At DEF CON 30 on Saturday, an Australian holding Sick Codes by the handle showed a way to take full control of John Deere farm machinery electronics to run first-person shooter Doom.
With some rather involved hardware hacking and the help of a New Zealand-based maker of Doom mods who was identified on Twitter as Skelegant, Sick Codes managed to get a corn-themed version of the classic 1993 computer game. run on a display of a John Deere tractor.
Snap of the John Deere hardware that runs Doom…Click to enlarge
Sick Codes, in a telephone interview with The registerdescribed his work as more of a jailbreak than an exploit.
The project took months to develop, according to Sick codes. It targeted a John Deere tractor 4240 touchscreen controller with an Arm-compatible NXP I.MX 6 system-on-chip running Wind River Linux 8. There were also devices running Windows CE.
The hack involved penetrating the physical innards of the controller and modifying the electronics in such a way as to execute its code. It turned out that once you were able to get your own software on the equipment, it would just accept it and run it.
“The main bug is that nothing is properly coded or checked or anything like that,” Sick explained, adding that it’s not practical to fix the weakness.
The solution, he suggested, is simply building new devices with the right security. All code from the firmware also runs as root, we’re told.
Play Doom on a John Deere tractor display (jailbroken/rooted) on @defcon pic.twitter.com/ih0QUTGNuS
— Sick.Codes (@sickcodes) August 14, 2022
Sick Codes chaired a related session at 2021 DEF CON 29 in which he attributed his interest in exploring farm equipment to the fact that no one else was.
But after revealing some vulnerabilities, John Deere patched them, preventing people from using the security vulnerabilities to modify or fix issues with their machines. And Sick Codes said he was approached by people who were angry for helping the company plug the holes in its systems. “It’s anti-rights to repair sometimes, if you look at it from a different angle,” he explained.
So this year, he said, he decided to focus on the underlying hardware and show the fragility of the food supply chain.
Crucially, the resulting jailbreak could be a breakthrough for people who want to freely repair and update their tractors and other farm equipment, as John Deere has set up software-level blocks so that only authorized dealers can do this job. The jailbreak allows farmers to bypass those locks.
A doh, a Deere
Kyle Wiens, CEO of repair website iFixit and advocate for the right to repair, attended the presentation and shared the experience in a Twitter thread.
“Sick Codes jailbroken a John Deere, and this is just the beginning,” he said wrote. “It turns out that our entire food system is built on outdated, unpatched Linux and Windows CE hardware with LTE modems.”
Wiens suggested the tractor kit compromise will help make automated farm equipment more accessible to those who use it.
“John Deere has repeatedly told regulators that farmers cannot be trusted to repair their own equipment,” Wiens said. “This fundamental work will pave the way for farmers to regain control of the equipment they own.”
And he too wondered aloud whether John Deere has complied with the terms of the GPL, as the company appears to be incorporating GPL code into its products without complying with its source code disclosure obligations.
Sick Codes confirmed that it believes John Deere has failed to meet its GPL obligations. “I would like to see them come forward and explain how they are following the rules,” he said.
According to author and activist Cory Doctorow, organizations that conduct legal enforcement for open source licensing issues are now informed of John Deere’s alleged non-compliance.
For years, John Deere has been a source of frustration among repair advocates who object to the current use of digital security controls to prevent product owners from repairing purchased equipment. Recently, however, the right to repair legislation has progressed in several US states and has been passed by the Biden administration. The European Union and the UK have also shown increased interest in protecting product buyers’ repair rights.
In January, two lawsuits were filed against John Deere, one in Illinois and the other in Alabama, over the company’s repair restrictions. The following month, US lawmakers in the House of Representatives and the Senate introduced separate bills to guarantee the right to reparation.
Then, in March, two weeks after a dozen advocacy groups complained to the FTC about John Deere’s refusal to provide the software and technical data needed to repair its equipment, the company said it would make previously limited technical resources available. to customers and independent repair shops .
The register asked John Deere for comment. We haven’t heard back. ®