Reasons for hacking DSOs

[Brumby]

Interesting.

I recognise the above technique - and know full well you are never going to concede any point I (or several others for that matter) make, no matter how well defined and demonstrated.  At the risk of being tautological, in your world, I doubt any axioms can exist that are not congruent with your established thinking.

Here's an axiom for you: Arguing with a brick is pointless.

[kcbrown]

Interesting.

I recognise the above technique - and know full well you are never going to concede any point I (or several others for that matter) make, no matter how well defined and demonstrated. 

You do not know that, and I flatly deny that such is the case.

Make a point backed by airtight logical argument (backed by solid evidence, where evidence is necessary), and I must concede the point.

At the risk of being tautological, in your world, I doubt any axioms can exist that are not congruent with your established thinking.

There are plenty such axioms.  Axioms are something that people can disagree about, and because they are axioms, there is no way to resolve that kind of disagreement (well, except perhaps through demonstration of internal inconsistency, but that only works if the internal inconsistency is actually there).

For instance, the axiom of the existence of a divine creator is one I do not subscribe to.  There are obviously many who do, however.

Here's an axiom for you: Arguing with a brick is pointless.

I agree with that.  But a brick I am not.  Difficult to convince, perhaps.  But as long as the disagreement is not axiomatic in nature, then it will not be impossible if it can be shown, through evidence and logic, that I am incorrect.  Indeed, flaws in my arguments, facts, etc., are things I want to know about because I do not tolerate incorrectness in myself.  While perfect correctness is (I expect) impossible for me to achieve, that doesn't keep me from trying.


The subject we're talking about might be a rather poor one for demonstration of all that.   



So, for the second time: are you going to answer my question about axioms or not?   If not, would you at least answer the question I asked about maximizing profit during the limited time window afforded by law?

I can either attempt to determine the axiomatic basis for your views through a series of questions, or I can ask for it directly.  I'm willing to go either way.  You're probably wondering why I'm doing this.  The answer is that I detect a potential internal inconsistency in your position, and wish to determine if it is there or not.  If it is not there, then we must either disagree at an axiomatic level, or my position is somehow in error.  And I cannot determine that without knowing what the axiomatic basis of your position is.

[Fungus]

Which of these is morally right?

a) A home hobbyist unlocking the extra bandwidth/features of his DS1054Z
b) A small company buying 10 DS1054Zs and unlocking them all
c) A government department buying 1,000 DS1054Zs and unlocking them all
d) A corporation buying 10,000 DS1054Zs and unlocking them all

All of the above. There is no licensing agreement on the hardware in question, not even a punch-through on first turn on. Not even a real lock; just obfuscation of the location of the switch in the software.

Who said anything about licensing agreements or how difficult it is to do? 

FINALLY!!! The light dawns!!! Arguing morality on the internet is like trying to have sex with an alligator; a whole mess of thrashing about, and no good can come of it.

Let me guess: You're the alligator and we're the humans, right?

[kcbrown]

Which of these is morally right?

a) A home hobbyist unlocking the extra bandwidth/features of his DS1054Z
b) A small company buying 10 DS1054Zs and unlocking them all
c) A government department buying 1,000 DS1054Zs and unlocking them all
d) A corporation buying 10,000 DS1054Zs and unlocking them all

All of the above. There is no licensing agreement on the hardware in question, not even a punch-through on first turn on. Not even a real lock; just obfuscation of the location of the switch in the software.

Who said anything about licensing agreements or how difficult it is to do? 

Suppose license agreements are not in the mix at all.

What is the practical difference between hacking your scope by way of supplying a magic key to the firmware, and hacking your scope by way of modifying the hardware to make it more capable than it came from the factory?

Take the Siglent SDS2000X series scopes, for instance.  Dave Jones' recent teardown strongly suggests that one can modify the bandwidth capabilities of the frontend simply by replacing a capacitor and a diode (if I'm remembering rightly).  Suppose for the moment that one can modify it in that way in order to increase the bandwidth of the scope.  If one does so, how is that any different than supplying a magic key to the firmware to achieve the same thing?


If they are no different from each other, then you must believe that hacking the hardware of your scope to improve its capabilities is just as unethical as supplying a magic key to the firmware.  In both cases, you are turning the scope into something more capable than what you paid for.   Therefore, what in the world justifies any ethical difference between the two?

[Fungus]

Therefore, what in the world justifies any ethical difference between the two?

One of them requires breaking the "warranty void if removed" sticker.

[mnementh]

Therefore, what in the world justifies any ethical difference between the two?

One of them requires breaking the "warranty void if removed" sticker.

I void warranties with extreme prejudice.

Which of these is morally right?

a) A home hobbyist unlocking the extra bandwidth/features of his DS1054Z
b) A small company buying 10 DS1054Zs and unlocking them all
c) A government department buying 1,000 DS1054Zs and unlocking them all
d) A corporation buying 10,000 DS1054Zs and unlocking them all

All of the above. There is no licensing agreement on the hardware in question, not even a punch-through on first turn on. Not even a real lock; just obfuscation of the location of the switch in the software.

Who said anything about licensing agreements or how difficult it is to do? 

FINALLY!!! The light dawns!!! Arguing morality on the internet is like trying to have sex with an alligator; a whole mess of thrashing about, and no good can come of it.

Let me guess: You're the alligator and we're the humans, right?

