Hardware “Security” and a DMCA Takedown Notice

tektronix-autoLast week we published a post about how it was discovered through trial and error that Tektronix application modules are designed with laughable security. We’ll get to that part of it in a minute. We received a DMCA Takedown Notice from Tektronix (which you can read after the break) demanding that we remove the post. We have altered the original post, but we believe our coverage of this story is valid and we don’t agree that the post should be completely removed.

First off, Tektronix sells the modules to unlock the features already present on the Oscilloscope in questions. We’re operating on the moral assumption that using these features without paying their asking price is wrong. If you want the features they’ve developed you should pay for them.

The real story here is that Tektronix designed a woefully weak system for unlocking these modules. Learn from this. If you’re ever designing a hardware key, don’t do it like this!

An EEPROM, a connector, and a plain text string of characters which is already published publicly on their website is all that is necessary to unlock these “crippled” features. Let’s just say that again: apparently every hardware key is the same and just uses a plain-text string found on their website which is not encrypted or obfuscated. If you were selling these keys for $2.99 perhaps this would be adequate, but Tek values these modules at $500 apiece.

If you were designing this system wouldn’t it be worth using an encryption key pair based on the serial number or some other piece of unique information? How do you think this should have been done? Leave your comment below.

 

  I am the Chief Intellectual Property Counsel at Test & Measurement group of companies including Tektronix, Inc.

I have been notified of a posting on the “Hack A Day” website concerning hacking of Tektronix’ copyrighted modules for use in oscilloscopes.  Hacking those modules permits unauthorized access to and use of Tektronix’ copyrighted software by means of copying of Tektronix’ copyrighted code in those modules.

http://hackaday.com/2014/07/28/cloning-tektronix-application-modules/

A copy of the offending posting is attached for your reference.

<Copied text removed>

The posting includes instructions for how to hack our modules and thereby violate Tektronix’ copyrights.

Tektronix has a good faith belief that there is no legal basis for this individual to provide such instructions to anyone, much less on a public forum.

I hereby submit that the above statements are true and accurate, and under penalty of perjury state that I am authorized to act on Tektronix’ behalf.

In view of the above, Tektronix demands that the posting identified above be expeditiously removed from the  website.

Very Truly Yours,

304 thoughts on “Hardware “Security” and a DMCA Takedown Notice

  1. Engineers spend OPM and care little about unlocking “occult” features in test equipment unless it is their personal piece. Unlikely HP lost a dime due to poor encryption, lost face yes. Home Hardware hackers unlikely to BUY those features anyway, UnLikely to buy HP New as priced too high. MHO

    1. Making these as simple as possible was the best decision Tek could have made. Since their target market is more than willing to pay for the modules, why waste engineering time on something more complex.

      Not only that, if you have something more complex, its more likely to fail. And when it fails, it fails someone in the 99% of your good paying customers that you want to keep.

      TL;DR, See: UPlay

  2. >We’re operate on the moral assumption that using these features without paying their asking price is wrong.

    I don’t know who to despond to that. To me it shows a rather fundamental disconnect with the hacker community. With one of us anyway, might be me.

    I don’t think old hackaday would have agreed with that, but new hackaday seems to care a lot less about open-source, and even supports makerbot despite their ongoing corporate clusterfuck of open-source ideals.

    I think that locking away features that you could be giving away for free is wrong, especially among tools.

    It’s captured value vs created value. Lots of things create value across an entire society, like free (preventive) healthcare or education. But they don’t have any way to actually capture that value. So we rely on a bunch of terrible government shims to try and sort it out.

    If you lock away features your machine is capable of, you’re trading a bunch of value for the ability to capture a little bit more of the value you create. You can still be profitable without implementing DRM feature locks, and a lot of people are going to be better equipped to solve real world problems, there would be more money flowing into the economy as a whole if you didn’t use DRM, but you might not make *quite* as much money.

      1. Which part? The makerbot fucking over open-source, or the “you guys support makerbot” bit?

        Your coverage of the makerbot patent thing is here.

        http://hackaday.com/2014/05/24/makerbot-files-patents-internet-goes-crazy/

        Last time I read it, it seemed dismissive. But that was just a quick skim. I think that anyone who didn’t look at it in depth would think it was generally positive of makerbot.

        The title implies that the people upset with makerbot are “acting crazy”. There’s a long quote where you post Bre soapboxing about makerbots positive qualities.

        But yeah, I was wrong. Reading it more in depth you do come out against makerbot. I think that article was probably a good thing from their PR’s perspective anyway.

        And you’ve certainly been supporting that kind of anti-competitive practice more lately.

      2. Brian, seriously? Makerbot IMO attempted to steal the contributions of the open source community that helped put them on the map in the first place by attpting to take credit for and then patent the work of others. That constituted the most egregious betrayal of the trust that is the core of the open source movement that I know of. HAD should use their
        influence to encourage a boycott of Makerbot and anyone affiliated with them or that promotes, sells or profits from them. I decided that I will not do business with Adafriut until they remove MB’s products from their catalog.

          1. First amendment does not protect instructing people how to break the law. Even if it’s only how to copy paste stuff from their webpage, it still violates the DMCA, which for the foreseeable future will be upheld.

          2. Actually, the first amendment protects all speech that doesn’t infringe on others’ rights (libel, intellectual property, etc), not just to protect so called “legal” speech — the whole point was to make it so that the legislatures could NOT make laws stopping you from criticizing them, or the companies that pay them off (eg tektronix). In fact, the courts have ruled several times against censorship and prior-restraint. Publishing an article describing how easy it is to get around a DRM scheme is a criticism of their business practice, but is not the same as publishing their intellectual property. The fact that congress, the president, and the courts no longer seem to give a rip about the Constitution these days (NSA spying, DCMA, executive orders, and on and on) does not alter what the founders actually wrote and meant.

          3. @leithoa DMCA covers encrypted DRM by making it illegal to break the encryption.

            This is just an eeprom with an unencrypted text string.

            I would argue that the DMCA does not apply here.

          4. @ TM
            The first amendment only applies in United States v. legal entity. Companies and individuals can censor and sue all they want. Saying a specific security system is weak is different than publishing detailed work-arounds.
            As you alluded, if we want things to change the DMCA needs repealed.

            @ Eldorel
            Just because the bank you use leaves the code to the vault written on a post-it stuck to the vault door does not grant you license to use the contents of the vault.
            The tektronix and HaD legal councils seem to agree that DMCA does apply, or at least it’s not worth challenging over this article.

          5. @Leithoa
            Your analogy is faulty.

            In this case the bank sold you a house with a vault in it because they passed a law making it illegal to open the vault without a code.
            Then you find that the banker left a post it note stuck to the door.

            The vault is your property, the house is your property, and the bank was kind enough to give you the code. (by posting it on their web site in this case)

          6. @Eldorel
            by virtue of being locked away(regardless of the quality of the lock) the contents of the vault are not yours unless you buy the code. The heart of the matter lies in whether privilege escalation is illegal. Currently it is, whether it should be is a different debate than the one the Lawyers are having.

      3. Nothing has made me think hackaday supports makerbot, but then I actually read the articles.
        I think the way this was written takes into consideration the view of those that think this hack is wrong, while giving the nod to those that like this kind of thing.

    1. “I think that locking away features that you could be giving away for free is wrong, especially among tools.”

      When the hardware is fully capable and you intentionally cripple it, yes. But if the modules added new hardware or even if it was software which took time to develop and support, then I would say they have a right.

      But purposefully locking out features that really cost you nothing more to develop is a shitty practice. I do understand the argument how selling an uncrippled version subsidizes the ability to sell the tool for less to certain markets, but in my opinion that just means it is far too overpriced to begin with.

      Don’t worry, though. This won’t last long. The more people that catch on to this tactic, the more it will hurt the businesses that employ it.

      And besides, just who did they think they were selling their equipment to? Do they really think engineers are stupid enough to think the module holds some magic pixie dust? Of course they are going to unlock it and many probably already had before the article was published.

      1. “Do they really think engineers are stupid enough to think the module holds some magic pixie dust?”

        They might have had the silly assumption that their target market were engineers and not thieves.

        1. And indeed, 99% of engineers using this professionally will buy the modules. But that does not mean they are stupid enough to think there was something magical about them like adding new hardware.

          I agree that it is wrong and illegal, but I stand by my statement that it is a shitty practice that will end.

          1. Agreed. This isn’t thievery. You bought the hardware, and they technically sold you the software but are double dipping to get more from you. Its a garbage payment system. Another fatal flaw on their behalf is the failure to execute this unlocking feature using industry standard techniques. If you are selling electronics equipment to a plumber I could imagine this would suffice. For Christ’s sake, they sold you the tool you could use to defeat its own module system. ‘Hey let’s sell this lock to a locksmith but require a special extra key to unlock the more premium features of the lock.’ Facepalm.

          2. If you paid money, and they shipped product, then whatever is in the box should be yours. Their dumbstupid for shipping software you didnt pay for, and providing the unlock key unencrypted in a public website.

          3. As I understand it, if a company ships you something you didn’t order then you can legally claim that as being yours now, even if they then come back and say they didn’t mean to and could you return it. I’d be pretty close to seeing this as the same, you’ve ordered a product with certain features and they’ve shipped one with extra features. Ergo those extra features are yours and you can unlock them if you want

            That said, if there is a *licence* agreement as part of purchasing this product then that’s a different matter. That’s how consoles like the xbox or software packages do it, you agree as part of your purchase that they have a right to x, y and z and if you breach that right then you’re in violation of copyright (paraphrasing, obviously). I’d be surprised if there were such a licence agreement for an electronics component though, it’d be a bit difficult to prove that the person had agreed to it since, unlike a games console, they can’t require you read it and agree to it before using the part

      2. >When the hardware is fully capable and you intentionally cripple it, yes. But if the modules added new hardware or even if it was software which took time to develop and support, then I would say they have a right.

        I’d agree with that. I mean it’s far from ideal. Capturing value and creating value are very often at odds. But you do need to capture value, and that’s a pretty unambiguously alright way of capturing value.

        Still not ideal. But the best we can really hope to do when we’re stuck with a scarcity based economic system that doesn’t really map properly to intellectual property.

        1. I would argue that the DMCA was passed really just to enable companies to do things like this.

          People will stop supporting businesses that do this and begin rewarding companies that don’t with their business, I am convinced of that.

          Yes, it is legal for them to do this. And yes it is illegal to circumvent it but it is still a shitty practice.

          Well, it is not not automatically “illegal” – a court would have to rule on that and that is how laws are changed when they are challenged in court and precedents are set.

          1. I would like to discus the interesting concept of Jury Nullification.
            Is the person guilty of said (some) law? Yes. Is the law itself wrong? Yes.
            Find them not guilty. Obviously, it’s more complex than that. However, jury nullification is a very powerful weapon we citizens wield against governments making really dumb laws.

      3. >When the hardware is fully capable and you intentionally cripple it

        it’s not that simple

        if you are paid to work 8 hours and only work 8 hours even though your body is capable of working 12 hours are you “intentionally crippling it” or are you just delivering what you were paid for?

        1. If you put in 12 hours of work, when they only contracted for 8 hours of work with no exceptions for extra hours, are they short changing you by paying you just for the 8 hours, even if they enjoy the benefits of all 12?

          1. if you are a non-exempt employee, then yes, the business is short changing you, and will have to do back pay at overtime rates.

          2. We are talking about one shot contract work. Fixed payment. But if a non-exempt employee works overtime, against policy, they can be fired and even sued for time theft.

          3. Forgive me, but that is quite possibly the dumbest argument I have ever heard. Others have covered my reasonable response…

            BTW, I am an exempt employee, so I have often had to work 80 hours a week with no extra pay. It was a contract that I agreed to.

