Developer Unlocks Newly Enshittified Echelon Exercise Bikes But Can't Legally Release His Software
Posted by ThereWas@reddit | hardware | View on Reddit | 98 comments
ProfessionalPrincipa@reddit
The manufacturer reaching over the network and turning the lock on something I've purchased honorably is what should be illegal.
MrBallBustaa@reddit
Stop buying this shit.
pmjm@reddit
Adhering to this philosophy would stop people from buying anything. When people bought it, it wasn't like this, and the thought that it eventually could be like this didn't even cross anyone's mind.
ProfessionalPrincipa@reddit
Nah, "don't be an early adopter" is what someone said to me when Microsoft decided to kill WMR headsets. But even so, previously benign manufacturers could decide at any moment to become evil and taking that into consideration would mean nobody would buy anything ever.
Glum-Position-3546@reddit
I don't even get why MS killed WMR, I can see not updating it anymore, or even separating it from Windows, but why completely kill it and prevent anyone from using these headsets again?
I can see dropping the official app if there was some open alternative but as of right now there isn't (until Mbuchhia does it lol), these expensive pieces of hardware with the Windows name stamped on them are now completely worthless paperweights and they aren't even ten years old (some of them weren't even 5 years old!).
pmjm@reddit
Eschelon Bikes have been around since 2018. I'm not sure if you consider 7 years "early adopter" status, but for a product like this I wouldn't say so.
But yeah you've definitely identified one of the biggest problems. As previously well-meaning companies get success, a mix of arrogance and investor appeasement often forces the enshittification of the company and their products. You can't ever trust these companies, which should lead a prudent buyer to be more careful with their purchases. But if you need a tool now, you buy it for its current functionality. We need legislation to prevent that functionality from being taken away in the future.
Plank_With_A_Nail_In@reddit
It's an internet connected exercise bike not food ffs.
Its going to sit unused in the garage regardless of the software update or not. Should just sell these as very large paper weights.
pmjm@reddit
It's a hit product and a great idea for the most out-of-shape generation the earth has ever seen. Your average American should be buying products like it and using them regularly.
wankthisway@reddit
People bought them before they pulled this shit
BrushPsychological74@reddit
I saw this shit coming a long time ago.
choopatrol@reddit
Ey yo can I get the winning lotto numbers for next week
-Nicolai@reddit
Advocate for consumer protection instead of blaming the victims.
RedditAdmnsSkDk@reddit
Porque no los dos?
-Nicolai@reddit
Because one impedes progress of the other.
RedditAdmnsSkDk@reddit
Not really, no.
-Nicolai@reddit
What can I say except you’re wrong?
RedditAdmnsSkDk@reddit
I am wrong about what? That someone is an asshole for lying on the internet? I guess so, lol
account312@reddit
They've destroyed people's property and are charging people to regain use of it. Sure sounds like racketeering to me. Get some RICO up in there.
Plank_With_A_Nail_In@reddit
You don't have to buy it.
Strazdas1@reddit
They dont have to sell it.
explosiv_skull@reddit
Should be an instant class action suit if nothing else.
ireadoldpost@reddit
In canada you could argue its illegal under deceptive marketing practices, eg:
FTC I don't know if something similar exists. If you stretch the ransomware definition it sort of fits:
Either way it should be explicitly called out in new wording.
INITMalcanis@reddit
This is why I have a general rule: don't buy devices that "need" to connect to the internet unless I want to use them to read the internet. I don't want an exercise bike that connects to the internet. I don't want a washing machine that connects to the internet. I certainly don't want my heating or water or electricity mediated by the internet.
It's always going to end in this rent-seeking enshittification bullshit.
Automatater@reddit
Or just centralized control by the manufacturer or government, even if no baksheesh is collected. Still no.
Buzz1ight@reddit
Oh no, my house was broken into, they only stole the USB key with all my work on the jailbreak...
shroudedwolf51@reddit
And you would still get sued for it. Since doing the work itself is currently illegal.
Strazdas1@reddit
This is false. Under current right to repair laws doing the work is completely legal and multiple lawsuits were finished in the home software makers favor.
MBILC@reddit
But, since this is reverse engineering software, which could mean potentially bypassing security controls, this may not fall under "right to repair"
It is like making a copy of a, say, BluRay disk you own. You can make a copy of it, so long as you do not circumvent the copy protection mechanisms in place...
AnechoidalChamber@reddit
Should've stayed anonymous and quietly leaked the code on PirateBay...
Strazdas1@reddit
wouldnt get paid then.
AnechoidalChamber@reddit
Get paid 20K$ VS. altruistically helping people.
Tough choice if you're short on cash, but if you're not, that's an easy one.
Strazdas1@reddit
Well, most people are short on cash.
UnluckyPenguin@reddit
I'd be happy to help reverse engineer it.
I need little guidance as I don't have one of those echelon exercise bikes. But monitoring network traffic, MITM, packet inspection/injection, TCP binary stream reverse engineering - I've done it all. One app I had to modify to rejected phone-home calls entirely to counter the self-reporting their service did if it figured out they were using my app. The app I'd write for this would do the same thing and reject future firmware updates that might try to counter this. I'd open source it, maybe accept donations from users and hope someone modifies that source code into something even cooler - who knows...
