Hacking the mooframe on the Nebraska cyberfrontier
February 1, 2018 11:21 PM   Subscribe

Following on from his earlier article on US farmers hacking their tractors with Ukrainian pirated software (previously), Jason Koebler has teamed up with Lara Heintz to make a short documentary for Motherboard about some of the people involved: farmers, tractor repairers as well as the politician who introduced a "right to repair bill" (previously).
posted by MartinWisse (20 comments total) 26 users marked this as a favorite
 


The defintion of free software:
The freedom to run the program as you wish, for any purpose (freedom 0).
The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help your neighbor (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
Examining these freedoms here, I have concluded that John Deere are an insanely customer hostile bunch of rentiers. I look forward in preemptive disgust to the subscription model that is doubtlessly to come ("running your tractor 12 times a day needs our platinum level package").
posted by jaduncan at 3:02 AM on February 2 [6 favorites]


"Fear the Deere" has never been so apt.
posted by Homemade Interossiter at 4:28 AM on February 2 [1 favorite]


Hey, American farmer: Monsanto owns your seed. John Deere owns your tractor. You just work here.
posted by pracowity at 6:00 AM on February 2 [2 favorites]


Eh, I am of two minds on this. Today's tractors are not your great-grandpa's tractors. They are sometimes GPS controlled iron giants. They have complex systems for driving on soils of various moisture. They control dangerous chemical distributions. Speed, braking, turning, climate controls, etc. I know a lot of farmers. None of them are programmers. Part of replacing your system software is knowing what the replacement will do. I see car people complain about this same thing, and I always think, "The guy who can't remember to use his turn signal wants to reprogram his fuel injection and braking systems."

I get both sides of the argument, but I firmly buy into the closed systems one. You do what you do for a living, and let the programers and device manufacturers do theirs. If they do shit you don't like, or don't do shit you want, buy the competitor, or a dumb tractor. Apple Phones are generally more secure than their Android counterparts precisely because the are walled off. Often when an iPhone is compromised it is because the user circumvented the safety measures in the OS.

I work with computers all day, and I wouldn't dream of reflashing my car (or phone). I think if someone does reprogram their own systems, whether a home router, home lighting system, whatever, they should firmly be on the "Go with God" plan, or at a maximum support should consist of putting the device back to factory settings.

I support computers. I work with people way smarter than me. People who have multiple PHDs. But these people are not system administrators. So when they insist on being (and running) as an elevated user, my policy is that as a co-administrator they have the knowledge to undo any fuckery they have subjected their box to. Just like I wouldn't presume to do their jobs, I would prefer if they concentrated on their own, and left me to mine. I do have a handful of users that insist on wearing Bad Idea Jeans, and they cost me more time than the ones who don't insist on administrative privileges. "I know it's not best practices to run as an administrator, but by God, I'm going to do it anyway, and a site wouldn't ask for my username and password if they didn't need it, right?"

My conscientious and cautious users who only run as a standard user (even the ones who have access to a local admin) seldom get malware or compromise their machines.

And what do you do when these power users damage the device with their hacks? I had a user that ran some software to overclock his CPU and he ran software to kill his fans because the laptop was too loud when he was in "turbo mode." He couldn't tell me where he got the software, or even exactly what it was supposed to be doing. So what's your remedy when a farmer crashes their tractor or kills himself because he fucked with the GPS? Are you going to indemnify the manufacturer from liability? What if all he does is completely ruin the tractor by melting the engine? Do you hand him a new one for free?
posted by cjorgensen at 6:30 AM on February 2 [2 favorites]


I think there needs to be some middle ground. I think that the equipment makers should make the software and source available, but after the "owner" (heh) signs some sort of release. You want to tinker with the inner workings of your device? Here you go, but in receiving the tools, you've just canceled your warranty and released the manufacturer from any liability.

A major manufacturer's large-format inkjet printers have a "waste ink box" where the waste ink from head cleanings, nozzle checks, overspray from borderless prints, etc. all gets collected. The box is a hollow plastic box filled with absorbent cotton and has a simple chip that says "I am approximately full, replace me." These cartridges cost about a hundred bucks. But someone in the know can go into the tech service mode and reset the counter before it reaches 100%, and simply dump out the cartridge and fill it with new cotton pads, for a cost of about three dollars. Certain users have done this for years and years over the life of the printer, having reused the original waste ink box the entire time, with no ill effects.

Another copier manufacturer had separate black and color drum units, which were identical save for a lockout peg on the color units. The black drum units were $35, and the colors were $135, for no reason other than they were for the color slots. A certain enterprising tech figured this out and realized one could remove the lockout peg and run black drum units in all the positions with no ill effects. Eventually, Panason--er, the unnamed manufacturer caught on to the fact that nearly all dealers everywhere were buying only black drum units, and in the next generation there was a single universal drum unit, with an entirely different lockout pattern... for $95 each. (And in the first week that same enterprising tech discovered that you could remove certain pieces from the frame of the new copier and run the old $35 drum units in all positions just fine.)

