It used to be that people who bought property became owners. This ownership of private property provided exclusive power over a object, rights to offspring or products produced by it, and governing the use of the object.
DRM eliminates this concept from anything with a computer in it, which in 2015 is most properties of significant worth. The right to govern is retained by he who has the key, which the seller keeps in order to create additional opportunity for revenue. To justify this, the seller argues that this helps reducing the initial cost of the product.
If the property then happens to produces anything of value, say data logs which can be sold, the producer also retains the right to that data by a shrink-wrap license. This is of course insane, as any such schemed used with physical property would be fast put down as fraud. You can't sell a cow, put a 40 page long shrink-wrap license on the gate, and claim thus the milk or offspring are yours. The legal system would not stand for it, especially if it was done large scale with millions of customers.
It used to be that people who bought property became owners.
Depending on who you ask, that stopped being the case the minute states started charging property tax. It's not yours, you just rent from the government. With the addition of zoning laws, it's hard to argue with that interpretation.
You can't sell a cow, put a 40 page long shrink-wrap license on the gate, and claim thus the milk or offspring are yours.
If Monsanto could prove the cow was GMO and their intellectual property, they could do almost exactly that. At the very least, they could put an injunction on the sale of cows and milk until they could verify if a patent had been broken. During which time, the farm would most likely go under.
There is a difference between the state overriding property law and private entities doing it. The state has monopoly on breaking laws, and in a democracy, is supposed to only do so when it serves the public they represent. It is this difference that allow the police to lock people up, or fine individuals. As you say, they use taxes, copyright, and patent law, all which override private property laws.
DRM however allows private entities to override property laws completely, while tricking the consumer. While Monsanto can with the help of the government prevent the sale of produce, they do not come in the night and steal it and sell it as their own property. They don't turn food into stone with the flick of a switch. I dislike Monsanto and I think they do trick people into a deal which is not obvious, but they are not even in the same league as DRM with 40 pages long licenses that updates dynamically which not a single person can understand.
Of course you can do things like that. Don't sell the cow, sell people a license to keep, pet, and feed the cow, etc. The license stipulates that the cow's milk and calves remain the property of the lessor.
How do you think software licenses work? You don't own any propiertary software, you own the license to use it under certain circumstances. You're renting it really, just with (usually) a one time payment.
...but if you purchase a car, and the car will not run without the software, did you purchase a license for the car? There is a distinction here that may be worth considering which goes counter to practical application. If a car is "owned" but the software is "leased" then there's a new kind of transactional contract that needs to be set forth in plain language...or lawyered until the cows come home...
Continuing along that line of thought: What is the role and responsibility of the manufacturer in continuing service once the service agreement on the vehicle is up?
The lines of demarcation grow hazy when you are dealing with physical ownership of property and you are governing rights management under the auspices of protecting us from ourselves.
Yes, yes, we all hate DRM. Cars are more complicated: you don't own the air that goes in one end and and comes out the other, you don't own the roads, and you don't own the property and lives you may destroy if you give a variable a stupid name or allocate some memory wrong.
My friends and I grew up doing all kinds of stupid things to our cars to make them go faster, one guy had a 5 psi turbo system pushing over 20 psi of boost because he broke the pressure sensing system. We did stupid, stupid things to our cars and generally ended up taking to them junkyard. It is a Very Good Thing it was prohibitively difficult for us to jumper in to the computer and start messing with stuff, because we would have. The more road blocks to people like us messing with their ECU's the better.
We (The US) already have laws that hold you accountable for being criminally negligent if you do a thing and cause harm to person or property. Do you really need additional protections from keeping yourself out of trouble? Is the only reason you don't do a thing is because you might be breaking the law?
We (The US) have laws that hold people accountable for trespassing and theft, but I'm guessing you still lock your doors.
A fundamental principle of engineering is protecting people from themselves, this is absolutely nothing new. Your life has been saved countless times because some engineer somewhere decided you didn't get to have a choice in something. (Maybe you like 50 ft falls, who are they to say that you should have to intentionally jump the handrail to hurt yourself?) It's Murphy's Law: if it's possible to do something stupid, somebody will and they might kill themselves and others in the process. So you make the stupid things hard to do.
In this case the stupid thing to do is messing with a computing system that handles multiple mechanical and electrical systems where a misnamed variable or some mismanaged memory could be extremely dangerous.
If you just have to tinker with something you can still buy/build a race car and take it to the track. Really, you should, it's fun.
This article is one-sided and shortsighted. There are many reasons why engine controls must include anti-tampering measures. There is a business case to extend these principles to other control modules in a car. Disclosure: I've been an automotive DMCA violator for nearly a decade.
