Comment by maxerickson
4 years ago
Shouldn't the scammers pay the cleanup charges?
Like if you want to sell illicit XBoxes, it's on you to ensure that the thing can't be rendered inoperable by a third-party software update, it's not the third-party's responsibility to account for your hardware when they do software updates.
Doing software updates that brick tampered hardware is harder to make a sarcastic argument about.
Why can't I tamper with hardware I bought and paid for? It's not theirs to brick, whatever the justification.
I hate that the idea that you rent stuff from companies, instead of buying and owning, is now so ingrained that people defend actively destroying someone's equipment remotely.
You can.
but you bought a Cryptex.
break the Cryptex, it's broken.
We can stop buying electronic Cryptexes, or we can force companies to stop making them.
but from a realistic perspective, the only way to uphold the sanctity of online play, and enforce IP rights, is to have a secure stack, from boot loader, physically integrating the encryption keys with the hypervisor, and to render anything else an inoperable brick.
Lest we have cheaters in console games.
I do agree to a degree, I think "offline mode" should have a legal basis to stand on, but I also like to know that the others in the game are not cheating.
and that is impossible without an inaccessible black box, the Xbox, which is what we bought.
ive seen both sides of this coin.
> but I also like to know that the others in the game are not cheating. and that is impossible without an inaccessible black box, the Xbox
Ignoring the fact that reverse engineering is just a matter or time and pressure, eventually people will start hooking up image recognition auto-aimers to the input/output of these devices... what then? do we enter some kind of minority report era of gaming where you have to get your eyeballs replaced with "unhackable" ones - hope they don't burn out your retinas in an update. Point is, a black box is actually not a complete solution - as long as you can play the game, there will always be a way to cheat.
There are various online FOSS games that are completely open and hackable, where it's very easy to download the source and literally set a condition in the make file to enable "wallhacks" (because that is in-fact a useful debugging feature - talking about ioq3 specifically)... those communities just deal with it the old fashioned way, new players get treated with more scrutiny, admins get good at recognising cheaters (most cheaters are not good at hiding it, and experienced players who would better conceal wall-hacking behaviour etc are less likely to want to play with hacks way anyway). It's far from bullet proof, but so are so called "black boxes" despite their cost to the user.
3 replies →
you're confusing cryptography with corporate secrecy. Cryptography can be open (in terms of both specification and implementation - only keys need secrecy). This thread is about closed implementations, which is a different topic (even if those implementations happen to leverage cryptography)
5 replies →
Yeah, that's why it's hard to make a comment about it.
> Shouldn't the scammers pay the cleanup charges?
No. First, the primary culprit is who designs and deploys a mechanism to do harm. If I set a lethal trap on my property with a sign saying "Beware the 10,00 Volt mantrap", I am not excused when a burglar is injured - even though they are breaking the law by trespass. Secondly, it seems that the manufacturer gets to decide, arbitrarily and post-facto (post-sale/agreement) what constitutes a "scammer". Finally, with "e-fuses" you are setting a trap mechanism on my property which I have purchased in fair expectation of my rights.
> it's on you to ensure that the thing can't be rendered inoperable by a (third-party?) software update
I believe in many places like the US, it could be breaking the law to ensure that, since reverse engineering and circumvention of protections would be required.
Of course you're right that there's a sort of moral responsibility on people not to vandalise serviceable goods such that they become waste. But people throw away perfectly working technology every day.
If by "third party" (I think we would use "first party" here) you mean the vendor/manufacturer when you say:
> it's not the (vendors) responsibility to account for your hardware when they do software updates.
then I heartily disagree. It's certainly their moral responsibility, and, unless they offer owners a reasonable way to disable updates, it ought to be their legal responsibility too.
But that's not what's at issue. Otherwise your argument makes it seem like the update "accidentally" damaged the owners property. Quite the contrary, the vendor is sending out updates designed to cause harm, and in full knowledge and punitive intent. Am I mistaken?
> Doing software updates that brick tampered hardware is harder to make a sarcastic argument about.
I don't follow you. Sarcasm is the lowest form of wit and discouraged per HN guidelines in favour of arguing in "good faith".
There are other ways to physically, irreversibly, and cryptographically ensure a given integer is always incremented.
If that is the product, how can someone call afoul?
you are equating blowing an Efuse with setting a lethal trap.
there is a reasonable expectation for one, less so for another.
im not sure if that analogy of your's is made in the best faith.
Microsoft is not the first party on hardware they don't authorize or have involvement with, this is obvious.
> it's not the third-party's responsibility to account for your hardware when they do software updates
What you're describing here is markedly different than what the gp is referring to: intent matters (determining intent may be difficult in some cases, granted, but it's crystal clear in these specific examples)
The intent of the update was to blow a fuse on hardware that failed a consistency check, no?