Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Businesses Hardware Your Rights Online

Biden Sets Up Tech Showdown With 'Right-to-Repair' Rules for FTC (yahoo.com) 65

President Joe Biden will direct the U.S. Federal Trade Commission to draft new rules aimed at stopping manufacturers from limiting consumers' ability to repair products at independent shops or on their own, Bloomberg reported Tuesday, citing a person familiar with the plan. From the report: While the agency will ultimately decide the size and scope of the order, the presidential right-to-repair directive is expected to mention mobile phone manufacturers and Department of Defense contractors as possible areas for regulation. Tech companies including Apple and Microsoft have imposed limits on who can repair broken consumer electronics like game consoles and mobile phones, which consumer advocates say increases repair costs. The order is also expected to benefit farmers, who face expensive repair costs from tractor manufacturers who use proprietary repair tools, software, and diagnostics to prevent third-parties from working on the equipment, according to the person, who requested anonymity to discuss the action ahead of its official announcement.
This discussion has been archived. No new comments can be posted.

Biden Sets Up Tech Showdown With 'Right-to-Repair' Rules for FTC

Comments Filter:
  • loaded with ex Big Tech exec's paying their previous and future employers forward.
    • loaded with ex Big Tech exec's paying their previous and future employers forward.

      Ya, I'm sure Biden can't wait to get out of the White House and start working at an Apple "Genius Bar". :-)

      • loaded with ex Big Tech exec's paying their previous and future employers forward.

        Ya, I'm sure Biden can't wait to get out of the White House and start working at an Apple "Genius Bar". :-)

        That's not really how it works. Somebody gave Biden a job that he didn't have to show up to:

        https://www.inquirer.com/news/... [inquirer.com]

        "Joe Biden didn’t teach regular classes or have a defined role at Penn, but the school was likely paying him for something else, experts said: the prestige of associating with a former vice president and global figure."

        "What did the University of Pennsylvania get for the more than $900,000 it has paid Joe Biden?

        The former vice president collected $371,159 in 2017 plus $540,484

        • That's not really how it works. Somebody gave Biden a job that he didn't have to show up to (in normal English usage would I would insert a three dot ellipsis here to indicate omitted text, but Slashdot is stupid) This is pretty common and probably on both sides of the political spectrum.

          Yup. Completely normal for ex-presidents / premiers / governors / senators / lords et al. in most western countries and across all political stripes.

          Often they will be appointed to the boards of multiple corporations or trusts where they do equally little work for the money.

        • "What did the University of Pennsylvania get for the more than $900,000 it has paid Joe Biden? The former vice president collected $371,159 in 2017 plus $540,484 in 2018 and early 2019 for a vaguely defined role that involved no regular classes and around a dozen public appearances on campus, mostly in big, ticketed events."

          Uh, politicians of his level typically get $200,000 and up for a speech, If Penn paid him $900,000 for 12 appearances, Penn was paying under half the going rate.

          Former presidents ask a lot more, of course: https://www.thoughtco.com/form... [thoughtco.com] . Trump charges $1.5 million per speech. [go.com]

    • Its the only thing you can actually count on. Those with money and power will use their money and power to acquire more money and power. I think its a universal constant.
    • by Aubz ( 7986666 )
      I can not believe I am saying this but I support, argh, Biden on this.
  • by Glasswire ( 302197 ) on Tuesday July 06, 2021 @03:59PM (#61556759) Homepage

    ...without a minimal level or repair-ability or support for 3rd party repairers that could end a lot of the resistance right there.

    • Dead right!
      Among other additional USAF duties I was an equipment custodian and getting aircraft test equipment repaired in a timely manner was and remains a monster asspain.
      While programs supporting local repair like Gold Flag are a start the DoD should demand ALL the IP for everything it buys and the right to both locally repair and contract other repair facilities as a condition of purchase.

  • I expect this to be another round of theater to keep people chomping at the bit, but in the end it will be utterly toothless much like any other move against the tech-bros or larger businesses in general. Right to repair is dead and gone as long as money is the only motivator in the USA. And the last few decades have shown, beyond all doubt, that the money is the ONLY thing that matters. It's more important than right to repair. It's more important than fair use. It's more important than physical or me

    • That is unfortunate.
      You Americans should get yourselves a better type of government. One that is for the people and by the people would be a good start.
      • by sarren1901 ( 5415506 ) on Tuesday July 06, 2021 @05:31PM (#61557043)

        I just read Alaska is doing two new to Alaska things for voting that will effect the midterms. First, they are opening up all primaries, so you don't have to be of a party to support a candidate. Second, they are going to do ranked voting. The top 4 candidates to start.

        Maine has the ranked voting and it has resulted in more moderates in both parties. If this works well for Alaska, maybe more and more states will get on board. This could really help get people voting for issues their candidate supports rather then what party they happen to be in.

        It shows there is a glimmer of hope our country could maybe hang on to democracy and avoid another civil war.

