Longtime Slashdot reader drinkypoo writes: John Deere, a current and historic American agricultural equipment manufacturer, has long been criticized for locking said equipment based on DRM, which can make it impossible for farmers to run their own services. Now, a new security bypass has been found for some of their hardware, revealing that it is generally based on outdated versions of Linux and Windows CE.
Implemented in Patient codesa full attack involves attaching hardware to a circuit board inside a touchscreen controller and ultimately creating a root terminal.
In the transaction and as a result, the question of JD GPL compliance is raised.
Sick Codes does not know how John Deere can address this vulnerability (other than overhauling the designs to add full disk encryption in future models). But Wired also notes that “at the same time, vulnerabilities like the one discovered by Sick Codes help farmers do what they need to with their own equipment.”
Although the first thing Sick Codes did was start a tractor on a farm Doom.