They probably hire more or less staff and order more or less food depending on whether first class is nearly full or nearly empty so again the airplane analogy doesn't really fit well.Well obviously you don't get the extra attention, free first class food, etc.
They probably hire more or less staff and order more or less food depending on whether first class is nearly full or nearly empty so again the airplane analogy doesn't really fit well.Well obviously you don't get the extra attention, free first class food, etc.It will still be extra hassle for the flight attendants to figure out who gets economy food and who gets the first class food (including porcelain plates, real dinnerware, etc). So either way it is going to cost the airline extra if they fill those chairs with economy class passengers.
I have been bumped up to first class once on a flight
Funny thing about airlines is that they tend to take a full set of meals for first class, irrespective of the number of passengers travelling first class, as they always might sell those seats just before the gate closes
QuoteA manufacturer who is concerned about the kind of unlocking that we're primarily discussing here can easily implement a system that would make it impossible for the end user to determine what key he should enter into the scope to unlock a feature. The manufacturer need only cryptographically sign with its private key a packet that contains both the feature descriptor and the scope's serial number, generating a blob that contains the signature and the feature descriptor. Uploading the resulting blob to the scope would cause the scope to store the blob in its database. The bootloader would have on file the public key of the manufacturer. When the scope boots, the bootloader would go through the signed blobs and activate the features for which it is able to cryptographically verify the signature.You make it sound really easy but the system you describe above would be prone to a patch (or a clone?) based attack.
Perhaps but if you hack your scope nobody is going to say anything about it so that makes it a lot more OK than barging into first class on an airplane after which the flight attendant (and perhaps some security guy) will put you in your place.
This is the point: People choose different standards of right/wrong when it comes to oscilloscopes, copying music, etc.
They do things that they wouldn't do in other circumstances and justify it to themselves as "harmless, I wasn't going to buy it anyway".
Sitting in first class is harmless to the airline, you were never going to pay for a first class ticket, the seats are unoccupied ... so why is nobody here arguing that they are entitled to sit there or that the airline is wronging passengers by leaving the seats empty? Interesting psychology, n'est pas?
Not if the entirety of the firmware (save for the basic bootstrapper, which, if the manufacturer was determined to prevent what we're talking about, could be cryptographically signed its contents verified and enforced in hardware) is also encrypted with the same private key as the individual features. Attacking that would require a violation of copyright law, because the manufacturer could claim copyright on the public key.
Perhaps but if you hack your scope nobody is going to say anything about it so that makes it a lot more OK than barging into first class on an airplane after which the flight attendant (and perhaps some security guy) will put you in your place.
This is the point: People choose different standards of right/wrong when it comes to oscilloscopes, copying music, etc.
They do things that they wouldn't do in other circumstances and justify it to themselves as "harmless, I wasn't going to buy it anyway".
Sitting in first class is harmless to the airline, you were never going to pay for a first class ticket, the seats are unoccupied ... so why is nobody here arguing that they are entitled to sit there or that the airline is wronging passengers by leaving the seats empty? Interesting psychology, n'est pas?
Because the airline owns the seat, not the passenger. This means the airline gets to dictate what happens with the seat, not the passenger.
The person who bought the oscilloscope owns the copy of the software that's running on his device, as well as the device itself. Copyright law restricts the ability of that person to lawfully copy the software, but the person nevertheless owns the copy of the software that exists in his oscilloscope. It is his to do with as he pleases, provided he doesn't violate copyright law (or any other law for that matter) in the process.
The kind of hacking that some refer to here (decrypting the code in the ROMs, for instance) is illegal per copyright law, as that does involve making copies.
The kind of hacking that some refer to here (decrypting the code in the ROMs, for instance) is illegal per copyright law, as that does involve making copies.Are you sure that would violate copyright law?
I don't know about the US but in most jurisdictions, copying copyrighted material is allowed for back up and archival purposes, so as long as the code you've ripped of your device is not transferred to a third party or used simlutaniously on another device i.e. it just sits on your hard drive, then it should be allowed.
QuoteNot if the entirety of the firmware (save for the basic bootstrapper, which, if the manufacturer was determined to prevent what we're talking about, could be cryptographically signed its contents verified and enforced in hardware) is also encrypted with the same private key as the individual features. Attacking that would require a violation of copyright law, because the manufacturer could claim copyright on the public key.
