Slashdot Mirror

← Back to Stories (view on slashdot.org)

You Can Legally Hack Your Own Car, Pacemaker, or Smartphone Now (wired.com)

Posted by msmash on from the fixing-things dept.

Earlier this year, we ran a story about how even possessions as personal as one's car or tractor, or insulin pump could not be legally hacked by the owner, but those constraints are things of the past now. From a report on Wired: Last Friday, a new exemption to the decades-old law known as the Digital Millennium Copyright Act quietly kicked in, carving out protections for Americans to hack their own devices without fear that the DMCA's ban on circumventing protections on copyrighted systems would allow manufacturers to sue themt (Editor's note: the website may block users who use adblocking tools. Here's an alternate source). One exemption, crucially, will allow new forms of security research on those consumer devices. Another allows for the digital repair of vehicles. Together, the security community and DIYers are hoping those protections, which were enacted by the Library of Congress's Copyright Office in October of 2015 but delayed a full year, will spark a new era of benevolent hacking for both research and repair. "This is a tremendously important improvement for consumer protection," says Andrea Matwyshyn, a professor of law and computer science at Northeastern University. "The Copyright Office has demonstrated that it understands our changed technological reality, that in every aspect of consumers' lives, we rely on code," says Matwyshyn, who argued for the exemptions last year. For now, the exemptions are limited to a two-year trial period. And the security research exemption in particular only applies to what the Copyright Office calls "good-faith" testing, "in a controlled environment designed to avoid any harm to individuals or to the public." As Matwyshyn puts it, "We're not talking about testing your neighbor's pacemaker while it's implanted. We're talking about a controlled lab and a device owned by the researcher."

3 of 106 comments (clear)

  1. Re:About damn time! by zlives · · Score: 5, Informative

    you are liable even if you don't hack it.

  2. Re:About damn time! by phantomfive · · Score: 1, Informative

    Actually, I've already got one: a pacemaker is a medical device, and altering its code changes it, thus is verboten. This is a good thing: every time a medical device's firmware changes, it needs re-certification, so they can't just load new shit into their devices and sell them as if they were already FDA-approved and tested to perform their function correctly.

    FDA certification means nothing. I've seen dreadful code approved by the FDA.

    --
    "First they came for the slanderers and i said nothing."
  3. Re:About damn time! by mrchaotica · · Score: 3, Informative

    There won't be any challenges, they just won't sue you under the DMCA.

    That's a victory!

    They'll still void any warranty you may have and either refuse to work on it, or just fuck you bigtime if anything goes wrong that's even remotely connected to the "hack".

    No, that's what the Magnuson-Moss Warranty Act is for. In order to void your warranty, the burden of proof is on them to show that your modifications caused the problem.

    --

    "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz