking is just a cover story.

            If those authorized mechanics were there when the farmers needed them, at a reasonable price, we wouldn't even know this is an issue. Instead costs are trying to be controlled by limiting the number of mechanics. Crops ripen when they ripen and a 36 hour delay while waiting for said mechanic can, and has, lead to lost harvests.

            Deere's fear is lost revenue. Farmers have the same fear but their product is time sensitive.. Given that a stable food supply, no one wants rotten barley, is most important, Deere needs to loss this battle.

            Note: I am not a farmer. I do have a couple cousins who are though.

      2. Anonymous Coward
        Anonymous Coward

        Re: Do you own it, or not?

        "Just like the above examples, you do have access, just not easy access. I can cut open a glued or moulded housing, and I can reverse-engineer protocols and firmware."

        Patently false: If you even try the same thing on Deere, they'll sue you to death for copyright infringment and DMCA.

        So you specifially have _no access at all_.

        That's the point in complaints by EFF: You can't repair something if you have no access to it, just by legalese.

      3. Muscleguy

        Re: Do you own it, or not?

        A friend of ours is half of Hondata which make and sell alternative engine control chips for R series Hondas to make them hotter making full use of the V-Tech engine. He started out by reverse engineering the chip with no reference to Honda. Now with a formal relationship with Honda racing they get some inside knowledge.

        A few years ago he came here to Europe to sell a few to local enthusiasts. One guy put one in his car, went out and bent it. He did not inform his insurance company of the mod first so was not covered. Tough. There's a less on there. In that case he was lucky he only bent the car and nobody else was involved.

        Mod a vehicle's software all you want, but your right to then use it with mod, with and without insurance (good luck getting any insurance) is very, very limited.

    5. Anonymous Coward
      Anonymous Coward

      DUB Package?

      What the hell is that? The picture looks like a 8-pin DIP (Dual In-line Package). Never heard of a DUB.

      1. HieronymusBloggs

        Re: DUB Package?

        "What the hell is that?"

        It's a surface mount IC package, also referred to as 8-pin SOP.

    6. The Indomitable Gall

      Re: Do you own it, or not?

      @Oh Homer:

      " Do you own it, or not?

      If you do, then you should have full and unrestricted access to and control of your own legally purchased property.

      Period. "

      I own my car.

      Does that mean I'm allowed to fit bullbars to it? No, because bullbars have been banned in my country because they were dangerous to people outside the car.

      Does it mean I'm allowed to put a 3m axle on it? No, because it would take up too much of the road.

      Now if Ford decided to put together a car that was designed to be moddable to the point where I could make such changes easily, they'd probably not get certification, and it wouldn't be road legal. John Deere similarly have to make sure that it is sufficiently difficult to mod their tractors to ensure that they meet their safety certifications.

      If their tractors were sold as toys for use at specific tractor-racing facilities, it would be a different question.

      1. Eric O'Brien

        Re: Do you own it, or not?

        You are mixing up the right to modify a car with the right to drive that modified car on public streets.

    7. Ian Michael Gumby
      Boffin

      @Oh Homer ... Re: Do you own it, or not?

      If you do, then you should have full and unrestricted access to and control of your own legally purchased property.

      Spoken like a babe in the woods.

      Lets talk about product liability. That's just the surface.

      Just because you can tinker with software doesn't make you a software engineer. And when I say software engineer, I mean someone who completed 4 years in an accredited engineering program. Its not just a job title.

      I remember way back when I got pulled from one project and put on another project because I had an engineering degree and this was for an embedded controller used in water filtration and treatment. There were others who were available that probably could have done the work, but they lacked that degree.

      Now the work I did over 25 years ago is still in place today in I don't know how many sites and I don't know how many millions drink water that run thru a system where I wrote the OS and process logic.

      An IH or JD Harvester won't impact as many people, but you muck up the control logic, you could kill someone.

      You muck with something and someone gets killed. You can bet your bottom dollar you will lose the family farm in a civil lawsuit, not to mention possible criminal charges.

      I can tell you've never worked on a farm around these machines, or have a software engineering degree or have worked on projects where you can seriously impact someone's life if you fsck up. Not many people have.

      You may own the product, but it doesn't give you license to tinker with it.

  2. Anonymous Coward
    Anonymous Coward

    It seems to me that the huge upsurge in electronics in vehicles of all types is to make it as difficult as possible to service by the person whom purchased that vehicle. There may be a small side benefit to the consumer in that it may reduce the cost and so possibly the price of the vehicle, but that main benefit is to the manufacturer and the dealerships which sell and service these vehicles. The most maddening part of this is that in NA, at least, the dealership mechanic plugs in a diagnostic device that often gives them a very good or exact idea of what the problem is an then the dealership charges for the hours that a typical trouble like that would have taken to diagnose and repair before electronic diagnostic modules were available. At least, the last I read about that was how dealerships charged hours. I suspect this is still the case, although I'd be very happy to find it is not.

    1. Anonymous Coward
      Meh

      Well having built my own car I can see both sides.

      I would be nice to tinker, and lets face it, many tuning places do.

      However it's essential these days to have all these electronics. There is no way you are going to get all the engine controls and safety systems without then.

      Many people moan about how yu can't "tinker" like you used to, but forget the very reason you tinkered, was because if you didn't the bloody thing would breakdown.

      When was the last time most people took their car the be tuned? I haven't had to have a production car tuned in, what 20 years?

      Yet my Kit-car with its twin 45's, it was an annual job, despite doing 1/10 the mileage.

      1. Anonymous Coward
        Anonymous Coward

        It's not just the electronics either. Cars are being engineered, to save space, but make it damned near impossible to change a light bulb or spark plugs. I'm sure there are many other examples.

    2. Alan Brown Silver badge

      "It seems to me that the huge upsurge in electronics in vehicles of all types is to make it as difficult as possible to service by the person whom purchased that vehicle"

      That has a HUGE part to play in what's panning out here. Europe has made encrypted diagnostics illegal, etc.

      John Deere (and others) sell extremely expensive diagnostics systems which are only able to be used by authorised repairers - who usually charge a fortune just to plug in and say that XYZ wotsit is broken. A large number of owners are increasingly suspicious that they're being charged for parts and labour that didn't really need to be done, but because the management and diagnostics systems are entirely proprietary there's no way of auditing that what the repairer _says_ needed to be done actually _is_ what was needed to be done. The other side of this equation is that it locks out 3rd party parts suppliers, which drives the cost of ownership up even further.

      1. 404

        Why doesn't JD use an OBDII type system where you *could* buy a scanner to diagnose problems? You're still going to be buying parts from them.

        I have a couple of scanners for my vehicles, one basic and one that will update from the internet, and they are invaluable for my maintenance/repair. Dealers cost an arm and a leg, can't afford to let them do the same thing I can do in the driveway myself.

      2. joea

        IF that is the the motivation for (what the) eff pursing this, then simply press for legislation that requires the manufacturer to open up the diagnostic software and interface specs.

        But the real reason, one suspects, is otherwise.

        Fine and dandy to open stuff up, but I recall, in the dim time, being told by "experts" that "no one would do that" when warning of malware, back doors, etc, or that "they" were "too dumb" to figure out how in any case.

        Perhaps Boeing, Lockheed, Airbus, etal, should be required to open up their aircraft control software as well. Won't that be loads of fun, eh?

        1. Anonymous Coward
          Anonymous Coward

          "being told by "experts" that "no one would do that" when warning of malware, back doors, etc, or that "they" were "too dumb" to figure out how in any case."

          Then those people weren't real experts, they weren't even engineers, they were PR spinners. You worked that out already, but what about

          "Perhaps Boeing, Lockheed, Airbus, etal, should be required to open up their aircraft control software as well"

          As a long term engineering employee until recently of one of the major safety critical suppliers to those companies, opening up the source code might be a good idea in public safety terms.

          But then where do we draw the line? Cars? Tractors/Combines? Aircraft? All contain safety critical systems. Combines and tractors do run on public roads as well as private land. What rules should apply where?

          Happy New Year.

      3. Anonymous Coward
        Facepalm

        Been there done that.

        3 obvious errors printed on the log sheet from the ECU error report. Small sensor fault, then injector, then ECU. So either way for cause and effect, ECU or sensor failed... as the car runs, I'd assume the sensor. ;)

        But the garage first suggested replacing the injectors then trying the ECU if that did not work. I "limped" the car home instead, pretending I'd "think about it", and spent £15 on a new sensor from up the road and fitted it in 15 mins (would have been 3 but my socket set was not the right angle/length to get to the bold nicely).

        Car worked a treat until some more sensors started to fail all different reed sensors I guess, so I assume the magnets/housing wears out eventually, but those ones would cost too much to replace as no longer manufactured... so had to scrap it :(

    3. Anonymous Coward
      Anonymous Coward

      We agree in principles...

      but not in kind.

      It's not a copyright issue, though it is one of avoiding changes to the system (as others have posted for safety reasons in the same way a lot of car/object modifications are banned).

  3. tiggity Silver badge

    In terms of farmers

    It's a serious issue for (US) farmers, they can no longer do simple repairs, have to take the tractor to Deere service centre, costs time, money, who are allowed to analyze issues without breaking DMCA

    With software increasingly embedded in vehicles (of many sorts, tractors just a key issue as a niche industry and so although not qite a monopoly, a restricted market and so anti customer behavior pops up firts in this type of area ) it's a nasty (but legal) way of manufacturers to stop owners doing minor repairs / adjustments and enforcing (expensive) work by (Deere in this case) authorized dealerships./ service centres.