Is that a proposition? Because, quite frankly, I don't think you're the alligator's type.


The "licensing" and how it's locked down have everything to do with this because I BOUGHT the damned thing, I DID NOT RENT IT.

I OWN IT. Even under US Law, if it were applicable, I have the right to disassemble it, EVEN THE COPY OF SOFTWARE THAT IS ON IT, to see how it works and if I have the skills, I have the right to modify that hardware or software. If I can figure out HOW, I have the right to make an archive copy of that software to protect the functionality of my investment in that hardware. If I have the technical capability to reverse engineer the hardware and create my own schematic, I legally have the right to duplicate the entire device for my own use.

As this device is manufactured and sold in China, which protections are even less stringent than here, I could also probably go into business SELLING that reverse-engineered hardware/software product.

MORALITY has nothing to do with it. I OWN the fu**ing thing, because that is my minimum right under any applicable law, and because the ONLY protection that MIGHT apply is a "break-seal" or "punch-through" license on the software, and the manufacturer didn't care enough about preventing me from using those "un-paid-for features" to protect the device with these most elemental safeguards, so why should I hold myself to some mythic higher standard than even the company who made and sold it to me?

Even Superman would laugh in your face over this... and I'm not talking Zack Snyder's "SuperAssholeMan", I'm talking full-tilt "Last Boy Scout" Christopher Reeve Superman here.

Jeezus H. Christ A-Hoppin' on a pogo stick; some folks are thick.


mnem
That's one bouncy Jeezus.

[kcbrown]

Therefore, what in the world justifies any ethical difference between the two?

One of them requires breaking the "warranty void if removed" sticker.

In the absence of a warranty claim, on what grounds is there any ethical difference?



(Sent with Tapatalk, so apologies for the lackluster formatting)

[tggzzz]

I OWN IT. Even under US Law, if it were applicable, I have the right to disassemble it, EVEN THE COPY OF SOFTWARE THAT IS ON IT, to see how it works and if I have the skills, I have the right to modify that hardware or software. If I can figure out HOW, I have the right to make an archive copy of that software to protect the functionality of my investment in that hardware. If I have the technical capability to reverse engineer the hardware and create my own schematic, I legally have the right to duplicate the entire device for my own use.

Have you ever heard of the DMCA? N.B. it doesn't matter a pig's whistle whether or not you like or agree with the DMCA. - it still applies to you. And, if the b*****s negotiating the TPP and TTIP get their way, everybody else.

I OWN the fu**ing thing,

Before you "own" something, you have to buy it. When you <expletive deleted> buy anything, you enter into a contract with a supplier, in which they offer and supply "something" in exchange for your "monetary consideration". The "something" is defined in advance, as is the "monetary consideration". Added into that mix is whatever is stated in the local laws. N.B. not, as the naive presume, local justice (and not even the naive consider morality/ethics in that context).

If the manufacturer wasn't offering "something", you cannot have bought "something" and therefore cannot "own" "something".

So, if you don't like what is offered for sale, don't buy it.

[kcbrown]

Have you ever heard of the DMCA? N.B. it doesn't matter a pig's whistle whether or not you like or agree with the DMCA. - it still applies to you. And, if the b*****s negotiating the TPP and TTIP get their way, everybody else.

Yes, the DMCA applies.

The DMCA has a reverse engineering exception built into it, but it's pretty limited.

Even so, the basis of the DMCA is copyright.  It protects copying of the work.  Since reverse engineering of software generally involves copying of some form, that means that you generally can't perform reverse engineering of it without violating copyright.

Such is not true of hardware.

And such is not true when one enters a magic key into an oscilloscope, either.  No copying of the software in the oscilloscope takes place.

However, having read up on some case law on the subject, it does appear that the DMCA comes into play with respect to "access to the work".  While Congress did not define what it meant, a number of cases have interpreted that to include access to functionality, which means that an interpretation that says "entering keys into the oscilloscope without getting the prior permission of the manufacturer is a violation of the DMCA" is apparently a reasonable one in the eyes of at least some of the courts.

Before you "own" something, you have to buy it. When you <expletive deleted> buy anything, you enter into a contract with a supplier, in which they offer and supply "something" in exchange for your "monetary consideration". The "something" is defined in advance, as is the "monetary consideration".

Usually the "something" is defined by the thing itself.  Which is to say, you're buying the object you receive and everything it contains, whatever that might be.  It happens to come configured by the manufacturer in the way the manufacturer intends, but that does not make configuration changes by the purchaser "wrong".  Such changes would be "wrong" if the purchaser agrees in advance to not make such changes, but absent such an agreement, what exactly is the justification for the claim that making those changes is "wrong"?

So, if you don't like what is offered for sale, don't buy it.

What is offered for sale is often perceived by the buyer as not just what he's receiving at the time of purchase, but what it can become after he modifies it to suit his tastes.  Which is to say, it is not uncommon for someone to buy something with the intention of changing it to make it more capable.  What is wrong with that?

If you insist that it is wrong for someone to modify, alter the configuration of, etc., something that he buys without the explicit permission of the manufacturer, then all I can say is that such an opinion may not be as widely shared as you think.  There are multitudes of people who modify their cars to make them substantially more capable than how they come from the manufacturer.  Those people would be amused to hear that what they've done is "wrong".