        2. There’s a problem with that. you aren’t selling yourself whole when it comes to working 8 hours, you are renting yourself out for those 8 hours. from the perspective of the slaver (hardware owner) the person selling you the slave (Oscilloscope) is being stupid in thinking you won’t make the slave (Oscilloscope) give you all the time (features) it’s capable of in the first place.

          This kind of security would make sense in the context of a RENTED Oscilloscope but for one PURCHASED OUTRIGHT it makes no sense.

          Their best course of action for their security and financial gain would have been to keep the software for the features the module is supposed to provide ON THE MODULE. simply have the oscilloscope check for modules, if a module exists load the firmware from the module instead of the internal firmware.
          OR
          If these modules are 1 time use and then you don’t need them to use the oscilloscope or the features it provides, have the Oscilloscope check for the module upon boot, if a module is installed upon boot the Oscilloscope will install the software from there.

          But going Tamagochi with a thousand dollar device is the one thing they should NOT have done.

          1. you have a contract that say you don’t get paid overtime, that would be equivalent to buying and paying for the scope with all the options included

            if you buy the scope with option X, why do you expect option Y for free anymore than you would expect someone with a contract for 8 hours to work 12?

            if a manufacturer cannot charge for unlocking features, then you cannot sell software

            When you buy a PC it doesn’t automatically include the right to run all software ever made even though the hardware is capable of doing it

    2. No part of hacking new functionality into something gives you the rights to unlock functionality other people have made but locked away poorly.
      Hacking is about adding stuff, or altering stuff. Creating something anew.
      In the case of hardware locked stuff you arnt creating – your merely gaining from someone else’s creation.

      Now, you might argue said functionality isn’t worth the money you might pay for it. But when it makes financial sense to build it in but lock it away rather then have another production line makes no difference to that equation.

    3. From the developers point of view the unlocking of options makes a lot of sense.
      The Developer could make a different model with different combinations of features and differnt price points.
      They could only offer one device that does everything and spread the cost over the entire customer base.
      Or offer to unlock the features needed for those that are willing to pay for them.

      It does cost money to develop and test software/firmware just as it takes money to develop hardware. It is all about how to recover costs.

  3. I was waiting for this to happen, i dont agree with it at all but i mean teks lawyers probably had a shitfit … in my eyes YOU bought the scope, YOU own the scope and YOU (in my eyes) can do whatever the hell you want with it and the code inside, if YOU plug in a module YOU designed and it improves the scope i dont think tek should be able to tell you not to

    if he went and sold preloaded modules then yeah but he is not!

    But i must add that censoring the comments in the original post was a bit much

    1. “”YOU (in my eyes) can do whatever the hell you want with it and the code inside,””

      So when I buy a video-game I can do what I like with whats on the disk and publish it where-ever I like?
      Your arguing against any form of copyright here.

      1. No you seem to completely skip over a key point here, he is not publishing the code inside the equipment or even the dongle/cartridge thing, he simply made a PCB of his own design that fits into the space where tek also sells cartridges than loaded a code that tek publishes publically on there website

        There was absolutely no violation of copyright here, the only CLAIMED violation was DMCA … need a point you to the recent supreme court ruling that you are allowed to root your devices if you have purchased them, this was banned in the DMCA, what makes this any different?

  4. “We’re operate on the moral assumption that using these features without paying their asking price is wrong.”
    Don’t you mean legal requirement? Screw copyright and all other monopolies.

    1. umm…copyright is not the same as a monopoly.
      Patents can be, if its the only way to do something, but copyrights certainly arnt.

      1. Copyright certainly is a monopoly. That’s the whole point of copyright – when something is copyrighted, the copyright holder has exclusive rights to reproduce it, and they can use lawsuits to ensure that no one else sells the same product.

        For example, Microsoft uses copyright to sell copies of Windows on DVD-ROM for hundreds of dollars, even though anyone with a DVD burner can manufacture their own copies for pennies. The price stays high because no one else is allowed to sell them. That’s the power of monopoly.

  5. I will spread the word about what happened here, this is clearly not beneficial to Tectronix’ reputation. Is HaD in legal trouble now, or was altering the article enough to allay Tectronix’ wrath?
    Will buy HP scopes only from now on (oh wait, it’s “Agilent” now ( oh wait, it’s “Keysight” now))…

        1. I’d like to know what “DRM” really is defined as. Is it a ROT13 cipher? Or is it a IDEA encrypted key file? Or is it a secret button on the GUI you click? Or how about a SKU that is public?

          1. It’s not defined in technical terms or specifications. That’s not how these laws work: the law would be totally irrelevant the second a new encryption algorithm gained favor, and even before that it would be trivial to circumvent. The law literally deems illegal *any* circumvention of intended restrictions, however weak, as well as any software, hardware, or information that allows you to do so, *irrespective of the intent of the user to actually do so*.

            That last part is why the DMCA is a bad law, imo. It technically (arguably) makes things like CD burners illegal, as well as a whole host of software modifications to, eg, smart phones and game consoles, again regardless of the intent of the user. It’s all up to the legal precedent and how much money you have to pay lawyers to argue with judges. This is how companies are able to demand takedown of things like private keys despite them being literally just numbers.

            This kind of nonsense is morally wrong, or at the very least a gross over-extension of legitimate rights, but the simple fact is that companies are entirely within their legal rights. The takedown notice received by Hackaday is in no way legally invalid, and it’s a little crazy to, as some commenters suggest, demand they fall on their swords by playing chicken with a company that not only has deeper pockets but the law on its side.

            Sidenote: it’s very easy to fall into the trap of assuming that, because you are an expert in one form of complex formal logic (programming, engineering), you are qualified to understand others (law). Don’t do it! Unless you have specifically read the law (not *about* the law, the actual law) AND read analysis from actual legal experts, to include examination of existing case law, you are not qualified to comment on jack shit about the DMCA, even in a casual context.

          2. “The takedown notice received by Hackaday is in no way legally invalid” – really? Can you answer one simple question, then? What copyright work is being copied, or what technical protection measure made to prevent copying is being evaded?

        2. It might not legally be suitable because (as far as I’m aware) circumventing DRM in itself isn’t a violation of copyright. Circumventing it so that you can violate copyright is, such as chipping a console meaning you can now play pirated games on it (even if that wasn’t your intent), but the DRM has to be in place to protect someone’s copyright.

          In this case we’re talking about physical features of a physical product though. There isn’t any copying involved on your part, just unlocking something which the manufacturer has already added. It would be like suggesting that bypassing limiters on a processor so you can overclock it is violation of copyright because the manufacturer wanted you to pay extra for those extra cycles. Hardware isn’t really a copyright thing, and if you aren’t actually copying it then unlocking software isn’t either (unless you’ve signed a licence agreement, in which case most of this goes out the window and it’s down to that agreement)

          1. Anti-circumvention is explicitly in the DMCA. “No person shall circumvent a technological measure that effectively controls access to a work protected under this title”

  6. I would also argue that the people that would just buy the modules have the money. The people that hack it, don’t. So, they never would have sold those modules to that audience anyway. And no company in their right mind (the people with the money to buy the modules) would defeat something like this and put themselves at risk. But trust me, nobody was shocked that the modules weren’t just a hardware key.

  7. Why not actually place the code in question on the module? Yes, it would increase component costs for both the host and the add-on card, but at least what you purchased actually constitutes the “feature”.

    1. It would vastly increase the price, code run off a stick might run a lot slower, and it opens the device to run random code off a stick.

      They spent however many million designing a scope with a thousand features, then decided that selling it at full value ($10k or whatever) would prevent most people buying it, so slugged out some features to sell it at a lower price-point (3k or so) to those who might otherwise not afford it. Then, to allow people to upgrade rather than having to sell a scope and buy a new one, they offered the extras as enable-able ‘modules’.

      And then most HAD readers crucify them for it?

  8. screw the dmca!!!! if they they really care then they should have thought of that before they made the application module for sale.

  9. They are obviously learning from the US Government method of “security”: leave the door open and scream that anyone poking their head through it is a terrorist.

    1. So if you leave a door or window open in your house I can help myself to the contents? Great! where do you live? I’ll be right over…

      1. Except that this isn’t depriving anyone of their possessions. It’s more like offering someone a solo drive in your car but insisting that they don’t use the cigarette lighter, then getting pissy when you find out later they plugged their satnav into it

        1. But that is a completely different argument (albeit one I don’t necessarily agree with). The point I am making is just because something (you don’t own) isn’t locked away effectively doesn’t give you the right to take it – or use it.

          1. What is it that you don’t own in this case? The scope is clearly yours. The firmware came with it and is a legitimate copy by virtue of being included in the scope. Not to mention, you don’t _own_ copyright works, you have a license to them; ownership is not the same as licensing, which is why copyright infringement is not the same as theft.

            You can even sell the ‘scope to someone else, and the license for the firmware transfers likewise, under the first sale doctrine.

          2. Of course you can own copyright, copyright is bought and sold all the time, and it is that ownership that you are infringing upon if you access the copyrighted item without authorisation (which normally entails a fee). No one buys the copyright of an item so that they have sole access to that item, they buy it so that they can sell access to that item. If you access that item without authority what you are doing is infringing on the right of the copyright holder to restrict access to that item – a right that is protected by law.

            But I reiterate that has nothing at all to do with my argument which is merely that, the lack of your providing what we might conceive as “adequate security”, does not give someone else the right to infringe YOUR rights.

            In an ideal world there would be no need for locks, bars, passwords, dongles, etc. The law, in general, provides adequate protection of ownership, it is our realisation that the *implementation* of the law is so woefully inadequate that we need to take our own protective measures,

          3. You’re not really disagreeing with me. My point was that when you buy a piece of software – or some hardware containing some – you obtain a license to the software. You do not buy the copyright.

            This is, as you say, irrelevant, though – my real point is that since there is no illegal copying occurring here, nor any circumvention of measures designed to prevent copying, copyright law is inapplicable here.

          4. LOL well I may still disagree with you but the problem is you are stating things that have no relevance to my original comment.

            I am NOT arguing whether the use of these “protected” features without purchase is an infringement of copyright (or anything else) – I am arguing that IF access to those features IS protected under law then the lack of what might be deemed by some to be “adequate security/protection” does not prejudice those rights. In other words, just because I leave my front door open does not give you the right to come and pinch my TV.

            However, I will go on record here and say I do believe the procedure as stated in this and the other article is a form of “cracking” and I am confident it would be seen as a violation of copyright (despite the name copyright is NOT restricted to copying it also includes use) in a court of law.

          5. Really? Can you elaborate on what provision of copyright law you think it violates?

            Just because you’re doing something with software, and it’s not something the manufacturer wants you to do, doesn’t mean they’re protected under copyright law.

          6. Oh it’s quite simple – you are accessing (using) software (or more correctly functionality) you haven’t (and no one else has, which is a subtle, but important, difference) paid for. I think that they would have little trouble proving in a court of law that access was restricted by copyright.

          7. But you have paid for the software – it’s just coded to lock some features out. They even supplied the software to you. Are you suggesting that by owning the scope I’m posessing unlicensed software, whether I like it or not? And that if I sell the scope to someone else, I’m violating copyright? Because those are the implications if you really believe someone can sell you a piece of equipment containing some code that you have no rights to use.

  10. Interesting how a number of comments on the original post discussed whether this was theft or not AND on this post HaD editors went with “We’re operate on the moral assumption that using these features without paying their asking price is wrong. If you want the features they’ve developed you should pay for them.”

    Meanwhile on the MAME/C64/NES/ROM emulation post of the week nobody seems to care that the post is all about using stolen ROMs (or “the entire C64 library in his pocket” in one post) and HaD certainly doesn’t feel it is necessary to regularly remind users that using ROMs without paying for them is wrong. I guess the DMCA take down is the difference in the attitudes about other people’s intellectual property in these cases.