I agree you can make things a lot harder, but you also have to factor in that the supplier needs to introduce a lot of versatility into the system allowing stuff like time trials, licence transfer etc etc. This would not be so simple to develop and manage so a common solution is to approach a third party company that specialise in this stuff and let them 'protect' the system using their own licensing system. That's where the problems start because it becomes much harder to keep it all secure.
I'm getting old and very rusty on stuff like this but in the past I've successfully attacked systems (these were not TEqpt systems) that came in an encrypted shell or wrapper that could also detect debugging and could self check itself and the protected code for signs of tampering.
Tampering, reverse engineering, etc., is becoming much more difficult with the advent of "system on a chip" technology.
In any case, the real point of all of this is that a manufacturer that is concerned about people "hacking" their products so as to enable features that are otherwise disabled is easily capable of preventing that. It's not like we're talking about some technologically ignorant company here, we're talking about a company that does hardware and software design as its business. It will deploy the kind of measures I'm talking about if it really wants to prevent its customers from easily enabling features.
QuoteTampering, reverse engineering, etc., is becoming much more difficult with the advent of "system on a chip" technology.True, but I'm not sure how many TE manufacturers would try and cram a 'system' in a chip. Maybe they do this already, I don't know... I'm out of touch, mainly because I only take an interest in stuff like this if it is relevant to my situation.
However, experience has taught me that the people who produce 'protection systems' are often lazy or incompetent and often over confident about the robustness of their elaborate system. What could/should be secure is often woefully insecure.
QuoteIn any case, the real point of all of this is that a manufacturer that is concerned about people "hacking" their products so as to enable features that are otherwise disabled is easily capable of preventing that. It's not like we're talking about some technologically ignorant company here, we're talking about a company that does hardware and software design as its business. It will deploy the kind of measures I'm talking about if it really wants to prevent its customers from easily enabling features.
I agree that they could try and make things a lot harder but I suspect that the decision on how to adopt such a system is based on NRE dev costs and management costs... At a guess the big players will prefer to choose a generic third party system that they simply staple into their system. This will be useable across a wide variation of hardware (and software) platforms and will be very versatile in terms of management. With this choice, they don't have to develop and manage numerous bespoke protection systems for various platforms.
They will know it isn't the most secure option but it is probably the best all round 'business' option and they probably don't care too much about the impact of hacking. A hack released into the wild has the same impact if it was trivial to discover or if it took the work of a genius to discover
As for whether I would feel "entitled"... don't try to drag me into THAT recursive sophistry.
Interesting - since that sense of 'entitlement' is fundamental to this argument.
Still - if you say the analogy is irrelevant, then it must be so.
What about the case of hacking the hardware to increase the bandwidth limit? Not a single byte of the firmware is changed.
We are all free to do whatever we choose to do. You are free to live by a narrow, rigid set of rules. I am free to ignore them.
This is what FREE WILL means.
We are all free to do whatever we choose to do. You are free to live by a narrow, rigid set of rules. I am free to ignore them.
This is what FREE WILL means.
Grown-ups can recognize that if you live in a society then you have a moral debt to that society. That society is what made you who you are and allows you to live freely.
Why are there chinese scopes come with unlock software? Because, as always, Chinese copied the west. It works the same way at Agilent, lets do the same. 150 USD for bandwidth update, are you kidding me?
It is ultimately a flawed model, because there are no big companies buying BK-Segirol sold as Tenma scopes paying with paypal. So it is stealing to unlock it? Not really. You are probably not going to use it to make money anyway. If you do make money with it, then pay for it.
What about the case of hacking the hardware to increase the bandwidth limit? Not a single byte of the firmware is changed.https://www.eevblog.com/forum/testgear/reasons-for-hacking-dsos/msg899219/#msg899219
What about the case of hacking the hardware to increase the bandwidth limit? Not a single byte of the firmware is changed.https://www.eevblog.com/forum/testgear/reasons-for-hacking-dsos/msg899219/#msg899219
I may have missed it, but I haven't seen anyone answer that question, ie what is the difference between lifting a resistor and fiddling the code.
A side question....
Would you consider any modification to the hardware and/or software (incl. firmware) as actions that would void warranty?
Would you include 'cracking' unpurchased software keys in this?