[Fungus]

There are multitudes of people who modify their cars to make them substantially more capable than how they come from the manufacturer.  Those people would be amused to hear that what they've done is "wrong".

What they do costs them time and money. They're not just cutting open the secret compartment under the car and pressing a magic button. This car analogy doesn't work, does it?

Let's try a different tack. Suppose Rigol sold upgrade keys that worked on any oscilloscope, not locked to serial numbers.

a) If you bought an unlock code would you be happy to give it to your friends?
b) Should a company buy 1,000 DS1054Zs from Rigol and one unlock code then apply the code to all of them?

(Yes, we get that Mr rootin-tootin-crocodile would give his license away - it don't cost him nuthin' to do that, so why not...?)

[kcbrown]

There are multitudes of people who modify their cars to make them substantially more capable than how they come from the manufacturer.  Those people would be amused to hear that what they've done is "wrong".

What they do costs them time and money. They're not just cutting open the secret compartment under the car and pressing a magic button. This car analogy doesn't work, does it?

It doesn't always work, certainly, but all modifications require time, even if minimal.

For instance, if I remove an air restrictor from my engine, that could take a minimal amount of time and yield a larger amount of power.  That would qualify as the sort of modification that some here seem to think is "wrong", would it not?

In any case, if time and/or money is the litmus test, then reverse engineering software and modifying it to make it more capable, which can take quite a lot of time and may even take a decent amount of money for the necessary software tools, hardware interface tools, etc., would certainly be more equivalent to the sorts of car modifications that you're probably thinking of, no?  And yet, do you not regard such efforts as "wrong"?

Note that I am not arguing that such reverse engineering is not a violation of copyright law!  It almost certainly is.  But as long as the person in question does not distribute his modifications, the analogy would be sound, no?

Where do you draw the line as regards time, effort, and/or money, and why?  How is that line, if you draw it at all, not arbitrary?


Furthermore, the modification you make to your car may well give it the same capabilities as a more expensive model from the same manufacturer, but for a substantially smaller cash outlay (example: 2014 Mustang GT with supercharger modifications versus 2014 GT500).  Since the manufacturer in that case has made it clear that they intend you to pay a certain amount for the larger amount of capability, is it not wrong for you to modify your car to achieve that capability at a substantially lower price?

Let's try a different tack. Suppose Rigol sold upgrade keys that worked on any oscilloscope, not locked to serial numbers.

a) If you bought an unlock code would you be happy to give it to your friends?

That is actually a great question.

If there was no stipulation in the transaction that the code was to be used on only one oscilloscope, and absent the below consideration, then sure.  That which is not forbidden is allowed.  But that presumes that the code isn't covered under copyright (it probably is, under the DMCA if nothing else).


If your question is whether or not I would consider it wrong to give the resulting code away, well, that would depend on whether or not it is something that could be discovered independently.  If it is something that is not discoverable (e.g., it is generated from the private key half of a public/private key pair), then I would consider it wrong to give it away -- because it would mean that the manufacturer has done its due diligence to ensure that the functionality it wishes to protect is protected by the mechanism it chose to use.  If it is something that is independently discoverable, then I would not consider it wrong to give it away -- because it would mean that the manufacturer chose to use an independently discoverable code despite the ease with which an undiscoverable code could have been used.  The latter means that I would have to presume that the manufacturer intended to gain a marketing edge through the use of such a means, in which case who am I to argue with them on that?

b) Should a company buy 1,000 DS1054Zs from Rigol and one unlock code then apply the code to all of them?

I'd say my reply above covers this as well, though there are likely additional legal considerations which change the balance in favor of buying one code per device.  That said, we both know that many companies generally act as if the only thing that matters is their profits, so I would expect Rigol to explicitly state the terms of use of the unlock code in that case, simply because they're not naive enough to expect a company to act in any sort of ethical fashion.


Now it's my turn.

If you discover that your scope's bandwidth can be tripled simply by changing out a few capacitors and resistors, is it wrong for you to make that modification?  After all, in doing so, you have spent much less money and time to acquire a scope with capabilities that command a much higher price in the form of a higher bandwidth model in the same line, which means that the manufacturer clearly intends you to spend much more than you did in order to acquire a scope with the bandwidth you achieved.  Therefore, have you not deprived the manufacturer of deserved profits?  Have you not thwarted the manufacturer's market segmentation intent?

Is it wrong for you to describe the details of that modification on a public forum like this one?  How about to supply parts kits with instructions?

[Zero999]

There are multitudes of people who modify their cars to make them substantially more capable than how they come from the manufacturer.  Those people would be amused to hear that what they've done is "wrong".

What they do costs them time and money. They're not just cutting open the secret compartment under the car and pressing a magic button.

Not necessarily. Sometimes upgrading the performance of a car is as simple as changing the ECU settings. Warranty aside, I believe the only legal issues are insurance as the car is now faster, so may require a higher premium and liability i.e. if such a modification makes the vehicle dangerous but that should be covered under insurance and if it still passes the emissions tests. Other than that, it's not much different to hacking one's oscilloscope.

[Fungus]

Furthermore, the modification you make to your car may well give it the same capabilities as a more expensive model from the same manufacturer, but for a substantially smaller cash outlay (example: 2014 Mustang GT with supercharger modifications versus 2014 GT500).  Since the manufacturer in that case has made it clear that they intend you to pay a certain amount for the larger amount of capability, is it not wrong for you to modify your car to achieve that capability at a substantially lower price?

