"If they can be shut off with an over the air command we need to be able to trust the companies that make them."
-
"If they can be shut off with an over the air command we need to be able to trust the companies that make them."
-Ben Alexxander on the bricking of TESLA power walls.Remote software updates, feature enabling/disabling, and the most extreme remote bricking raise several "consumer rights" issues that have not been adequately addressed. #tesla #solar #rightToRepair
@futurebird If it's infrastructure and I don't own it, then I don't want it.
I'm desperately trying to find a car charger that doesn't use an app for precisely that reason. I don't care if it's a company choosing to do it or just because something in the supply chain going belly up.
-
I'm thinking about how "security" (virus and hacking protection) is often raised as a good reason to subscribe to automatic updates. Indeed, I allow my iPhone to update itself mostly because I think it's more secure.
But I have never felt comfortable with the way that software just changes whenever it wants.
The interfaces change, the functionality changes. We are promised it's for safety and "improvements" ...
But IDK what if you shipped software that was... complete?
@futurebird ah, but then how could a million very mid developers called Brad justify their jobs? How would the tech industry(TM) justify constantly replacing things? funny, that. Solaris 10 shipped complete. and it has stayed that way. my Solaris 10 system got a massive patch update a few weeks ago. y'know what changed in the UX? nothing. nothing changed. it just got more secure
-
@futurebird ah, but then how could a million very mid developers called Brad justify their jobs? How would the tech industry(TM) justify constantly replacing things? funny, that. Solaris 10 shipped complete. and it has stayed that way. my Solaris 10 system got a massive patch update a few weeks ago. y'know what changed in the UX? nothing. nothing changed. it just got more secure
@futurebird in some ways the fucking trashfire that is Linux and friends is really making me not like open source? openness is great, until it isn't. until you have 250000 people all tossing their own shit in the pot with no moderation, no "no, this is absolutely out-of-scope"
-
@futurebird Right now I have almost every auto update in both computer and mobile disabled because they can just brick whatever they want. And I did have a phone bricked after about 2 years, where after an update it suddenly took ten times the original to even open apps on it. Not falling for that shit again. I'm less likely to be hacked than be fucked by the original developers at this point, and not because hackers are laying idle...
This seems reasonable, but would you recommend such a course of action to your less tech savvy older relatives?
My mom has a natural and good tech instinct to click "no" when her computer asks her to update. However, she's had so many viruses and the easiest way to clear them out is if she just keeps the windows OS updated.
She uses the computer for the web and as a word-processor. I'm annoyed such basic computing is so dangerous and complex.
-
If a company can make automatic software updates what additional responsibilities should that imply?
Could legislation that holds companies to a higher standard in this area make these updates less frequent and extreme?
It's wild that some of the people most likely to be seeking independence (owners of power walls) have been subjected to this treatment. I hope that they will be very nasty to TESLA about this, go full Karen. I will cheer you on.
@futurebird
nothing can fix this mess
except in the end two words:
software liability -
@futurebird in some ways the fucking trashfire that is Linux and friends is really making me not like open source? openness is great, until it isn't. until you have 250000 people all tossing their own shit in the pot with no moderation, no "no, this is absolutely out-of-scope"
@futurebird and no "no. this is the UX. this is going to be the UX. don't like it? tough shit, we ship security updates. anything else, fuck off"
-
This seems reasonable, but would you recommend such a course of action to your less tech savvy older relatives?
My mom has a natural and good tech instinct to click "no" when her computer asks her to update. However, she's had so many viruses and the easiest way to clear them out is if she just keeps the windows OS updated.
She uses the computer for the web and as a word-processor. I'm annoyed such basic computing is so dangerous and complex.
@futurebird Mum is using my old gaming rig that's still snappy for her needs with windows 7 and a firewall that was set up to paranoid by me while I was using it - to ask to run any thing it doesn't recognize. This means everything, even its own executables. Every windows feature. Any script that tries to run. Annoying as hell for about half a year, but after the updates stop coming (win 7), this too stops. Anything that tries to run now and isn't recognized is an attack. I told her to let Firefox updates through and click no on everything else lol. No viruses.
