Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hack an Oscilloscope, Get a DMCA Take-Down Notice From Tektronix

Posted by timothy on from the keep-both-pieces dept.

An anonymous reader writes with the news that Hackaday published an article on the poor security of the add-on modules that Tektronix sells as expensive add-ons to unlock features in certain of its oscilloscopes. The reader writes: "It has come to attention of Tek's legal eagles and they now want the article to be taken down. Perhaps they can ask Google to forget that page?"

34 of 273 comments (clear)

  1. A comment from the linked site: by Anonymous Coward · · Score: 4, Insightful

    The car analogy:
    "Owen says:
    July 28, 2014 at 8:09 am
    If you download the trial version of a piece of software you might also have to pay $500 to “de-cripple” features that are already present in the version you’ve got.

    If you download a crack for it to unlock those features because the company didn’t make it difficult enough for people to get around their protection, that still doesn’t make it right.

    I imagine Tektronix just rely on the fact that a lot of people that buy their expensive kit will be businesses and businesses generally have to do things by the book, so they won’t bother unlocking things they haven’t paid for, in the same way Adobe relies on business users to buy Photoshop and mostly overlooks all the home users not paying for it."

    1. Re:A comment from the linked site: by Anonymous Coward · · Score: 5, Interesting

      Woops, This is what I meant to post:
      "MRE says:
      July 28, 2014 at 10:41 am
      I think it is more like this:
      You buy a new car, and to save money, you opt for the ‘no thrills’ package. No radio. No electric windows. No heated seats.
      Upon receiving the car, you discover that the manufacturer did in fact install the radio. Did in fact install the electric windows. And did install the seat heaters.
      However, none of them work. Upon further investigation you discover that to have the items enabled, you must pay the difference in price. But, you poke around and discover that in the fuse box (which required a special screw driver to open), three slots are empty: Radio, Windows, Seats.
      You pop fuses into each slot and everything comes alive.

      Was this theft, or did the factory simply give you the stuff at no cost, and hope you would pay them more money when you decided you wanted the options enabled after all?"

    2. Re:A comment from the linked site: by tompatman · · Score: 5, Informative

      The G37 Sport package includes paddle shifters on the steering column. If you wanted them on a non-sport version though, there was an ebay seller who sold the paddles. All of the wiring and functionality was already there, just bolt on the paddles plug them in and you were done. Car manufacturers include a lot of stuff like this by default because it would be more expensive to install different features based on what the buyer was willing to pay for.

    3. Re:A comment from the linked site: by CanHasDIY · · Score: 3, Insightful

      I read the original article (thanks to the WayBack Machine), and unless the "copyrighted manual" tells you how to program an EEPROM with an SKU, then I don't see how it's a violation of DMCA.

      Boy, wouldn't that be a kick in the face? For corporations to be able to limit access to knowledge by writing it in a book and copyrighting said tome? Sounds like the premise for a dystopian novel.

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
    4. Re:A comment from the linked site: by whistlingtony · · Score: 3, Insightful

      If they had posted, verbatim, Tektronics documents showing how to do this hack.... that would be a copyright abuse. If I write up some notes on how to hack their scope, that document is MINE, and it is protected by copyright the moment I wrote it.

      I get that the DMCA makes it illegal to circumvent the protections on a copyrighted work.... How is an oscilloscope a protected work?

      Do I get to slap a DMCA notice on a burglar to my house?

  2. Hack-a-day cowed to Tektronics, unfortunately ! by Anonymous Coward · · Score: 4, Interesting

    Since this is an abuse of the DMCA law Hack-a-day could have told Tektronics to go fuck themselves, but no ...
     
    After receiving that DMCA notice Hack-a-day quickly changed the wording of the original article (without the permission of the original author, of course)

    1. Re:Hack-a-day cowed to Tektronics, unfortunately ! by frootcakeuk · · Score: 5, Informative

      Don't forget to mention they also changed every single post from commentors as well. Can't say i've seen that before!

