19
exerceo
112d

If you can be locked out of it remotely, you don't own it.

On May 3rd, 2019, the Microsoft-resembling extension signature system of Mozilla malfunctioned, which locked out all Firefox users out of their browsing extensions for that day, without an override option. Obviously, it is claimed to be "for our own protection". Pretext-o-meter over 9000!

BMW has locked heated seats, a physical interior feature of their vehicles, behind a subscription wall. This both means one has to routinely spend time and effort renewing it, and it can be terminated remotely. Even if BMW promises never to do it, it is a technical possibility. You are in effect a tenant in a car you paid for. Now imagine your BMW refused to drive unless you install a software update. You are one rage-quitting employee at BMW headquarters away from getting stuck on a side of a road. Then you're stuck in an expensive BMW while watching others in their decade-old VW Golf's driving past you. Or perhaps not, since other stuck BMWs would cause traffic jams.
Perhaps this horror scenario needs to happen once so people finally realize what it means if they can be locked out of their product whenever the vendor feels like it.

Some software becomes inaccessible and forces the user to update, even though they could work perfectly well. An example is the pre-installed Samsung QuickConnect app. It's a system app like the Wi-Fi (WLAN) and Bluetooth settings. There is a pop-up that reads "Update Quick connect", "A new version is available. Update now?"; when declining, the app closes. Updating requires having a Samsung account to access the Galaxy app store, and creating such requires providing personally identifiable details.

Imagine the Bluetooth and WiFi configuration locking out the user because an update is available, then ask for personal details. Ugh.

The WhatsApp messenger also routinely locks out users until they update. Perhaps messaging would cease to work due to API changes made by the service provider (Meta, inc.), however, that still does not excuse locking users out of their existing offline messages. Telegram does it the right way: it still lets the user access the messages.

"A retailer cannot decide that you were licensing your clothes and come knocking at your door to collect them. So, why is it that when a product is digital there is such a double standard? The money you spend on these products is no less real than the money you spend on clothes." – Android Authority ( https://androidauthority.com/digita... ).

A really bad scenario would be if your "smart" home refused to heat up in winter due to "a firmware update is available!" or "unable to verify your subscription". Then all you can do is hope that any "dumb" device like an oven heats up without asking itself whether it should or not. And if that is not available, one might have to fall back on a portable space heater, a hair dryer or a toaster. Sounds fun, huh? Not.

Cloud services (Google, Adobe Creative Cloud, etc.) can, by design, lock out the user, since they run on the computers of the service provider. However, remotely taking away things one paid for or has installed on ones own computer/smartphone violates a sacred consumer right.

This is yet another benefit of open-source software: someone with programming and compiling experience can free the code from locks.

I don't care for which "good purpose" these kill switches exist. The fact that something you paid for or installed locally on your device can be remotely disabled is dystopian and inexcuseable.

Comments
  • 3
    Hey hey hey!

    Don't badmouth my toaster.
  • 1
    @spongessuck "Badmouth"? If someone can remotely decide that it ceases to work, it is vulnerable. Or do you mean for use as heater? Obviously, it is better than nothing.
  • 11
    I agree with you, but i just need to post this
  • 3
    Remember the story of the person who couldn't get in their Tesla because the battery died? What happens if someone steps out of their Tesla on a hot day. They come back and their phone is inside the car along with their child. The battery dies in this time. Now they don't have a phone and they get to watch their child die if they cannot find help, or break into their car.
  • 1
    @exerceo you implied it would not be fun to use a toaster as a heater. I imagine that would be fairly amusing.
  • 3
    @spongesuck Just not practical. Your living space would soon become full of toast.
  • 7
    https://hacks.mozilla.org/2019/05/...

    Regarding the Firefox thing: It's how TLS works. An forever running certificate is worth nothing.

    Regarding the rest...

    I'll try to make it short, though it might leave some room for interpretation.

    Open source software is free, as long as the license is *truly* free. Code itself isn't enough, see e.g. the BPL license dilemma.

    Which brings me to the critical part: if you *truly* want no locks / kill switcjes, open source software isn't sufficient at all.

    Open hardware and and open, transparent government.

    Otherwise you'll end up with software that is free, but cannot run without interference or surveillance.

    The dystopia is present, wether open source software exists or not.

    Take the BGP fuckups when countries try to block certain parts of the internet as an example... Or the pretty hardcore threat that we might have no rare minerals for chips if china says fuck u. many more examples possible, but guess one gets the gist.

    The idea of open source is important, but in our current geopolitical and society status, it is an dream. Far from reality.
  • 0
    Open source is not a silver bullet in this case. It can have the same issues as described.
  • 3
    Maybe the 3rd world can come to rescue here.
    I remember being a kid and seeing stores asking for 15 months of my teenage waiter salary for a FIFA game. For the PS2, that was already like six years old by then.
    No. Fucking. Way.
    Luckily, in the back alley, there was a dude who would sell you one copy for little more than a can of beer's worth. For a thirty-pack he would also do some shenanigans to your PS2 so it could run the game.
    Heh, I remember my dad losing his fancy remote-controled car keys and being unable to replace them (without paying an "absurd" price, of course).
    So he found a dude who drilled some regular key holes and installed a regular house door lock on the car.
    In certain parts of the world, regardless of how much you paid or any shady crap the OEM company may do, you don't own shit unless you have armed guards around it. And that includes software.
  • 0
    @spongegeoff One can operate a toaster without putting bread in. Then it just generates heat.
  • 1
    @exerceo Gosh, I never realised. There must be some real opportunities in the toasters-as-room-heaters market.
  • 0
    @spongegeoff there were already "Bitcoin miners as heaters". Did not go up well
  • 0
    Dont do subscriptions kids
  • 1
    @joewilliams007 If I purchase a car in full, I would like to be in full ownership. Otherwise, I could just rent a car.
  • 0
    @exerceo shouldn't you rent anyway?
  • 0
    @iiii Optional, not mandatory.
Add Comment