- Podcasting "About Those Killswitched Ukrainian Tractors": Good spaceships don't have self-destruct buttons.
- Hey look at this: Delights to delectate.
- This day in history: 2002, 2017
- Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading
Podcasting "About Those Killswitched Ukrainian Tractors" (permalink)
This week on my podcast, I read my Medium column, "About Those Killswitched Ukrainian Tractors," in which I am a bit of a buzzkill about that feel-good story of a Ukrainian John Deere dealership bricking $5m worth of tractors stolen by Russian looters:
In case you missed the underlying story, here's a quick recap. Russian looters, abetted by the Russian military, stole $5m worth of tractors and combines from a Deere dealership in Melitopol, Ukraine. The dealership was able to use the tractors' own electronics to track them to Chechnya – and they were able to send out a self-destruct code that bricked the tractors, rendering them inoperable.
A lot of people sent me this story. It's a perfect cyberpunk nugget! But despite the superficial appeal of this electronically delivered comeuppance to Russian looters, this isn't a feel-good story. The underlying lesson here is: "Anyone who can pressure, hack, or convince John Deere can brick any Deere tractor, anywhere."
Who might do such a thing? Well, possibly Russia, whose militarized hacker teams honed their tactics by successfully effecting remote takeovers of critical Ukrainian infrastructure. The same kill-switch that Ukraine used to take down some petty Russian looters could be used by Russian hackers to attack the entire Ukrainian agriculture sector:
Which raises the question: why are there kill-switches in Deere tractors? This is a good question to ask about any kill-switch. As an sf writer, I just hate those sci-fi movies where someone accidentally hits the self-destruct button on the bridge of a spaceship. I always think, "You know, I'm no aerospace engineer, but wouldn't this be a better spaceship if it wasn't designed to explode?"
The kill-switches in Deere tractors weren't designed to thwart Russian looters – they were designed to thwart American farmers. Deere's industrial strategy takes its cues from other industries – mobile phones, cars, med-tech, etc: they use tech to lock in their customers, harvest and sell their data, and extract fees from them.
In Deere's case, this started with a data-play: as a top Deere exec boasted to me at a conference some years ago, the company uses the sensors on farmers' tractors to build a centimeter-accurate grid of soil humidity and density. The locks on Deere tractors prevent farmers from accessing this data directly – rather, they are reliant on whatever plans Deere cooks up.
Originally, Deere denied farmers this data, except through their preferred seed partner Monsanto (now Bayer). Deere sold the data – and the farmers – to Monsanto, and farmers who wanted to practice precision agriculture needed to do so with Monsanto seed. Today, Deere allows farmers to download their data from an online portal, but that could change again.
I'm not surprised to learn that Deere has stopped selling farmers to Bayer, because – as that executive boasted to me – the real money in ag data is in aggregating global soil condition data, from all Deere customers, and selling it to the finance sector to inform commodity futures trades. Deere sells farmers' data to people making bets against the farmers.
Remember this the next time you hear, "If you're not paying for the product, you're the product." Deere doesn't give away ad-supported tractors. Farmers pay six- and seven-figure sums for Deere equipment – and they're still the product. The thing that determines whether a company can treat you like "product" isn't whether you're paying – it's whether they can get away with it.
Deere can get away with it. Having merged with or acquired so many rivals, they have market power – that is, monopoly power. What's more, the law is on their side. Specifically, they benefit from Section 1201 of the Digital Millennium Copyright Act (DMCA), which bans breaking DRM and makes trafficking in DRM-breaking tools a 5-year prison-sentence felony.
This law – and related laws, like the Computer Fraud and Abuse Act, as well as contract law, trade secrecy, patents, etc – gave rise to a practice called VIN-locking. VIN-locking started in the automotive industry (VIN stands for Vehicle Identification Number), and it's the main battle in the right to repair (R2R) fight.
VINs are the unique identifiers inscribed on cars' engine-blocks, and, these days, indelibly associated with cars' on-board computers. VIN-locking is when new engine parts have to be initialized with a cryptographically signed code that says, "This part is now associated with this engine."
These VIN-locks are protected by the DMCA. Providing a tool to bypass them, which would allow independent mechanics to swap in the part and then initialize it, carries a potential prison sentence of 5 years and a $500K fine for a first offense. Thus, the act of fixing a car without manufacturer authorization becomes a crime.