Normally the more expensive model has more stuff - better brakes, better steering, better interior, more gadgets. I don't think there's any cars where the only difference is the engine.

But let's suppose the only difference is the engine power.

Take a look around at the sort of person who actually remaps their ECU. What personality type are they? I think the answer is in there somewhere.

b) Should a company buy 1,000 DS1054Zs from Rigol and one unlock code then apply the code to all of them?

I'd say my reply above covers this as well, though there are likely additional legal considerations which change the balance in favor of buying one code per device. 

Legal/technical considerations aside, would anybody here feel totally comfortable walking into a Rigol sales office and asking for a quote for 1000 DS1054Zs plus an upgrade key for one of them.

If you discover that your scope's bandwidth can be tripled simply by changing out a few capacitors and resistors, is it wrong for you to make that modification?

If it requires rescinding your warranty, then... at least you're giving something back.

Plus: This one is a sliding scale. What if there were aftermarket motherboards that could give you then times the bandwidth? Is it OK to use the DS1054Z case/screen/power supply with those boards? I'd say "yes".

[G0HZU]

Take a look around at the sort of person who actually remaps their ECU. What personality type are they? I think the answer is in there somewhere.

Not sure what you mean here but about 12+ years ago I bought a spare ECU for my car and took it apart and reverse engineered it.
I went on to reverse engineer a few more and I got down as far as producing block diagrams for how the fuelling and timing and knock sensor system worked in the more advanced ECUs. eg how it measured and stored data from the knock sensor and how it used this data to modify the fuelling and timing. I basically reverse engineered all of the code in the ECU and knew how every map was used with respect to incoming sensor data. I even modified the code (and the hardware) to allow the car to be remapped in real time on a rolling road with a PC by exploiting hidden functionality within the ECU. i.e. stuff I found in the code that was left there in the ROM by the original ECU developers.

I'm not sure how legal this was but I really don't care. It was my car, my property. I learned a lot about how to write efficient code (especially wrt 3D mapping)  and how to put failsafe measures into a system.

[Fungus]

Take a look around at the sort of person who actually remaps their ECU. What personality type are they? I think the answer is in there somewhere.

Not sure what you mean here but about 12+ years ago I bought a spare ECU for my car and took it apart and reverse engineered it.
I went on to reverse engineer a few more and I got down as far as producing block diagrams for how the fuelling and timing and knock sensor system worked in the more advanced ECUs. eg how it measured and stored data from the knock sensor and how it used this data to modify the fuelling and timing. I basically reverse engineered all of the code in the ECU and knew how every map was used with respect to incoming sensor data. I even modified the code (and the hardware) to allow the car to be remapped in real time on a rolling road with a PC by exploiting hidden functionality within the ECU. i.e. stuff I found in the code that was left there in the ROM by the original ECU developers.

I'm not sure how legal this was but I really don't care. It was my car, my property. I learned a lot about how to write efficient code (especially wrt 3D mapping)  and how to put failsafe measures into a system.

OK, you;re the hacker. I'm referring to the script-kiddies.

[kcbrown]

Furthermore, the modification you make to your car may well give it the same capabilities as a more expensive model from the same manufacturer, but for a substantially smaller cash outlay (example: 2014 Mustang GT with supercharger modifications versus 2014 GT500).  Since the manufacturer in that case has made it clear that they intend you to pay a certain amount for the larger amount of capability, is it not wrong for you to modify your car to achieve that capability at a substantially lower price?

Normally the more expensive model has more stuff - better brakes, better steering, better interior, more gadgets. I don't think there's any cars where the only difference is the engine.

True as that may be, it doesn't have to be.  It's up to the manufacturer, right?

Regardless, the aftermarket supplies much more than just engine improvements.  On top of that, it is possible to purchase replacement parts from the manufacturer for the upscale model.  If you then put those parts on your lower end model, is that unethical, since the manufacturer didn't explicitly authorize that?

The Mustang GT versus GT500 example is an excellent one because all of the GT500 parts will fit on the GT (as far as I know).  It's the same platform.

But let's suppose the only difference is the engine power.

Take a look around at the sort of person who actually remaps their ECU. What personality type are they? I think the answer is in there somewhere.

It's not clear to me where you're going with that.  The personality type of someone who remaps their ECU is that of someone who wants to maximize the performance of what they have without necessarily spending a whole lot of effort doing so.   Why should it matter to them whether or not the manufacturer "intended" them to do so, as long as they're willing to give up warranty coverage?

Legal/technical considerations aside, would anybody here feel totally comfortable walking into a Rigol sales office and asking for a quote for 1000 DS1054Zs plus an upgrade key for one of them.

Why not?  That can be easily justified even if one has no intention of using the upgrade key on more than one unit.

If you discover that your scope's bandwidth can be tripled simply by changing out a few capacitors and resistors, is it wrong for you to make that modification?

If it requires rescinding your warranty, then... at least you're giving something back.

What if you intend in both cases (firmware code and hardware modification) to give up warranty protection?  Indeed, what says that the manufacturer has to honor the warranty of a scope that's been hacked with a firmware code?

If the warranty question is the only issue, then eliminating that as a concern should ethically green light modification of the scope via a firmware code if modification through hardware is okay under the same conditions, right?