      1. Sure, but both are covered under the same laws. Equal justice under the law etc. I’m sure HaD enjoys its legal protection as much as the next guy. http://hackaday.io/tos has a nice section on how they respect the intellectual property of others.

        1. Current laws in the US allow for downloading of ROMs and software if they’re for platforms that have been rendered obsolete. The same goes for breaking copy protection and things of that nature. Pretty much, the exception was made so that people that need to use, or want to preserve, obsolete hardware or software, can do so legally.

          Here is the text giving the 2003 exemption:
          “3. Computer programs and video games distributed in formats that have become obsolete and which require the original media or hardware as a condition of access. …The register has concluded that to the extent that libraries and archives wish to make preservation copies of published software and videogames that were distributed in formats that are (either because the physical medium on which they were distributed is no longer in use or because the use of an obsolete operating system is required), such activity is a noninfringing use covered by section 108(c) of the Copyright Act.”

          There is a 2006 exception that extends this same idea to software in general, that is not being supported any longer by its copyright holder.

          This Tek scope issue is more controversial, especially seeing as the scopes aren’t considered obsolete.

          1. There is a 2006 exception that extends this same idea to software in general, that is not being supported any longer by its copyright holder.

            Hey, does this mean it’s actually legal now for me to install my paid for but TOS instance-limited copy of VB6 on as many computers as I want, since Microsoft no longer supports it and won’t sell me more legal copies?

          2. IANAL, but to me your quote from the 2003 exemption reads as if you are allowed to *preserve* such material if you are a library or an archive. It doesn’t say that such archives are allowed to *distribute* that material. (By the way, thanks for quoting that exemption, I wasn’t aware of it before, it was certainly a step in the right direction.)

  11. “We’re operate on the moral assumption that using these features without paying their asking price is wrong.”

    I am having a hard time following what you are saying here exactly. We’re operate? What do you mean exactly?

  12. Think about it this way: the engineers who designed this scope probably got some stupid requirement from marketing and/or legal and did the least amount of work possible to make the scope have more saleable features. In other words, they covered their behinds and made it convenient for us to do something about it. Thank you, Tek engineers!

    But this once again proves the point of the DMCA isn’t to protect innovation, but to give corporations a legal means to whack other people/parties at their discression, and for whatever sum of money they deem fit.

  13. I’d be interested to know if you received the takedown notice by email or by certified mail.

    Also (and given that I have far less to lose than you do in this case), the notice attempts to make some points that I would be tempted to say “prove it” in response. I’ve seen too many cases of legal blustering substituting for solid application of the law for me to simply bend over backwards in “compliance” at the first whiff of trouble.

    1. It is almost never a case of what the law says, but who can afford to persevere through the legal process… Few are willing to spend the time and money to simply ‘prove a point’… It is unlikely that any one individual or even small company could afford to fight a case like this.

  14. In the good old days, Tek and HP instruments had options, e.g. pay an extra price and one got another board in the instrument that implemented an additional feature. Every instrument had exactly one model that was designed for maximum performance/price. Money for well designed hardware. Fair.

    Nowadays they cripple their software and hardware in the hope that the stupid buyer discovers that the scope, which he bought a reasonable amount of money, is quite useless without some basic additional features and gives them more money to uncripple their software or hardware. Fair use would be if the cheap 200$ scope modell would be designed from cheap components and the better ones with better components.

    1. How do you feel about CPU or GPU binning? Printers? It’s cheaper to manufacture one doodad and customise it with software than it is to tool up for different SKUs. If the saving can be passed on to the consumer, where’s the problem?

      Manufacturers will always intentionally cripple cheaper products. The new way is just less wasteful and more visible.

      1. Are you even paying attention to what you are saying? You say it is cheaper for the manufacturer to generate one device. So, therefore the price they are selling it for is overpriced! It costs them exactly the same amount of money to make my scope as the more expensive scope. Actually, it is MORE expensive to produce my cheaper scope because now you need to also develop and manufacturer a module and firmware mechanism to purposefully prevent me from accessing all the features.

        You want to argue how it is more convenient and advantageous for the company to do it this way because it is “cheaper”, but what about the fact that in all honesty, they are artificially overpricing it, so it is more expensive for the consumer.

        With the extra modules, it actually cost them money to make those modules. In this case, it costs them nothing extra and as I mentioned actually cost them more to cripple it.

        IOW: The rights of the company trumps the rights of the consumer. Sounds about how the government has been operating with the creation of these laws. Carry on, then.

        1. Have you seriously thought about that you’ve said? Do you think research and dev is free?
          Are you willing to write code for free? Software devs have to buy food, you know, we don’t live off air.

          It’s cheaper to build one hardware device, but the dev time spent on the higher-end features needs to be recouped!

          In almost all tech projects, there is a large R&D cost which needs to be recouped. The R&D cost is fixed, regardless of how many units you ship. So you have to price the products appropriately to maximise revenue. If you sold the high-end version at the cheap price-point, you might sell a few more, but you’d lose the revenue that many people would happily have paid had you priced the high-end version higher.

          1. So, are you suggesting that they didn’t get paid? That they will starve if I don’t buy their overpriced and overvalued test equipment?

            You know, perhaps they should go cry to their manager and CEO that make 10-100x what they make.

            It is still far overpriced if they can sell it cheaper. Period. End of discussion.

  15. I can just see the marketing team meeting going something like this….”So, those easy to hack modules, got hacked, but didn’t get much press….so let’s raise a ruckus about it, and well sell more units. Johnson, send a DMCA Takedown Notice to HAD, that should give up a bump in sales we were looking for!”

  16. I will never buy their equipment. Plain and simple. I refuse to invest in equipment that a company has decided to artificially lock down just for the sake of holding the hardware hostage unless I spend huge amounts of money on something that I actually do not need in order to get the most out of the equipment.

    1. if the hardware does what you expected it to do for the price you paid for it, why would you care? and why would you spend money on something you don’t need?

    2. Then you will likely NEVER buy any commercial CNC equipment. They routinely lock down features and productivity enhancements in software with passwords which simply make them usable. Features like rigid tapping, high speed machining . . . it seems counterproductive to me as those enhancements make the machine more useful and thus more desireable to the end user, especially the small shops who simply cannot afford the “upgrades”. Kind of like buying a car who’s software limits it’s speed to 55 mph. Perhaps they think God offered Adam an apple eating software access code, and the Devil offered Eve a Hack.

          1. My point was that Rigol is friendlier to the hacker community, willing to learn from the past and move forward, or at the very least they just don’t care. Any way you look at it, Rigol has not been outright hostile toward a large segment of the measuring equipment buying market, as far as I know.

          2. DainBramage1991: Rigol is a Chinese company that exists like most Chinese companies–ie, they routinely steal others intellectual property. I do not believe that their nation has any legal understanding of copyright or such…. Hence not much they could say.

      1. It’s easier for the amateur community to belove cheap Rigol DSO’s than $5k+ Tek units, and Rigol are probably going to gain reputation & sales overall just from the publicity, whereas Tek might take the view they’re more likely to lose a load of $500+ module sales and some face over this.

  17. Breach of contract is different from theft.
    But I’m not sure a very short string of characters is copyrightable. If so, I should just copyright all the words of that length in the dictionary and demand licensing fees from all authors who subsequently use it.
    I don’t want you to run this already existing and installed software protected by a few byte switch is different from I don’t want you to run this chunk of software you don’t get a copy of unless you pay. How much are USB flash drives? Or even smart USB peripherals (ATtinyx5+LUFA)?
    There was a Windows Server that was just two registry entries different from the Workstation verison, with a similar controversy.

    If Tektronix put all the expansion features as an “easter egg” instead of some actual protection, either they are very stupid, or it was intentional to leave them as a “golden screwdriver”. I’m not sure the protection is the same for a cloned “golden screwdriver” as it would be copied software. The valuable copyrighted software is already there in the scope.

    Next thing you know, someone will find the “firmware update” and patch it so it doesn’t need the modules anyway.

  18. You know the DMCA has a put back option for the original poster if HAD is claiming to be a service provider, thus who ever put the post up can request it be back up under a number of reasons and under the DMCA HP/Tek would have 14 days to sue.

    Just saying.

    “Copyright protection only applies to “original works of authorship” that are “fixed in a tangible medium of expression.”
    “Copyright does not cover ideas, concepts, and principles themselves”

    computer programs, exemption was limited to “Computer programs protected by dongles that prevent access due to malfunction or damage and which are obsolete” and this exemption was renewed in both 2006 and 2010.

    Define “obsolete” , looks like to me the posting of the information rendered the dongle “obsolete”.

  19. Feist v. Rural Telephone Service. The 9-0 opinion said that republishing facts “cannot constitute infringement” under copyright law.
    How is this hardware module, which only, literally, contains “this hardware module” not a republishing of fact?

    Lexmark v. Static Control. The Sixth Circuit ruled in favor of SCC holding that (1) some of the Lexmark software was insufficiently creative to deserve copyright protection and (2) the authentication handshake did not effectively protect the software because printer owners could directly access the software through other open interfaces.
    How is a plaintext sku of “this hardware module” sufficiently creative to fall under copyright.

    17 U.S.C. 1201 in multiple places Says “No person shall circumvent a technological measure that EFFECTIVELY controls access to a work protected under this title.”
    Emphasis mine, because how does a standard eeprom, with a plain text “this hardware module” publicly shared sku, an EFFECTIVE technological measure? Nothing about it needs to be decrypted, scrambled, hacked.

    Imagine this Textronix was a club, and the only way you can access this club is by WRITING WHAT YOU WANT IN ENGLISH ON A PIECE OF PAPER AND HANDING THEM TO IT, then they turn around and threaten to have you prosecuted for breaking and entering.

    1. “Effectively” does not mean exactly “effectually”.

      Effectively something is strictly speaking something that serves the purpose of that, regardless of the degree of success or fitness to the task as long as it does something towards the goal.

  20. I’m shocked at what I read here. Do you all agree that if someone happens to leave their door to their house unlocked, you can just walk right in and take what you please? What if the person used a 3 digit combination lock on a locker. That’s very simple to find the combination? It’s interesting how most people here feel that stealing is OK because it is easy to do so.

      1. I was unsure of the morality of the situation, but your use of all caps has convinced me. And if the caps hadn’t convinced me, then your name calling would have done it.

        1. You have taken a morality stance based on one persons poor attitude. Hahahha.

          The example is not right, it’s more like I bought a house with the option of a key to a lawnmower, which I didn’t buy. There turns out to be a locked shed on the grounds with a lawnmower in it. I check my deeds and it turns out I own the shed and the lock and the lawnmower. Because I chose not to buy the key I’m not allowed to use the lawnmower even if I find I can lift it out the shed window.

          The Tek scope contains code protected by a lock. If you own the scope you legally own a copy of the code. It’s just that you are not allowed to run the part protected by the lock.

          Prior to DMCA and it’s echoes I could do whatever I wanted with what I owned. Morally what you may feel will depend on if you agree with the crippleware marketing model. I feel the right way to do this hack, legally and morally is to write new code and apply that to the scope to make it better.

          1. I have an opinion on the morality of the issue, but that wasn’t what my comment was about. I’m not sure why you laugh, as it seems obvious to me. I was mocking cde’s tenor — rather than having a civil discussion, he tries to establish dominance by shouting and name calling. He did it more than once. That kind of stuff works against the idea that hackaday is a community. Instead cde apparently thinks this is a yahoo news forum.

    1. You can’t apply the logic of physical property and scarce resources to information. They are very different things.

      You just need to figure out what results in the best situation for everyone. Obviously stealing generally doesn’t, because it’s just transferring one scarce resource for another.

      But look at robin hood as an example. Why is it generally considered to be alright when he steals, but not normally?