    1. Anonymous Coward
      Anonymous Coward

      Re: In terms of farmers

      Are there no heavy vehicles left that don't have the software? Because if there are, then people can choose to buy those vehicles instead. If there are not, then it's a problem.

    2. Anonymous Coward
      Anonymous Coward

      Re: In terms of farmers

      RTFA

    3. PNGuinn
      Flame

      It's a nasty (but legal) way... @tiggity

      But IS it legal?

      To me it smacks of deliberate protectionism and monopolising to gouge the customer.

      I thought the good 'ol US had laws about that kind of corruption?

      1. Updraft102

        Re: It's a nasty (but legal) way... @tiggity

        "I thought the good 'ol US had laws about that kind of corruption?"

        We do-- it's just that the laws aren't meant to prevent that kind of corruption. They're meant to ensure it.

    4. Orv Silver badge

      Re: In terms of farmers

      In the automotive market in the US, manufacturers are required to provide repair information and standard diagnostic connectors so that independent repair shops can fix their cars. They're not allowed to lock them up and drive all business to their own dealer shops. (Tesla is currently testing the limits of this rule, mind you.)

      The problem is no such legislation exists for off-road equipment. John Deere can require all repairs be done through their service centers. It's a pretty serious example of vendor lock-in, and makes investing in one of these machines a lot riskier for the farmer.

    5. Brian Miller
      Boffin

      Re: In terms of farmers -- Drive a tractor??

      As possibly one of the few people who post on El Reg who have driven a farm tractor, being able to make repairs in the field is essential. This is not about something being an inconvenience, it's essential that the equipment can be repaired out in the farm field without bringing the tractor into the dealership.

      When a tractor breaks down in the middle of the field, it is not something that you can just hook a tow truck to it and off you go. These machines are huge beasts now, much larger than the IH I used in the late 70s. It's a major job to get the tractor off the field, and then loaded on the back of a very big trailer, then brought in to replace just a sensor. That's a lot of money, it's a lot of down time. No, the dealers don't stock the parts.

      This isn't about drag racing a tractor, or tuning the timings, or any of that. This is about getting the stock equipment working again.

      1. The Blacksmith

        Re: In terms of farmers -- Drive a tractor??

        Ah yes, the tractor stuck in the field. Been there, not sadly a combine harvester, but certainly largish tractors, the ability to get it going again is hideously important, and is becoming apparent to the folks here. The ability to replace a belt, change a pulley, replace a blade in the field is paramount. Lost time is very much lost money, especially for simple repairs.

        What we're seeing is the electronic systems of these machines becoming more and more integrated. Raise the deck, need a sensor for that. If that (usually non-redundant) sensor malfunctions (and it's a difficult environment for sensors here) the whole machine stops. As Brian correctly points out having a machine out of action because of a sensor that cannot be overridden when it goes faulty to at least get the job done before it rains is disasterous.

        Our local Kubota dealer at least still has a decent collection of spares, but I dread the day of just in time or on demand parts. When an delivery time is usually 3 days or more that does seriously affect productivity.

        To give an analogy, imagine if a fan speed sensor dies in your server. The machine says "faulty" and shuts down, or says nothing, just shuts down and you need a proprietary piece of diagnostic equipment to read the fault code. To get the machine diagnosed and repaired you have to disconnect the server and take it to the dealer (at your expense) where they will hook it up to their diagnostic machine, say that part 213-81672349B needs to be replaced. It will take 3 to 5 days for the part to arrive and then they replace it and you can take your server back (again, at your expense) and then re-install it.

        The solution is, naturally, to have on-call service professionals who will turn up on site and diagnose (and possibly order the spare part) and then replace it. The farmer meanwhile has to switch to the failover machine. This changes the economics of these machines completely.

      2. SImon Hobson Bronze badge

        Re: In terms of farmers -- Drive a tractor??

        As possibly one of the few people who post on El Reg who have driven a farm tractor

        I suspect it's not quite as small a club as you might think.

        But you are basically correct, except that (at least round here) the mechanics will come to you anyway - any that doesn't, won't get much business ! It's certainly the case that the makes of tractor used is heavily influenced by the reputation of the local dealers selling and supporting them. It's also true that if one manufacturer started doing like JD does and lock out independent mechanics, then they'd find their new machinery sales dropping once the effect on second hand values starts to bite.

        Of course, if all manufacturers were to do it then that's a bit "rock and hard place" when choosing new machinery makes.

      3. Ian Michael Gumby

        @Brain Miller ... Re: In terms of farmers -- Drive a tractor??

        Actually Brian, I have driven tractors. One was a 1970 Ford with a lot of hours on its PTO, and one was a JD closed Cab that was built in 1995. I've helped repair them a couple of times ... Most common problems is the hydraulics where a tube ruptures or leaks due to rot. (age)

        So yeah, I've dealt with issues. And yes, we had a tractor get stuck on some wetlands where we had to get a tow truck down on the field to help get it out. (This is why the next tractor I buy will have 4 wheel drive.

        To your point... IH and JD dealerships will have teams that they send out to the fields to fix things when they go wrong. And if you're talking about the electronics... you better believe that the farmer won't attempt to fix it. That would be a much costlier mistake and take longer to fix.

    6. Triggerfish

      Re: In terms of farmers

      There was an article somewhere, and some of the farmers, had to fly out John Deere techs at their cost pay for accommodation etc and the fix. It was leading to an upsurge in farmers buying older tractors that they could fix themselves.

      1. Nolveys

        Re: In terms of farmers

        It was leading to an upsurge in farmers buying older tractors that they could fix themselves.

        I will be doing the same thing the next time I get a new (to me) auto. I have exactly zero interest in the complexity for the sake of complexity they are shoe horning into modern vehicles. I'll be looking for early 2000, easy access to parts and as simple as possible.

        1. Orv Silver badge

          Re: In terms of farmers

          "I'll be looking for early 2000, easy access to parts and as simple as possible."

          As someone who's owned a lot of old cars, I'll give you a general tip: If you're buying a car over a decade old, look for one that has a large number of fans, preferably some Internet forums and maybe a club or two. 3rd-party clubs and parts dealers are invaluable when dealer parts support starts to dry up, as it tends to after 10-20 years.

          Best company I've dealt with as far as dealers stocking old parts is Honda. Worst was a tie between Ford and Volkswagen, but the large 3rd party support for VWs made parts much easier to come by than with Fords.

    7. Ian Michael Gumby
      Boffin

      Re: In terms of farmers

      Wrong.

      Do you know how many tractors are in service that were built before you were probably born?

      Lots.

      Including old John Deer tractors. (I drove a Ford Tractor that was built in 1970 used to pull a hay baler on my father in-law's farm. There are a lot of things you can do yourself. The most common thing to go wrong is the PTO and Hydraulics.

      If you're buying a new tractor that has GPS and automated controls, you are not going to be able to 'repair' the electronics. There is a really good reason for this... Its a deadly machine and if you mess up and someone gets hurt or dies... you will lose the family farm.

  4. joeW

    Seems to be an argument for security through obscurity. "We can't release the details of how these control boxes work, because then the bad guys might figure out how to hack them".

    1. Afernie

      "Seems to be an argument for security through obscurity. "We can't release the details of how these control boxes work, because then the bad guys might figure out how to hack them"."

      Surely, the argument is as much "We can't release the details of how these control boxes work because then stupid people might figure out how to break them in a potentially deadly manner that would leave us wide open to litigation for facilitating their screwups"."

    2. Hans 1
      Happy

      >because then the bad guys might figure out how to hack them".

      "because then the bad guys WILL figure out that the system is connected to the net for telemetry reasons and accessible over telnet after knocking on ports 12, then 34, and finally 56, passwords are admin/admin, of course".

      TFTFJD

  5. Anonymous Coward
    Anonymous Coward

    I'm in two minds...

    ...part of me says, yes let it be free, but the sensible part of me says, this could lead to a horrible scenario where some hobbyist has tinkered around to limit their kids speed and tested it and it's fine. But then has to identify the mangled bodies because he forgot to test the brakes worked if the ABS was engaged.

    1. Updraft102

      Re: I'm in two minds...

      "his could lead to a horrible scenario where some hobbyist has tinkered around to limit their kids speed and tested it and it's fine..."

      What does that have to do with copyright law, though? Safety rules exist independent of copyright law, and no one has proposed doing away with all safety regulation here.

  6. Anonymous Coward
    Anonymous Coward

    Just imagine what Uber could do with one of those.

    1. Fruit and Nutcase Silver badge
      Mushroom

      @AC

      Just imagine what Uber could do with one of those.

      Uber v French Taxi Drivers was not a pretty sight. Uber v French Farmers would be absolute carnage

  7. Anonymous South African Coward Bronze badge

    Rise of the Machines(tm) now pales in comparison...

  8. choleric
    Childcatcher

    Expertise?

    As long as John Deere end up with a better security record than D-Link we might be OK.

  9. A Non e-mouse Silver badge

    RXD Vs TXD

    Surely the arrow in the diagram should be pointing at RXD (Receive Data) rather than TXD (Transmit Data)?