Plus: This one is a sliding scale. What if there were aftermarket motherboards that could give you then times the bandwidth? Is it OK to use the DS1054Z case/screen/power supply with those boards? I'd say "yes".

Does that mean, then, that you believe it would be wrong to modify your scope to give it more bandwidth if the only modification necessary involved replacement of a few capacitors and resistors?

[G0HZU]

My take on this subject is that it is too complicated to ever hope to reach agreement on a forum like this.

I'm not a legal expert so I don't pretend to understand the legal implications. However, I think that within a modern, large company there will be internal ethical rules/reasons why this sort of thing wouldn't be tolerated anyway. So there's no way TE would be hacked at my place of work for example. It would cause an internal shitstorm (to the delight of certain corporate types within the company) and a fair bit of fallout.

But for home/hobby use I offer this youtube video link as a guide as to how I see things. I hope you can all see the funny side of it 

[mnementh]

Have you ever heard of the DMCA? N.B. it doesn't matter a pig's whistle whether or not you like or agree with the DMCA. - it still applies to you. And, if the b*****s negotiating the TPP and TTIP get their way, everybody else.

Yes, the DMCA applies.

The DMCA has a reverse engineering exception built into it, but it's pretty limited.

Even so, the basis of the DMCA is copyright.  It protects copying of the work.  Since reverse engineering of software generally involves copying of some form, that means that you generally can't perform reverse engineering of it without violating copyright.

Such is not true of hardware.

And such is not true when one enters a magic key into an oscilloscope, either.  No copying of the software in the oscilloscope takes place.

However, having read up on some case law on the subject, it does appear that the DMCA comes into play with respect to "access to the work".  While Congress did not define what it meant, a number of cases have interpreted that to include access to functionality, which means that an interpretation that says "entering keys into the oscilloscope without getting the prior permission of the manufacturer is a violation of the DMCA" is apparently a reasonable one in the eyes of at least some of the courts.

Before you "own" something, you have to buy it. When you <expletive deleted> buy anything, you enter into a contract with a supplier, in which they offer and supply "something" in exchange for your "monetary consideration". The "something" is defined in advance, as is the "monetary consideration".

Usually the "something" is defined by the thing itself.  Which is to say, you're buying the object you receive and everything it contains, whatever that might be.  It happens to come configured by the manufacturer in the way the manufacturer intends, but that does not make configuration changes by the purchaser "wrong".  Such changes would be "wrong" if the purchaser agrees in advance to not make such changes, but absent such an agreement, what exactly is the justification for the claim that making those changes is "wrong"?

So, if you don't like what is offered for sale, don't buy it.

What is offered for sale is often perceived by the buyer as not just what he's receiving at the time of purchase, but what it can become after he modifies it to suit his tastes.  Which is to say, it is not uncommon for someone to buy something with the intention of changing it to make it more capable.  What is wrong with that?

If you insist that it is wrong for someone to modify, alter the configuration of, etc., something that he buys without the explicit permission of the manufacturer, then all I can say is that such an opinion may not be as widely shared as you think.  There are multitudes of people who modify their cars to make them substantially more capable than how they come from the manufacturer.  Those people would be amused to hear that what they've done is "wrong".

The DMCA is limited JUST EXACTLY as I described it. Where did you get the idea that it removes the right to COPY software? It only removes the right to share a copy with someone ELSE.

EVEN UNDER THE DMCA, aside from certain crypto software, I STILL have the right to make an archive copy FOR MY OWN USE of ANY SOFTWARE that comes as part of a HARDWARE device that I purchase, and I STILL have the right to dismantle that code if I can figure out how. I just cannot SHARE that SOFTWARE with anybody. I CAN share the knowledge I discover about HOW the software works, and even share instructions on how to dismantle it.

THIS is what had everybody up in arms about DVD playback; the dingdongs who created the CODEC weren't prepared for it to be dismantled literally months after it was released. TOO EFFING BAD. VLC is still around, and MicroSuck DVD CODEC is an amusing footnote in history.

The licensing BS y'all are talking about DOES NOT EXIST. For licensing to be in effect, THERE HAS TO BE A LICENSING AGREEMENT, even here in the US there has to be a "break-seal" or "punch-through" licensing agreement somewhere in the course of the purchase. There is none here, and even if there were it wouldn't apply to an item made and sold in China, whose laws DO NOT SUPPORT such licensing.


mnem
 

[Zero999]

However, I think that within a modern, large company there will be internal ethical rules/reasons why this sort of thing wouldn't be tolerated anyway. So there's no way TE would be hacked at my place of work for example. It would cause an internal shitstorm (to the delight of certain corporate types within the company) and a fair bit of fallout.

It's funny you should mention this.

We're looking to buy a new low cost oscilloscope where I work. I mentioned the DS1054Z, along with the hack and my manager liked my thinking , although I think we'll probably go for the OWON SDS7102V with the battery option because it's more portable and costs the same. Some of the other managers where I work might not like the idea of using hacked test equipment, but they'll never know about it and probably wouldn't understand what it really means if they did.

[kcbrown]

The DMCA is limited JUST EXACTLY as I described it. Where did you get the idea that it removes the right to COPY software? It only removes the right to share a copy with someone ELSE.

I wish that were the case.  It's not.  You need to read the actual text of the law.