      It’s because of an affect called “diminishing marginal utility”. That is to say, 1 person owning 100 hamburgers increases the net utility of humanity a lot less then 100 people each owning 1 hamburger.

      Things are more valuable when you’re poor. So if you’re trying to optimize for humans having the most value, it’s generally better to give resources to people who have nothing, then to add a bit more to people who don’t.

      Of course that’s a vast oversimplification that doesn’t take into account investments, or technological progress, or a lot of things really. In reality it’s not better to always give resources to the poorest. But you get the idea.

      These things are a lot more complicated then just “it’s stealing when you do it to physical things, so it’s stealing when you make a copy”. Discussions of morality are always tricky, but ultimately it comes down to “what rules result in the best lives for everyone”.

      Sometimes things change, and you need to re-think the rules.

      1. “You can’t apply the logic of physical property and scarce resources to information. They are very different things.”

        Sorry, but you are mistaken. All property whether physical or intellectual is ultimately the product of human labor–from whence its value is obtained. When either is taken without compensating the owner, you are effectively enslaving (for a period of time) the producer/owner of the property. Since you have deprived them of the product of their labors.

        The fundamentals never (extremely rare in a cosmic sense) change… Hence the rules that govern the fundamentals have no need to change. Theft is theft.

        1. “All property whether physical or intellectual is ultimately the product of human labor–from whence its value is obtained.”

          Even if we did take this statement as true, a piece of information would still carry zero value in terms of labor, because information once made is infinitely replicable at virtually no cost, at least to the original maker.

          ” Since you have deprived them of the product of their labors.”

          How exactly? Do they somehow forget it if you make a copy of it?

          If you’re arguing that you’re depriving them of money, you’re in deep problems precisely because of the infinitely copyable bit. You’d be arguing that the person who made the code should deserve all the money in the world, because one can make an infinite number of copies.

          One simply cannot treat information like physical resources that are scarce by their very nature. The value of a piece of information is necessarily only in the making of it, and not in how many copies are made or who uses the copies.

          1. Furthermore, if you then argue that the person deserves to be paid by how many copies and who uses them because of the further value -derived- by using the code, you would be shifting the goalpost and going into consequentialist arguments, which is no longer the same as the work-value theory you’re using.

          2. developing software takes labor, if it takes selling 1000 copies to get a reasonable pay for that labor but only one copy is sold because the rest just copy it then the developer was deprived of money even though the act of copying is free

          3. The product that is being stolen here required labor to produce. The number of ‘copies’ is irrelevent. The very act of theft proves the product has value. You are stealing that value from the owner of the product. Scarciity has nothing to do with it. Your argument is sophistry to justify theft, nothing more.

          4. You’re all missing the point here. The R&D is a fixed cost, so as the number of copies for the intellectual property increase, the value invested per copy tends to zero, therefore the price should tend to zero.

            So essentially, trying to sell a piece of software copy by copy, charging however many dollars each is cheating – each copy you sell becomes more and more overpriced. The fact that you need to sell 1000 copies to break even doesn’t mean you should be able to sell a thousand copies, because the pricinple of the business is still wrong and unethical.

            With intellectual property it’s the work that costs labor and money, not the eventual products that are virtually infinite, so it’s the work that you should be paying for and not some per copy lisence or a dongle that locks you out of features that already exist and cost no more to make available.

            So the company wants to make at least 200% profit on the product? Fine, if that’s what they’re asking for then we can negotiate and arrive to a fair deal. That’s just supply and demand – they’re supplying, we’re demanding, and prices meet in the middle.

            With copyrights and this sort of pay-per-copy business model, they’re trying to weasel people into paying as much as possible by abusing the ignorance of the customers who don’t know what it cost to make and how many are made, and how many others are also paying for the same thing. It’s a gamble, and they may end up selling less than the required amount to break even, but that’s the risk they take and that’s no argument for upholding a deeply flawed system.

          5. People sometimes forget that the point of free market capitalism is not to make the maximum amount of money to whoever sells whatever.

            The whole idea is that under free competition for rational consumers, the prices of products and services would tend to approach their cost of production, so that the producers can still make a living and the consumers aren’t being cheated out of their money either. That in turn is supposed to distribute wealth approximately fairly without the need for central intervention from the state.

            Any attack on the pricinples of free competition and consumer rationality are considered market failures. Legal monopolies like copyrights are technically market failures. The per-copy payment model is a deliberate attack on consumer rationality because of the counter-intuitive property of intellectual property – the more you make the less they cost each because there is virtually no marginal cost of production associated with just pressing “download”.

          6. Dax, the one who is missing the point (and a complete understanding of economics) is you.

            The R&D are not the only costs associated with this product, nor are the costs fixed at the point it is being sold. Do all of the engineers and other get fired when this product is finished and goes on sale? No, they start working on the next product. One that isn’t generating any revenue. How do you expect their labor to be payed for, if not from the revenue of prior products… Revenue that has to cover more than just the cost of creating that product and what little profit you are willing to allow…

            Your basic premise that that the value tends to zero as the number of copies increase (while basically wrong on an economic level that you clearly don’t understand) is flawed in a way even you might be able to grasp… If each succeeding purchaser has to pay less since the ‘value’ of the product is less in your mind; how do you justify the burden of additional costs on those who purcased before you to allow your ‘reduced’ cost? It is clear that your belief is that someone else’s work should be free to you, while I truly doubt you work for free…

            The value of something is defined by what price the seller AND the buyer can agree on. If the seller doesn’t agree with the price YOU want to pay (NOTHING), then no sale occurs and your simply STEALING their labor.

            When dealing with the trade of property (intellectual or traditional), you are not paying for the cost of producing that property. Nothing guarantees the producer that they will recoup their costs or make a profit–as you correctly pointed out… That is why a free market is based upon when the buyer AND THE SELLER agree on a price. Your ignoring that seller is not required to sell at the price YOU WANT, or at all.

            What is clear is that you want to justify THEFT. You clearly don’t grasp economics, business (clearly you work for someone else), nor a ‘free market’. The free market is not about ‘fairness’ as you undoubtedly describe it. It is about mutually agreed upon exchange. If both parties agree, then the system has been followed. You advocate theft, and claim that it is ‘different’ from me deciding I want your car, house, computer, etc… and that it has zero value (for whatever reason I make up) and that you don’t deserve either compensation or even consultation when I STEAL it…

          7. Walter Anderson: the question was about intellectual property in general, and not this particular product in specific.

            -”The value of something is defined by what price the seller AND the buyer can agree on. If the seller doesn’t agree with the price YOU want to pay (NOTHING), then no sale occurs and your simply STEALING their labor.”

            By the argument that “you’re stealing labor”, you insinuate that any labor done should always be paid for, or otherwise it constitutes theft. Well in that case, if I dig a hole in your garden and you refuse to pay me for it, then you’re a thief. Doesn’t matter whether you originally wanted the hole there or not, or whether it later turns out useful to you.

            Your use of the word “value” also makes the claim that “price = value” which is again a meaningless circular definition because you’re basically saying that all prices are the result of prices. In other words, what you should pay is what you believe you should pay, and what you belive you should pay is just what you are made to believe you should pay in the lack of other information.

            The problem here is that the pay-per-copy model substitutes the actual product, which is the work that was done to produce the IP in the first place, with an arbitrary price over an artifical legal restriction and you’re simply told “this thing costs this much”. That results in the thousand dollar hammer effect, wherein a lack of a price reference (like a competitor’s product), one can sell a simple hammer for a thousand dollars. Or in the case of the scope software – sell you what you already have for a whole lot more money than it really took to make just because you can – but you don’t know you’re being overcharged.

            Generally speaking, consumers lose their ability to negotiate over the actual price of the actual IP product by not being able to see what is being paid and by whom else. It’s basically swindling and fraud made legal under the auspice of “fair compensation” – making many people pay for the same thing over and over again as many times as you possibly can.

            -”What is clear is that you want to justify THEFT.”

            You’re still begging the question.

            -”The free market is not about ‘fairness’ as you undoubtedly describe it. It is about mutually agreed upon exchange.”

            If the free market is not aiming for fairness, then why have a free market? Caveat emptor is not a very desirable principle for a society. If it’s simply about your chance to sucker people to volunteer you all their money, then I don’t want a free market.

          8. -”Your basic premise that that the value tends to zero as the number of copies increase is flawed in a way even you might be able to grasp… If each succeeding purchaser has to pay less since the ‘value’ of the product is less in your mind; how do you justify the burden of additional costs on those who purcased before you to allow your ‘reduced’ cost? ”

            The issue you outline already exists with intellectual property: think about things like video games, where invariably some people buy the game at full price, and when the sales start to drop the price starts to drop until finally you find the game in the dollar bin at your local supermarket because the cost to the producer is mainly just the plastic disc. Even better, it could be on Steam sales.

            Is it fair for some people to pay $50 while others pay $5 for the exact same thing? So how do you justify that? The answer is: You don’t. There shouldn’t be any subsequent purchasers because the whole idea of selling the IP product copy-by-copy or user-by-user at any price is wrong. A fixed amount of work done once should be paid a fixed amount once, whereas the idea of selling the work copy-by-copy attempts to profit from the same work infinitely.

            For an example, a more justifiable method of business would be a kind of kickstarter where people who want the product pledge to pay for it once it’s made. The producers ask X amount of money, and the people who want it then try to negotiate it down or get other people in to join. Furthermore, once the product has been reasonably compensated for to the producer, any subsequent copies should not cost anything to anyone else other than what it costs to make a copy.

            -”(while basically wrong on an economic level that you clearly don’t understand)”

            I’m sure you could educate me if you wanted to.

          9. Video games are an especially good example of the principle, because big titles often end up gaining 600% their budget, which mostly comes from pre-purchases and first month sales. Then the price drops as the company starts to rake in the last 20% of customers who valued their money more than the wait, who would actually be enough to pay for the entire thing and still end up on the black.

            The question is, did anyone get to negotiate over how much the game is really worth? Would they have made the same game if they got 400%? How about 300%? Too risky? okay, then 350%… but nobody gets to do that, so the consumers have no control over how much they’re actually paying for it, and that’s why any price they do pay is tipped heavily in favor of the studio that made the game.

            It’s not a fair exchange.

            -”How do you expect their labor to be payed for, if not from the revenue of prior products… Revenue that has to cover more than just the cost of creating that product and what little profit you are willing to allow…”

            When your engineers were working on a product, they essentially put a fixed amount of labor into it, and that counts into the real value of said product. When they are working on the next product, their labor counts towards the value of that product. You don’t get to count future projects as parts of some previous project to argue that people should keep paying for it ad-infinitum. What if they don’t want to pay for your future projects because they’re not interested in purchasing any of that stuff? What if they are? Should they then get a discount because they already paid for some of it in advance?

            One is not entitled to a profit on the basis of some potential future profit or any other excuse. That would go directly against the pricinples of a free market. It is simply the risk you take as a business. The burden of providing buffer capital to keep your enterprise running over unproductive times is not on the consumers. It’s your management’s job to attract investors and patrons, secure loans and put money aside as necessary to pay for the running of the business.

            Mind, I’m not arguing against making profit – I’m arguing against a specific means of making a profit.

        2. Information isn’t an object, its a pattern.
          If someone owns information, they are claiming a right over how other people can arrange their objects which they do own.

          1. Dax, traversda, et. al…

            Property can be obtained through only three methods. By the creation of one’s own labor, by the mutually agreed upon exchange of value (goods, services, etc…), and by theft.

            Clearly we aren’t talking about the case of creating your own property. And we clearly are not dealing with a MUTUALLY agreed upon exchange of value, so YOU ARE STEALING… It is that simple. The rest is sophistry to make you feel better about being a thief.