      --
      Remember kids: What's right isn't as important as what's profitable.
  3. Re:Perhaps they can ask Google to forget that page by Anonymous Coward · · Score: 3, Insightful

    Using copyright to censor a hack which consist basically in explaining that the crippled features of the oscilloscope can be unlocked using the plain SKUs listed in the very own manufacturer page is a DCMA abuse.

  4. A side benefit of DMCA, perhaps ? by Taco+Cowboy · · Score: 3, Insightful

    No need when HAD instantly back down and alter the content of the page

    Perhaps this is not intended, but a side benefit of DMCA is that the use of DMCA against a certain website will give indication of which site has backbone which site hasn't
     
    HAD certain hasn't

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:A side benefit of DMCA, perhaps ? by Sockatume · · Score: 4, Insightful

      Backbone is cheap when you've got the money to stage even a token legal defense, or your hosting provider is a known safe haven from spurious copyright requests. For most of us, it's a luxury we can't afford.

      --
      No kidding!!! What do you say at this point?
    2. Re:A side benefit of DMCA, perhaps ? by Jane+Q.+Public · · Score: 3, Informative

      There are plenty of lawyers that would take this on Pro Bono or Counter Suit Contingency. And it is perfectly acceptable to simply say, "Go Ahead! Have you never heard of the Streisand Effect" and then sit back and grab a bucket of popcorn as the exact opposite of what they want happens.

      The problem with this idea is that based on the evidence, this DMCA takedown is perfectly legal. Which means if HAD ignored it, they could be taken to court and raked over the coals.

      It's one thing to thumb your nose at baseless cyber-bullying, and saying "You're a fool." It's quite another to be a victim of a bad law, and not really have that option. Sadly, it looks like HAD's situation is the latter one.

  5. wayback machine by sxpert · · Score: 5, Informative

    the article is safely stored in the wayback machine, and i have made a backup away from the reaches of the stupid DMCA.
    yet another project ripe for the application of the streisand effect

    1. Re:Wayback Machine by Sockatume · · Score: 5, Funny

      So it turns out that the "module" is just an EEPROM which contains the module's own product SKU. Which is information that Tektronix provides in their own catalogue. Genius. Nobody will never crack that code.

      --
      No kidding!!! What do you say at this point?
  6. Wayback Machine by Anonymous Coward · · Score: 5, Informative

    Fear not, the original article is still available http://web.archive.org/web/201...

  7. Tek smeck by labnet · · Score: 4, Informative

    Have never like tek scopes that much, or Agilent. In fact my fav. Scopes are Yokogawa DLM series.
    All the manufacturers do the cripple thing though. If you want free I2C or LIN or CAN or USB or UART, buy a PC scope like a CleverScope.

    --
    46137
    1. Re:Tek smeck by harrkev · · Score: 5, Informative

      In all fairness (and as a former Agilent employee), you would not believe the amount of work that goes into those things that you don't get with cheap PC-based scopes and low-end stand-along scopes. They do a LOT of work making sure that the front end (analog stuff between BNC and A/D converters) is correct. Also, lots of DSP-ish type stuff right after the A/D too. I am a digital designer, and I worked on some of the oscilloscope chips, and I don't even understand a lot of that of that stuff.

      For a hobbyist working with bandwidth-limited signals, and everything is 5V or less, the cheaper brands are probably fine. However, how do you tell if your scope is lying to you? Do you know aliasing when you see it? I have seen some PC-based scopes do the voltage offset (where you twist the little knob to move the waveform up and down) all in software, and seen the clipping in the A/D -- nasty stuff. You really need do to that in the analog front end You also have how many waveforms per second that you can display. If you have a glitch that happens only rarely, if you are capturing only 30 or 100 waveforms per seconds, you might not see the glitch. On the other hand, if your scope is capturing 50,000 waveform/second, you stand a MUCH greater chance of seeing it.

      I do admit that scopes are a pricey purchase, and part of that is due to the low volumes involved and the high amount of R&D. But, if you need something that you can trust (you make your living off design work and are not just a hobbyist), you really need to get something professional from a reputable company.