    1. diodesign (Written by Reg staff) Silver badge

      Re: RXD Vs TXD

      No, the arrow is correct - look up the chip. The TXD pin on a CAN bus transceiver is an input. Don't take any data/commands from the internet, basically. By cutting off the pin or not connecting it, you don't allow malicious packets into the CAN system.

      C.

      1. Adrian 4

        Re: RXD Vs TXD

        Perhaps if the manufacturer accurately and helpfully described exactly what the CAN bus data described, then the independent tinkerers would indeed be able to modify safely and usefully instead of making guesses. And I think that's what the EFF is trying to achieve.

      2. Anonymous Coward
        Anonymous Coward

        Re diodesign: RXD Vs TXD

        Your chip does not match Mr. Tindell's. You plug your chip into his socket and you'll have a lot of smoke. That's before one gets to the fact that there's no such thing as a "DUB package".

        His has pin assignments

        Pin Function

        1 Vcc1

        2 RXD

        3 TDX

        4 GND1

        5 GND2

        6 CANL

        7 CANH

        8 Vcc2

        The SNx5HVD251 you cite has pin assignments

        Pin Function

        1 D CAN transmit data input

        2 GND

        3 Vcc

        4 R CAN receive data input

        5 Vref Reference output voltage

        6 CANL

        7 CANH

        8 Rs Mode select pin

        Yet another example of why software people should never be allowed to touch hardware.

        1. Brian Miller

          Re: diodesign: RXD Vs TXD

          DUB package is a "gullwing-8" package.

          The RXD and TXD pins are labeled from the controller's view, not the transceiver's view. Yes, cutting TXD is horribly simplistic, because it's connected to the engine controller. (link)

          I have no idea what chip Ken Tindell referenced, but I do know that Canis Automotive Labs was started up this past August (link). Why El Reg is using this company as a resource, I have no idea. I can't even find a website for them. Yes, Mr. Tindell made a cute quip, but that's all it is.

  10. Harry the Bastard

    the eff is way out of line here

    people are free to start from scratch and write their own tractor driver

    there's no right to the source code of deere's software (aside from any bits covered by license requiring disclosure)

    the eff is acting like any other another spoiled brat who's argument is essentially "waaaaaa, because i want, waaaaaa, look i'm being oppressed, waaaaaaa"

    the interweb has a lot to answer for

    1. bazza Silver badge

      Re: the eff is way out of line here

      It sounds like the better thing to campaign for is freedom of servicing (such as exists by law for ordinary cars). It's a law change that's needed to make that happen, not access to software source code.

      It sounds like Deere are fully exploiting the lock-in opportunity offered by the law as it stands, which is kinda dangerous for them. First, it could / should provoke a change in the law (which might include some punitive retrospective measures against manufacturers who had been taking the piss). Second, it leaves the market wide open to a more enlightened manufacturer to come in and tempt the customers with easy servicing options.

    2. keith_w

      Re: the eff is way out of line here

      John Deere does not permit the use of any OSS in their software.

    3. Brad Ackerman
      FAIL

      Re: the eff is way out of line here

      there's no right to the source code of deere's software (aside from any bits covered by license requiring disclosure)

      Who is demanding that JD provide their source code? The EFF certainly isn't. This is all about whether JD should be allowed to send government employees with guns to stop people from repairing their own property.

    4. patrickstar

      Re: the eff is way out of line here

      The EFF are not arguing for open-source-by-force.

      They are simply arguing against manufacturers being able to stop you from repairing your own equipment using copyright law.

  11. PNGuinn
    Joke

    Crop circles?

    Crop circles anyone?

    Bring it on!

    Yours sincerely,

    Farmer Giles

  12. Anonymous Coward
    Anonymous Coward

    I bought it, I own it, I can do whatever I damned well please with it*. It's a pretty straightforward concept.

    This has nothing to do with your precious intellectual property rights; no one is suggesting piracy of JD's IP or of passing off of their goods. This is about JD doing everything in their power to prevent their customers from self-servicing their own property. JD take a loss on every bit of kit they sell because they've abused copyright laws to ensure the customer has no choice but to take out a 10 year service and finance contract.

    Making this about safety is ludicrous. Tying this to terrorism is even worse. Why would a "hacker" bother to remotely hijack a hypothetically insecure homebrewed vehicle control system when they could just nick one off the street with nothing more than a lead pipe?

    *Within the bounds of the law.

  13. Anonymous Coward
    Terminator

    Better suggestion

    If you're worried about big lethal machines killing people...

    DO NOT AUTOMATE THEM.

    Besides, keeping human farm workers is also a hedge against systemic risks, such as famine caused by mass-bricking of all combine harvesters at harvest time.

    1. Anonymous Coward
      Anonymous Coward

      Re: Better suggestion

      Does that apply to aircraft too?

    2. Charles 9

      Re: Better suggestion

      Couldn't they still do that without automation by engineering a plague, or more prosaically, finding a way to cut off America's diesel supplies?

  14. Anonymous Coward
    Anonymous Coward

    but few people have done more over two decades to strip digital property rights from the individual than the EFF, and their corporate sponsors in Silicon Valley.

    [citation needed]

    1. Anonymous Coward
      Anonymous Coward

      Of course you won't find criticism of EFF anymore in wikipedia or search engines, but I'm aware that they've gone too far at times, for example in defending Backpage.

      I for one would love to see Mr Orlowski write a whole article about what's wrong with EFF & co.

    2. Anonymous Coward
      FAIL

      For starters, EFF's own website reveals the sin of... ineffectiveness.

      Mission 1: Lawyering and lobbying against government surveillance... FAIL. Not making a dent. Furthermore, EFF takes some extreme positions which, you may recall, undermine its credibility with the general public.

      Mission 2: Educating educating users about privacy & security... FAIL. Clearly users haven't gotten the word. EFF certainly isn't spreading the word, rather, they're promoting lame crap like 2FA, DNT, SSL, TOR, even Facebook's WhatsApp. Their own Privacy Badger addon allows "good" ads. No mention of solid advert/tracker/crap blockers like uBlock and uMatrix.

      Mission 3: Fighting corporate surveillance. Haha, just kidding, we don't go against our sponsors.

    3. Anonymous Coward
      Anonymous Coward

      Let's not forget that EFF rated Yahoo! 5 stars ...and then Yahoo! got busted spying on everyone for the feds and had a billion accounts stolen by hackers. Who's got your back, again?

      Another citation: https://www.eff.org/document/fiscal-year-2014-15-audited-financial-statement

      $16.7M Income: 45% from corporate/foundation grants (undisclosed sponsors), 15% from donations/contributions, 12% from memberships, 22% from a Cy Pres award, 6% other. Of that, 19% is from an individual donor (obviously a corporate grant) and 9% (over half of donations/contributions) is via Humble Bundle, i.e. people buying cheap games, not intentionally donating to EFF.

      $9.4M expenses. $6.9M is payroll, including $436k Executive Director compensation for Shari Steele and Cindy Cohn (per Charity Navigator). And an additional 430k travel expenses, enjoyed by EFF bigwigs. Also, they're hoarding cash they could be spending on their alleged mission.

      It's quite possible that EFF is merely funneling corporate cash to a handful of liberal elites.

  15. Anonymous Coward
    Anonymous Coward

    IMHO, any modified vehicle should become immediately unfit for the road...

    .... until it undergoes a full regulatory and safety testing. Including crash ones.

    You should be free to modify your car. Just, you shouldn't be free to bring it on the road unless you prove it's safe and fulfills rules.

    1. Yet Another Anonymous coward Silver badge

      Re: IMHO, any modified vehicle should become immediately unfit for the road...

      But you shouldn't be forced to lose your entire year's crop because your harvester won't start because a sensor says an airfilter is due for replacementand it will be 6 weeks before an authorised service center can get you the part

    2. nsld

      Re: IMHO, any modified vehicle should become immediately unfit for the road...@LDS

      Your comment is all kinds of stupid.

      Most "modification" to vehicles, for example changing the brakes means using stuff that is engineered to fit and work with the car to improve it. The same also applies to engine re mapping which is an extremely common thing to improve performance, economy, emmissions etc.

      Putting better brakes on a car doesn't require type approval or crash testing, and neither does allowing an ECU overwrite or a new chip being added, the most dangerous thing in all the article if the fact the damn thing is connected to the internet!

      Both our Land Rovers are chipped or remapped, as is one classic Lotus (which also has 8 pot calipers to stop it rather than the OEM Vauxhall crap that Lotus used in the 90's) and the 9 litre diesel horse lorry, the Landies to make them less rubbish, the Lotus to make full use of the turbo and the horse lorry because its now bearably crap. None of them are dangerous per se, they just work better.

      However if you connected them to the internet and let the world loose on them that would be a different matter altogether.

      1. BitDr

        Re: IMHO, any modified vehicle should become immediately unfit for the road...@LDS

        Around here they just passed some legislation to the effect of "it is wasn't available on the vehicle from the manufacturer, then you can't put it on and remain road worthy". I had an interesting conversation with a mechanic about this, effectively if I put better brakes on my vehicle, say four piston callipers with ceramic discs/rotors and upgraded hydraulics, it would fail safety inspection.

        This is legislation by idiots for idiots, the lot of them should be put on Ark B.

    3. Adrian 4

      Re: IMHO, any modified vehicle should become immediately unfit for the road...

