To me, blowing a fuse in hardware that you've sold sounds like at least unauthorized computer access and/or malicious destruction of property. I'm saddened and surprised to learn there's substantial precedence for this.
If I were authorizing something like that (I'd rather quit my job, but if), I'd be terrified of the repurcussions – for one, what if the device was sold in a region that has consumer protections? The fact that they're casually planning and committing such a careless act speaks volumes to the weakness of consumer protections, I guess.
>To me, blowing a fuse in hardware that you've sold sounds like at least unauthorized computer access and/or malicious destruction of property. I'm saddened and surprised to learn there's substantial precedence for this.
Unless they have auto updates that you can't disable, they can just withhold access to online services until you give them the permission. You're free to refuse of course, and no "malicious destruction of property" happens without your consent.
>If I were authorizing something like that (I'd rather quit my job, but if), I'd be terrified of the repurcussions – for one
IANAL but the chances of you getting civil/criminal penalties is slim to none.
Civil consumer protections should probably be stronger.
But the criminal angle is a big stretch. Nintendo is not breaking into devices to install updates and bricking them. And not liking something is very different, legally, than maliciousness. They're updating them when you click update, after being presented with legalese about it, and adding DRM which serves a function (whether you like the function or not).
The problem is you're running into device security vs. device capability. If you can downgrade your device, then so can someone else. Take the standard example of jailbreaking: New iOS releases generally (sans bootrom bugs) fix security bugs, and definitely break jailbreaks.
If some large organization wants to monitor what you're doing by installing malware, they need to be able get the older OS installed. Assuming you're a sufficiently value target (human rights activists, etc), it can be worth them spying on you to get your device passcode, and then downgrading and installing malware. If it's not across a major version I suspect that the victim would not know.
Part of the attack model the companies like Apple and Google have to consider is direct physical access to the device. Neither company considers it reasonable to say "once someone has physical access to your device it is game over".
If you buy a car, and a few months later, the person you bought it from, came to your abode and changed out one wheel for a totally different wheel, would it bother you?
Even that tenuous face value falls apart as soon as you consider that the person who clicks through the UI isn't necessarily the legal owner of the device.
That seems like a dispute between the user of the device and the owner. If an unauthorized user used dd to wipe someone's computer without the owner's consent, you don't go after the FSF, you go after the person who ran the command.
IANAL but contract terms are generally thought to be enforceable unless argued otherwise. Can you furnish the relevant statues/cases that you think make clauses like these unenforceable?
To me, blowing a fuse in hardware that you've sold sounds like at least unauthorized computer access and/or malicious destruction of property. I'm saddened and surprised to learn there's substantial precedence for this.
If I were authorizing something like that (I'd rather quit my job, but if), I'd be terrified of the repurcussions – for one, what if the device was sold in a region that has consumer protections? The fact that they're casually planning and committing such a careless act speaks volumes to the weakness of consumer protections, I guess.
>To me, blowing a fuse in hardware that you've sold sounds like at least unauthorized computer access and/or malicious destruction of property. I'm saddened and surprised to learn there's substantial precedence for this.
Unless they have auto updates that you can't disable, they can just withhold access to online services until you give them the permission. You're free to refuse of course, and no "malicious destruction of property" happens without your consent.
>If I were authorizing something like that (I'd rather quit my job, but if), I'd be terrified of the repurcussions – for one
IANAL but the chances of you getting civil/criminal penalties is slim to none.
Civil consumer protections should probably be stronger.
But the criminal angle is a big stretch. Nintendo is not breaking into devices to install updates and bricking them. And not liking something is very different, legally, than maliciousness. They're updating them when you click update, after being presented with legalese about it, and adding DRM which serves a function (whether you like the function or not).
The problem is you're running into device security vs. device capability. If you can downgrade your device, then so can someone else. Take the standard example of jailbreaking: New iOS releases generally (sans bootrom bugs) fix security bugs, and definitely break jailbreaks.
If some large organization wants to monitor what you're doing by installing malware, they need to be able get the older OS installed. Assuming you're a sufficiently value target (human rights activists, etc), it can be worth them spying on you to get your device passcode, and then downgrading and installing malware. If it's not across a major version I suspect that the victim would not know.
Part of the attack model the companies like Apple and Google have to consider is direct physical access to the device. Neither company considers it reasonable to say "once someone has physical access to your device it is game over".
> it can be worth them spying on you to get your device passcode
I mean, if they have your device passcode, they already have pretty broad access to your device already.
It’s not really “blowing a fuse” but more “increase hardware counter by one”.
Is that still “malicious destruction of property”?
It really is blowing a fuse.
https://en.wikipedia.org/wiki/Efuse
7 replies →
If you buy a car, and a few months later, the person you bought it from, came to your abode and changed out one wheel for a totally different wheel, would it bother you?
4 replies →
Even that tenuous face value falls apart as soon as you consider that the person who clicks through the UI isn't necessarily the legal owner of the device.
That seems like a dispute between the user of the device and the owner. If an unauthorized user used dd to wipe someone's computer without the owner's consent, you don't go after the FSF, you go after the person who ran the command.
You can "agree" to any number of terms that they could put in there that aren't going to hold up to any legal scrutiny.
IANAL but contract terms are generally thought to be enforceable unless argued otherwise. Can you furnish the relevant statues/cases that you think make clauses like these unenforceable?
There are many rulings around the idea of "unfair" contracts.
https://www.upcounsel.com/unfair-contract-terms-regulations
https://www.ttclub.com/news-and-resources/news/tt-talk/2016/....
right because all terms are legally enforceable...