      --
      "-1 Troll" is the apparently the same as "-1 I disagree with you."
    2. Re:Tek smeck by harrkev · · Score: 3, Insightful

      You could say that offering all options at a discount costs them nothing. You could also argue that it does deprive them of revenues. There are arguments both ways.

      It is sort of like Windows 7 home vs Windows 7 pro vs. WIndows Server. They all pretty much share the same code base (maybe less so for the Server version). The only difference is a switch or two.

      If you argue that turning on the FFT and serial protocols costs them nothing, you are right! Once the scope is in your hands, it costs Agilent and Tek next to nothing to enable that feature. For Agilent, it is an unlock code. For Tek, it is a module that costs them only a buck or two to make.

      On the other hand, it actually DID cost something to include those features. A lot of serial decode stuff is done hardware and software. The software costs a lot of money to develop and test. The hardware part adds some cost to every single unit sold, plus the cost to develop that test that. So, imagine that all of these extra features (FFT, serial decode, etc.) were included standard with every scope. This means that the price would have to be raised to cover all of the NRE costs. So, the price of the scope rises for everybody. For those that need the extra features, they are getting a great bargain. For everybody else, they are paying more for something that they don't need.

      So, by locking features that need to be unlocked, you piss off the people who feel like the features are already there, and they are being artificially prevented from doing something that they ought to be able to do. If you unlock everything, you raise the price for the very budget-conscious customers. There is no perfect answer.

      --
      "-1 Troll" is the apparently the same as "-1 I disagree with you."
  8. Re:Perhaps they can ask Google to forget that page by MrKaos · · Score: 4, Funny

    Also, for it to be a DCMA,

    Sorry, DMCA. damn typo.

    It's an acronym for Digital Control My Ass, so you were right the first time.

    --
    My ism, it's full of beliefs.
  9. Re:Not people by MrKaos · · Score: 4, Funny

    Corporations are not people

    but Solyent Green is.

    --
    My ism, it's full of beliefs.
  10. WebArchive by jiadran · · Score: 5, Informative

    The Google cache was taken down. The original author seems to have agreed to take down the information on his site as well, even without having been contacted him-self:
    https://sites.google.com/site/...

    However, they were too late. The web archive has already archived their pages. Here are the relevant links:

    http://web.archive.org/web/201...

    http://web.archive.org/web/201...

    (not modified)
    https://oshpark.com/profiles/m...
    http://web.archive.org/web/201...

  11. DMCA? by Sockatume · · Score: 5, Insightful

    I'm not sure that the letter published qualifies as a DMCA takedown request, as it doesn't actually mention any part of the DMCA or any other copyright act that has been broken. I'm not sure that a short keyphrase constitutes copyright-protected matter, for one thing. And it's not like publishing the information violates the noncircumvention part of the Act, because they aren't circumventing an anticopying mechanism. They're circumventing a different mechanism entirely I suspect they're just trying their luck.

    --
    No kidding!!! What do you say at this point?
  12. This is Danaher Corp by Anonymous Coward · · Score: 5, Informative

    Tektronix is now owned by DANAHER corp. It is the same corp that bought Fluke and declared that nobody else can produce yellow DVMâ(TM)s. Remember the DVMs Sparkfun was importing but were seized at the border? Same company.

    They gobble up good brands, and it seems the production is often sent overseas. Some folks say the quality of those great Amercian brands then suffers. Do a search and you'll see a long list of companies.

  13. Re:Perhaps they can ask Google to forget that page by 91degrees · · Score: 5, Insightful

    Also, for it to be a DCMA, doesn't the requested takedown have to have something to do with DRM?

    The DMCA doesn't mention DRM. It mentions somethign along the lines of mechanisms that prevent access to protected works (software can be a mechanism for the purposes of the act).

    Personally I don't think this should qualify as infringement since it prevents use - which should not be a copyright violation - rather than duplication, but that's my opinion on what the law should be rather than what it would be when interpreted by the courts.