      Because anything manufactured by industry is certain to be built, tested and operating according to all the rules ?

      And if the implementation is kept secret, how exactly could you be sure of that ?

      Didn't work for emissions. Why should it work for anything else ?

      1. bazza Silver badge

        Re: IMHO, any modified vehicle should become immediately unfit for the road...

        @Adrian4,

        Because anything manufactured by industry is certain to be built, tested and operating according to all the rules? And if the implementation is kept secret, how exactly could you be sure of that?

        Er, by black box testing it. All designs have to pass a bunch of tests, and unless they pass they cannot be sold. Who cares what the software is like if it passes the required tests?

        Given the vast number of cars that are sold world wide one has to conclude that the regulatory oversight of the industry is highly effective; there's comparatively few defects that escape notice, and the regulatory recall system works well to fix those that crop up later on.

        Didn't work for emissions. Why should it work for anything else?

        VW emissions cheating was found by black box testing, not examination of the software. It was an imaginative step by the researchers who found it, and it's resulted in the regulatory inspections being tightened. So there's now even less reason to examine the source code than before. In the same piece of research they found that a number of other vehicles did perform properly, again established without access to the software.

        The UK is comparatively unusual in that individuals are allowed to design and build their own car from scratch and drive it on the road. The *only* thing you have to do is get it past a vehicle inspection. It's quite a big inspection, but it's affordable (costs a few hundred pounds). Some people have even done this to the extent of designing their own engine. There's no requirement to show that all your own software has been written according to MISRA rules, etc. In, say, France it's different; an individual has to go through the same crash test regime as a major manufacturer - prohibitively expensive.

        So in short, the source code is irrelevant. Even if you had it, that makes no difference to get tests a vehicle has to pass.

        The only thing that the source code might usefully do is allow servicing monopolies to be broken. But getting the law changed is likely to be a quicker and more effective way of achieving that.

        1. Orv Silver badge

          Re: IMHO, any modified vehicle should become immediately unfit for the road...

          "The UK is comparatively unusual in that individuals are allowed to design and build their own car from scratch and drive it on the road."

          Also true in most US states. (In the US car registration is run by states, with some relatively loose guidance from the federal government.)

          The inspection in the US tends to be pretty cursory. With kit cars based on a production model it's fairly common not to bother with it and just register the car as whatever vehicle the chassis came from, since many states only care about the VIN plate and the title. (e.g., registering a Myers Manx as a 196x VW Beetle.)

    4. This post has been deleted by its author

  16. allthecoolshortnamesweretaken

    "Much agricultural machinery is connected to the internet, and a internet connected heavy vehicle that can be controlled remotely can be controlled remotely by a bad guy, too."

    Which is a problem in itself, isn't it? Given the state of things, from what I read on El Reg alone, combine harvesters or tractors or any other heavy vehicle that is connected to the internet will be about as "secure" as any given CCTV or kettle.

  17. Pen-y-gors

    Sheesh!

    I think I'm with John Deere here, sort of. Perhaps the compromise is to say that anyone can read and tinker with software but it's a serious offence for modified software to be used in public.

    The thought of a combine harvester racing down the High Street at 80mph because some 'smart' teenager decided to modify the software and confused metres and miles doesn't bear thinking about

    1. Chris G

      Re: Sheesh!

      Do you even know what a combine harvester looks like?

      Because if you do , you would know that making one do 80MPH is an impossibility, particularly via some teenager sodding around with the software.

      Normally your comments are sensible, perhaps you should lay off the Christmas booze.

      I know a few farmers and all of them are pretty good engineers, it is part of what is taught at agricultural college in the UK as farming is not an easy industry to make profits in witout an extremely broad base of knowledge.

      Access to JD's software doesn't matter as much as being able to maintain and repair expensive equipment that is often needed at short notice without having to go and pay through the nose at a JD service centre.

      Terrorists or anybody else don't need to hack the software to make a combine harvester dangerous, all they have to do is drive over somebody and how often does that happen? It woud be easier to steal a truck as has already been proved.

      Let's get sensible and tell John Deere to piss off with their ideas of an agricultural walled garden full of machinery.

      As has already been said, if I bought it I own it!

      Or are we heading for an everything as a service kind of world.

      OK rant over I'm going for a lie down and a glass of wine (not necessarily in that order)

    2. Anonymous Coward
      Anonymous Coward

      Re: "used in public"

      "modified software to be used in public."

      What's "in public" got to do with it?

      Some UK media have this month covered the sentencing of a person whose driving a tractor+trailer while intoxicated sadly managed to kill a nearby 11 year old boy.

      This happened on private property, and thus the usual drink driving laws didn't apply. The tractor driver thought that being on private property excused his consumption of 13 pints of beer (equivalent). The much-maligned Health and Safety laws had to be used instead, leading to a prison sentence of 16 months instead of maybe six years.

      See e.g.

      http://www.telegraph.co.uk/news/2016/12/13/harry-whitlam-death-drunk-tractor-driver-ran-killed-boy-jailed/

      http://www.bbc.co.uk/news/uk-england-leeds-38304362

    3. Updraft102

      Re: Sheesh!

      Deere is claiming ownership not only of the software running on the combine's computer, but all of the data as well. Does Microsoft/Apple/Google own all of the data on whatever device you're using to access this forum? All of your pictures, your email history, browser history, and every other thing stored on that computer?

  18. Mark 85

    I hate to say it, but I think the EFF should back off on this one. If the maker releases it for "research" that's one thing, but to open it up the world is inviting lawsuits and headaches. Unless of course, the EFF wants to indemnify the vehicle makers.

    1. Adam 52 Silver badge

      That's easy to fix. Just as nobody would blame Ford if I weld a knives to my wheel rims, why would we blame the manufacturer if I make a software mod?

  19. Starace

    'amateurs (who frequently refer to CAN frames as “packets” and CAN identifiers as “addresses”) '

    Professionals have been known to use similar terms too, certainly addresses was the term that was used in a recent discussion around interoperability of different bus standards.

    As for the fiddling aspect the amateurs are really going to be out of luck as everything is moving to hardened secure boot and signing of all software updates, the only reason it hasn't so far is the extra overhead required on the low power SOCs. Apparently.

    You're even more out of luck with Tesla as they don't even give you diagnostic access and encrypt the buses too.

  20. Anonymous Coward
    Anonymous Coward

    Its about slightly more than the right to tinker. Farmers have been, mending and making do long before the "hacker" culture upswing and John Deere's refusal to allow even basic modification until very recently has been opening up a lot of these guys to the possibility of being sued for trying to fix their own very expensive equipment. This is why the EFF consider it an attack on the idea of ownership. Its been described as being legally bound to only have your car repaired by the dealer.

    It also raises very important questions about what happens when John Deere decides their combine has reached the end of it's lifecycle. They will stop supporting it and unless they take action to remove some of the obstacles for doing so, it will be very difficult for anyone else to.

    1. Orv Silver badge

      Yes, these are VERY expensive machines, and represent a major capitol investment for farmers. They often pass through many hands on the used market, and are expected to last decades. John Deere now has the means to interrupt that process and make sure people have to buy new ones regularly.

      1. Anonymous Coward
        Anonymous Coward

        "John Deere now has the means to interrupt that process and make sure people have to buy new ones regularly."

        Presumably that significantly reduced whole-of-life value will also be reflected in a significantly reduced initial purchase price?

        Maybe we could have "combines as a service", where the combines are rented to farmers by a group of combine owners, whose collective purchasing power could perhaps encourage JD (and others) to think twice about behaving like HP and others have done with chipped and time-limited ink cartridges.

      2. Charles 9

        Until they realize they can't afford them. Keeping them for decades is pretty much the only way to make them worthwhile. Otherwise, a lot of farmers are going to go under.

      3. Bronek Kozicki

        Yes, but if they do I bet the new ones to replace these which John Deere put on "planned obsolescence" will be a different brand. It is a marvelous way of removing oneself from the market.

        1. Charles 9

          "Yes, but if they do I bet the new ones to replace these which John Deere put on "planned obsolescence" will be a different brand. It is a marvelous way of removing oneself from the market."

          Unless, of course, they act in cartel and ALL do the Deere, meaning a Hobson's Choice instead. To them, playing nice means business for all instead of a cutthroat fight where most of them won't last.

  21. Anonymous Coward
    Anonymous Coward

    That's Post-Truth America for you. Nowadays, big business is all about supporting the little guy and advocates for personal freedom are all about crushing personal freedom. Did Donald Trump write this article?

  22. wibblewobble

    I for one welcome our robot overlords

    Apparently John Deere have been able to monitor and remotely turn off farm machinery for years if it is used outside certain parameters eg hooned. Also if you don't make the payments, don't expect it to work ;-)

    This is interesting because you don't own the thing totally anymore, you are more like leasing it. I think this may be the way the car and lorry manufacturers push higher tech and hence higher cost hybrids and autonomous vehicles onto us. Cars are only designed to last 7 years or so now anyway, manufacturers are not interested in them lasting longer than the warranty and hence dealer $ rates, so I can see more manufacturers slipping in constant monitoring of vehicles and no-tampering based warranties. All for our benefit, of course!