        • I just read Alaska is doing two new to Alaska things for voting that will effect the midterms. ...Second, they are going to do ranked voting. The top 4 candidates to start.

          Horray for them.

          Approval voting [electionscience.org] would be better --if nothing else, it makes vote counting easy (the counting method is unchanged from the current method)-- but the current "largest plurality wins" method fails badly if there are more than two candidates, and is one of the biggest contributors to the current polarization. Almost anything else would be an improvement.

        • I remember reading that Washington state has been doing Top Two voting for 12 years. In some cases it means the top two candidates have a "preference" for the same political party, but it means the two most popular candidates run against each other rather than putting a weak candidate from the opposite party on the ballot as a placeholder. Top 2 Primary FAQs [wa.gov]

          --
        • by dcw3 ( 649211 )

          All fine and dandy, but it's not the biggest problem. We'll continue to fail until we get the money out of politics. We need SCOTUS to back off on their idiotic ruling in Citizens United, or we need Congress to pass a new law. I don't see either of them happening anytime soon.

        • Oh! I see your problem:

          ...it has resulted in more moderates in both parties.

          Both parties? Why can America not have 6 parties, or 8 parties?

          • Because we don't have ranked voting? I'm forced to vote D or R because most of our voting is first past the post, winner take all. If we could all put our preferred candidate first and then a D or R further down the list, it would really shake things up a bit.

            At least one would hope so. I still think most people party vote so they don't have to think.

  • by Your Average Joe ( 303066 ) on Tuesday July 06, 2021 @04:40PM (#61556893)

    What we should care about is the repair of farm tractors(John Deere) and cars(Tesla). "Rich Rebuilds" has been denied many parts to the Tesla cars he tries to repair. Even denied a repaired car from the super charngin network. Tesla says the repair of an electric car is WAY too dangerous for a mortal. Tesla thinks all tesla cars should be replaced when any repair is over $500 LOL

    • by msauve ( 701917 )
      Well, they have to make a profit from something other than e-car subsidies.

      But more seriously, it's not just Tesla. Try getting updated firmware for _any_ modern vehicle component other than from a manufacturer approved ($$$) service center.
    • Why limit it?

      "All sold goods must by easy to repair." Period.
      No qualifiers. No nothing.

      The only exception I can think of are naturally perishable things, like food. Can't repair a rotting egg.

      • by dcw3 ( 649211 )

        Why limit it?

        "All sold goods must by easy to repair." Period.
        No qualifiers. No nothing.

        Nice in theory, and then you have to back it up legally. So, define "easy to repair"...it's too vague and would be tossed from every court in the country.

  • by PPH ( 736903 ) on Tuesday July 06, 2021 @04:58PM (#61556947)

    I hope they come down hard on Sacramento, CA [jalopnik.com].

  • Allowing everyone to repair a high security device usually equates to lowering its security. Can't hack a passcode on this nuclear detonator? Just follow the right-to-repair "reset passcode" procedure, manufacturer cannot put anything in there to stop you. Cannot stop you from flashing your own firmware means private keys required to sign said firmware have to become public knowledge, nullifying the security of signing the firmware completely. How long before US adversaries get a hold of DOD repair manuals

    • Allowing everyone to repair a high security device usually equates to lowering its security. Can't hack a passcode on this nuclear detonator? Just follow the right-to-repair "reset passcode" procedure, manufacturer cannot put anything in there to stop you.

      Wow. I want to write that story!!!

    • Bullshit.

      A physical lock can be fully repaired without being less secure.
      The screws just are on the inside of the door.

      A padlock, as another example, has its screw down the hole that the shackle goes in when closed.

      The same principles apply to any device.
      Just have a damn case lock. Yes, on smartphones too.

      • Ok, now apply your principle to signing updated on the phone. What is the analogy there for the screw on the inside?

        Anyone with physical access to the above lock can compromise it. Cyber security scope goes way beyond that. Even if you have physical access to a device (e.g. a lost or stolen iPhone), you still should not be able to get access to its data (unlike your physical lock example, if I steal the safe and have it in my lab, I can force it open).

        • Even if you have physical access to a device (e.g. a lost or stolen iPhone), you still should not be able to get access to its data

          You need look no further (for example) than FIPS 140-2 (formerly) Level 4.

          For RTR, if a device needs to be repaired and is not pre-authorised by the owner (by setting a repair passcode or some other authoriser/authenticator), then the data can be wiped clean when it is repaired.

          Data protection and device repair are neither mutually exclusive nor inextricably linked.

    • by sjames ( 1099 )

      Banks are already using XP. Whoever has you on their payroll is definitely not getting good value for their trolling dollar.

    • by Bert64 ( 520050 )

      That just means the device is poorly designed in the first place...
      In your example, the keys should be generated and controlled by the owner of the device not the manufacturer. As only the owner of the device would know the private keys, security would actually be stronger since you'd be far less susceptible to a supply chain attack where the manufacturer got breached.