  14. Re:Perhaps they can ask Google to forget that page by gstoddart · · Score: 3, Interesting

    Personally I don't think this should qualify as infringement since it prevents use - which should not be a copyright violation - rather than duplication

    I agree with you, but the law has more or less been written to allow corporations to maximize profits.

    In truth, I think the DMCA is so broadly written that if they had a default password of "password", their level of incompetence at security is irrelevant. What matters is they had a pretense of security.

    In this case, they've locked out functionality which is already there, and are charging for access to it -- or it sounds like that.

    I agree that it's your device and you should be able to do anything with it, but apparently publishing it so allow other people to not pay for already there features is a bad thing -- because it interferes with a shitty business model and involves a digital lock.

    I think in general, people should just start posting reviews of Techtronix saying they're greedy bastards who sell crippled hardware and then charge ransom to unlock it.

    --
    Lost at C:>. Found at C.
  15. Re:This is why we can't have nice things by Sockatume · · Score: 4, Informative

    A poor analogy. You would have to actually download the DLC files first, in almost all cases.

    And he's not cracking encrypted data files, he's putting in a cheat code, which happens to be the name of the DLC, because the company are morons.

    --
    No kidding!!! What do you say at this point?
  16. SOP for Test Equipment makers by x0 · · Score: 4, Interesting

    All of the manufacturers now ship devices fully kitted and use licenses to unlock/enable additional features. It's less expensive to manufacture one SKU, and then differentiate models by selectively enabling features.

    At least one of the Chinese manufacturers has know about these hacks for quite a while and apparently isn't doing much about it. I expect that they are allowing this to obtain more market share from the hobbyists as I doubt most commercial operators would void warranties.

    Tek is essentially selling a software package as a value add, and they'll charge what they can until Agilent/Keysight one ups them with less expansive software.

    --
    In the immortal words of Socrates, who said; 'I drank what?'
  17. Re:This is why we can't have nice things by gstoddart · · Score: 4, Informative

    The add-on modules are expensive because you pay for the features they unlock, not for the components of the unlock device itself. It's a dongle.

    This guy is essentially trying to cheat.

    I disagree.

    To me, they've sold you a fully functional product, and only for extra money will they 'license' you to use all of the features.

    So, imagine you've bought a car, it's got an awesome radio and a turbo charger and a backup camera. They're hooked up and working, just not active unless you shell out a bunch more money.

    This is saying we'll give you the rest of the functionality of the device we've sold you if you'll hand over more money.

    This is intentionally making a crippled product, and then gouging your consumers to get the full version.

    I see this as just rent seeking, and a business model based on upgrades.

    I don't see this as legitimate business, I see it as gouging the consumer and getting found out that your "upgrades" are doing nothing more than unlocking functionality you already have.

    --
    Lost at C:>. Found at C.
  18. Re:Perhaps they can ask Google to forget that page by 91degrees · · Score: 4, Interesting

    Yes. You may be able to guess the password, but based on the "reasonable man" test, I think most people would assume that you weren't meant to guess it. I don't have a problem with this in principle. I do have a problem that it seems to allow companies to extend the reach of copyright.

    My way of seeing it is that anyone who buys the oscilloscope has a legally acquired copy of the software. They just can't access it. Actually accessing legally acquired software should not be illegal. It's not like there's a business model that would be unsustainable without the protection. If they don't want people to use the software, then don't give them the software. If they pay extra then provide the software.

    I agree with your desscription of it being "crippled". This is essentially a law criminalising repair. In the physical world, if I were to sell off faulty stock (which is legitimate as long as I was honest about the fact that it was faulty), I would not be able to use the law to prevent them from repairing it, even if the buyer was competing with my repair business.

  19. VHS machines. by tekrat · · Score: 4, Interesting

    Back in the day, a lot of manufacturers sold different types of VHS recorders, some with more "features" than others. It turned out that all the "buttons" were there behind the plastic faceplate, and it was just the faceplate itself that determined which were the cheap/feature-less models and which were the more expensive models.