    1. Anonymous Coward
      Anonymous Coward

      Re: I for one welcome our robot overlords

      Posting anonymously because I have worked at John Deere. As far as I know, JD DOES NOT and CANNOT turn off farm equipment if you don't make payments, although they may refuse to authorize repairs on account. JD Financial works hard with farmers and other users* to get their payments back on track. As a LAST resort they will repossess the equipment. It is not in their interest to have unhappy customers.

      John Deere maintains parts depots around the world, and ships parts to dealerships every workday. The commentor who suggested that a farmer would have to pay for a technician to visit surprises me.

      The technicians at JD Dealerships are well trained at the various parts depots, with both classroom and hands on training on during week long visits.

      I don't beleive that John Deere achieved the level they have by screwing over their customers.

      * Other users: as well as agriculture, John Deere's other users include Turf users such as golf courses, Forestry businesses such as lumber companies, and Construction companies.

  23. Will Godfrey Silver badge
    Unhappy

    Taking the piss

    John Deere that is.

    I was asked to find replacement lamps for a control display on a combine. They were specially made ones with oh-so-slightly greater base diameter than off-the-shelf bi-pin ones, with pins that were also thinner than normal.

    I got the blown ones out easily enough using a piece of rubber tubing and a good hard suck! The housing was clearly designed to make this difficult.

    According to Derre, they could not be replaced, and the entire control panel had to be changed at the cost of several thousand pounds.

    They lost that sale though. I built replacements using miniature LEDS and series resistors!

  24. Steve Davies 3 Silver badge
    Paris Hilton

    Tinker with my Combine?

    Only if it is done by the Wurzels.

    Paris because even she would sing along with that lot especially after a few pints of Scrumpy.

  25. Alistair
    Windows

    This is an interesting debate.

    I happen to own one of the cursed VW's.

    for about $12 I can buy a basic reader that will scan the vehicle software codes (I actually paid $39 for the one I decided to buy since it covers some newer vehicles and standards, and can be updated with more info) - I can get the same functionality as my mechanic (and from experience, spending an hour or two on Da Interwebz) generally better diagnostic results than the VW dealership. It has already saved me in excess of $4000 simply by providing guidance on what to replace to avoid a problem.

    I can for about $400 get a dongle and a bundle of software that will let me muck with the tuning and individual settings in the software that manages my vehicle.

    Given that I'm a middle ground programmer I might be able to write code to get to that in about 3 years of hobbying my way through it - (i.e. something that would read parameters, interpret them correctly, and allow tuning of parameters)

    I seriously doubt that I'd be capable of re-writing any of the actual vehicle code. I can safely say that I'd be more than a bit paranoid about trying that.

    All of the above said, I can understand that effectively, what is being said here (re Tiggity) is that what once was a fairly simple mechanical thing that was easy for a reasonably competent mechanic to fix or maintain on his own, is becoming a device that requires some specialist to even diagnose.

    (Wait, you thought that auto manufacturers actually make money on selling cars? Oh dear oh dear. NO. you don't go to Wall Mart's Car Department and select a vehicle. You go to a FORD dealership, or a GM dealership etc, and ... um, they sell you a service agreement with wheels).

    Same would apply to the fellow up the block that just dropped something like $190K on his new Volvo M2500, there just isn't a scanner on the market that will read the codes off that system, he has to take it to the dealership. For *everything* -- apparently changing the oil filter without access to the computer system can "damage" the engine.

    There are *two* levels to this :

    a) the diagnostic data should be available to the end user to permit basic maintenance, and simple mechanical repairs by the end user that owns the device.

    b) If there are functional reset required as part of basic maintenance, these reset functions should be available to the end user.

    c) command and control functionality should be locked to the console (driver interface in the case of vehicles) and not exposed in any way to the outside world.

    AND

    Firmware that runs a vehicle or device like this is stuff that the manufacturer should be in control of UNTIL OR UNLESS they decide that they will no longer support said vehicle or device for a nominal fee.

    I'm not sure that forcing companies to put their firmware out into the open is necessarily a good thing, but the API that does diagnostics and the diagnostic information damned well should be out there so those that have the inclination and time can fix the things they own.

    1. Alan Brown Silver badge

      "(Wait, you thought that auto manufacturers actually make money on selling cars? "

      They never did., It was all about selling parts, which is why japan managed to upset the applecart so badly by making reliable cars - even in the 1970s an average japanese car needed 1/4 the servicing of anything from Europe/USA (AND was easier to work on)

      These days Ford makes a loss on cars, breaks even on parts and makes a stonking profit on finance agreements - which gives it major incentive to make reliable cars, given the way US consumer protection law works. GM and a few others have yet to learn that lesson and unsurprisingly Ford was the only US maker that didn't need bailing out.

      As others have said, this is about Farm Machinery (and other offroad equipment) being subjected to major levels of vendor lock-in for parts and servicing - something that both Europe and the US effectively made illegal when automotive makers attempted the same tactic in the 1980s-2000s. The whole thrust of ODB was to standardise things and encrypted protocols were outlawed (My older Nissan's CAN ODB port is encrypted - the following model year was supplied with decrypted bus. What that means is that whilst I can get a lot of data out using K-Line data it's both slow and a limited subset of everything that's there, with a special Nissan tool (expen$$$ive) needed to get all the other stuff.

      VW and BMW are amongst the makers still holding out on this stuff and their contempt for customers has caught up with them in other areas.

      1. Charles 9

        Then how come Tesla's bus is encrypted if it's illegal to do so?

        1. JulieM Silver badge

          Because they have not been caught yet.

          All it needs is for someone to write a polite letter to Tesla, asking for some of the information they are illegally withholding and correctly naming the Statutory Instrument which obliges them to reveal it. They can either respond, or admit to a crime.

        2. Orv Silver badge

          The law only requires certain parameters to be made public, IIRC. Most of them don't apply to electric vehicles, because the main thrust of the law was to allow emissions-related repairs.

      2. Anonymous Coward
        Anonymous Coward

        ""(Wait, you thought that auto manufacturers actually make money on selling cars? "

        They never did., It was all about selling parts,"

        Semi-true: Japanese manufacturers did and do, as the whole business model is totally different in a country where average car life is bit more than 6 years and everything related to car manufacturing is thoroughly automated bulk production.

        But cultural differences also: In Japan a failing car is a personal insult, you do not accept that at all.

  26. Dwarf

    bug free software

    Is the manufacturer claiming only they can produce bug free software that ensures safety etc ?

    If so, then they should teach the rest of the world their tricks, since nobody else has managed that yet.

    1. bazza Silver badge

      Re: bug free software

      They're basically saying that they're not going to expose themselves to potential liability by releasing their source code. Can't blame them for that.

      No matter what wording they might put in release notes, releasing the source code at all could be construed by a clever lawyer (especially in the US) as being equivalent to "do what you like, you can't go wrong". However in these days of throttle-by-wire, brake-by-wire, etc that's far from being true. They really would be running the risk of being sued by the victim of someone who'd modified it.

      Getting the law changed on open servicing for farm vehicles, plant, etc. sounds like a far better bet. Putting campaigning effort into that would be more productive that cocking about with copyright laws.

      1. Anonymous Coward
        Anonymous Coward

        Re: bug free software

        " They really would be running the risk of being sued by the victim of someone who'd modified it."

        True, but not whole truth: Now they have the same risk because of their own mistakes in the code. With actual, provable liability.

        But there's no liability if you can show that the user modified the code themselves: Being sued doesn't mean a thing for a major company, losing in court means.

        Good luck on that with your own code modifications.

        1. Charles 9

          Re: bug free software

          That's the specialty of injury lawyers. They're masters of finding ways to make everyone pay: even manufacturers for allowing the bad modification to happen, regardless of hold faultless clauses. They have to know the tricks since most work on contingency: they don't win, they don't get paid.

  27. morikaweb

    Their argument makes no sense

    Their sole argument seems to be "if someone does it wrong, it could go badly". That is such bs it's not even funny. I mean I fixed my brakes wrong my car could kill someone, yet I'm still allowed to fix my car myself if I want to and if I did it wrong I would be on the hook if someone got hurt.

  28. morikaweb

    Sounds like bs

    Their sole argument seems to be "if someone does it wrong, it could go badly". That is such bs it's not even funny. I mean I fixed my brakes wrong my car could kill someone, yet I'm still allowed to fix my car myself if I want to, and if I did it wrong I would be on the hook if someone got hurt.

  29. EarthWarrior
    Facepalm

    Profits

    Disclaimer: I work on this shit for a living.

    This is only about money. Tier 4 is an emissions standard. Think VW.

    If the average consumer had to jump through hoops like the average diesel tech, things would change fast. Think OBD. The engine management systems today are firmware on a chip. Access to this firmware, in the heavy equipment industry is controlled by proprietary software running on a laptop. Is there mass hardware hacking on consumer vehicles? No. Do we have access to diagnostics? Yes.

    With many EQ manufactures, JD included, one has to subscribe to that software on a yearly basis if allowed by dealer status. The industry rakes in while the consumer pays more, after the sale, for that piece of equipment. Just think if one could not go buy a 50.00 scanner to diagnose one's own car to determine if it has to go to the shop or not. Again, not many are going to reverse engineer proprietary firmware code and mass distribute it. The access to that firmwares diagnostic capabilities, by anyone, say to check if the manufacture is in compliance, in the field, or for repairs, is what is at stake here and IMHO, the El. Reg, has the spin wrong...