...too bad I can't set Comodo to paranoid on Win 11 because then it won't let the system itself start, black screen, reinstall. I'm sure it's on to something with that, lol, but I still want to run that shit
On normal mode it sometimes kills explorer for me and then I have to re-enable it... Let's not talk about task manager they hate each other. Which just tells me that Win11 does sneak updates that it's not telling me about, because Comodo blocks applications that change, even if they were enabled before, and this means Windows is sneak changing without an "update" pretty much daily, sometimes twice a day.
Yes, did this dance on fresh install, presumably not a virus then.
-
I'm thinking about how "security" (virus and hacking protection) is often raised as a good reason to subscribe to automatic updates. Indeed, I allow my iPhone to update itself mostly because I think it's more secure.
But I have never felt comfortable with the way that software just changes whenever it wants.
The interfaces change, the functionality changes. We are promised it's for safety and "improvements" ...
But IDK what if you shipped software that was... complete?
In these days, we always have to wonder:
Security - but for whom?
For you?
For the company that wants to ensure, that you don't do anything with your device/software, they don't want you to do?
For your jurisdiction's surveillance apparatus?
-
If a company can make automatic software updates what additional responsibilities should that imply?
Could legislation that holds companies to a higher standard in this area make these updates less frequent and extreme?
It's wild that some of the people most likely to be seeking independence (owners of power walls) have been subjected to this treatment. I hope that they will be very nasty to TESLA about this, go full Karen. I will cheer you on.
@futurebird
A few years ago there was a story about John Deere bricking agricultural equipment in a war zone, which kinda sounds like it would be a war crime
Russians plunder $5M farm vehicles from Ukraine β to find theyβve been remotely disabled | CNN
Russian troops in the occupied city of Melitopol have stolen all the equipment from a farm equipment dealership β and shipped it to Chechnya, according to a Ukrainian businessman in the area.
CNN (edition.cnn.com)
-
@futurebird
A few years ago there was a story about John Deere bricking agricultural equipment in a war zone, which kinda sounds like it would be a war crime
Russians plunder $5M farm vehicles from Ukraine β to find theyβve been remotely disabled | CNN
Russian troops in the occupied city of Melitopol have stolen all the equipment from a farm equipment dealership β and shipped it to Chechnya, according to a Ukrainian businessman in the area.
CNN (edition.cnn.com)
-
@sabik @futurebird Yo, Russia stole them
Russia did the war crime
Spoils of war are never a right of the occupier.
Thanks for coming to the war crimes 101 talk.@dobetterinstitute @futurebird
Two things can be a war crime -
@dobetterinstitute @futurebird
Two things can be a war crime@dobetterinstitute @futurebird
More broadly, the fact that they can brick agricultural equipment is interesting for a whole bunch of reasons, regardless of this particular incident -
@dobetterinstitute @futurebird
More broadly, the fact that they can brick agricultural equipment is interesting for a whole bunch of reasons, regardless of this particular incidentYo, Ukraine paid for em and paid for the service. Russia didn't pay. Don't be making up rights for war criminals where there isn't one.
Absolutely, you are right about the right to repair and other options. But if consumers buy the product, thats also their right.
You are wrong to plant the right to repair flag on 'Russia, the victim'. Get some moral fiber.
-
@dobetterinstitute @futurebird
We aren't talking about whether Russia committed war crimes with this incident; that's a separate discussionWe're talking about whether John Deere committed war crimes, and deliberate destruction of agricultural equipment certainly sounds like it would count
@dobetterinstitute @futurebird
More broadly, what does it mean for a company to have the ability to remotely destroy agricultural equipment in bulk, whether deliberately or inadvertentlyWhat are the security controls on such a capability, for example
-
Yo, Ukraine paid for em and paid for the service. Russia didn't pay. Don't be making up rights for war criminals where there isn't one.
Absolutely, you are right about the right to repair and other options. But if consumers buy the product, thats also their right.