    And of course, simply prying off the plastic revealed the extra features.

    So, back in the day, would that be a DMCA violation? Would that be theft? Would the IP police be busting down my door and holding a gun to my head for removing a piece of plastic???

    'Cause that's what we're headed towards, boys and girls.

    --
    If telephones are outlawed, then only outlaws will have telephones.
  20. Another example Re:A comment from the linked site: by Camembert · · Score: 3, Interesting

    In my company, one of our products comes with a useful database. The license clearly stipulates that the database and its updates are only allowed to be used with the product. It is a kind of courtesy to make that product more user friendly. For integration into big central systems the database is available separately with different licensing schemes. Predictably, in the end we had to encrypt the database to enforce compliance, as too many customers (it must be said: less so in western countries) would not care to follow the license. Just because you technically can do something, doesn't make it right, esp. if it is not allowed according to the license.

  21. Re:Perhaps they can ask Google to forget that page by countach · · Score: 4, Interesting

    So if Chrysler sold a car without working air-con and without a working stereo, but if you pay $3000 they will enable them, and then someone discovers that the technological measure is they don't put a fuse in the fuse box, and then you stick a fuse in there, is that a technological measure protected by the DMCA?

  22. Re:Not people by BigT · · Score: 4, Funny

    It varies from person to person....

    --
    Is it weird in here, or is it just me?
  23. Drivers not included. by Technician · · Score: 4, Interesting

    This is unfortunately an old practice that has been going on for decades.

    I bought a US made digital scope over a decade ago the TDS220. With it I bought the communications module providing serial RS232, Parallel centronics, and HPGIB interfaces. With it I could connect an HP Laser printer, or Epson Dot Matrix printer and produce hard copies with a limited library of printers. Ths goal was to print to my PC. Then I found out that capibility was bundled in an expensive software package which was extra. Due to my low volume, I could not justify the expense, so to post documentation online, I used an HP 1100 laser printer and a Cannon flatbed scanner.

    Tecktronics did not offer a simple driver just to capture the image on a PC.

    Needless to say, that was the last Tektronics scope I purchased. Any future purchases would include a built in USB interface, with nessarry software as part of the TCO when shopping. I won't be burned twice by the batteries not included sales games.

    As a scope, the scope works fine as long as you don't want a screenshot directly transferred to a PC. For what I paid to obtain the communications module without any communicaitons software was a huge letdown. The printer module was only a little cheaper. Without the software, that is all this module can be used for. Let the buyer beware.

    If you want to buy Made in America, the Americans need to knock off selling cripple ware. It is a bad model and is a huge customer turn off.

    --
    The truth shall set you free!
  24. Re:Perhaps they can ask Google to forget that page by macs4all · · Score: 5, Insightful

    My way of seeing it is that anyone who buys the oscilloscope has a legally acquired copy of the software. They just can't access it. Actually accessing legally acquired software should not be illegal. It's not like there's a business model that would be unsustainable without the protection. If they don't want people to use the software, then don't give them the software. If they pay extra then provide the software.

    Exactly this!

    I have personally used the MSO series of 'scopes. And I am certain that there wasn't a EULA that I had to click-through when the scope first powered-up. I'm sure there is one along with the Warranty and other info; but, I am pretty certain that, under the "Shrink Wrap" Licensing precedents, I would have not "signed" anything simply by using the 'scope, anymore than I agree to licensing of the applications that are embedded in my TV set, simply by turning it on.

    So long as you are not creating a "Derivative Work", nor "Reselling" that firmware, there simply is no Copyright issue here. Tek is DEFINITELY abusing the DMCA here, as well as simply trying to cover-up for a sloppy attempt at what is nothing more than a cost-saving measure.

    In fact, they would have had a much more defensible position if they took Hackaday to court for "circumventing security measures of a computing device" (or however that bit is worded in 18 USC...?). But DMCA "Takedown Notices" are hardly EVER challenged, and take only a lawyer-letter with scary language.