Manufacturers love the ability to control repair. Not only does being the only game in town mean that you can charge a fortune for parts and service – it also means that you can declare something "beyond repair" and insist that the customer throw away their product and buy a new one.
Farmers have been doing their own repairs since time immemorial – that's why even Roman farmhouse foundations have spaces for forges and workshops. When you're at the end of a country road and the storm is on the horizon, you have to get the crops in, and you can't wait for a mechanic or technician to come and fix the tools you depend on.
Deere owes its business to farmers' tractor modifications and repairs. It once sent field engineers out to farms across America to report back on farmers' innovations, which it then patented (ugh, I know) and incorporated in its future tractors:
Today, Deere says that farmers can't be trusted to use their own tractors after they fix them, and must wait for days or longer for a Deere technician to come out and inspect the fix and type an unlock code into their tractors – after they pay hundreds of dollars for the privilege.
Worse, Deere actually told the US Copyright Office that farmers don't own their tractors – they can't, because the software in the tractor is only licensed, not sold, so they have to abide by the tractors' terms of service.
Deere was joined by other companies in making this claim – notably, GM and other car makers (that is, the companies behind VIN-locking). But it's not just car companies and tractor monopolists who say you can't own (or fix) your stuff. Med-tech companies love this. Take Medtronic, a med-tech monopolist that is one of the lowest-taxed medical companies in the world, thanks to a reverse-merger with an Irish company.
Medtronic makes the workhorse PB840 ventilator, a two decade old product that is widely found in hospitals around the world. Hospital technicians – like farmers – have a long tradition of fixing their own equipment, for much the same reason. When the ventilator breaks, you need to fix it so you can save someone's life, rather than waiting around for a Medtronic technician to show up and charge hundreds of dollars for a service call.
But Medtronic also practices VIN-locking, which means that the simplest, most common repairs – cannibalizing a working part out of a busted ventilator to keep another one going – are no longer possible without breaking the DMCA. That's exactly what hospital med-techs did during lockdown, when demand for ventilators spiked just as Medtronic grounded all its technicians.
This was only possible thanks to a brave, anonymous ex-Medtronic employee, who built illegal circumvention tools inside improvised housings (clock radios, guitar pedals, etc) and mailed them to technicians around the world:
We don't know his name, because the EU's laws – Article 6 of the EUCD – also ban trafficking in circumvention devices.
Whenever right to repair bills come up at the state level, VIN-locking companies team up to defeat them. The ringleader of these anti-repair conspiracies is always Apple, who claimed that letting you fix your phone would lead to your battery exploding and blowing your face off.
These safety claims are repeated by car manufacturers. For example, during the Massachusetts R2R ballot initiative campaign, Big Car ran ads warning that they had built so much spyware into your cars that allowing third party access would lead to you being stalked and murdered:
The automotive sector's claims about defending your security would be more credible if they were better at it. It's hard to take seriously a company's claims that it – not you – understands your security needs when its cars can be hijacked over the internet, allowing randos to steer, break and accelerate your vehicle.
Kill-switches and VIN-locking go hand-in-hand and they're both security nightmares. In the automotive context, VIN-locking is key to the subprime car lending industry, where trillions of dollars' worth of loans are backed up with ignition immobilizers to make it easier to repo cars when the owner misses a payment.
Owners of subprime cars often miss payments, because the subprime loans are designed for default, offered to people who can't afford them, on deceptive terms, with balloon payments and penalties that allow a dealer to repo and re-sell the same car several times over.
Dealer kill-switches are a very expedient way to settle disputes over payments. If you claim to be caught up and dealer disagrees, they can just brick your car until you write a check. These kill-switches can be fully autonomous, too: if your lease prohibits you from leaving the county, you will find yourself stranded if you cross the county line.
Among other ghastly outcomes, this has led to families being stranded beyond cellular range after going for a walk in the woods, not realizing that they'd crossed out of the county.
But the real problems come when the dealers' own security is compromised. As I often say, no language on Earth contains the phrase "as secure as the IT at a used-car lot." When the dealer gets hacked, every car they've sold gets bricked:
Deere likes to claim that it plays a vital role in the world's food security because a compromise of its equipment could lead to large-scale ag disruptions. It's half-right: breaking Deere's security is a nightmare scenario for global food production – but, alas, Deere has very bad security.