    1. cyberdemon Silver badge
      Devil

      Milking It

      Is what JD are doing..

      @EarthWarrior - You're right, I'm surprised at El Reg for taking the Daily Mail angle on this. It's not about hax0rz in teh yuor combine harvester, it's about money for big agri companies. El Reg probably didn't realise the amount of money JD are milking out of their customers. They are taking full advantage of the fact they are in a niche market with customers who generally don't know much about tech - and when the few who DO understand tech, start doing trivial repairs themselves, they send the lawyers.

      I work in Robotics - and industrial robot manufacturers are just the same (some are worse than others - I'm looking at you, Fanuc..)

      They (Fanuc) will send legal threats to people "pirating" their user manuals, because they would prefer to send one of their "consultants" to set up your robot, or else you could pay £17,000 to go on a "training course" where you will receive said manual. Your factory floor manager, generally speaking, doesn't have the time or the incling to do configuration or repair, no matter how trivial it really is. But he does have lots of money to throw at consultants.

      We asked Kuka really nicely, and they gave us the manuals we needed, but still charged ££££s for some extra piece of (shitty) software that we needed to control the robot the way we wanted.

      1. Boris the Cockroach Silver badge
        Unhappy

        Re:Fanuc .. Milking It

        And you wait until you need the machine control parameters changed (used to be at 900-932) in the old Fanuc O series

        2000 quid to turn on the clock display anyone? and gawd help you if you wanted to add some more memory..

      2. Charles 9

        Re: Milking It

        You would think with the money involved someone would've reverse engineered it by now to undercut them. Or are there patents or other unavoidable red tape involved?

        1. EarthWarrior

          Re: Milking It

          The not so obvious thing is that most of the hardware, the logic board and I/O valve packages, even the software for diagnostics, used on these and other proportional hydraulic propelled machines are made by the likes of sundstrand/sauer, murphy, and others. Everything is thankfully going can bus. They are all licensed to the company's that build equipment around them.

          When I purchase the interface hardware for the machines I work on, rarely is it made by the brand I am working on, the software UI is horrid, it is never a standard UI, is always a nonstandard install, the cost is always over $500.00, and the hardware interface, for simple can bus, looks like it cost them $20.00.

          We need a standard, like OBD...

          Diagnostics for engine, regen, valve package(transmission), electronics, and configuration, need to be standardized and accessible. Like OBD...

          And to John Deere, stop changing the design of your goddamn oil filters every year!

      3. ilmari

        Re: Milking It

        As someone working in a so far robot-free plant, situated next door to a fanuc shop, that was interesting news and I will certainly demand manuals if those fanucs try to get in.

        If you know, what robot manufacturer UA the friendliest for maintenance technicians armed with a netbook, pieces of string and duct tape?

        1. cyberdemon Silver badge
          Devil

          Re: Milking It

          I know COMAU are quite good - TUT in Finland were able to do this: https://www.youtube.com/watch?v=Y2sRReKA0OA

          And as I say KUKA were quite cooperative in the end.. We were able to do the same thing with a Kuka robot, but it was not quite as good as TUT's performance with the Comau, and we had to buy some expensive software that really doesn't do very much.. Basically we used the "RSI" (Robot Sensor Interface" which is designed for sensor-corrected movement such as computer vision etc) to "correct" in the entire workspace, based on the position of the haptic pen. This is the only way we managed to get real-time positioning.

          I don't know how TUT did it with the Comau - maybe they had to do a similar hack.

  30. Anonymous Coward
    Anonymous Coward

    I sometimes end up being the one called when farmers need IT help.

    In one case, a grain dryer plant controlled by a windows xp PC had its PSU blow. The plant continued running in a mostly uncontrolled fashion, slowly becoming a grain toaster. The manufacturer was 3 days away, and wanted around 20,000 to come fix the PC.

    In another case, the farmer had a simple request. His milking robot would occasionally have misfortunes with cows trying to game it for treats, or cows changing their mind and stopping halfway into the milking pen. Often it was just a case of telling the robot to open the gate and let out the cow, but of course it was tedious to get in the car and drive over to the control room and click the right buttons on the robot's PC.

    The manufacturer had promised a mobile app "sometime next year", the price was going to be some 6 figures.. In the meantime though, he wondered if instead of app if there was a way to use PC at his home to access the PC at the farmhouse whenever the milking robot SMSd for help. Luckily the robot's PC wasn't locked down, so a vnc install later he had " free" remote access. LAN only, of course, but he already had a wireless bridge between the two locations.

    The manufacturer restrictions to home repairs in these cases would've made something costing 100 end up at over 25000. I can certainly see why some farmers are annoyed at John Deere. I haven't myself encountered JD equipment, luckily.

  31. Drab-Math
    Windows

    Re: In terms of farmers @BigJohn

    It's kind of murky. There ARE some companies that manufacture farm equipment without the same level of heavy-handed lockdown, but they aren't the same level of quality and still have a lot of restrictions on the engine and other EPA controls.

    The problem with John Deere is the level of availability and promotions of their products. They've gone from being simple machines that you can attach virtually any attachment to making it the "one size fits all" of the farming world. Mix that with also being easily maintained without needing a professional or rep to come out. There's a reason it became the biggest name amongst the farming core. Then new EPA laws about heavy vehicle emissions controls came into place and John Deere (who was already looking for ways to control product and accessories purchases) went buckwild on this. Going from locking down a lot of sensor and mechanical work so only a Deere-approved technician has access to the software work, from using their software to make it so you can only use John Deere attachments on their tractors (like HP and ink cartridges but far more expensive). This is for a product that can easily cost as much as the land being worked on, so this level of control is seen as taking the goodwill of a previous time and using it to exploit for control and money. The last thing that makes things even more nefarious is that there are researches who have found these tractors are collecting data not just for settings adjustments for the farmer but also being sent to Monsanto who are not seen as a friend of the independent farmers (this isn't confirmed 100% but is believable and has enough captures that there's reasonable suspicion).

    But that's the bad on John Deere's part. The EFF demanding their software be available for everyone just isn't a bad idea but goes against the whole reason the EPA put restrictions on heavy machinery in the first place. I've heard EFF argue that "who knows their land and equipment more than the farmer who owns it?" But most farmers I know care more about their output and saving money than they do about having clean and efficient vehicles. So these things will consume gallons upon gallons of gasoline needlessly and leak oil in the area they are stored contaminating the ground.

    1. Robert Sneddon

      Farming is not a hobby

      "I've heard EFF argue that "who knows their land and equipment more than the farmer who owns it?"

      Actually, for most farmers the land and equipment belongs to the bank that provides the overdrafts and loans to buy said land and equipment.

      Someone I knew was the last of a farming family which worked land in Lincolnshire for about 150 years. He said that at no time in the family history as recorded in the account books he knew of did they ever own the land outright, it was always mortgaged up to the hilt. In a good year they didn't have to give most of their earnings to the bank at the end of the year to service the loans, in a bad year they had to extend their borrowings to buy seed for the next year's plantings.

      He fixed the heavy machinery on the farm himself when he could but he knew the older models of tractors, seed drills and combines were less efficient, more work for the "owners" and more likely to break down at the wrong time because they didn't have the sensors and monitoring software that would give him a heads-up and book a visit from an engineer to carry out preventative maintenance, leaving him more time to actually farm the land the bank owned.

    2. JimC

      Re: In terms of farmers @BigJohn

      Yep, its not simple: there's not really a good guy here.

      The arguments about JD taking advantage of lock in and so on are all reasonable, and pretty valid. Too many big companies behave like that these days.

      However the arguments that the EFF are talking out of a manure providing orifice and that amateurs should have the rights to create complete chaos out of a complicated system with all the potential disasters are also quite valid.

    3. Anonymous Coward
      Anonymous Coward

      Re: In terms of farmers @BigJohn

      "But most farmers I know care more about their output and saving money than they do about having clean and efficient vehicles. So these things will consume gallons upon gallons of gasoline needlessly and leak oil in the area they are stored contaminating the ground."

      Clean and efficient are opposites, not the same thing. Every catalysator known increases fuel consumption by significant amount and that accumulates fast: Unnecessary expenses.

      Somewhere in the fields the emissions are basically irrelevant by any conceivable measurement and those exist solely because EPA doesn't have any actual work to do and they have to imagine something to fill their leisure time some people call 'work'.

      If commenter hasn't noticed, gasoline costs money and money is never needlessy thrown away, just an uneducated assumption.

      1. Anonymous Coward
        Anonymous Coward

        Re: In terms of farmers @BigJohn

        "Somewhere in the fields the emissions are basically irrelevant by any conceivable measurement and those exist solely because EPA doesn't have any actual work to do and they have to imagine something to fill their leisure time some people call 'work'."

        Except contaminants never stay put, do they? They either float up and eventually make their way to more populated areas or come back down...onto arable land. And I would think the EPA would be very interested in contaminated crops.

      2. Orv Silver badge

        Re: In terms of farmers @BigJohn

        "Every catalysator known increases fuel consumption by significant amount and that accumulates fast: Unnecessary expenses."

        I don't know about diesels, but I've run gasoline cars both with and without catalysts and the fuel economy difference is little to nothing. In one case the downpipe on a Cadillac I was driving broke just before the catalyst and the indicated fuel economy went *down*. And this was a vehicle from the 1980s, when most emissions controls were poor hack-jobs compared to now.