If copyright law did not (with some specific exemptions) remove the right to copy software, and only covered sharing, then there would not need to be an exemption in it for the purpose of execution of the code on the computer, or anything else for that matter.

The DMCA is an addition to general copyright law.  It imposes additional prohibitions with respect to measures that control access and/or copying.

EVEN UNDER THE DMCA, aside from certain crypto software, I STILL have the right to make an archive copy FOR MY OWN USE of ANY SOFTWARE that comes as part of a HARDWARE device that I purchase, and I STILL have the right to dismantle that code if I can figure out how.

The exemption for making an archival copy is correct.  As for reverse engineering, see below.

I just cannot SHARE that SOFTWARE with anybody. I CAN share the knowledge I discover about HOW the software works, and even share instructions on how to dismantle it.

That is true, but you will be in violation of the law with respect to the reverse engineering required to acquire that knowledge unless:

• you have permission from the copyright holder to perform it, or
• there is no "technological measure" controlling access, and the software is not controlled by a license agreement that you have (implicitly or explicitly) agreed to, and you live in a jurisdiction where reverse engineering is regarded as "fair use", or
• there is a "technological measure" controlling access, and the software is not controlled by a license agreement that you have (implicitly or explicitly) agreed to, and you live in a jurisdiction where reverse engineering is regarded as "fair use", and your reverse engineering effort is for the purposes of interoperability.
  

The 9th Circuit is one such jurisdiction that considers reverse engineering to be "fair use", but I don't see anything where the Supreme Court has weighed in on the subject, which is why jurisdiction matters.

I strongly suggest you read this: https://www.eff.org/issues/coders/reverse-engineering-faq


As applied to the Rigol oscilloscope's firmware, if you live in the jurisdiction of the 9th Circuit, then you'll be able to reverse engineer the firmware without running afoul of copyright law because the firmware isn't guarded by a "technological measure" which controls copying or access, and there is no license associated with the firmware.

The licensing BS y'all are talking about DOES NOT EXIST. For licensing to be in effect, THERE HAS TO BE A LICENSING AGREEMENT, even here in the US there has to be a "break-seal" or "punch-through" licensing agreement somewhere in the course of the purchase. There is none here, and even if there were it wouldn't apply to an item made and sold in China, whose laws DO NOT SUPPORT such licensing.

Yes.  Do you realize why there's no license agreement here?  It's simple: because there is no software installation step.  There is no step that requires copying of the software/firmware that is not covered by the exemption in 17 USC 117(a), which is:

(a)Making of Additional Copy or Adaptation by Owner of Copy.—Notwithstanding the provisions of section 106, it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided:
  (1) that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner, or
  (2) that such new copy or adaptation is for archival purposes only and that all archival copies are destroyed in the event that continued possession of the computer program should cease to be rightful.

Now, you could say that you should be able to do whatever you want with the software once it's in your possession, provided that you do not share it or derivatives of it with others, and I would agree with you on that, but as regards the law, it goes much further than to cover mere sharing.

[mnementh]

The DMCA is limited JUST EXACTLY as I described it. Where did you get the idea that it removes the right to COPY software? It only removes the right to share a copy with someone ELSE.

I wish that were the case.  It's not.  You need to read the actual text of the law.

If copyright law did not (with some specific exemptions) remove the right to copy software, and only covered sharing, then there would not need to be an exemption in it for the purpose of execution of the code on the computer, or anything else for that matter.

The DMCA is an addition to general copyright law.  It imposes additional prohibitions with respect to measures that control access and/or copying.

EVEN UNDER THE DMCA, aside from certain crypto software, I STILL have the right to make an archive copy FOR MY OWN USE of ANY SOFTWARE that comes as part of a HARDWARE device that I purchase, and I STILL have the right to dismantle that code if I can figure out how.

The exemption for making an archival copy is correct.  As for reverse engineering, see below.

I just cannot SHARE that SOFTWARE with anybody. I CAN share the knowledge I discover about HOW the software works, and even share instructions on how to dismantle it.

That is true, but you will be in violation of the law with respect to the reverse engineering required to acquire that knowledge unless:

• you have permission from the copyright holder to perform it, or
• there is no "technological measure" controlling access, and the software is not controlled by a license agreement that you have (implicitly or explicitly) agreed to, and you live in a jurisdiction where reverse engineering is regarded as "fair use", or
• there is a "technological measure" controlling access, and the software is not controlled by a license agreement that you have (implicitly or explicitly) agreed to, and you live in a jurisdiction where reverse engineering is regarded as "fair use", and your reverse engineering effort is for the purposes of interoperability.
  

The 9th Circuit is one such jurisdiction that considers reverse engineering to be "fair use", but I don't see anything where the Supreme Court has weighed in on the subject, which is why jurisdiction matters.

I strongly suggest you read this: https://www.eff.org/issues/coders/reverse-engineering-faq


As applied to the Rigol oscilloscope's firmware, if you live in the jurisdiction of the 9th Circuit, then you'll be able to reverse engineer the firmware without running afoul of copyright law because the firmware isn't guarded by a "technological measure" which controls copying or access, and there is no license associated with the firmware.

The licensing BS y'all are talking about DOES NOT EXIST. For licensing to be in effect, THERE HAS TO BE A LICENSING AGREEMENT, even here in the US there has to be a "break-seal" or "punch-through" licensing agreement somewhere in the course of the purchase. There is none here, and even if there were it wouldn't apply to an item made and sold in China, whose laws DO NOT SUPPORT such licensing.