            Information is property. It belongs to the person who created it. Software (information) is the property of its creator. Digital images are the property of the photographer. Music is the property of the artist(s) who created it…

            “When your engineers were working on a product, they essentially put a fixed amount of labor into it, and that counts into the real value of said product. When they are working on the next product, their labor counts towards the value of that product. You don’t get to count future projects as parts of some previous project to argue that people should keep paying for it ad-infinitum.”

            Who do you think should manufacture the money to pay these engineers to develop the next product? Do you wish to work on spec, where it can be years before you get paid for your work? What happens if that work never gets purchase, ie no one wants it? Those awful profits you think companies like this are making are designed to cover those situations. Where you are mistaken is that people are paying for the engineers original labor, or their labor on the next project. What they are paying for is the product itself (under the terms they agree to when they buy it)… What it takes to make that product is irrelevent to them.

            He is another hypothetical for you to possibly grasp how your advocating THEFT.

            Lets say I develop a magic box, that cures the possesor once of any physical ailments. Lets say, that I decide I will only sell one of these boxes to someone who pays me $100,000. At that price I might sell say a thousand copies or a net income of $100,000,000. At that price I am happy, and my clients are happy since they chose to spend that much money to cure fatal illnesses… The only ones who may be unhappy are those who will not pay what I ask for MY product.

            Now lets say that this magic box costs me $1 to produce each copy and that my R&D cost another $1,000,000. And the box works using some nano-technology that I developed and programmed. The nano itself is cheap and self-replicating, but my software that controls them imposes the limits I mentioned. You premise is that you have a right to STEAL my ‘product’ and deprive me of the value I would obtain if you actually paid for the product you clearly want…

            “The issue you outline already exists with intellectual property: think about things like video games, where invariably some people buy the game at full price, and when the sales start to drop the price starts to drop until finally you find the game in the dollar bin at your local supermarket because the cost to the producer is mainly just the plastic disc. Even better, it could be on Steam sales.”

            Again you demonstrate your lack of understanding of basic economics. What you are now describing is called depreciation. Much like a car or other tangible asset depretiates as it ages. This is very different from your argument that marginal increases in the number of copies reduce the ‘value’ of the object.

            In the case of software, if no illegal copying could occur (assume theoretical perfect copy protection), then only those who pay the copyright holder can use the software. The value is constant for each since they all pay the same. Now lets say the original producer comes out with a new version that they offer at the same price; however, they still sell the prior version at a reduced price. Those that buy the new version get the value they want, and the same goes for those that buy the old version. Neither affects the ‘value’ the other receives. The new purchasers of the old version are paying for a depreciated value. Again, IP like traditional property looses value as it ages.

            Where your argument fails is that the ‘value’ for one use is dependent upon the idea that each purchaser reduces the value of the product for each succeeding purchaser As another user pointed out the logical outcome of your idea is that ONE person pays for the software, and all subsequent users simply steal copies. Clearly the producer is NOT getting the value for their product because it is being STOLEN. However, your argument is that nothing was stolen because each additional copy did not reduce the original value (marginal reduction approaches zero)…

          2. If you invented a magic box that cured all illness, and you insisted on selling it for $100,000 even though it could be manufactured for a marginal cost of $1, then whoever managed to copy it and give it away for free would be a hero.

            Yes, of course they’d have the right to do that. They’d have the DUTY to do that, even if it meant “depriving” you of the money you might have gotten from selling copies to a thousand rich buyers (while letting millions of poorer people die).

            The ethical thing to do would be to find someone — maybe a government grant or a Kickstarter-style pledge drive — to pay for your research costs before you made that first copy. Sign a contract ensuring that you’ll get paid a one time lump sum if you produce a box that cures all illness. Then, no matter how many copies get made, you’ll know that your costs will be covered, and you won’t have to become a greedy supervillain who denies people lifesaving treatment because they can’t pay.

          3. Jesse:

            By your reasoning, your employer has the RIGHT and DUTY to tell you how much they are willing to pay you and you have no choice but to accept that. You can’t quit, you can’t stop working. You are a slave.

            I disagree. No one has the right to make another human being a slave. Which means that I get to decide how much compentation I am willing to accept before I turn over the product of my labors.

  21. Two options:

    1. Keep sending out DCMA notices ‘ad infinitum’
    or
    2. Add an extra chip in future modules that has encrypted traffic ( drop in replacement I2C/SPI chips already available with command extensions), you can select between the chips using software commands, gradually phase out the old modules via an upgrade service, finally on new products have only the encrypted chip.
    Call it a ’5 year plan’, its still got to be faster than having the SAME hack floating on the net for the last decade…(yep this is an OLD hack, and its worked for the last 10 years)

  22. If you don’t buy the dongle, you didn’t buy the feature. If you unlock it, through backdoor means, then you are stealing it. Rationalizing it as, “they intentionally crippled it” is sad.

    I am renting a house; the owners have a locked room where they keep their stuff. I am only paying for 2 out of 3 bedrooms, but I should have access to that third room. So, I should pick the lock and go through their *correct, my* stuff…

    hackaday readers are proving them selves to be poor stewards of knowledge.

    1. Tenant law would say if that room is inside of an area of exclusive access by the tenant, then yes, they legally have access to that room and the property there. Also, PHYSICAL PROPERTY IS DIFFERENT MORON.

      1. caps and name calling aside, how is physical property different from intellectual property. please, defend and clarify. i am curious.

        1. Physical Property is finite. If someone takes your apple and eats it, you have lost the use of that apple. Intellectual Property is practically infinite, It can be copied perfectly and without any effect on an original (especially in the use of digital mediums). If someone copies your apple and eats it, you still have not lost the use of your apple.

          Compare it to physical art. If you physically steal an Andy Warhol painting, you have deprived the owner of it. If you reproduce it, the original is still around and noone is legally injured.

          1. Property (and its value) is the creation of human labor which is finite. Whether you steal someone’s car or someone’s software you are depriving them of the value their labor created. Hence you are stealing… Your argument is sophistry designed to make you feel better about your stealing.

          2. You’re using intentionally vague definition of the word “value” to argue contradicting points.

          3. No, copying software doesn’t deprive anyone of value. It isn’t stealing, because nothing is stolen from anyone: the act doesn’t cause anyone to lose anything they had before it was committed.

            It’s true that the author doesn’t gain the money that they would’ve gotten if someone bought a copy, but everyone who decides not to buy a copy for any reason is equally guilty of that, whether they make an illegal copy or not. If you don’t buy a copy of Windows because you prefer Linux, you’ve “deprived” Microsoft of value just like the pirate who doesn’t buy it because he gets it for free. And that’s fine.

          4. Jesse.

            Of course it is theft and of course you are depriving someone of value.

            There is a world of difference between deciding that you don’t want (and hence don’t buy a copy) and wanting a copy and stealing it so you don’t have to buy.

            Another hypothetical for you’ll who can’t (or just don’t want to admit to yourselves) grasp your theft.

            Person A produces the best game ever. Shows it to person B who steals a copy without the knowledge of person A. While person A is preparing to offer the game for sale, Person b places the game on the internet for people to download and play. Overnight the game is downloaded one million times. The web is a buzz with how great it is, etc… It takes A another week to get the packaging and such done for actually selling the game. By that time, the entire market is over the game and on to the next big thing–it happens so fast since EVERYONE was able to ‘get’ it as soon as they wanted it.

            Clearly Person A has had the value of their work stolen from them. If you think my example is true that Person A had their labor/value stolen, but the OP situation is different, then consider that the only difference is that in the OP case some people paid person A, while some didn’t. Which means that you think YOUR theft is okay as long as SOMEONE ELSE pays…

          5. There is a world of difference between deciding that you don’t want (and hence don’t buy a copy) and wanting a copy and stealing it so you don’t have to buy.

            From the author’s perspective, there’s actually no difference at all. In both cases, the author has done the same amount of work, and you’ve given them the same amount of money (zero). So if you’re depriving them of value in one case, then you must also be depriving them of value in the other.

            Person A produces the best game ever. Shows it to person B who steals a copy without the knowledge of person A. [...]
            Clearly Person A has had the value of their work stolen from them. If you think my example is true that Person A had their labor/value stolen, but the OP situation is different, [...]

            I agree, there’s no significant difference between those situations, because there’s no theft in your example either!

            In your example, Person A has not had anything stolen from them. They voluntarily chose to spend their time making a game, so that time wasn’t taken away. Person B makes a copy and shares it online without ever depriving Person A of the use of the original copy, and without ever taking any money out of Person A’s pocket, so they haven’t lost their work or any monetary value.

            Person B’s actions don’t directly make anyone poorer: the people who get a free copy become richer, and Person A is unaffected.

            It may be that Person B’s actions caused Person A to not become richer, but that’s hardly the same as theft, and it’s hardly unique to piracy either. If you condemn Person B for “stealing” the value that Person A might otherwise have gotten, then you also have to condemn anyone who writes a bad review and convinces people not to buy the game, as well as anyone who releases a better game at the same time and convinces people to spend their entertainment budget on it instead.

          6. “From the author’s perspective, there’s actually no difference at all. In both cases, the author has done the same amount of work, and you’ve given them the same amount of money (zero). So if you’re depriving them of value in one case, then you must also be depriving them of value in the other.”

            Clearly written by someone who either doesn’t write software at all, or does it as a hobby of a wage laborer for someone else who takes the risks associated with selling software.

            For your edification, there is a great deal of differnce. The author rights the software because they expect to find a market for it. If no one buys it, because no one wants it, then they LEARN about the market and can pursue other opportunities in an attempt to find what the market is interested in.

            In the latter case, they have clearly produced something with a marketable value, and their only resort in a civilized society is the same as the manufacturer of any other product when it is stolen. Legal recourse.

            If I make a physical widget and it doesn’t sell, it is because of something I did (like making something no one wants). The only person at fault is me. However, if I make a widget and you steal it from my factory, you have take my physical property. That is solely your fault for stealing. This is the same situation I outlined that you failed to understand.,

          7. “By your reasoning, your employer has the RIGHT and DUTY to tell you how much they are willing to pay you and you have no choice but to accept that. You can’t quit, you can’t stop working. You are a slave.”

            Not at all! No one is forcing authors to write anything that they aren’t being paid to write. Authors are free to refuse to do any labor until after they’ve signed a contract with someone promising to pay for it, or even until after the money is in their hands.

            “No one has the right to make another human being a slave. Which means that I get to decide how much compentation I am willing to accept before I turn over the product of my labors.”

            Yes, I agree completely. But isn’t it interesting that so many authors disagree? They don’t wait for compensation before turning over the product of their labors, or before doing the labor in the first place. They perform that labor for free, hoping that they’ll be able to find people to pay for it later; they release the product of their labor into the world, knowing that anyone who comes across it will be able to make and distribute new copies; and then they demand control over the actions of people who have no prior relationship with them, in order to prop up this obviously flawed business model.

          8. Nice job moving the goalposts. First you claimed the difference was that the author is deprived of value in one case but not the other. Now you’re saying the difference is that the author learns something about the market and can adapt in one case but not the other, and you seem to have forgotten about that silly “deprived of value” claim.

            Well, when an author loses out on (potential) revenue due to unauthorized copying, they learn something about the market as well, and about their business model. If they’re smart, they can adapt by improving their business model to eliminate the part where they have to do a bunch of work for free and then pray to get paid for it later.

            “If I make a physical widget and it doesn’t sell, it is because of something I did (like making something no one wants). The only person at fault is me.”

            Not necessarily. For example, your widget might not sell because a respected publication writes a bad review of it, or because your competitor releases a better or cheaper widget, or because a documentary comes out and shifts public opinion against widgets, or because someone leads a boycott against your company based on a political donation by one of your employees, etc.

            There are many, many ways that a third party can indirectly reduce sales of your product without depriving you of any property, but you’ve chosen to single out unauthorized copying as the only one worth condemning. Why is that, I wonder?