I don't even want the bounty - put that 20k towards the next one. If someone can point me in the direction of obtaining one of these devices without having to spend $100+, let me know.
unsurejunior@reddit
Good for you bro... How did you learn all that stuff?
And how much this stuff do you think you could get like chatgpt to do if you held its hand. Could AI figure this stuff out if even some idiot like me was prompting it?
Lirael_Gold@reddit
He may have gone to a large building full of people who teach other people how to do things
You should probably stop relying on the magic talky nonsense bot and go to a large building full of people who want to teach you things.
andfournumbers@reddit
May have. Might not have though which I think is really at the core of why they asked
unsurejunior@reddit
Whatever lol if anyone on this website knew how to socialize we wouldn't be here
onebit@reddit
I'm not sure that's true. DMCA allows reverse engineering for interoperability. But I don't fault him for being cautious.
Raikaru@reddit
Circumventing DRM is illegal no matter what. Yes that’s dumb but that’s the US that exists today.
Strazdas1@reddit
this is false. Circumventing DRM is perfectly legal for personal use.
fordry@reddit
Is it actually drm if it's stopping a physical device from functioning?
onebit@reddit
anival024@reddit
Read the part after what you bolded. He's right. Circumventing copy protection or encryption in any way is expressly forbidden. Only VERY narrow carve outs exist for things like format shifting music from CDs.
Plank_With_A_Nail_In@reddit
Its "expressly" forbidden in that text, are you sure you know what the word "expressly" means?
Plank_With_A_Nail_In@reddit
Only 5% of the worlds population lives in the USA its not illegal for most humans.
pelrun@reddit
There are explicit carve-outs to that law. But it doesn't actually matter whether the law permits it or not, companies with money will just tie you up in litigation until you're bankrupt or you settle.
larossmann@reddit
If I ask 13 different lawyers I'll get 13 different answers, including the repport harvard law school's cyber clinic wrote for kyle wiens a while back.
If the upside of my decision is "I can share a free app with my friends!" & the downside is "I'll spend 3-5 years in prison!", there will be less people doing this...
The fact that it is a grey area whether you can do this when the penalty is 3-5 years in federal prison is insane. It's as insane today as it was nearly 30 years ago.
People shouldn't have to weigh this or think about it at all.
BlueGoliath@reddit
As long as it doesn't circumvent encryption methods.
Kinexity@reddit
This should have never been a problem in the first place but it could probably be made legal by having two teams write completely software in a way where one team reverse engineers and describes functionality of original while the other team write completely fresh code based on specification without seeing actual source code. Choose a country where software functionality is not a subject to copyright if necessary.
anival024@reddit
This is not legal. If you reverse engineer or circumvent encryption or copy protection schemes, it's illegal per the DMCA and nearly every Western nation the US trades with because of similar legislation.
"Clean room" designs don't save you.
The DMCA needs to be deleted and rewritten from scratch.
Strazdas1@reddit
this is legal and protected under right to repair laws. This is not DMCA infringement. You have full, 100% right to do any modifications to a DRM system for product you own.
BrushPsychological74@reddit
Just Deleted will do.
Plank_With_A_Nail_In@reddit
Only 5% of the worlds population lives in the USA, most western nations do not copy the DMCA you just made that up. Software isn't copyrightable in my country. Opensource license agreements aren't legal either as they are considered backdoor patents without the work being put in.
newaccountzuerich@reddit
Performing the work outside of the US means the work isn't subject to DMCA.
The offended company can throw toys out of the pram, but can have no reasoning the jurisdiction of creation.
Of course, the usual next step is buy a few senators, and get the US Dept of Foreign Affairs to ensure DMCA adherence is part of any trade work with that jurisdiction.
Berengal@reddit
Reverse engineering is already legal, you don't need a two-team clean-room implementation like you described. That's only needed when the source code of the software you're trying to reverse engineer is available, since it's much easier to claim copyright infringement in that case. A two-team approach is a way to defend against that by showing that a second implementation could be made from just specifications alone, as well as providing a hefty paper-trail of exactly that happening.
The issue in this case is that circumventing DRM is a copyright violation, as per the DMCA.
SignalButterscotch73@reddit
It's the only reason we have PC's without IBM branding.
Kinexity@reddit
This. I probably remember it from Asianometry video about it.
jigsaw1024@reddit
I remember living through it.
Kinexity@reddit
Sure grandma let's get you to bed
Strazdas1@reddit
The right to repair laws means that using such software is completely legal and manufacturers keep loosing those lawsuits.
Millennialcel@reddit
Release it on gitflic.ru like Bypass Paywalls Clean has to do
fullmetaljackass@reddit
If he actually wanted to help other people he'd have just released it anonymously on a site like that in the first place.
shroudedwolf51@reddit
Getting paid for the work you did and wanting to help people are not mutually exclusive.
Plank_With_A_Nail_In@reddit
There's no actually evidence he did it he just said he did.