Not only is Deere's software riddled with amateur vulnerabilities, the company hasn't submitted any bugs to the CVE database, suggesting that its demonstrably incorrect claims of being capable guardians of the world's food security are actually sincere:
Like car companies, Deere argues that its security duties make independent repair a nonstarter due to the risks this would pose. This is a common argument of companies that use kill-switches and VIN-locks to extract monopoly rents from their customers. It's a claim Medtronic often makes, despite its own terrible security:
VIN-locking does resolve some risk. It makes stolen goods a little less valuable to thieves and it makes it harder for third parties to introduce malicious code to devices. But VIN-locking and kill-switching introduce much graver risks than they offset: the risk that third parties will brick all devices, and the inability of third parties to fix incompetent code.
You know who understands this? Ukrainian farmers. They lead the world in exporting illegal, alternative firmware for John Deere tractors, which farmers all over the world install to get around Deere's VIN-locking and other odious practices.
If Russian tractor thieves manage to unbrick their stolen goods, it will likely be with Ukrainian software. Ukrainian farmers live in a low-stability, low-income environment, so it's natural that they would want to escape the rent-seeking and brittleness of Deere's sleazy grift.
We are all living in increasingly unstable times. It's time to put an end to VIN-locking and kill-switching, and start designing our vital systems – phones, cars, medical implants and equipment, and tractors – to be resilient and robust in the face of supply chain breakdowns and hostile takeovers.
The story of Russian hackers getting hoist on their own petard is delicious, I'll grant you, but if you scratch the surface, it's easy to see that this story is only the prelude to a much worse one – where Russians (or crooks, or the US government) shuts down something you depend on.
Here's the podcast episode:
And here's a direct link to the MP3 (hosting courtesy of the Internet Archive; they'll host your stuff for free, forever):
And here's the RSS for my podcast:
(Image: Cryteria, CC BY 3.0, modified)
Hey look at this (permalink)
- How Crypto Repeated Wall Street’s Mistakes https://www.youtube.com/watch?v=KH-jhuLCegQ
A PDF File Is Not Paper, So PDF Ballots Cannot Be Verified https://freedom-to-tinker.com/2022/05/19/a-pdf-file-is-not-paper-so-pdf-ballots-cannot-be-verified/
Platform Liability Trends Around the Globe: From Safe Harbors to Increased Responsibility https://www.eff.org/deeplinks/2022/05/platform-liability-trends-around-globe-safe-harbors-increased-responsibility
This day in history (permalink)
#20yrsago Orlando water-supply emphatically not threatened, mostly https://www.cnn.com/2002/US/05/19/orlando.water/index.html
#20yrsago RIP, Stephen Jay Gould https://www.nytimes.com/2002/05/20/obituaries/stephen-jay-gould-biologist-and-theorist-on-evolution-dies-at-60.html
#20yrsago Lessig’s Eldred brief online https://cyber.harvard.edu/openlaw/eldredvashcroft/supct/opening-brief.pdf
#5yrsago All the Second Life rabbits are doomed, thanks to DRM https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying
- Some Men Rob You With a Fountain Pen, a Martin Hench noir thriller novel about the prison-tech industry. Friday's progress: 652 words (6089 words total)
The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso 520 words (2726 words total)
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. Yesterday's progress: 508 words (92849 words total) – ON PAUSE
A Little Brother short story about DIY insulin PLANNING
Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW
Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION
Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE
A post-GND utopian novel, "The Lost Cause." FINISHED
A cyberpunk noir thriller novel, "Red Team Blues." FINISHED
Currently reading: Analogia by George Dyson.
Latest podcast: About Those Killswitched Ukrainian Tractors: https://craphound.com/news/2022/05/19/about-those-killswitched-ukrainian-tractors/
- ABC Copyright Conference keynote (University of Western Ontario/London), May 25
OpenJSWorld Keynote (Austin), Jun 8
UK Competition and Markets Authority Data Technology and Analytics conference (London), Jun 15-16
A New HOPE (NYC), Jul 24
- Privacy is the New Celebrity
Revolutionizing Activism — The Power of Utopia (Center for Artistic Activism)
A Little Patience and a Lot of Tape (This Week in Tech)
- "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59 (print edition: https://bookshop.org/books/how-to-destroy-surveillance-capitalism/9781736205907) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.
- Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
(Latest Medium column: "The Fatfinger Economy" https://doctorow.medium.com/the-fatfinger-economy-7c7b3b54925c)
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla