New Tech Industry Lobbying Group Argues 'Right to Repair' Laws Endanger Consumers

chicksdaddy brings this report from Security Ledger: The Security Innovation Center, with backing of powerful tech industry groups, is arguing that letting consumers fix their own devices will empower hackers. The group released a survey last week warning of possible privacy and security risks should consumers have the right to repair their own devices. It counts powerful electronics and software industry organizations like CompTIA, CTIA, TechNet and the Consumer Technology Association as members... In an interview with The Security Ledger, Josh Zecher, the Executive Director of The Security Innovation Center, acknowledged that Security Innovation Center's main purpose is to push back on efforts to pass right to repair laws in the states.

He said the group thinks such measures are dangerous, citing the "power of connected products and devices" and the fact that they are often connected to each other and to the Internet via wireless networks. Zecher said that allowing device owners or independent repair professionals to service smart home devices and connected appliances could expose consumer data to hackers or identity thieves... Asked whether Security Innovation Center was opposed to consumers having the right to repair devices they purchased and owned, Zecher said the group did oppose that right on the grounds of security, privacy and safety... "People say 'It's just my washing machine. Why can't I fix it on my own?' But we saw the Mirai botnet attack last year... Those kinds of products in the wrong hands can be used to do bad things."

AKA Security Through Obscurity

[Zamphatta]

& history's shown that isn't a good idea. unfortunately, I'm guessing the not-so-tech-savvy politicians will fall for that argument, especially since they'll get a lot of money to do so.

Re:Let's let the consumers decide

[careysub]

I don't think you are following along with this subject (though mysteriously you are currently rated "Score:4 Insightful").

It sounds like you think that there is a movement afoot to pass laws to ban people from repairing their own property. That is the opposite of what is happening here. Businesses are trying to take away the ability to repair products through purchase contracts, designing products that can only be repaired by the manufacturer (there are various ways of doing this), and restricting access to spare parts. People are trying to get legislation passed to preserve the ability to repair products, which has up to now been assumed to exist.

The whole point is that corporations are trying to take away the ability of letting consumers decide.

stop putting crap on the internet

"People say 'It's just my washing machine. Why can't I fix it on my own?' But we saw the Mirai botnet attack last year... Those kinds of products in the wrong hands can be used to do bad things."

Problem number 1 is you stupid fucks decided to put Wifi in a washing machine. I have an older washing machine with a clockwork type timer control mechanism. I had the replace he timer about 6 months ago, took all of 15 minutes to repair. My washing machine doesn't need to be internet connected.

Re:stop putting crap on the internet

[Mashiki]

Well that's because electromechanical devices have a low failure rate. If they can't charge out the ass by forcing the customer to buy an entire new front-end array for half the cost of the washing machine it's really bad for the bottom line.

Now I am working as a repair tech on stuff that includes John Deere products....

Bet that's fun, most farmers around here dumped their Deere stuff a few years ago when they decided to be pricks over the farmers ability to control their equipment. You can pick up a 2yr old Deere tractor loaded to the gills for $20k but no-one is buying. On the other side of that, the price for Fendt and Deutz-Fahr have gone up around 30% and there's parts shortages.

Annoys me that the used the word "security"

[raymorris]

It bugs me that they called themselves the "Security Innovation Center". Those of us in security have consistently advocated for the need to be able to work on devices in order to secure them. Most recently the Obama administration tried to push through regulations requiring manufacturers to "prevent the installation of OpenWRT and similar third-party firmware" on routers. We successfully argued that preventing firmware upgrades often prevents security fixes.

These jack asses do NOT represent security anything.

Okay

[c]

If you're arguing that consumers shouldn't be able to fix stuff "because security", then we presume that you're promising the stuff you sell actually is secure and that you're willing to accept 100% liability when things get hacked?

* crickets *

Well then, fuck you too.

Re:Let's let the consumers decide

[William+Baric]

You just repeated the nonsensical argument of the industry. I do think the "overrated" mod was appropriate.

Is it possible that a repair shop would install a Trojan horse on one of their customers' devices? I guess. Is it probable? No. Believe it or not, but not every technician is a criminal who wants to empty your bank account and then flee the country.

Do you also believe company should forbid people to change their hard drive and to reinstall the OS on their computer because they would end up being "controlled like a puppet?"

Re: Let's let the consumers decide

[Puls4r]

By your reasoning , we'd be finding gps trackers installed in our cars so independent repairman can sell or location data. Plumbers would install remote shutoffs so we had to call them back. By your logic, no repair would ever be a safe repair if done by a third party. You are an idiot.