          9. “Not at all! No one is forcing authors to write anything that they aren’t being paid to write. Authors are free to refuse to do any labor until after they’ve signed a contract with someone promising to pay for it, or even until after the money is in their hands.”

            Clearly written by someone who has never run their own business. ALL software (and nearly everything else) is produced by people who aren’t being paid to produce. They HOPE to be compensated. If you are a salaried employee, then your EMPLOYER and the owner of the product being produced is GAMBLING that someone will buy it. Nearly everything we have is created the same way. Using your approach only those who could afford to commision one off products would have the ability to purchase nearly anything.

            “Yes, I agree completely. But isn’t it interesting that so many authors disagree? They don’t wait for compensation before turning over the product of their labors, or before doing the labor in the first place. They perform that labor for free, hoping that they’ll be able to find people to pay for it later; they release the product of their labor into the world, knowing that anyone who comes across it will be able to make and distribute new copies; and then they demand control over the actions of people who have no prior relationship with them, in order to prop up this obviously flawed business model.”

            What utter tripe. It is clear that you are the product of the degradation of the US education system. These people, who create nearly all of the products we use to live, do so on a gamble (not the same as for free). They also do it with the understanding that a civilized system has the understanding that you just can’t take something that belongs to another human being without an agreement from them. In sort, they expect the authorities to punish people who make ‘copies’ in the same way they punish people who steal cars, or any other product…

            “Nice job moving the goalposts. First you claimed the difference was that the author is deprived of value in one case but not the other. Now you’re saying the difference is that the author learns something about the market and can adapt in one case but not the other, and you seem to have forgotten about that silly “deprived of value” claim.”

            I see. Now I understand your issue, you don’t comprehend what you read. If you can’t see the difference between taking something from someone without their agreement, and simply not wishing to purchase something they are offerring then you are simply too stupid to continue this discussion with,.

            ” If they’re smart, they can adapt by improving their business model to eliminate the part where they have to do a bunch of work for free and then pray to get paid for it later.”

            Oh, why don’t you grant us the benefit of your great wisdom and experience in business and explain how you are going to get people to purchase products that don’t exist yet as a NORMAL case…

          10. “Using your approach only those who could afford to commision one off products would have the ability to purchase nearly anything.”

            I guess you haven’t heard of a website called Kickstarter, but you should really check it out. See, thanks to the miracle of the internet — the same technology that makes it possible to share copies of software for free — it’s possible for thousands of people to pool their money together to pay for something to be produced, without the need for “gambling”.

            “In sort, they expect the authorities to punish people who make ‘copies’ in the same way they punish people who steal cars”

            Come on, that’s not fair. They can’t be *that* stupid.

            “If you can’t see the difference between taking something from someone without their agreement, and simply not wishing to purchase something they are offerring then you are simply too stupid to continue this discussion with”

            That’s funny, coming from a person who can’t see the difference between taking something away from someone and making a copy.

            “Oh, why don’t you grant us the benefit of your great wisdom and experience in business and explain how you are going to get people to purchase products that don’t exist yet as a NORMAL case…”

            It’s easy, actually. Stop trying to treat programs as widgets that you can box up and sell one at a time. The value doesn’t come from making copies, it comes from the initial act of programming: software isn’t a product, it’s a *service*.

            So how do you get people to pay for a program that doesn’t exist yet? The same way you get them to pay for a haircut that doesn’t exist yet. You tell them what you plan to make, how long you estimate it’ll take, and how much money you need to do it. Then you let them decide whether they want to pay for it — and thanks to the Kickstarter model, if there are enough people interested in your work, each one only has to pay a small amount.

            Once you have a contract with those people who are funding you, you can do the work, knowing that you’ll get paid for it. You do the work, you get paid, you move on to the next project. And you don’t have to worry about people making unauthorized copies, because you’re not in the copying business.

            It doesn’t take great wisdom or experience to figure this out. It’s pretty obvious, you just have to be willing to work for a honest living instead of trying to hit the jackpot by charging over and over for work you already did.

            In fact, this model is already in use for intellectual works: an architect doesn’t design a building for free and then charge you monopoly prices for copies of the blueprint. He charges for the time he spends designing, and then you can have all the copies you want. Same with graphic designers: if you want a logo, you pay for the work that goes into designing it, not for each sheet of letterhead you print it on.

        2. DAX,

          I have made no contradicting points. The very act of theft is indicative of the value of the property. If someone wants it, then they are provide evidence of value. Nothing has intrinsic value beyond the wants and needs of someone to ‘own’ it.

          1. Your argument is circular and nonsensical: “copying intellectual property is theft because stealing intellectual property proves it has value, and this somehow proves that copying is theft”.

            It doesn’t make heads or tails.

            You seem to be implying that just because something has value, obtaining it without paying is automatically theft. But in making a copy of intellectual property, if we argue that each copy has value, then new value is being created by the act of producing one more instead of removing existing value from someone, which is quite the opposite to theft.

            In fact, only if we understand that the copy per se has no value, but the value of the intellectual property is shared among the copies, then you can argue that one is stealing because it’s like printing false money: one would be “diluting” the scarcity of the intellectual property, which is what allows the original producer to make money.

            But then you run into a contradiction, because we now have “value” that is independent of how many copies there are – or how many of the products exist. It needs an objective measure for value instead of the argument that nothing has value beyond how much people want it.

            There is one though, which is what you were talking about to begin with but you confused it with subjective (utility) value; labor theory of value, which defines the “real value” of any product as the minimum amount of labor necessary to create it.

            So again, you’re using two different concepts of “value” as if they were the same thing, which is why your argument is contradictory.

          2. In my view, using (artifical) scarcity to make money out of intellectual property is like building a cornucopia and then instead of providing for endless nourishment for all mankind, you set up a restaurant and charge $50 for anyone to enter – and no doggy bags or takeaways.

          3. The act of stealing(or if you prefer taking, using, etc…) is indicating that the property has value to the to the person who commits the theft. If the property had no value, not only would no one buy it (which only proves its value is less than the owner wants), but also no one would bother to steal it.

            We have seen many examples of software produced that not only didn’t sell, but that no one bothered to steal, heck no one would take it if given it…

            This is not circular logic. I am not using this statement to prove theft (which is proven by the fact that the property is taken over the objection of the property owner), but rather your dubious claim that the property being taken has NO VALUE. Something has NO VALUE (which is different from price) when no one wants it.

            So by taking the item, you prove it has value to you. It clearly has value to the owner. So the theft is occuring because you took it with out providing the owner the value they asked in exchange for you getting the value you wanted…

            You may argue that your doing nothing wrong, but you simply can’t make any reasonable argument that you aren’t committing theft.

      2. and what i found in texas and california say that the landlord can partion locked rooms if it’s in the contract.

    2. This only makes sense if the scopes a rented from Tektronics rather than purchased outright.
      This is more like buying a car at full retail price and then being charged an additional $5000 for the key. If you call a locksmith to make a new key instead, you are not breaking the law, except in the eyes of the car dealer.

      1. You go to a car lot, and the dealer says “I can sell you this car for $10,000, but at that price it will be programmed to never go above 65 mph.” However, if you pay $25,000 we will remove the limiting program and it will go over 200 mph if you want.

        You decide to accept the 65mph for $10,000 deal. You then break the encryption and remove the software speed limit. You are then stealing $15,000 from the dealer because you violated the agreement you made WHEN YOU PURCHASED the item.

        The violation is there, whether you admit it or not. Clearly you understand that your stealing or you wouldn’t be jumping through logical hoops to avoid grasping that the action your talking about is THEFT.

        1. Not every crime is theft. Copyright infringement is a thing, and it’s a distinct thing from theft. (Your example, though, isn’t even copyright infringement). Trying to confuse the two is pointless.

          It’s really not hard to show they’re different. If I steal something, you no longer have it. You can check and verify if you still have it. If I infringe your copyright, you still have it, and it’s literally impossible for you to tell if copyright infringement has happened without external evidence.

          Can you point to any instance of theft where that’s the case?

    3. Have to agree, those extra features are all about extra software which did not get written for free – it likely took a load of engineers a load of time to develop it on Tek’s dollar. Buying a $500 dongle to unlock it not only pays Tek back for making that investment but tells them it’s worth paying those dudes for time spent developing features like that. if no-one pays, the next line of scopes will not have the feature as no-one has paid for it.

      Some engineers will be out of a job and scopes will get less useful over time.

  23. I don’t think that the matter is terribly well settled(the DMCA doesn’t go into detail and the caselaw is rather cryptic); but I’d be very curious to know an SKU written to an a flash chip even constitutes a technological measure that effectively controls access to a work for the purposes of the DMCA section 1201(a)(3):

    “a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.”

    That’s what it says; but it isn’t terribly enlightening. Unlocking the feature only when a memory chip with the SKU is present is ‘requires the application of information’; but the requirement also includes ‘with the authority of the copyright owner’ in a way that suggests this is supposed to tighten the definition (which would be extraordinarily overbroad otherwise: specifying a memory address to read, or making an HTTP GET request, or using a key-value store, or just about any other mechanism for specifying what data you want is ‘requires the application of information to gain access to the work’)

    Is a plaintext key, provided in public(unlike, say, the DVD CSS player keys, which were hidden poorly; but clearly intended to be secret) information provided ‘with the authority of the copyright owner’, or is it nothing more than a key-value store for loading bits of firmware?

      1. Brian, I understand about CYA, but shouldn’t you at least challenge the DMCA takedown notices before acting on them? Multiple people here have pointed out, in detail, why Tektronics does not have the law on their side in the matter. Surely you can at least fight back a little on these things…

        1. They have not, in fact, pointed out why Tek doesn’t have the law on their side. They have pointed out, what _they personally and away from any professional legal opinion_ think is the case. But it’s on the internet so it must be true, right?

        2. DainBramage, if you want Hack-A-day to challenge this, then offer to pay for their legal expenses when doing so. Of course if I were them, I would insist you provide the funds up front…

          1. Wow. Offer a reasonable suggestion and suddenly I’m the one that is fiscally responsible for it?
            So Walter, what you are saying is that if I suggest that you buy a Toyota the next time you go car shopping, that I am obligated to pay for said car? That’s so far beyond ridiculous it’s barely worth mentioning.

            @kf5obs, while I don’t believe everything I read online, I do tend to take more seriously the responses of people who cite actual legal precedent from individual cases. While I don’t trust them implicitly, I am more likely to take them serious than someone who simply states, “But it’s on the internet so it must be true, right?”.

          2. DB:

            If you think the ‘principle’ is important, then pay the funds to defend it. Don’t expect someone else to pay to argue a principle that YOU think is important just because you asked.

            You and others have taken HOD to task for not ‘defending’ the principle… Suggestions are like opinions… If it is important, the do it…

          3. Unfortunately, the DMCA takedown was executed without public comment, so no one took up a collection for a legal fight. A fight should have happened, but the only people who have legal standing to dispute would be HaD and the original hack publisher, saying someone else should do it if they believe in it is hyperbole.

          4. x z:

            You can take up that collection, and if HoD sees that you have raised enough to cover their legal costs, they can restore the post. The same applies to Braindamaged…

            The point is don’t give someone grief simply because they don’t want to pay to fight for YOUR principles. Indeed, nothing prevents you from using the wayback machine to find the original unedited post and posting it yourself and thumbing your nose at “the man.”

      2. Do you mean blatantly abusive DMCA take down notice? And hackaday let that pass unchallenged to be cool with Tek?

        Do you remember that long ago Intel wasn’t allowed to copyright their x86 chip references?

        How is different to issue a DMCA take down notice over an pityful SKU?