I am super fine with people modifying their devices to get around bullshit like this, where consumables are needlessly expensive "just because we can". We should be able to fix our own printers, or cars, or tractors. But I think that if Farmer John hacks his tractor and it runs away and plows into a school full of kids, he should be entirely, and solely, responsible. Or if the racer kid hacks the firmware on his car's computer and blows up his engine, there should be no liability on the manufacturer's part to offer him any sort of remedy.
posted by xedrik at 7:30 AM on February 2 [6 favorites]


So what's your remedy when a farmer crashes their tractor or kills himself because he fucked with the GPS? Are you going to indemnify the manufacturer from liability?

read the article:

A license agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for "crop loss, lost profits, loss of goodwill, loss of use of equipment … arising from the performance or non-performance of any aspect of the software." The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and "authorized" repair shops can work on newer tractors.

also, your issue is not this issue - a sysadmin doesn't charge individual users for labor or parts nor do you own a virtual monopoly on all computers in your system. farmers are hacking their equipment because they're pissed that they can only get their tractors tuned and repaired for their specific needs at dealerships - something that, if you own a car, realize is not an affordable option, especially for those farmers who aren't doing as well

also FTA:

John Deere sold farmers their tractors, but has used software to maintain control of every aspect of its use after the sale. Kluthe, for example, uses pig manure to power his tractor, which requires engine modifications that would likely violate John Deere's terms of service on newer machines.
posted by runt at 7:31 AM on February 2 [3 favorites]



Eh, I am of two minds on this. Today's tractors are not your great-grandpa's tractors. They are sometimes GPS controlled iron giants. They have complex systems for driving on soils of various moisture. They control dangerous chemical distributions. Speed, braking, turning, climate controls, etc. I know a lot of farmers. None of them are programmers. Part of replacing your system software is knowing what the replacement will do. I see car people complain about this same thing, and I always think, "The guy who can't remember to use his turn signal wants to reprogram his fuel injection and braking systems."


None of them are programmers, but if it were legal, all your farmer friends would be able to bring in consultants from Omaha, Des Moines, or even the nearest town to get that kind of work done. We have so many people lamenting how it's difficult for anyone to support himself living in the sticks if he isn't a farmer or directly serving farmers, and that's in large part because right now farmers are so economically levered by John Deere and Monsanto that they can barely support themselves, let alone a full fledged small town economy. It's not like they'd be so eager to destroy $500K worth of combine just because grandpa could fix his own diesels.
posted by ocschwar at 7:44 AM on February 2 [5 favorites]


So what's your remedy when a farmer crashes their tractor or kills himself because he fucked with the GPS? Are you going to indemnify the manufacturer from liability? What if all he does is completely ruin the tractor by melting the engine? Do you hand him a new one for free?

No and no. Essentially you are asking if the manufacturer should be held liable for code they didn't write. Obviously they should not. Similarly, no court is likely to agree that Ford should be on the hook if someone's added lights blind a different driver. This war was fought a long time ago in various industries, including Ford and others attempting to kill third party mechanics and AT&T's insistence that they would have to certify every phone that connected to the PSTN. It has turned out in pretty much every case that the safety concerns have been more about market control, and the legal system has not had an issue with a view that modifications remove liability where the modification is the but-for/sine qua non cause of a harm.
posted by jaduncan at 8:23 AM on February 2 [6 favorites]


Or, if you want a closer example to home, nobody talks about suing Apple/MS/Debian/whoever for the fact that someone ran a cracking attack from a box that they wrote the underlying OS code for.
posted by jaduncan at 8:25 AM on February 2 [2 favorites]


Getting back to the original article: a major piece of equipment is a major sunk cost, and a lot of workflows are based around it. Changing to a different, more repairable hardware will require a period of adjustment that may be expensive enough to make-or-break a struggling farm.

I can only speak first-hand about the small family farm I grew up on (which eventually broke), or what I saw of neighboring small family farms (which mostly made it), but there were a lot of 20, 30 year old tractors held together with baling wire, obscenities, and wishful thinking. Some of 'em are still running today, 20+ years later (light duty on livestock operations, though).
posted by ivan ivanych samovar at 9:39 AM on February 2 [3 favorites]


I think there should be a bright line between a subscription model and sales model. If you are just renting/leasing something, then you're bound by the agreement and most likely can't repair it even if you wanted to. But if you own something, you OWN it. You have no right to copy it, and regulations could keep you from certain modifications (e.g. emissions), but otherwise you have the right to fully control that individual item.

Some customers would disappear if Deere went to a subscription model, but that's not the big downside for them. With a subscription, customers would insist on a fixed lease cost and a service level agreement. With this fake "selling" model they have no obligations, just income.