Yes.  Do you realize why there's no license agreement here?  It's simple: because there is no software installation step.  There is no step that requires copying of the software/firmware that is not covered by the exemption in 17 USC 117(a), which is:

(a)Making of Additional Copy or Adaptation by Owner of Copy.—Notwithstanding the provisions of section 106, it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided:
  (1) that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner, or
  (2) that such new copy or adaptation is for archival purposes only and that all archival copies are destroyed in the event that continued possession of the computer program should cease to be rightful.

Now, you could say that you should be able to do whatever you want with the software once it's in your possession, provided that you do not share it or derivatives of it with others, and I would agree with you on that, but as regards the law, it goes much further than to cover mere sharing.

It doesn't matter where I live. It matters where the sale was made, and if any portion of the sales agreement includes a software license. The software installation has to include a "punch-through" licensing agreement, or there's no licensing THERE, either. Even if it did, I could buy the item used at a flea market and do any damned thing I want with it, aside from those very special "crypto" softwares I was talking about.

NONE OF THIS APPLIES HERE. PERIOD. It is a tool made and sold in China. THEIR laws at the time of the sale apply. PERIOD.


mnem
Not without my crundoscope!

[kcbrown]

It may be bad form to reply to my own message, but even so, this is one of those cases where it makes sense to do so.

However, having read up on some case law on the subject, it does appear that the DMCA comes into play with respect to "access to the work".  While Congress did not define what it meant, a number of cases have interpreted that to include access to functionality, which means that an interpretation that says "entering keys into the oscilloscope without getting the prior permission of the manufacturer is a violation of the DMCA" is apparently a reasonable one in the eyes of at least some of the courts.

There's a very interesting case, LEXMARK INTERNATIONAL, INC. v. Static Control Components, Inc., which bears directly on the above question.  And it indicates that the codes we've been discussing do not fall under the DMCA's prohibitions, that for it to do so, what is protected must itself be copyrightable expression, not merely function.  See for yourself:

In the essential setting where the DMCA applies, the copyright protection operates on two planes: in the literal code governing the work and in the visual or audio manifestation generated by the code's execution. For example, the encoded data on CDs translates into music and on DVDs into motion pictures, while the program commands in software for video games or computers translate into some other visual and audio manifestation. In the cases upon which Lexmark relies, restricting "use" of the work means restricting consumers from making use of the copyrightable expression in the work. See 321 Studios, 307 F. Supp. 2d at 1095 (movies contained on DVDs protected by an encryption algorithm cannot be watched without a player that contains an access key); Reimerdes, 111 F. Supp. 2d at 303 (same); Gamemasters, 87 F. Supp. 2d at 981 (Sony's game console prevented operation of unauthorized video games). As shown above, the DMCA applies in these settings when the product manufacturer prevents all access to the copyrightable material and the alleged infringer responds by marketing a device that circumvents the technological measure designed to guard access to the copyrightable material.

The copyrightable expression in the Printer Engine Program, by contrast, operates on only one plane: in the literal elements of the program, its source and object code. Unlike the code underlying video games or DVDs, "using" or executing the Printer Engine Program does not in turn create any protected expression. Instead, the program's output is purely functional: the Printer Engine Program "controls a number of operations" in the Lexmark printer such as "paper feed[,] paper movement[,] [and] motor control." Lexmark Br. at 9; cf. Lotus Dev., 49 F.3d at 815 (determining that menu command hierarchy is an "uncopyrightable method of operation"). And unlike the code underlying video games or DVDs, no encryption or other technological measure prevents access to the Printer Engine Program. Presumably, it is precisely because the Printer Engine Program is not a conduit to protectable expression that explains why Lexmark (or any other printer company) would not block access to the computer software that makes the printer work. Because Lexmark's authentication sequence does not restrict access to this literal code, the DMCA does not apply.

(emphasis mine in the above)

It is not functionality that the DMCA protects, it is copyrightable material.  Copyrightable material is expression, not function.

Importantly, Lexmark did not appeal the above decision, which almost certainly means they believed they wouldn't be able to prevail on the merits at the Supreme Court.

So it appears that my prior assessment is likely incorrect, that the use of the magic codes in conjunction with the scope's firmware is not a violation of copyright or of the DMCA, precisely because the magic codes do not protect copyrightable material, but only function, and do not result in any unauthorized copying of or access to copyrighted works.


So: ethical or not, using these magic codes to unlock the functionality in these scopes is not illegal in the United States.  Those of you who use the law itself as the basis for ethical judgments would do well to think on that.

[kcbrown]

It doesn't matter where I live. It matters where the sale was made, and if any portion of the sales agreement includes a software license. The software installation has to include a "punch-through" licensing agreement, or there's no licensing THERE, either. Even if it did, I could buy the item used at a flea market and do any damned thing I want with it, aside from those very special "crypto" softwares I was talking about.

NONE OF THIS APPLIES HERE. PERIOD. It is a tool made and sold in China. THEIR laws at the time of the sale apply. PERIOD.

No.  If that were the case, you'd be able to legally purchase a DVD copy of a movie in, say, Afghanistan, then bring it back here to the United States, then make an arbitrary number of copies of it and distribute those copies to whomever you like, and not run afoul of U.S. copyright law.