    1. Violence to the ones hosting an open design competition that costs them over $300,000? Ah, no thanks!

      I don’t kiss up, but opinions are opinions. Laws are laws. There are laws that overstep and opinions that inflame. Aside from the lack of privacy due part to the NSA, you are only able to say something like what you have and not get thrown into a dark hole for a few years because of these very laws.

      One does not know what one has until it is taken away.

      1. The cynic in my presumes that they’re only doing it to promote their new platform. And their platform seems kind of shitty. I don’t consider it some great saintly thing they’re doing. Just enlightened self-interest.

        1. It is unintelligent that there isn’t an M.O. However, this doesn’t mean to say that there is no generosity for what they are doing. Nothing is ever perfect and error free, and there there are limitations to had.io, it seems to be developed on the K.I.S.S. which in and of itself is a good way to start. How many dozen of coding languages exist? Which one isn’t the shittiest? Use it or participate if you wish to, but unless it’s a fundamental impediment to the development of your project, there is no real reason to complain as loudly as people do unless they themselves desire the sounds of their own voices.

  24. HAD is awesome. The comments are FAR more interesting than the story. Too bad “How do you think this should have been done?” was never answered. Don’t be a troll, answer the question. I do not have the experience required to do so. Sure would be nice for a really smart person to give a direct answer to the question and let lawyers beat each other up on the other details.

    So, folks, don’t bash little stupid me. Answer the question of how to improve security and not be stupid like the people in question.

    1. But this has been answered a couple of times. TEK should have put the code that implemented the feature, which is clearly copyrightable and represents a valuable work product, on the dongle. Maybe the tech didn’t exist to do that when they started selling features this way but it sure does now, and their position would be bulletproof and not so offensive to the people who like to think they own what they’ve paid for and taken possession of if they did it that way.

  25. I agree that it is at the very least unfair that I should pay $500 for software that is already built into a system that I own. (I don’t have a tek scope) I won’t make any other comment on that front.

    I’ll comment on the hardware itself. If you consider that the same system has been used by Tektronics for a very long time (I’ve seen several scopes with 3.5″floppy drives that use that system, The keys and software lockup makes sense. If the system were being designed now, and lets assume that the company actually wanted a nerfed OS running their scope. The best way to add features would be through a network connection or to sell a USB flash drive, that could load the code and install it. Back when these scopes were first designed with the keys the only option was a floppy drive, While it may have been possible to load these features on the limited space provided by a floppy drive the next major concern was that you would have to write code that would allow that small portion of code to load itself into the reset of the operating system which would probably be a very difficult task (much simpler today when you can easily build a scope on a linux system for cheap). Not to mention that you now have to justify building every scope with possibly 2x the storage then 90% will ever need. It would have been a fairly easy task to build a nerfed version with limited storage/no expansion ports/etc but then you are essentially building 2 scopes instead of just 1 model. It is much simpler to deactivate the features and than charge for them to be activated. Again on modern systems a network connection or a USB device would be simple, and you can easily set the scope to format the flashdrive after it confirms the code is properly installed to avoid sharing.

    I don’t understand why tektronix didn’t at least encrypt these keys, hell even putting the code in pig latin would have helped. Cubify has a very strong protection system for their filament based on a one wire eeprom chip (which you can’t get the full datasheet for unless you sign and NDA with the manufacturer) The stats on the filament and temperature settings are stored on the chip and then its own serial number is used to encrypt and decrypt the data. I still don’t think its been decrypted yet. Tektronix take note on that. Even if you make the argument that their hardware back in the day couldn’t handle a complex decryption algorithm, than the question is why haven’t they added it newer revisions. It just doesn’t make sense.

    TL;DR I get it. it makes since why they did it. Its not up to me to decide if what they did was right or wrong, fair or unfair. But I really expected better security from tektronix.

    1. I would really rather not a scope have a USB port nor most definitely not a network connection. I want accurate readings from a scope, not a virus rewriting firmware via some ridiculous exploit…Even though it’s easy and fun to flash firmware via ethernet, I don’t agree w/ it…it should be at least disconnected from internet, using some custom pin number, and preferably in a shielded room.

      Of course Tektronix’s internal security, and what they use to flash the chips, is beyond my control. If they can design such a good scope, they can do security; someone’s telling them not to (ie: get the f*cking product out the door now!).

  26. The best example of crippling is a fridge tape library from HP which comes with 300+ tape storage slots and 8 Tape drives installed. By default something like 50 slots are accessible to store tapes into and one tape drive will function. They charge enough to make their return on investment and a good profit, even if no one buys the additional licenses to enable access to the hardware. Any licenses bought is pure gouging extra profit.

  27. I have argued for years that scopes from Tektronix and others do not represent fair value for money. Isn’t this really the issue at the heart of the matter not some silly hackable dongle.

    1. No this is only the issue as to why you should not own a Tek scope… One persons beliefs about the value of something, never justify stealing the product because you don’t think it is worth what they are charging.

  28. Note, what you received (if indeed you reprinted all of it) is not a DMCA notice. It is just a bunch of text written by an atty. in an attempt to scare you.

    And guess what, it did.

    But a DMCA notice it is most definitely not.

  29. Thanks for that Tek, I’m going to be sure to buy a tek oscilloscope used (so you don’t get the profit of course), do what I want with it, and maybe even put a little sticker on the bottom that says, “F*** Tektronix.” What do you think? Oh, and just so you know, you can’t control an entire population, least of all the Internet. I found the information removed with about 5min worth of work. Nothing like seeing good old fashion despotism.

  30. the second you compare this to a car,
    they look super dumb.

    someone published instructions on how to increase engine power
    so what they didnt buy it from the car manufacturer?
    it was the car company that PUBLISHED the details nessary.
    the only thing provided by this third party was general directions
    on how to tune an engine.

    throw in some after market parts and they form a faster car.
    does ford sue us because we didnt buy the faster car?

    now doesnt that sound dumb, even to a judge?

    dont want me using your software without paying?
    THEN DO NOT SHIP IT TO MY FRONT DOOR !!! duhhh
    otherwise i will assume opening the cardboard box is acceptance of ALL software included in the box and allowes me to use all software included in the box as per the law. unless otherwise stated on an internal package containing a seperate “no refund if opened” sticker ect

    you guys got duped/scared by a “lawer”.
    anyone that has studied the (changing over time) laws regarding FIRMWARE and if/how you can back it up for restoration of your own hardware (in US)

    the new law that includes cellphone software modding(backup so it can be modded) allowes you to copy firmware even if it includes hidden features. as ALL cellphones DO.
    IF YOU CAN LEGALLY COPY IT, YOU CAN LEGALLY USE IT!!!
    this new ammendment to the law applies to ALL devices and ALL brands!
    including tectronix, scopes.

    what next? a license to disassemble (purchased) LED lightbulbs to run em on batteries thus stealing a flashlight from a company that sells both???

    1. PS: it would be a whole different story if we were distributing a security key or unlocking code. that is the part that was published BY TEKTRONIX to the WORLD WIDE WEB.

      do i need special permission for each and every google search now?
      i didnt get the memo about sending an email to ask permission for each google search.

      1. I think that Tektronix, by posting the codes, put those codes in the public domain. The codes were not “cracked” or stolen. They were available on the internet on a site owned by Tektronix. They effectively open sourced their own codes and thereby provided the ability to unlock hidden functionality of their proprietary software. The software is proprietary, but the software is not being distributed or modified. A good engineer legally bought their scope and during a demo period for a module learned how to make a module that unlocks the functionality on his scope. He sent that information to HAD and HAD posted that information in the true spirit of learning and education. Does Tektronix want to dictate what probes you can use with their scopes as well?? I’ve used aftermarket probes that are better than Tektronix distributes. Does that mean that by their use I’ve unlocked enhance functionality of their scopes?
        Tektronix has shown the low esteem they hold for their customers by
        1) using such a poor “in-your-face” security scheme (external EEPROMs?????)
        2) crippling their scopes
        3) threatening legal consequences to those owning their scopes if they use the information provided
        4) “parting out” easily achieved functionality to squeeze more out of their customers
        I’ve always wanted a nice Tektronix scope, but frankly my old HP and the new Rigol scopes look better the more I hear. I’ve also started checking out open source oscilloscopes. A lot of good work is being done in that market.

        1. That is not how public domain works. You can post a photo on the internet while retaining rights to that photo. The same is true for text, implementations of an algorithm, or anything else that is copyrightable. They can literally carve it into the surface of the goddamn moon and it would not do a single thing to lessen their claim to copyright.

          Let me be clear: I’m not talking about morality; I’m talking about the *law.* “Public domain” is a legal term with a very specific meaning.

    2. not really the same, as a car tuner i made the car go faster by putting it on the dyno and altering timing/fuel etc , often by reducing its operational lifespan (however small that may be), driveability or gas mileage. However if Ford released software to upgrade the performance, and i copied that software, then that would be the same, my work versus their work..

    3. Except, that’s not how it works. If you’re using their product, you agreed to certain terms and conditions. It’s not a crime,you can do it if you please. That’s the point you have missed. And the payment will be either voluntary (=license key) or involuntary (=through the courts). It’s that simple. And your car comparison is garbage of course. You’re free to tune your scope as you please, by exchanging, adding and removing parts. But touch the software and you’ll get problems.
      Another thing is the difference between doing it and giving everyone else a step by step guide on how to do it.

      1. When and where exactly did the user agree to any terms and conditions? Unless you have to sign an agreement prior to purchase, there is no basis for the manufacturer to impose any restrictions on use of the thing you own.

        1. So, without knowing anything about you, just a very wild guess: You’re American, correct? I’ll borrow the beginning of my post that you responded to: Except, that’s not how it works.”Officer, there was no sign saying I couldn’t rob the Bank. Is this still America or what?”. So likewise, if I install Software on my computer (and accept the license agreement in the process), then gift that computer to you, you are then magically exempt from the license agreement that the use of the software is subject to. No, again, that’s not how it works. On the legal side it’s relevant what you’d have to reasonably expect to be hidden in the terms and conditions of the software. And I promise you, without even pointing out my legal expertise, that you will find almost no sane judge in the world who will agree that “Don’t hack around our licensing mechanisms and don’t use something you haven’t paid for” in some legal variant is something you don’t have to reasonably expect. And it’s sad that I had to write “sane judge” just to stress that I don’t mean a Prairie County, Arkansas judge,Remember that for the evaluation of what one has to reasonably expect, it is very relevant who uses the product. It is very likely that a “Arkansas Middle School Major” can and will use a blow-dryer. So I have to label it with more warnings than it can fit. On T&M equipment, I don’t even have to let anyone click a checkbox on a EULA, I can include the EULA in the box or on a CD for the user to read when they feel like it. That’s perfectly fine and good that way. And you’re right, you are allowed to use whatever you own. But you don’t own the right to use the software option until you buy it.

      2. Touch the software and you’ll have problems? Why is the – very large – ECU remapping industry not in legal hot water, then? What a bizarre distinction.

        1. Just because the right owner doesn’t pursue action does not mean it’s legal. If you rob me and I decide not to press charges, it doesn’t make the offense legal. Many companies decide not to pursue IP issues. Look at Rigol and their hacks. The matter still remains unlawful. Of course, the latter depends on where you live.

  31. I’m really missing something.

    Nothing in those modules is protected by copyright – this is the law, as far as I know. You can’t copyright a serial number.

    Therefore, since nothing on them is copyrightable, I don’t see how you couldn’t resell them as ‘backup modules’, or connection savers, for the real things.

    This isn’t like selling a copy of a movie, or a video game or something, and claiming “don’t buy this if you don’t own it!” There you have obvious copyright violation. Here, there is absolutely none, and the modules in question *do* have a function other than circumventing Tek’s ‘protection’ – to ensure access to code that you paid for even if a small, easily lost module is misplaced or damaged.