        Diesel owners mostly seem to like to modify their trucks to generate more smoke ("rolling coal"), which is always going to hurt fuel economy. That soot is just partially burned fuel. It might as well be dollar bills blowing out the tailpipe.

  32. martinusher Silver badge

    Wrong Pin

    You should really watch what's coming in -- RXD -- rather than what's going out.

    Seriously, though, CAN isn't the issue. Its a local serial bus for transmitting messages between devices. These messages are typically 'J1939' format in automotive and truck applications and they don't contain a whole lot of data. Anything that fancied itself going out to the Interweb will have to be significantly reformatted to suit Internet protocols.

    Which really underscores the problem. I'd expect a truck, combine or any other machine to have a whole lot of messages flowing around it but I wouldn't expect to expose these low level messages to an external interface. I'd expect the external interface to talk higher level messages, exchanging collated information from sensors for general high level commands. Mixing up the messages -- or making a controller hackable to expose these low level messages -- is asking for trouble.

  33. Anonymous Coward
    Anonymous Coward

    I like the idea of someone hacking a combine harvester ...

    ...to relentlessly pursue and harvest anyone with a long beard in a nightgown...

    ...Brings a whole new meaning to battlebots

  34. GrapeBunch

    Drone

    The diagnostic package should be (part of) a drone. Mountain stalls in a field, fly in the prophet!

    Sufficiently small replacement parts, also deliver by drone. It might take a couple of hours to get to the stalled mountain, but probably faster than the mechanic in his or her vehicle.

    Yes, I do see the irony that the proposed treatment for an IoT excess is more IoT-diocy.

    Diagnostics should be digitally signed and digitally copied to the client. That will be a first step towards dealing with overcharging and fake repairs; maybe no further step will be necessary.

    Sitting here, I can't see why the manufacturer should have to reveal source code. In any case, far earlier on the list of things that need happen is to break Microsoft software away from Microsoft operating systems--that's a vendor lock-in and conflict of interest that continues to cause undocumented (feature) harm.

    As to theoretical harm, I don't see farm equipment endangering nearly so many people or so much property as "Smart" electric and gas meters. As that harm gets revealed, rest assured that they'll blame "bad guys" or "accidents" rather than themselves.

  35. david 12 Silver badge

    Ironic

    Ironically, the register doesn't seem to understand that their the EFF knows exactly what they mean by ownership.

  36. Snorlax Silver badge

    @Andrew Orlowski

    "The European Court of Justice ruled in 2014 that any vehicle, even on private land, must be insured, given the potential to cause injury."

    I hate to sound like one of those whiny forum bitches who counters every claim with "citation please", but what case was this? I've never heard about this judgement.

    Cheers

    1. Charles 9

      Re: @Andrew Orlowski

      Looks like this one is actually true: ECLI:EU:C:2014:2146, Damijan Vnuk v. Zavarovalnica Triglav d.d.,

      http://curia.europa.eu/jcms/upload/docs/application/pdf/2014-09/cp140117en.pdf

      "Compulsory insurance against civil liability in respect of the use of vehicles has to cover any accident caused in the course of the use of a vehicle that is consistent with the normal function of that vehicle."

      A tractor is legally a vehicle (the judgment clarified this), and is intended to be used in a field such as the location of the incident, which isn't public property. Ergo, ANY vehicle must be insured to cover accidents occurring during their normal activities, be they on public or private property, unless there is a SPECIFIC exemption to those vehicles in the law of that member state. No such exemption was in Slovenian law at the time.

  37. David Pearce

    How many more manufacturers don't want anyone going through their code and finding another illegal Volkswagen style cheat mode?

  38. Tom 7

    Develop the market, then tie up the market.

    When tractors started out their great benefits were down to open API approach to things - the 3 point attachment was the same on all tractors and on all the equipment that would attach to it. Same for the PTO adaptor so basically you could buy a plough or a seeder from anyone and this helped keep the prices of things down.

    I dont know if JD are trying to lock in which things you can stick on their tractors but at the local dealer I walk past with the dog I noticed some remarkable looking connectors on a large turnover plough that looked like it was specifically designed to be a bastard to get hold of so I'm wondering if you want to use a big turnover plough on a JD tractor it is 'best' to get a JD one with its custom sensors* that will connect into its proprietary tractor socket.

    *I'm guessing they are for detecting the individual pull on each blade or something - the dog didnt want to stop long enough for me to work it out.

  39. Unicornpiss
    Alert

    Hmm..

    While we all know how well "security through obscurity" works in the long run, I kind of agree with protecting the source code for automotive systems. Farm machinery is a different story perhaps, and farmers are generally IMHO a bit more of a savvy bunch when it comes to machinery.

    As much as the Open Source part of my soul cries out that hobbyists should be free to tinker as much as they want, there's another part that if this is opened up envisions myriad dodgy apps to modify your car's programming, from China and elsewhere, loaded with malware and just plain bad programming and bad ideas, all to make a buck and the public be damned. I picture high emissions, reduced reliability, destroyed engines, accidents/injuries due to safety systems being overridden, possibly even vehicle fires in garages and on the road. Frankly, most folks don't even understand how the simplest of internal combustion engines function, much less the engineering decisions that go into vehicle production and systems programming. Such as for example limiting horsepower or throttle response because the rest of the chassis just isn't tuned for it, even if the engine is capable of more.

    And yes, I know there are already handheld/smartphone/PC-based tuners out there that will let you modify the performance of some vehicles. (I have one myself and use it cautiously) And hot-rodders have been modifying vehicles for performance for 100 years. But the idea of everything being a free-for-all for John Q. Public is a bit scary. In the "old" days, it took some know how and physical effort to modify a vehicle's tuning. If you make this ridiculously simple for every idiot, there will be problems.

    1. patrickstar

      Re: Hmm..

      There are already a myriad dodgy apps, custom firmwares and retrofits to modify your cars programming. Never heard of tuning chips for modern cars for example?

      Even before people seriously started hacking up the ECUs from the manufacturers, there were devices (see for example http://www.vems.hu ) that are completely custom ECUs written from scratch precisely to be able to do lots of very fun but potentially very dangerous stuff without any of those pesky safety limits enforced by the original gear.

      Yet, somehow, there is no ongoing epidemic of runaway cars killing people because of these modifications. At most, the worst you can attribute to all this is a number of engines getting damaged beyond repair during beta-testing.

      1. PTW

        Re: Hmm... THIS ^^^^^

        If only I could up vote you more

      2. Anonymous Coward
        Anonymous Coward

        Re: Hmm..

        Could be they simply weren't that ubiquitous yet. Care to dare taking it past the tipping point?

  40. Anonymous Coward
    Anonymous Coward

    Ridiculousness on both sides?

    As ever, cui bono?

    - Being able to read but not modify data from anything you own should be a fundamental right. I know manufacturers are always trying to cut off this access, but that's the spirit of OBD. Obvs, manufacturers and dealers hate it because they make no money off someone coming in whose already IDed the problem and simply wants the part or the fix made, compared to someone who hasn't.

    - Being able to modify software is something the EFF would love, of course, drinking from the same stream as the Stallmanistas, but manufacturers are not unreasonably worried about liability. You may think they are also worried about $$, but let's leave that to one side for now.

    - Being able to replace the software on something you bought seems like a reasonable ask, so long as it can be legally insulated from the stock software.

    I suggest that the compromise is law that gives freedom to read, provides safe harbor legal protection for mfrs and lets people tinker in a clearly partitioned environment. For example: you can load your own build, but it has to be digitally signed by you and you accept that you are liable if bad things happen.

    As of now, the tools that mfrs use to combat tinkering are clumsy and ridiculously heavy-handed, and play perilously close to breaking anti-trust law. For example "you can only buy from our dealers".

    1. Anonymous Coward
      Anonymous Coward

      on several sides

      Aye, you open a can of worms the moment you add a programmable controller to any piece of durable equipment, even if it's just an 8-pin microcontroller running a 10-line program. Maintenance and 'legitimate' modifications now require the manufacturer's support, which is a burden on them. 3rd-party code adds another dimension. Connectivity creates a security/support/liability clusterfuck. No resolution in sight.

      I think EFF's argument is right in principle, but they're clueless about the practicalities, and nobody takes them seriously anyhow. OTOH, manufacturers are in over their heads with automation and will soon be forced to retreat, and buyers can wait for them to do so. At the end of the day people will blame various sides for "why we can't have nice things" but it's really just the nature of people and software.

  41. david willis

    Context please

    Let's start here with the digital millennium act, designed to stop you copying video cassettes and computer games.

    The issue with IOT (regardless of scale) is the act allows security by obscurity. It has bugger all effect on the bad guys that WANT to exploit and hurts those that are just curios.

    Forget tractors for a minute and look at DD-WRT. It has been permitted by the hardware manufacturer to hack a routers firmware and produce something that may be better than their home made software. Good stuff?, bad stuff?.. It depends, the bad guys could equally produce something nasty, which without some kind of certification might break your home network.. Hey ho..

    Now look at Tractors;

    “Vehicle software will be subject to contamination from the repair or modification efforts of individual vehicle owners, the vast majority of whom do not have the programming or technical competence in the full range of applicable federal regulations and industry standards,”

    Vast majority - agreed..