An obvious reason is that the manufacturers do not want to deal with warranty issues. Of course you can probably understand that the possibility is there that bad software can result in engine damage. This applies to other systems, too, for instance the guy who demonstrated that he could alternately flash his headlamps like a police car by sending traffic to the lamp controller probably does not realize that he should not be reigniting the HID lamp every couple of seconds, because this will shorten its life.
The automakers are liable to laws in every developed country. The United States has these average fuel economy laws that the carmakers must meet, and in some states, harsh emissions regulations must be adhered to and guaranteed. The emissions testing regime in some of these states has done away with exhaust gas analysis and relies on the engine control's self-diagnosis to show that the vehicle is performing to spec.
However in other countries, increasing pollution emitted by a car constitutes tax fraud.
Road safety is also important. One German carmaker uses the same diesel engine for a range of vehicles which have differing performance levels. I thought it was clever when I found that you could change the low market six cylinder from a cheap model to give the power output of the top model of the range simply by carefully changing eeprom data. But the low market model has a lame exhaust and small brakes. Triple the engine output power and this is potentially a disaster.
For as long as the universe of tinkerers will include those without experience or scruples, the carmakers will have to keep developing anti-tampering measures to show that they are attempting to guarantee that their products will perform within the bounds of the law, and indemnify them against bogus liability and warranty claims. Some tinkerers are smart enough to see the big picture and think about the results of what they are doing. Others either don't realize that these systems were designed by teams of engineers with more degrees and experience than them, or figure that they can sell genitalia enhancements to any twentysomething that walks in the door. These are the guys that scare me.
Road safety is an admirable goal, but that's an issue that you tackle with liability law, car registration and inspection regulations, road users code &c. The DMCA is such a badly written piece of law that lends itself to overreach, and it doesn't need to be extended to yet another area.
Besides, people have been tuning their cars for 100 years now, you'd think that by now the police had some experience keeping the worst specimens of the public roadways.
We have computer-controlled braking and throttles now, and while I figure it's unlikely that someone will tinker with the brakes software (as long as it's not integrated into something he wants to tinker with) there has been a famous case where a factory throttle control has been alleged to be bad.
The emissions (and taxes in the countries where taxes are a function of emissions) aspects are more likely to be the justification of any repercussions against these activities.
I don't really understand the emissions argument, though? If I'm trying to break the law (either tax law or emissions laws), why would copyright law (or laws around reverse engineering) deter me?
We have computer-controlled braking and throttles now
Couldn't the same case be made for doing your own mechanic work, though? We have braking, which is hydraulic and throttles which operate by wire. There's nothing preventing you from replacing the tried and true hydraulic brakes with something that runs on bluetooth. That would be just as dangerous as messing with the software of modern car brakes. More so, since one would hope modern car software has some failsafes built in[0].
[0]: they probably don't, but I know Sevcon does. Sevcon is a company that makes electric vehicle controllers for EV vehicles. They're popular with the DIY e-motorcycle crowd. Messing with the settings directly affects the power delivered to the motor.
Pulling out your old throttle system is hard. It's self-protecting, the difficulty keeps the uninitiated from doing anything too stupid.
Copy/pasting code from the internet is easy, so it has to be made artificially difficult. We live in a world where people put their iPhones in microwaves because they heard it would charge the battery. We have to keep these people very far away from the internal workings of their cars.
Have you ever tried to program a controller? It's hard too. You need special hardware, special software and know how to connect them all up. It's not just copying and pasting code from the internet. It's sufficiently discouraging for those who think microwaves are wireless battery chargers. :)
I appreciate the link, but at this point I'm not going to buy a car if I don't trust and like the engineers who built it. My "improvements" generally aren't :)
Even with needing special hardware and software I'm not happy about it the tinkering. Cars are too much: 3,500 lbs of metal going 40 mph with 10 gallons of gas in it is a lot to go wrong.
I hate DRM, I really do. And I think we should have kids programming Arduino's and Raspberry Pi's by junior high, but part of me thinks they should bury the computers so deep in the engine bay you have to pull the engine to get to 'em. It's just my opinion, but if you don't have a (relevant) PE license, minimum, you shouldn't be allowed to mess with ECU's in cars that go on public roads.
A solution to the road safety and emissions issues is to come up with a public standard for ECU software. Make adherence to that standard a requirement to pass the annual tests in states that have them. States that don't (I'm looking at you, Florida) have already stated indirectly that they don't really give a shit about these issues.
What about tuning an autonomous car? What if the autonomous car kills somebody? What if it wasn't your algorithm? You bought it off some guy? Is that a false sale? Who pays for the hospital bill?
This is a property rights issue. If you sell somebody something, they own it.
Extending the old-school boxed software "licensing" model to everything on earth which contains a computer undermines the basic concept of property rights. The result is a bizarre neo-feudalism where corporations own everything and people just lease it.