You are wrong to plant the right to repair flag on 'Russia, the victim'. Get some moral fiber.
@dobetterinstitute @futurebird
We aren't talking about whether Russia committed war crimes with this incident; that's a separate discussionWe're talking about whether John Deere committed war crimes, and deliberate destruction of agricultural equipment certainly sounds like it would count
-
I'm thinking about how "security" (virus and hacking protection) is often raised as a good reason to subscribe to automatic updates. Indeed, I allow my iPhone to update itself mostly because I think it's more secure.
But I have never felt comfortable with the way that software just changes whenever it wants.
The interfaces change, the functionality changes. We are promised it's for safety and "improvements" ...
But IDK what if you shipped software that was... complete?
@futurebird What is "complete" software?
Does complete software have bugs?
Do you want those bugs fixed?
Don't get me wrong. The current situation of every software team everywhere trying to constantly shove more and more "value add" features into old products and breaking them is a problem. Doubly so when you bought a thing for a single purpose and now it's useless for that because they tried to shove in 17 new features, none of which you needed.
But I'm not clear on what the alternative is.
-
@futurebird What is "complete" software?
Does complete software have bugs?
Do you want those bugs fixed?
Don't get me wrong. The current situation of every software team everywhere trying to constantly shove more and more "value add" features into old products and breaking them is a problem. Doubly so when you bought a thing for a single purpose and now it's useless for that because they tried to shove in 17 new features, none of which you needed.
But I'm not clear on what the alternative is.
@futurebird Often people like to look back fondly on the days when you bought software on a CD and installed it and that was the software you had. But they also forget that those were the days when 50% of applications shipped with a random version of QuickTime and if you didn't install them all in order of increasing QuickTime versions, everything that needed a newer version than the one shipped with the latest CD you installed would break. They were all "fixed". (Yes. I wrote down the QuickTime versions of every game we had as kids and reinstalled that damn machine, starting with fresh Win95 more times than I can remember. Why do you ask?
) -
@futurebird Often people like to look back fondly on the days when you bought software on a CD and installed it and that was the software you had. But they also forget that those were the days when 50% of applications shipped with a random version of QuickTime and if you didn't install them all in order of increasing QuickTime versions, everything that needed a newer version than the one shipped with the latest CD you installed would break. They were all "fixed". (Yes. I wrote down the QuickTime versions of every game we had as kids and reinstalled that damn machine, starting with fresh Win95 more times than I can remember. Why do you ask?
)@futurebird Remote bricking absolutely shouldn't be allowed and the company absolutely should be held liable if that happens.
I also don't think it's necessarily unreasonable to expect some separation of feature/UI updates from security updates. However, software teams can only keep fixing so many old versions for so long before the task becomes unbearable. I think we can do more but I'm not sure how much more or where to draw that line or how to regulate it.
-
@futurebird Remote bricking absolutely shouldn't be allowed and the company absolutely should be held liable if that happens.
I also don't think it's necessarily unreasonable to expect some separation of feature/UI updates from security updates. However, software teams can only keep fixing so many old versions for so long before the task becomes unbearable. I think we can do more but I'm not sure how much more or where to draw that line or how to regulate it.
@futurebird What I will say, though, is that we absolutely need to kill the entire concept of "value add" in American engineering business culture.
Most of the shit that gets shoveled into consumer products is done in a blind attempt to be able to put something on the side of the box that no one else has on the side of their box. It's a marketing arms race that creates an endless stream of half-baked "features" that no one asked for. Some of them turn out to be useful. Most turn out to be liabilities.
-
@futurebird ah, but then how could a million very mid developers called Brad justify their jobs? How would the tech industry(TM) justify constantly replacing things? funny, that. Solaris 10 shipped complete. and it has stayed that way. my Solaris 10 system got a massive patch update a few weeks ago. y'know what changed in the UX? nothing. nothing changed. it just got more secure
@freya @futurebird I'm not saying the Brads of the world are blameless, but we gotta at least throw some shade at the product managers as well, especially if we're talking about every shifting UX.