DEADB33F@reddit
He wrote it to claim a bounty offered by Louis Rossman.
If he'd released it anonymously he'd not have been able to claim the cash.
surf_greatriver_v4@reddit
Money > consumers
Just as Louis intended
fullmetaljackass@reddit
Yes, I read the article too.
OkDimension8720@reddit
Woah Russian github? What's happening there 😂
GreatScottGatsby@reddit
There is more github derivatives and spin offs than you would believe. A lot of developers don't like githubs policies so they upload their work elsewhere.
Azure-April@reddit
Or the fact that github is owned by a company enabling a modern day genocide
SchighSchagh@reddit
Plenty of reasons to dislike Microsoft, but this is pretty low on the list of reasons to not use github.
Azure-April@reddit
18,000+ dead children.
SchighSchagh@reddit
Hey, listen. I really need you to understand this:
Virtually nobody is deciding to use GH or not based on that.
You clearly think nobody should be using MS products based on these things. That's understandable. And I'm sure there's plenty of people who agree with you as well. And of course you're all free to have that opinion.
But nevertheless, the fact is that the vast majority of people who choose to not use GH do so for entirely unrelated reasons. As the guy you originally responded to points out, GH policies make a much bugger difference to whether someone uses it or not.
BrushPsychological74@reddit
Hey everyone. How do you know someone is an irrational activist?
They'll tell you.
Azure-April@reddit
18,000+ dead children.
BrushPsychological74@reddit
See. Told you.
Here is a tip for you sweetie. No one gives a shit about your brain rot conflations.
newaccountzuerich@reddit
Valid, but people here won't tolerate that for whatever reason. The wrong type of tolerance is very prevalent amongst the US-centric tech subreddits.
aqpstory@reddit
Any 'serious' subreddit that doesn't put some restrictions on (general) politics discussion tends to turn into a (general) politics subreddit. r/hardware has been slowly going downhill for many years but at least it's not another r/technology clone yet.
I think that's largely thanks to the relatively aggressive moderation policy, and to some extent that reflects in the userbase by filtering out people who think its a bad policy
newaccountzuerich@reddit
There's a specific paradox in this thread's subject matter - the politics of the failure to punish a manufacturer for stealing the hardware use from the customer, is very much under the remit of the sub, as it's directly relating to a specific issue with hardware.
There's a line between pointing out the "generic government policies" and playing the "my team is better than your team" game. The first should be welcomed, the second should be dissuaded.
It's even worse for non-USians, who have no input into the discussion (no voting rights) but are still negatively affected by the unregulated product enshittification in pursuit of greed methods of US-based companies.
BrushPsychological74@reddit
It needs to be 100% restricted else it will just be another radicalized left wing loony bin. I'm not even on je right. I just dislike the constant irrational, shallow, idiotic, activism and hate.
advester@reddit
I actually thought this was a china-centric subreddit.
TenshiBR@reddit
Well, it is, but we all pretend we don't work for the party!
JUSTsMoE@reddit
American propaganda is hard to get rid of tbf. Must be soulstriking to realize you are not actually "the good guys"
newaccountzuerich@reddit
Wouldn't know - not USian.
shakestheclown@reddit
Best source for Bypass Firewalls Clean versions
WarOnFlesh@reddit
russian hackers are better at auditing code than you are. i would assume anything hosted there has secret vulnerabilities.
MysteriousBeef6395@reddit
he should just leak it "unintentionally"
AlphanumericBox@reddit
Oops it got leaked, my bad sorry.
Qpang007@reddit
The problem is that the company will also start a lawsuit over that oopsie. I don't know how he can publish the code or share the information with someone else without everyone pointing the finger at him. The code should be totally different to avoid that.
puffz0r@reddit
he can describe the method used and then others can develop software using the method and release it anonymously. It won't be his code so he would win the lawsuit.
Lirael_Gold@reddit
The problem is that it has his name on it, since he claimed a bug bounty from Louis Rossman.
He could wait like, 2 years, give it to someone else, and have them completely rewrite the code, but if literally any part of it can be connected to the original program he'll have lawyers all over him.
advester@reddit
DMCA strips ownership rights.
Elios000@reddit
IF it can be done some one will drop the code on torrent sooner or later.
_teslaTrooper@reddit
Knowing that it can be done is a good first step, I'm sure there's someone out there who will enjoy a reverse engineering challenge and release the result anonymously.
WhoTheHeckKnowsWhy@reddit
can always tell its a falling vulture capitalist victim turned vampire when google search doesn't shove it's parent company's wikipedia top of the results. lmao.
https://en.wikipedia.org/wiki/Adesto_Technologies
https://en.wikipedia.org/wiki/Dialog_Semiconductor
https://en.wikipedia.org/wiki/Renesas_Electronics
zephyrus299@reddit
This is a totally seperated unrelated company. Those are semiconductor manufacturers like the name might suggest and even a brief look would show you.
AnxiousJedi@reddit
Oh no, I was hacked! I swear I didn't share the code with anyone.
WhoTheHeckKnowsWhy@reddit
can always tell its not a chinese corperation when google doesnt shove it's parent company wikipedia on the results. lmao.