I'm personally OK with "owning" closed systems only if being out both the purchase price and item is an acceptable risk. That works for a phone, but not a car. Unfortunately, all cars newer than 40 or so years old are closed computerized systems, which means either having an ancient car or prying the sucker open. Both options are annoying, but better than going to a dealer.
posted by netowl at 1:12 PM on February 2


I was working on a post for this very topic, so I'll just leave this bit here:

Back in 2015, in part because of John Deere controversy, the US Copyright Office delineated several such exceptions [PDF] to the DMCA law that John Deere was using to prevent farmers from repairing or modifying their tractors. John Deere is still refusing to release diagnostic software, and has continued to raise their rates and response times for authorized repairs. Last year, John Deere made $215,900,000,000 (2.159 billion) in profit. If you took every single family farm (not including factory farms), and you added all their profits together, the total profit enjoyed was $96,925,811.
posted by SecretAgentSockpuppet at 1:24 PM on February 2 [5 favorites]


"I get both sides of the argument, but I firmly buy into the closed systems one. You do what you do for a living, and let the programers and device manufacturers do theirs."

Okay, but what if it were illegal to have anyone but a Microsoft employee install software onto your computer? What if only Apple were allowed to write software for its platforms, and install that software, and to fix the screen if it cracked.

"Are you going to indemnify the manufacturer from liability?" Oh, Deere accepts full liability for its equipment malfunctioning currently? Or do they have EULAs (like every software manufacturer) that says that they are not liable for any bug they shipped in their software.

"I think if someone does reprogram their own systems, whether a home router, home lighting system, whatever, they should firmly be on the "Go with God" plan, or at a maximum support should consist of putting the device back to factory settings."

Oh, you mean those home routers that are riddled with security issues that aren't addressed by the manufacturers? Those routers? You might be against reflashing those routers with open-source software that has been audited (more) than the buggy insecure closed source software, but should it be against the law for folks to fix those shitty routers?

Personally, I'd go the other direction in the law. The moment a hardware manufacturer isn't going to support their product anymore (you know, with things like security updates, or takes down the cloud server required to run that hardware) they must release the source code into the public domain and have built in mechanisms to allow firmware updates so the community can make it fucking work again.

I understand your concern that hobbyists aren't competent. But I too have worked in the computer industry for many years, and I know for a fact that the software and hardware manufacturers aren't competent either, and their customers are the ones that bear the brunt of that.
posted by el io at 1:47 PM on February 2 [6 favorites]


Hobbyists may or may not be competent. What's undeniable is that software and hardware manufacturers are maleficent and yes, their customers are the ones who get screwed.
posted by phliar at 2:00 PM on February 2 [1 favorite]


The law should go further, embedded/device/machine closed source software should be held in a secure escrow repository. The access would be then based on reasonable legal processes, but would at least be available if a company goes out of business or other legally significant event.
posted by sammyo at 2:45 PM on February 2 [1 favorite]


I utterly grok cjorgansens thoughts about issues modifying embedded software, a whole bushel of issues, but farmers were some of the original hackers, that bailing wire holding a part together was often a better design that the original engineering. I know my grandfather had no idea about computers but if it was essential to the farm he (in his vernacular) damn well would've figured it out.
posted by sammyo at 2:54 PM on February 2 [1 favorite]


If they do shit you don't like, or don't do shit you want, buy the competitor,

So we are then at the buycott.com or vote with your wallet level. Ok.

Now how does this work in a marketplace with only a few competitors? Or one where The Government(tm) has stepped in with regulation(s) such that only a few large corporations are the only choice?

Isn't DRM just a reflection of using government rules like copyright to achieve a market end?

or a dumb tractor.

And if your accessories are not 3 point hitch PTO generic things but expect a certain makers interconnects? Or the accessory only works when the DRM matches VS only needed hydraulic fluid with 2 hoses?

How many "dumb" 800+ HP tractors are there VS a 40 HP?


And if "dumb" sold - why don't I see openecology.org tractors eveywhere?
posted by rough ashlar at 3:19 PM on February 2 [2 favorites]


My bro in law has a deere. The climate around here is very typical of the Midwest. His tractor, for whatever reason, would lean out the air/fuel mix at random times and stall. He called Deere - should have been a warranty item but apparently was, as far as the tech was concerned, lack of maintenance by my bro in law.

Cost him $350 for a software update. 15 years ago, it would have been a $10.00 screwdriver.

It's a bullshit game. Deere has these farmers by the nads and they know it.
posted by disclaimer at 12:16 PM on February 3 [2 favorites]


Oh and the tractor is less than 4 years old and has 55 hp. It's not some killer ag tractor with 500+ hp. It's an overgrown mower, basically.
posted by disclaimer at 12:17 PM on February 3


Black box hardware is defective by design.
posted by aspersioncast at 7:01 AM on February 7


« Older Be kind. Read more books. Eat ice cream.   |   The holodeck becomes intensely Hawaiian Newer »


This thread has been archived and is closed to new comments