      Old software only becomes a security risk because the developer stops maintaining it. The device itself is not, and most of those old devices

      • That just means the device is poorly designed in the first place...
        In your example, the keys should be generated and controlled by the owner of the device not the manufacturer.

        Ok, I'll bite. So when you buy an iPhone, Apple gives you a private key which you must use to sign any all updates to your phone. Lose that key, no more updates for you? Or is that key built into the iPhone, therefore any update will just self sign and apply? If the latter, you basically threw out the benefit of signing updates. If the prior, now there is a manufacturer wet dream, every time you lose your private key, you have to buy a new iPhone and throw the old one away. I'm not even going to begin going

        • So when you buy an iPhone, Apple gives you a private key which you must use to sign any all updates to your phone.

          Apple gives me a private key that I can use, but also makes it so that I can install updates signed with Apple's own private key. It does not have to be one or the other. If I want to use a specific version of the firmware or modify it, I can use my own key to sign and install it.

          Creating new software releases, especially when the underlying kernel changes (most open source does not support the old kernel for decades) costs a huge amount of money. IIRC it was Samsung who tried once selling a $10 a year subscription to finance supporting their phones beyond the original support period, almost nobody signed up.

          And yet, I can use a 10 year old or older PC no problem. It's slower, of course, but I can run the latest version of lubuntu or maybe even Windows (though that would be really slow). Or, I could use an older version of Windows.
          I ha

        • by Bert64 ( 520050 )

          Take the example of a Linux distribution...
          You install the system, and during installation you can choose to encrypt the drive. When you do so, you create your own keys and are encouraged to back them up. Only you have these keys, and you should not share them with anyone.

          When you download updates, the updates are still signed by the distribution, and you can still use their public key to verify that the updates genuinely come from the distributor before you install them.

          If someone steals the device and boo

    • Cannot stop you from flashing your own firmware means private keys required to sign said firmware have to become public knowledge, nullifying the security of signing the firmware completely.

      While I would prefer to be able to flash any firmware to a device that I own (and have physical access to), the signature requirement can be right-to-repair compliant, as long as I can either download the firmware from the manufacturer or buy a MCU that has the firmware already flashed to it, then I would be able to repair a device with a broken MCU.

      There could also be a limited list of what is exempt from right-to-repair rules, for example, bank card readers. However, because there are some specific device

      • Systems are secured as a whole, so for example an MCU may be already "paired up" with storage, or memory, or security coprocessor, or even the screen. That means that you have to change them out all at once. I suspect nobody would care to fix iPhones if you had to replace an entire motherboard and peripherals for same or more money than a new device, just so you can reuse the mechanical enclosure.

        As far as what you'd consider sensitive devices, your phone contains much more sensitive information than your b

        • Your smart TV is connected to your network.

          No, it's not. But even if it was, for someone to tamper with it, they would have to already have broken into my home. In that case I have bigger problems than somebody reflashing the firmware on my TV.

          I specifically mentioned physical access to do this. Yes, if anyone could just do it over the internet, it would be bad, but using ICSP or similar should be OK.

          your phone contains much more sensitive information than your banking card

          Not really, well, I do not store embarrassing pictures on it, so, somebody with my bank card could cause me more loss. And if my phone gets stolen, I'l

        • by dcw3 ( 649211 )

          If Tesla allowed people to flash their own firmware to do that, they could be held liable. This is why they don't.

          Where do you get this bullshit from? No, no, no.

    • Define "high security device": I have serviced high security padlocks before, be it rekeying, cleaning them out, replacing various key components (cores, shackles, actuators), changed combinations, installed, and removed locks from service. Some "high security devices" like S&G or Dorma Kaba safe locks have very good instructions on how to keep them maintained. More common locks like Best, American PacLock, or even commercial grade Master are openable with a hex wrench or a screwdriver and are easily

    • by dcw3 ( 649211 )

      How long before US adversaries get a hold of DOD repair manuals and things such as private keys required to repair/replace components or sign their own firmwares to inject into the right supply chains.

      Sorry, no. First off, the DoD can get any repair manual they contract equipment for...it the standard way of doing contractual business (37 year defense contractor here). And even if they couldn't, what makes you think your "US adversaries" couldn't get them from the OEMs just as easily?

  • Alternatively... (Score:4, Interesting)

    by VeryFluffyBunny ( 5037285 ) on Tuesday July 06, 2021 @06:27PM (#61557221)
    Legislate that all subsequent servicing & repairs should be included in the initial price. That means they'll have to make really reliable hardware &/or make it really cheap to repair.
  • Wow. Imagine your massive battleship shutting down because you replaxed a button.

  • Would love the language to be broad enough to allow us gamers to "repair" (stand up? emulate? Take over hosting costs?) old online video game servers that the manufacturers "broke" when they turned them off. I get that the game makers can't keep spending money on servers forever, but the gamers that want to keep them alive should be able to pony up the money to do so. . .

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...