    But by refusing to accept people looking at your software all you are doing is trying to achieve security by obscurity. It's exactly the same as the home routers. Your software may be (pick your expletive), but there's a chance that somebody else's could be worse.

    The issue here is that if you do have the skills and the time and he energy to try and make things work you'll get your ass sued off by somebody using legislation designed to protect video games and VCR tapes.

    There is no easy answer to this, but discussion on how we secure the IOT is important. Research to show that there is a problem is desperately needed. A piece of legislation that allows ANY manufacturer to refuse you permission to look under the bonnet is dangerous.

    1. Bruce Hatton

      These are different issues!

      Changing my router firmware is unlikely to kill anyone.

      Changing my 40-ton truck software could well do.

      How about:

      'Sorry, I was busy optimizing my fuel economy, and I missed the user input to apply the brakes' ?

  42. Ken Moorhouse Silver badge

    Reminds me of Duel...

    https://www.youtube.com/watch?v=5MtAMc4i8OA

  43. Destroy All Monsters Silver badge
    Paris Hilton

    After a rambling article, we get to the last phrase

    Property ownership is both a legal and a human right - but few people have done more over two decades to strip digital property rights from the individual than the EFF, and their corporate sponsors in Silicon Valley.

    What kind of shit argument is that?

    Basically, we are being told by Mr. O to take the black boxes, protected by "copyright" for your safety (as opposed to keeping maintenance outfits out of the market, yeah can't be, what defender of intellectual property would do that?) and ask no questions because an amorphous entity called "Silicon Valley" is evil and unhinged (and even "corporate", the horror), and evidently uses the EFF as presentable puppet to "strip property rights from the individual"?

    A bit too much of eggnogg or a bit too much studying of Gobbel's texts over the weekend?

    As we saw in Nice in July, and Berlin this week, a heavy vehicle can cause horrific human casualties.

    Yeah. Silicon Valley: Enabling terror! Quick, tell the Trump.

  44. patrickstar

    I can't believe I have to actually write this, but the purpose of copyright law is not to stop people from doing stuff that might jeopardize road safety or equipment health. That's the purpose of the relevant safety legislation as well as things like warranty conditions.

    In fact, the purpose of copyright law is to foster innovation - exactly the opposite of what John Deere is trying to use it for here.

    This is not about safety. This is about John Deere trying to use the DMCA to stop third-party repairs of farm equipment exactly the same way Lexmark tried to use it to stop third-party ink cartridges for their printers. It's not more legitimate, moral or consistent with what the law was intended for just because the software is in a big scary machine.

    This isn't even equipment intended for much if any use on public roads. There are about one million other safety issues to worry about on a farm than someone hacking up the harvester.

  45. Ian Michael Gumby
    Boffin

    Dangerous toys...

    Look,

    A lot of commenters seem to think in terms of black and white.

    This isn't a simple process.

    First, those who talk about automobile examples... guess what. You can buy the tools that garages have (some are expensive) and do a lot of the work on the electronics, but you don't. Not just because of the costs, but because of safety and reliability.

    You've heard the stories about guys buying chips that they use to replace the electronics in the car to boost performance. Only then to find that they end up damaging the motors or shortening the life of parts, or impacting the emissions to the point where its illegal to drive... But you instead think its a conspiracy to stop you from working on your car. (As if not being able to easily change your oil because you still need to get rid of the used oil...) [You can but some places will now charge you a fee.]

    With tractors or any large machinery, you have the issue of product safety and liability.

    How many people here work on control systems or embedded systems? Yet you feel confident enough in your abilities that you can repair a tractor's brain?

    Of those that have worked on older tractors, how many are software engineers or EEs? who can work on control systems? This isn't a hobbyist tinkering but working on a machine that if you mess up, you can cost someone their life.

    When you put it in perspective, and look at it from JD's point of view... you'd do the same thing.

    And yes, I have worked on tractors, and I am a Software Engineer. (A real software engineer) I've worked on control systems and I can tell you that I wouldn't touch it because its safer and cheaper to call out the JD repairman.

    When I was a partner in my father-in-law's cattle farm, I can tell you that I saved more money taking out varmints and poisonous snakes than I could have saved trying to repair the tractors beyond replacing hoses and connectors to the PTO. (Or the hydraulic pump).

    Being a Yank, I can own guns. While there are some things I would do on my own... there are other times I'll take it to a gunsmith. The point is that sometimes you need to realize that just because you own something doesn't mean you have the expertise to modify it or should modify it.

    1. Brian Miller

      Re: Dangerous toys...

      (No, I haven't driven JD. It was IH and Ford.) The equipment I used didn't require advanced tools to be fixed, and some of the equipment was, in fact, welded up from scratch. A couple of the tractors were new almost 20 years before I was born, and they were still going strong.

      Repair.org has a relevant article about this topic. Read down to the part where it mentions the $100K+ transplanters sitting idle.

      There's things that I can appreciate needing a technician, and then there's things that many people can do with diagnostic equipment and not-so-advanced tools. I simply view it that the manufacturers should not have a total lock on repairing the equipment. Farms are infamous for the injuries people sustain there, so I can appreciate the concern for liability. However, the vast majority of the injuries come from equipment that is operating properly.

      The local papers have also had various articles on the same problem. Equipment with simple problems can't be repaired locally. Not advanced problems, simple things that can be remedied without advanced tools.

      Since farms are businesses, at some point the operating cost of a problematic piece of equipment means that it's going to be sitting idle, and that means money down the drain. And if money keeps going down the drain, then the farm goes out of business.

      (Everybody else) Combines: Typically individual farmers don't own large combines. The combines are owned by combining crews, who come in and cut the wheat when it's ready. So when these break down, yes, it's a lot of money for them, and a big dent in their schedule.

      1. Ian Michael Gumby
        Boffin

        @Brian Miller ... Re: Dangerous toys...

        My father-in-law ran the farm, but wasn't mechanical. There were a lot of friends in town who could do the welding and help with the mechanics. He did own an old rust bucket of a combine built in the early 70's. And he owned two semi-s. (We had to read him the riot act to get him to sell it off and to scale down the farm. )

        In terms of trying to repair the electronics of the tractor, if I messed up, I'd fry the components, which would then have to be replaced. I was better off hunting varmints. The loss of a cow was around $800 or more and a calf was about $200 depending on age. So if I kill off the poisonous snakes, alligators, coyotes, feral dogs, etc ... saving one or more cows / calves, would more than pay for a repair.

        In the US. The attitude is to sue everyone and anyone who could be responsible. So when there's an accident and it involves JD and their autonomous / GPS systems... they will have to spend $$$ to defend against the lawsuit.

        I am scared by this naive attitude and some need to realize their limitations. Especially when there's potential for causing real harm.

        1. Anonymous Coward
          Anonymous Coward

          Re: @Brian Miller ... Dangerous toys...

          "In the US. The attitude is to sue everyone and anyone who could be responsible. So when there's an accident and it involves JD and their autonomous / GPS systems... they will have to spend $$$ to defend against the lawsuit."

          The problem here is that JD is big enough to afford good lawyers who will not only defend them but also countersue them to recover the attorney's fees, which can be awarded if sued for and the case goes your way. Now the plaintiff is at serious risk since, as noted, many are already operating on the razor's edge.

  46. Stevie

    Bah!

    Pick your battles appropriately, EFF, for fuck's sake.

    This sort of idiocy is the same path to madness by which Labor Unions are now seen to be a bad thing instead of the foundation for proper and decent working conditions In Our Time.

    No no no to allowing morons to tweak the automatic systems of farm machinery when they typically bow out of any responsibility once their "properly designed" software is launched. Guarantee it will do what it says on the box? Not in this universe.

    That said, loose use of CAN jargon is not the end of the world.

    But No. I'm with John Deere on this one.

    You no more have a right to alter the CAN systems on your farm vehicle than you do to alter the carburetor mix screw on your car (prevented by a metal slug for Lo! these many years so the old Gunsons Colourtune is rendered moot), and John Deere is not obliged to help you do so.

  47. Anonymous Coward
    Anonymous Coward

    Dirty laundry

    John Deere has internal coding policies that are archaic and often plain scary. As recently as a few years ago I had internal knowledge of their coding policies and practices. Use of structures or any complex type was simply not allowed. All John Deere code was stack base C code. This causes confusion and complexity which made it so changes were nearly impossible and agility within the organization was a disaster.

    They don't want the world to know their code is probably dangerously buggy.

  48. Bruce Hatton

    Tx/Rx Malfunction

    Surely if you want to stop your car being hacked from the Internet, it's the RxD pin you don't connect.

    The TxD pin is for when you're the one doing the hacking......

  49. }{amis}{
    Facepalm

    And what happens later??

    As someone who grew up in a country town in Devon UK the first thing I drove was a 1920s ford tractor witch would have been about 65 years old at that point, still going strong and used every day on the farm witch it lived, the agricultural gear that John Deere produces has a absurdly long life span and continues to be used long after they have has lost interest in supporting it.

    If a company is allowed to totally hide the software side of things kit like this will be scrap for software reasons long before the mechanical side has packed in.

    As for the safety side I do see the point that not every tom dick and harry should be allowed to mess around with the code of heavy industrial gear, and I suspect that what will happen in the long run is that it will be impossible to insure kit that has be worked on by amateurs, but enough access should be provided that reputable organisations can provide proper support, Digitally signed software for the win!.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon