DRM Gone Wild: The Polish Train Liberation Controversy
Polish hackers may get sued for liberating a passenger train from the manufacturer's attempt to block service and repair. Also: a smoking gun email surfaces in the McDonald's McFlurry lawsuit.
Three Polish hackers achieved success in repairing the malfunctioning software of a train, initially serviced by independent repair shops for a regional rail operator…[then] accusations arose against the manufacturer, Newag, alleging that they remotely rendered inoperable trains serviced by the Polish train repair company, SPS. That’s not all, reportedly, Newag is threatening the hackers with a lawsuit.
That’s the story that, in Right to Repair’s corner of the internet, has been going nuts for the last two weeks. And it turns out that the hackers went to Polish authorities with their findings months before going public with their findings at a Polish conference - but got little response from the government.
So, just to reiterate, a company was caught remotely bricking a multimillion dollar machine. Then they tried to point the finger at the guys who got the machine working again and - in the process - exposed their anti-competitive behavior. But they’re calling these white hat hackers the “bad guys”?
It sounds crazy. Also: get used to it. This kind of digital skullduggery and grossly anti-competitive behavior is coming to a device near you: passenger trains, commercial trucks, passenger cars, MRI machines, refrigerators. Its fueled by the confluence of technologies: GPS, always-on Internet connections, cloud based computing and - at the foundation - Digital Rights Management, or DRM, and outdated, decades old laws that make it sacrosanct.
DRM: Does it Really Matter?
Yeah, I know. People like us are always whining about the problems of digital rights management (DRM) as everyone else’s eyes glaze over. I understand how it can be a hard problem to get animated or angry about. It’s on the nerdier side of things, and might not initially hit us in the gut in the way that other issues on the front burner of politics do.
Is DRM really that big a deal? These companies make the hardware and software. Shouldn’t they control how they’re used? To answer those questions: “yes,” and “no.” And the crippled train in Poland is a reminder to us why DRM is the elephant (or maybe the diesel train engine) in the living room for anyone concerned about our fading rights as consumers, property owners and individuals hoping to reduce our consumption and waste and, maybe, save the planet in the process.
If you’re a farmer, you may not recognize that its DRM that keeps you from being able to replace a broken component on your $500,000 piece of John Deere farm equipment. What you do know is that a John Deere authorized service technician is the only person capable of completing that repair, and that your only option is to wait on them to be ready to take your money in exchange for their very pricey repair services.
If you’re a Tesla owner and want to buy an aftermarket tow hitch for your car? Too bad, because Tesla has programmed its cars to refuse to recognize a non-Tesla brand hitch attached to one of its vehicles. It employs DRM to authenticate the more-expensive, less available Tesla brand hitches and programs its vehicles to disable towing safety features when Tesla owners deploy an aftermarket hitch.
Digital controls make the landlord economy flourish
So the story about the Polish train hackers is not new. In fact, its just the latest chapter in a decades long saga in which manufacturers and software publishers increasingly deploy DRM software locks liberally to stop users from doing all manner of things on their machines: from replacing a mobile phone screen, to swapping out the water filter on a refrigerator. To bolster their technological hurdles, companies use the threat of legal action - invoking the U.S. anti-piracy law known as the Digital Millenium Copyright Act (DMCA) or its equivalents in other countries - to threaten offenders with jail time and hundreds of dollars of fines for simply tinkering with their own property or finding workarounds for fixing their things. When questioned about the fairness or necessity of such draconian controls, companies use the rhetoric of safety or cybersecurity as a pretense for their shady and anti-competitive business practices.
What’s going on? Some call it the landlord economy, while others use the term enshittification, but the through line between these critiques is simply that companies have warmed to the idea that they can get people to pay them for the right to own something, and then pay them again for the right to use what they just bought. But corporations are clearly incentivized to use business practices and threats of legal action to control products in the hunt for profits. And if the train story is any indication, there is nothing stopping this disease from spreading far and wide. Nothing that is except hackers, activists, and advocates for things like right to repair. It’s time to join the fight!
Apple dominates the repair news cycle this week
Apple's expansion of its self-repair program to 24 additional EU countries, including the iPhone 15 series and other products, is a move to tighten control over repair and component sales, potentially limiting access to affordable third-party repairs and ensuring revenue for Apple says verdict.co.uk. The introduction of a new diagnostic tool, Apple Diagnostics for Self Service Repair, has been criticized for lacking clear criteria on users' expertise, and overall, the expansion is viewed as prioritizing Apple's bottom line over device sustainability or addressing issues in repairing Apple devices, such as overpriced authorized parts and software locks.
The clash between Beeper and iMessage integration is a fight over Apple’s "walled garden" paradigm, where Apple's closed ecosystem, emphasizing control, clashes with Beeper's attempt to enable cross-platform messaging. The conflict underscores the tension between closed, proprietary systems and the push for more open, consistent solutions in the software landscape.
The EU is set to rule against Apple in Spotify's complaint over App Store policies, impacting not only music-streaming but any software requiring a monthly subscriptions. This could potentially result in a substantial fine and a ban on the practice of discouraging users from subscribing to services outside of the App Stores. Apple is piloting a new App Store feature called "contingent pricing" to offer discounted subscriptions to customers with existing subscriptions.
Other news
Smoking gun email surfaces in McDonald’s McFlurry case. The legal case between the startup Kytch and the soft ice cream machine maker Taylor and their customer McDonalds for a while. Last week, Wired reported the emergence of a so-called “smoking gun” email in the case, which hinges on a 2020 email McDonald's sent to restaurant owners warning them against using Kytch’s technology, claiming Kytch posed safety risks, and causing Kytch's sales to plummet. Kytch now alleges that Taylor, the soft-serve machine maker, colluded with McDonald's to undermine them as competition, citing uncovered internal emails that suggest Taylor's involvement in influencing McDonald's to discourage Kytch's use. The legal battle is set to go to trial in May, with Kytch alleging a conspiracy at the highest levels of leadership.
Public Knowledge joined iFixit in filing a petition for new exemption for commercial & industrial equipment which would exempt certain products from the DMCA. They’re asking the U.S. Copyright Office to allow people to repair consumer devices plus commercial equipment, including those McDonald’s soft serve machines.
Members of Congress are criticizing the National Highway Traffic Safety Administration for it’s double standards on data access. The agency has previously opposed right to repair on the basis that data sharing will compromise security for drivers, yet lawmakers are calling out NHTSA's proposed solution involving Bluetooth access to vehicle telematics data, suggesting it may entrench manufacturers' dominance and harm competition, while also raising privacy violation arguments tied to Massachusetts’ Data Access Law.
2024 Farm Bill contains right to repair language for ag equipment Rep. Victoria Spartz (IN-05) introduced a set of bills for the 2024 Farm Bill reauthorization including one that would give farmers a right to repair their equipment. The Farm Freedom to Repair Act and the Farm Equipment Safety Act would “ensure that farmers have the right to repair digital agricultural equipment they own. ‘Big Ag’ manufacturers have been abusing copyright law to deny farmers the right to repair their equipment,” Rep. Spartz said in a statement.
“In the clothing industry, profit usually comes before people and planet, or people and the environment” says Esmee Blaazer at Fashion United. The fashion industry's focus on constant production and overconsumption, driven by the pursuit of profit, results in unsustainable practices, including overproduction, low-quality items, and environmental harm.
Repair is an act of creativity and community, and the idea of the “repair commons” is how David Bollier is describing social activities beyond our traditional understanding of right to repair. According to Bollier, the repair commons is anything involving people creating and sharing information on fixing objects—which extends far beyond repair cafés and fixit clinics. Maybe we’re due for a new concept to bridge the gap between all the repairers.
New EU law targets greenwashing in packaging - The European Union (EU) is introducing new rules to ban vague environmental marketing terms such as "eco-friendly," "green," and "sustainable,” Fast Company reports. Companies will be required to provide substantial evidence to support sustainability claims, potentially changing how they allocate budgets for sustainability efforts. The rules target various deceptive practices, including unapproved certification labels and exaggerated claims about product repairability or durability. The could affect companies like Apple, which promote carbon neutrality but rely on carbon offsetting schemes, which may require adjustments to their marketing under the new regulations.
Tesla Recalls Model 3’s