Law governs actions that are taken while under the jurisdiction of the law in question.  Copyright limits copying and access to copyrighted expression.  If you make a copy of a copyrighted work while in the United States, then United States copyright law is controlling.  The origination point of the sale of the work is meaningless with respect to actions you later take with what you purchased.


But because there is no license agreement involved ("click through" or otherwise), the firmware was legally obtained through the sale, and the exemptions in U.S. copyright law are applicable (those exemptions include "fair use" and copying necessary for operation of the software), you would be in the clear with respect to reverse engineering.

[mnementh]

It doesn't matter where I live. It matters where the sale was made, and if any portion of the sales agreement includes a software license. The software installation has to include a "punch-through" licensing agreement, or there's no licensing THERE, either. Even if it did, I could buy the item used at a flea market and do any damned thing I want with it, aside from those very special "crypto" softwares I was talking about.

NONE OF THIS APPLIES HERE. PERIOD. It is a tool made and sold in China. THEIR laws at the time of the sale apply. PERIOD.

No.  If that were the case, you'd be able to legally purchase a DVD copy of a movie in, say, Afghanistan, then bring it back here to the United States, then make an arbitrary number of copies of it and distribute those copies to whomever you like, and not run afoul of U.S. copyright law.

Law governs actions that are taken while under the jurisdiction of the law in question.  Copyright limits copying and access to copyrighted expression.  If you make a copy of a copyrighted work while in the United States, then United States copyright law is controlling.  The origination point of the sale of the work is meaningless with respect to actions you later take with what you purchased.


But because there is no license agreement involved ("click through" or otherwise), the firmware was legally obtained through the sale, and the exemptions in U.S. copyright law are applicable (those exemptions include "fair use" and copying necessary for operation of the software), you would be in the clear with respect to reverse engineering.

This is precisely what I've been saying... that BECAUSE THE SOFTWARE IS INTEGRAL to the function of the machine, I OWN it. THAT is also why the laws at the time of sale also are the only ones that apply.

ONLY in America do we pervert this simple concept with stupidity such as "break-seal" licensing, which the rest of the world considers to be a legal atrocity.

And you can still make as many archive copies of that Afghani-sourced movie as you like, as long as you keep them locked away and out of the hands of others. It is the DISTRIBUTION of said copyrighted materials that will land you in jail. And the fact that they have treaties with us regarding reciprocal CopyRight. So far, to my knowledge, China has no such treaties with us. There is even ongoing litigation RIGHT NOW in the US that will probably win, and will effectively legalize downloading of copyrighted materials PROVIDED you already own that material on some read-only media that paid royalties to the copyright holder.

Pirate Bay will be back, stronger than ever.


mnem
Frabjous.

[kcbrown]

This is precisely what I've been saying... that BECAUSE THE SOFTWARE IS INTEGRAL to the function of the machine, I OWN it. THAT is also why the laws at the time of sale also are the only ones that apply.

No.  Again, the law which governs an action is determined by where the action was taken, not where the object involved in the action was purchased.  Were this not the case, then you'd end up with absurd results, such as being able to purchase a weapon while abroad, use it to kill someone while in the United States, and be subject to the law of the country you purchased the weapon in as opposed to the law in the United States.

ONLY in America do we pervert this simple concept with stupidity such as "break-seal" licensing, which the rest of the world considers to be a legal atrocity.

Oh, I agree with you that such licensing is absurd.  But neither logic nor ethics governs what the law says or means.  Why else do you think I attempt to make a clear distinction between those in these discussions?

And you can still make as many archive copies of that Afghani-sourced movie as you like, as long as you keep them locked away and out of the hands of others. It is the DISTRIBUTION of said copyrighted materials that will land you in jail.

Distribution will land you in jail, certainly, but it is not the only right that is exclusively held by the copyright owner.  Right alongside that is the right to copy.  Don't believe me?   See for yourself:

Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following:
(1) to reproduce the copyrighted work in copies or phonorecords;
(2) to prepare derivative works based upon the copyrighted work;
(3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending;
(4) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works, to perform the copyrighted work publicly;
(5) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work, to display the copyrighted work publicly; and
(6) in the case of sound recordings, to perform the copyrighted work publicly by means of a digital audio transmission.

(emphasis mine)

Were this not the case, format shifting of copyrighted works you own copies of would automatically be legal.  Additionally, it would be perfectly legal for you to modify the contents of the click-through license agreement by copying the bits off the installation medium, modifying them so as to change the license agreement to whatever you want, then invoking the modified installer to install the software, thus causing you to agree to the modified agreement.  Right?  Do you really think doing that is legal if you can legally copy and modify whatever you acquire as long as you don't distribute?

And the fact that they have treaties with us regarding reciprocal CopyRight. So far, to my knowledge, China has no such treaties with us.

I picked Afghanistan for a reason (though in looking at the actual laws, it appears that Ethiopia might have been a better pick as its law doesn't appear to cover computer programs at all).  It doesn't have any such treaty with the United States, but from what I can tell, China does (degree of enforcement within the country in question is another matter altogether, however).

There is even ongoing litigation RIGHT NOW in the US that will probably win, and will effectively legalize downloading of copyrighted materials PROVIDED you already own that material on some read-only media that paid royalties to the copyright holder.

Interesting.  That would be a nice outcome.  Which case is that?