A few weeks ago, some tantalizing social media posts emerged from a Def Con talk, in which [Sick Codes] broke into the screen control unit for a John Deere tractor live on stage, and proceeded to play a special Deere-themed DOOM level upon it. At the time there was nothing more to go on, but we’re pleased to find out that the whole talk has been put online.
The talk starts with an introduction to the topic, to the basics of the control units within the machine and to the various different ages of Deere screen unit. We find that the earlier machines, which are still at work on farms worldwide, rely on outdated Windows CE versions, though the very latest screens run a Linux variant.
It’s one of these last screens to which he turns his attention, and we’re treated to an in-depth look at some of its secrets. After a lot of dead ends and learning exercises the final result is distilled into a pogo pin adapter for the hardware part, and a simple enough cron
job to bypass one of Deere’s defenses by keeping the filesystem writable so a file can be updated. There’s a bit more detail about the special DOOM level too, as a special bonus.
You can see our original mention of this talk, or read some of our past Deere coverage.
Thanks [Taylor Finley] for the tip!
Down with the Deere !! Very much looking forwards to playing Doom on my 1974 International Harvester.
How does hacking a 4240 contribute to the downfall of John Deere? The farmers will still need to buy parts for their John Deere tractors if they hack them to continue using them. John Deere will be happy to provide those replacement parts, and now that this tech talk is out and in the open they don’t even have to lift a finger to train farmers on how to keep their older tractors running.
We didn’t see any resistance from John Deere to this talk going public, as obviously it benefits them more than it hurts because it just means farmers will continue using John Deere, even after getting screwed over by their DRM.
This is not a win for farmers, it’s a win for John Deere.
Eagerly waiting years for a hacker to bypass your DRM seems unlikely. If Deere wanted it done, they could have done it via software update at any point in the past.
And one of the motivations to root these machines is to allow the use of cheap generic repair parts. So I’m skeptical that Deere has much to gain here.
What happens to your insurance when the underwriters learn about it?
This is just the beginning. Imagine what you can do with a rooted tractor, except playing Doom.
Cracking the licenses is obviously the next step, but wouldn’t probably be talked about in a Defcon.
Also, John Deere doesn’t have any financial interest in keeping the older tractors running, that’s quite the contrary… However, they do have an interest in selling repairs. This type of hack is aimed to free the farmers from the repair market monopoly of JD.
This is an attack on the perpetuity of ownership some manufacturers want to have on the equipment you buy from them. You own it but you have to work with the manufacturer if you want your equipment to work, get repaired, make changes. It creates a monopoly on something you’ve already purchased, it also stalls ingenuity, new better way to do things, etc…
Heavy and dangerous equipment with lost and lots of belts and pulleys and rotating bits and flailing thrashing augery things. Hydraulics, self-leveling, top heavy when full. Does the manufacturer’s liability end when you modify it? Or does a jury that doesn’t know firmware from soft-serve ice cream award $5 billion when someone looses an arm?
You are assuming that repairs cause more accidents. Data please.
Ah… we were all mistaken. JD is not doing this for money but for the greater good.
The trick is to turn off the machine whilst you are working on it. ;)
Gee golly wiz. I wonder how them poor ol’ farmers handled all that liability before JD saved them from themselves and locked it all down with proprietary computer brains; Totally for their own good, and not for profit of course, bless their hearts.
“pogo pin adapter fort he hardware part” with the line break coming after “fort” on my phone.. I scratched my head for a minute at this phrase. :D
You know I used to ride on tractors before DRM was even a thing. I haven’t ridden one since, but even still I’m super happy to see this. What a crock that John Deere went the robber baron route.