For example, if you own land on the California coast, you may be prohibited from shutting down public access to the coastline. If you own a house, you may be prohibited from kicking out renters.
"Neo-feudalism" has an interesting observation. In Sweden, Norway, and Finland there is still a "freedom to roam." A land owner can't simply prohibit people from entering to go hiking, pick berries or mushrooms, camp overnight, etc. These countries also didn't have feudalism. One conjecture is that there's a meaningful connection between the two. The idea of "you own it, the end" may itself be neo-feudalism.
It should not be illegal to alter the car's computer, but to drive that car on a road where you are endangering other people, we have certifications and laws for that. IMHO, that is reasonable. I don't want your buggy software to deactivate your power steering and have you slam into me.
Chrysler provides me no way in which to disable the 3G cellular modem in my UConnect system and I'm breaking the law if I try repogramming the buttons on my steering wheel to work with my phone's voice activated controls.
I can't even begin to sort out how upset this makes me feel.
I'm a Mechanical Engineering student and one of my recent projects had a lot to do with onboard computers on modern vehicles. This article is viewing only one side of the scene, and doing this with great bias.
While some of the examples like the Dinan S1 M5 is legit, these companies are less of a concern that the average script kiddy who wants to "hack" his car because it's the new thing to do in town. Advanced features like traction control and even cruise control on vehicles are critical to implement perfectly, and a small mistake in the code that guides these can be fatal. Companies like BMW spend millions on testing the code and making it perfect for use, and what this article is arguing for is replacing that with something that anybody can write. This is not safe.
On the other hand, some things like the Nismo and it's software imposed speed limit are just state restrictions. The Nissan GTR has a set speed limit which is turned off when the GPS detects that you're on a racing circuit.
Companies are ethically obliged to make sure that no amateur or third-party can make their cars unsafe. They are right in doing so, because at the end of the day they are liable. If there is a fatal accident of a BMW M5 due to a software failure error, nobody (read, the media) is going to blame Dinan. BMW takes the brunt for it. They are blames for writing "shitty software".
Unless companies or individuals are legally obliged to be accountable for the changes they make to a car, companies are right in making the cars impossible to tweak. It's not about the fact that you "own" the car and hence should be allowed to do whatever you like. That works only for iPhones and Play Stations where your actions probably wont result in somebody dying.
tl;dr — Much like spare parts, faulty software can kill onboard passengers in vehicles. While hacking sounds "cool", slight irresponsibility can end badly.
Ha! Traction control in my Subaru Forester is a joke. On snow and ice it turns my car into one of those football players in that vibrating football game. The only way to drive in Iowa is to turn the feature off, every time I get in the car.
You bring up quite a few excellent points, re: OEM engineering versus shade-tree tinkering. There is definitely merit to considering the "brain" of a car to be integral to its safety. Should a person wish to modify their car from OEM specifications, there are numerous avenues by which this can be done in a negative manner. As a reference point, I've been a "car guy" and fan of tuning / customization / tinkering for over a decade, and even had a chipped turbo car at one point in my life.
Regarding a real-world hazard specifically, I'll cite the example I frequently see on the road of a Chevy/GMC/Caddy SUV with much larger than stock wheels and tires and bone stock brakes. This is an obvious violation of the OEM engineering, a genuine physics problem. The safety of the driver/passengers is in jeopardy, as is the safety of others who share the road.
Thus, I'd like to note that I believe there's a bit of self-serving "caution" in place when it comes to manufacturers. I'll be stating a far-fetched sounding hypothesis, but one I believe is relevant. Okay, so if a manufacturer sells a car, but with extensive restrictions on modification, why does the manufacturer simply get to "write-out" safety obligations for the lifespan of the vehicle? Sometimes there are "service plans" that will address some basics (oil, tire inflation), but only for a limited timeframe. Should OEM safeguards to computer systems only apply for that period of time?
Or, to put it another way, if manufacturers cared about safety, why wouldn't they be held responsible for performing State Safety Inspections and provide the materials to ensure a vehicle meets the safety regulations year after year after year?
I know this is an out-there type of postulation, but when talking about vehicle safety, there are many factors that are much more practical in nature (maintenance, driver distraction, age-related degredation of faculties) that get little to no discussion because they're difficult problems. I'm mentioning this notion as a direct response to your theory that "companies are right in making the cars impossible to tweak" because, practically speaking, that's not the case at all...I see this discussion as many trees in the forest of motoring...
I think "tinker" is a good alternative word. When you make the case about fixing your own car, you'll often get obtuse responses like "Why would I want to fix my car? I'll leave it for the professionals." People understand "tinkering" though. This takes advantage of an inherent respect most people in our society have for the hobbies of others, even if they are not hobbies they can relate to.