    1. There’s not even a serial number in these modules. Without copying any of Tektronix’s modules, you can make one of those modules by filling the EEPROM with 0xFFs and putting a null-terminated ASCII string of the product name (as pictured above) at offset 4.

      A summary of the EEPROM contents should not violate copyright law. Therefore this comment should not be subject to any DMCA takedown notices. Also note that the anti-circumvention restriction only applies to *effective* copy protection mechanisms. Given the target audience of these scopes, I would not call this scheme effective.

    2. It’s not the key that’s protected, it’s the software option. When you steal a licence key for Microsoft Office from your parents, Microsoft wouldn’t bitch about you taking the key, they’d bitch about you using the software without a valid license. Because even though you have the key, you do not lawfully possess a license. Posting how to hack the scope is in essence, on the legal level, the exact same as posting cracked serials for Microsoft products on a website.

      1. It becomes very gray when you’re dealing with embedded firmware, especially if you buy it secondhand. If you buy any hardware used, I am willing to bet you’ll never encounter any sort of EULA. Whether enabling extra firmware features is illegal under the DMCA is debatable. I would not expect any legitimate company to do this, but hobbyists using secondhand scopes might. Whether or not it is right or ethical is another question.

        1. if you bought a used PC with an expired trial version of Word, would unlocking it with a “borrowed” key be ok because it was already on the PC?

          1. That’s a very good question. If by “is it okay” you mean “is it moral”, then I think most people would agree the answer is no. If by “is it legal”, then I don’t know – but I don’t think there’s a compelling reason it wouldn’t be; no law I’m aware of covers it.

          2. Using a “borrowed” key or better yet a key generator on a expired copy of word is a different entire can of worms, because the word key is 1. supplied as a unique and specific code to the registered user. 2. The key generator is making unauthorized and untracked codes by an math formula that provides a solution (the product key ) that matches the key check encryption / decryption validity check required to use word.
            3. EVERYONE knows how to use a Microsoft product key, what Microsoft doesn’t do is Publish the codes or the secret verification algorithm in any public media. 4. the tek “key codes” are all IDENTICAL and non-unique no traceable proof of origin or chain of ownership rights 5. There is no encryption or key validation nor are there any true counterfeit keys made by a third party using hacked or stolen details of the key system being used 6. the module contains no additional code or unknown secret required to make it work. The fact is one system is a true protection scheme and one is a Easter-egg code trick that the company even told what the module contained eprom memories are well known and common electronic components with no promise or attempt at securing the data or its transmission. The module pin out is a direct data sheet method from that type of eprom not even a proprietary connector ! While there is a reasonable expectation of security for the word program and microsofts implementation of secret features and methods no system like the one Tek scopes “feature modules” use could be in any light construed to be a secure or proprietary product key code system, It at no level gives any indication that the feature enablement by a user is a protected work! The world of payment and sales of technical goods still has roots to the consideration for rights or goods system all business and employment is based on you provide your employer a set amount of your efforts for the consideration he gives you aka your pay, or when you rent a home you give consideration for a set amount of time to use a landlords dwelling – vs. if you purchase a home you by permanent rights to it for a larger amount of consideration given to the former owner. When you buy a scope you are negotiating a permanent right to use that scope and all it can do for ever if I use a standard component with a publicly known data set and bang the scope starts performing at capacity then so be it because no effort was made to restrict or control the access to the feature module or any additional code or secret knowledge I can say Tektronix’s has no reasonable claim to any further consideration for the activation of features and code already present on my scope, now if I don’t want to do the work of burning an eprom, soldering it to a connector and what ever else to make my own module , I could choose to purchase the high priced one from tek! But that’s the only instance they are due any further consideration!!

      2. Actually, it’s not. Copyright law prohibits illegal copying; no additional copying is occurring here. The DMCA prevents circumventing mechanisms designed to prevent copying, but, again, no additional copying is occurring here.

        1. @arachnidster
          “The DMCA prevents circumventing mechanisms designed to prevent copying, but, again, no additional copying is occurring here.”

          The rebuttal to the last part of this sentence is stated in the first part.

          It doesn’t matter whether any copying has occurred, or whether there was intent to copy, or even whether you’ve actually circumvented the protections. The means to circumvent the protections are themselves illegal, irrespective of whether or how they’re used. That’s literally the explicitly stated point of the law. This is obviously dumb as all hell, but it is in fact the law. That’s what makes the DMCA a bad law.

          And just a sidenote: the DMCA is not in fact limited to matters of *copying* software. It’s actually far more broad, and covers any circumvention of software restrictions controlling access to copyrighted works.

          Seriously, folks, this is all stuff you could learn by reading the first paragraph of the relevant Wikipedia article: http://en.wikipedia.org/wiki/Dmca

          1. But there is no copying involved anywhere. The protections are not protections against copying. They are not “Technical Protection Measures”. Nobody is circumventing a copy protection system here. I’m not sure how much clearer I can be.

      3. The problem with your example is that the kid would need to obtain a copy of MO in order to use the key.

        Besides, serials are unique to each device. This is the same unlock for every device.

        1. Not quite. Bought a new PC recently? Your favorite Office products are pre-installed and only wait on a valid key. So I assume, since it’s already there, it’s just as shameful of Microsoft to charge so much for the key, which is just a boring text that doesn’t even make sense, right?

          1. Yes, unlike you, I do. It does not matter if the serial / key is unique or the same characters every single time. It does neither change nor flex the law involved. It’s really not that tough to comprehend one might think. To be fair, I can not judge how difficult it is to comprehend the matter from a low bottom public school “education”. So I apologize in advance if I seem rude. I try not to mock handicapped individuals.

  32. I used to construct truth tables to crack video game save codes and passwords as a kid. Do you think I was breaking the law by circumventing their encryption? I mean I did these things back in the mid 80s-90′s when cold war era style encryption laws were harsh and poorly worded. TEK used an extremely poor and ineffective method to protecting their profits, heads should roll. Hey TEK, are you hiring?

  33. Time to go print off a custom t-shirt with mchamster’s writeup on it and wear it about town. FYI the original post is available cached and on the wayback machine.

  34. >Tektronix has a good faith belief that there is no legal basis for this individual to provide such instructions to anyone, much less on a public forum.

    In the end of the day, if you don’t want people to use these features, don’t put them in the equipment!
    Legal bases?
    Bah you pains for the tool, the functions are there to use so were legal ally obliged to use the functions in the tools we pay for
    TT should F*** OFF

  35. A SKU can’t be copyrighted!
    Entering a SKU into a standard EEPROM connected with standard connectors can’t be copyrighted!!
    Entering an unencrypted data value into an unencrypted EEPROM can’t be against the DMCA!!!

    And a note to Tektronix: the original article made me aware of the MSO2000 and made me a potential buyer – the only problem is that I hate artificially removed features.

    1. common, contest this take-down notice… it’s totally absurd. Threat to the press should be heavily fought.

      for the customer of tektronic writing in an eeprom is just like writing on paper with a pen, there’s no security involved at all and most already have all the tools to do so. obscurity is not security either, everyone and their mother know that… so explain me how this circumvent any kind of protection?

      1. I think its more complex then that.
        If a house is unlocked, is it still ok to run about telling everyone its unlocked?

        I am not sure legal is the same as moral, and I really think normal “protocol” with these things should have been to inform them of their poor security and give them time to fix it rather then just publishing.

    2. ” unencrypted data value”

      hmm..that can be copyrighted though. I mean, all books fall into that category.

  36. It comes down to whats in the box is yours. It is only illegal if you profit off of it or distribute copyrighted material. Telling people how to use a product to its fullest even if it is against the intent of the company is not illegal. If they want to sell you a feature, don’t give it to them until they pay for it.

    However, while you may not be breaking any laws, your going up against some pretty damn good lawyers.

  37. The “security” on this Tektronix equipment is more pitiful than the encryption used by DVD players. With only 40 keys (because the companies that developed DVD Video mistakenly assumed there would only be a maximum of 40 companies wanting to encrypt their discs) used and the method requiring all of those keys to be put in a chip in every DVD player, getting it hacked quickly was assured.

    So Tektronix even more epically failed the “Gave away the keys to the kingdom” FAIL than did DVD because they didn’t even bother to hide the keys in a microchip.

    May as well put up high resolution photos of your house keys on the web then complain when someone uses them to cut their own key and enter your house.

  38. Trying to make this a copyright claim seems a real stretch. The contents of the EEPROM aren’t copyrightable. And if the presence of the EEPROM causes the scope to make a copy (unlikely, in truth), that’s clearly of no relevance to the user – or else I could include a copyright work in my devices and have it copy it to a temporary location any time a user did something I didn’t like, in order to be able to bludgeon them with the DMCA.

  39. There’s two perspectives here.
    The first is the hacker perspective: if you own the device, you can do whatever you want with it. That includes replacing or modifying the firmware – the hacker ethos is all about taking things apart and making them serve our purposes.

    The second is the legal perspective. Tektronix claims that their SKU is copyrighted. However, given its length and the lack of creative input, it is obvious that it cannot be considered under copyright. Furthermore, even if the SKU is considered copyrighted, neither Hack a day nor jm redistributed it – they merely said that it was available from Tektronix’s own website. Therefore it is only Tektronix themselves who are guilty of making the SKU available.
    A more plausible argument is that the article violates the anti-circumvention clause of the DMCA. However, this clause is limited to *effective* technological measures. Given how weak this circuit is, I believe that it should not be granted protection.

    1. Further, the DMCA only protects anti-circumvention measures against _copying_ – whilst this does something different entirely.

      1. The DMCA also has a section about tools to circumvent access controls. That’s why it applied to DeCSS, the DVD decryption tool, even though CSS was not a copy protection system.

        1. Actually, CSS is a copy protection system. Per Wikipedia:
          “””
          The purpose of CSS is twofold:

          1) CSS prevents byte-for-byte copies of an MPEG (digital video) stream from being playable since such copies do not include the keys that are hidden on the lead-in area of the restricted DVD.

          “””

          1. CSS is an access control system because it limits access to the copyrighted work by requiring the use of a key (see 17 USC 1201(a)(3)(B)), but it doesn’t actually stop anything from being copied.

            As the same Wikipedia article explains, what stops the key from being copied is the fact that it’s impossible to write to the area on a DVD-R disc where the key is stored, and drives are designed not to write to that area on a DVD+R disc even though they technically can. So you could say DVD+R drive firmware contains a copy protection system, but it isn’t CSS.

            Besides tools for circumventing access controls, the DMCA also bans products that circumvent a “technological measure that effectively protects a right of a copyright owner”, i.e. something that “prevents, restricts, or otherwise limits the exercise of a right of a copyright owner”, under 17 USC 1201(b). CSS may also fit that description since it limits the ability to do things like making derivative works.

  40. I have three little words for Tektronix : DPO2COMP DPO2AUTO DPO2EMBD.
    (Replace with “Stop being dicks” instead of DCMA TAKEDOWN if compelled).

  41. When you buy one of these scopes, are you purchasing it or a license. If you’re purchasing a license, you’re bound by that license. If you purchase it, it’s yours, do what you want with it.

    1. “do what you want with it.”

      Legaly, that does not mean you have any rights to spread what you do with it, however.
      Difference between ripping a dvd yourself and putting its contents online.

      1. Agreed, however, there is a difference between uploading a DVD and taking a string of characters that the manufacturer themselves published online.

  42. I noticed the abbreviation IANAL used several times here – I had not come across it before and had to look it up – I don’t like it – just because I am not a lawyer doesn’t make me ANAL! Can we start a campaign to get that changed? – I suggest IANAAL (I Am Not An Arsehole Lawyer), or how about IANAAC?

      1. Hmmmm not too sure about that one, anyway Scunthorpe is not an abbreviation, it’s an abomination! (run and hide)…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s