Presumably the agreements people enter into regarding functional modifications to cars when they purchase insurance already prohibit this, and I imagine insurance companies would be all too happy to deny payment based on car-computer-modification.
How is a car's computer in this way any different than any other modification to the car? What's your point here? If I remove the brakes from my car or install them incorrectly, I may not be able to brake before hitting you. Does that mean it should be illegal to repair your own car? I really don't understand what your point is.
It's hard to introduce a bug into mechanical systems like brakes. Most home mechanics can tell immediately if they did something wrong.
It's hard not to introduce bugs into programs. How many "tinkerers" can debug and safety-check a complex embedded computing system that manages complex electrical and mechanical systems in real time?
Aircraft avionics and software are subject to rigorous testing and qualifications. Why should automotive control systems be different?
You may hack your Mustang, your Tesla, whatever if it never leaves your driveway or the dragstrip, but those checksums from production better match for any CAN network connected subsystem if you want to roll out onto a public, controlled road. You should be free to modify anything that is airgapped from velocity or direction management though.
> Why should automotive control systems be different?
Perhaps because you can't just pull a plane over on the side of the road if something goes wrong?
A lot of things on a car are held to different (lesser) standards than aircraft. For example, you don't see magnetos on a car, though you will frequently see two on an private aircraft engine so it can keep firing if the electrical system goes out.
Thinking that through, we can expect post-collision
inspections (by insurance companies or police) to
include a dump of the state of the current code(s) in
a vehicle as well as any available data from
just before a collision - speed profile, braking,
signaling, etc. - which might be used in court to argue liability claims.
I would not be surprised. Insurance investigators already have access to black box performance metrics leading up to accidents (last X seconds of RPM level, brake pedal force, accelerator position, accelerometer readings, seatbelt indicators). Getting software versions, checksums, etc would be trivial.
Right, but then people doing so would only be able to be arrested after someone gets hurt. It's not really preventable crime. I just see this as being open to negligence and misuse.
I would rather live in a society that severely punishes bad behavior after it happens as a deterrent to others who would be tempted to do the same than live in a society that imposes ever more restrictions in an effort to prevent misbehaviors from happening in the first place.
Obviously neither is good if taken to its most extreme, but I feel we should skew heavily towards the former.
This is just not true. You can absolutely be cited or arrested for various infractions on the road without actually hurting anyone. The two that come to mind are following too closely (typically not cited until an accident occurs but that's not statutory) and aggressive driving.
In normal countries freedom of research is written into the constitution. What do use rights and reproduction rights have to do with examining works of engineering, even if they come with copy protection?
Could you elaborate? Especially since I don't speak German I feel that I'm not getting the whole picture from google translate.
(1) Everyone has the right freely to express his opinions in speech, writing and pictures and disseminate freely to obtain information from generally accessible sources. Freedom of the press and freedom of reporting by radio and motion pictures are guaranteed. Censorship does not take place.
(2) These rights are limited by the provisions of the general laws, the provisions for the protection of youth and the right to personal honor.
(3) Art and science, research and teaching are free. Freedom of teaching does not absolve from loyalty to the constitution.
I assume provision 3 is the one relevant to your comment, but I can't make heads or tails of that translation.
This is from the German Grundgesetz. You could translate it as "The Arts and the Sciences are free, in practice and in teaching." It's from the section where the constitution defines what the fundamental rights are, it's on the same level as freedom of conscience or freedom of expression. These rights are only constrained by other constitutional rights. Research on human subjects might affect human dignity, you can't do that, but copyright isn't on that level.
The High Court defined science as a sustained, methodical effort in pursuit of truth. It's not confined to universities, companies and hobbyists count. That's how German courts read their constitution.
In the lower-end circuits nearly all of the cars are modified street cars. They are no longer street-legal, unless competing in a race that requires them to be, but they all started that way.
In Hawaii (at least in the past, I think currently too), when you buy a house, you often don't buy the land, you lease it from someone on a typically 100 year basis. I believe this form of ownership, leasehold, exists elsewhere too.
DRM eliminates this concept from anything with a computer in it, which in 2015 is most properties of significant worth. The right to govern is retained by he who has the key, which the seller keeps in order to create additional opportunity for revenue. To justify this, the seller argues that this helps reducing the initial cost of the product.
If the property then happens to produces anything of value, say data logs which can be sold, the producer also retains the right to that data by a shrink-wrap license. This is of course insane, as any such schemed used with physical property would be fast put down as fraud. You can't sell a cow, put a 40 page long shrink-wrap license on the gate, and claim thus the milk or offspring are yours. The legal system would not stand for it, especially if it was done large scale with millions of customers.