Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

bcron ,

Next up: printer ink??

dog_ ,

W

Rivalarrival ,

The law, like those passed in New York, California, and Minnesota, will require many manufacturers to provide the same parts, tools, and documentation to individuals and repair shops that they provide to their own repair teams.

I'm sensing downsizing of "repair teams" in the not so distant future, with calls for repair being forwarded to sales.

VinnyDaCat ,

This. It sounds great, but realistically companies will just control the supply of repair materials and scalp us that way instead.

pmmeyourtits ,

GET FUCKED VOLKSWAGEN YOU COCKSUCKERS

atrielienz ,

Motor vehicles are exempt and the law doesn't affect anything until 2025.

pmmeyourtits ,

Oh for fucks sake

sarchar ,

You didn't think the law was for you/us, did you?

Raiderkev ,

Lol, of course.

JigglySackles ,

..... MOTHERFUCKER. Just can't have anything fuckin nice.

Sweetpeaches69 ,

Wait, what's wrong with VW?

pmmeyourtits ,

VW does parts pairing. It resulted in me having to get a new vehicle when my steering wheel controls and air ag stopped functioning. Turns out you have to program the clockspring with the old clockspring and bringing it to VW resulted in a 350$ charge for them to say "we can't fix this".

Fuck VW.

Rediphile ,

Dealerships are literally the worst place to take a vehicle for a repair. They are in the car selling business, not the car fixing business.

sugar_in_your_tea ,

I asked about a quote to fix my older car (not VW), and they said it would take 30 days in the shop... To be fair, the part in question has the odometer data, but surely they can just pull the part, transfer the data, re-install, and they're done. Should take less than a week...

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

They typically send those off to a third party. You can usually find those services on eBay. You pull your old cluster and they transfer the data. There's other ways to do it too, but that's the typical way of doing it. Personally, I have a used cluster in my car with the incorrect mileage. My state doesn't record mileage when you transfer the title, so I just need to disclose to whoever I sell it to that the mileage is not correct.

sugar_in_your_tea ,

Yeah, apparently that's the case here too, and I'll be going that route. I just thought it was ridiculous that I'd have to leave the there for a month and probably pay like $1k. Surely they have the equipment to do the transfer, no?

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

No, they don't usually want to mess with odometers because of the liability. I think most manufacturers require that the cluster is sent to them in order to verify the correct mileage and then program a new one. There's aftermarket tools for doing it on some models, others you can just dump an eprom with a cheap programmer, it just depends really.

sugar_in_your_tea ,

That's ridiculous. Here's a decent way to do it:

  1. Desolder the chip (or have a read-only port to plug into) and put it on a test board
  2. Read the chip output and send it to the manufacturer (has mileage plus w/ cryptographic signature)
  3. Manufacturer sends newly programmed chip to the mechanic, and the mechanic sends the old chip back in the provided packaging
  4. Customer gets the car back, and the manufacturer can verify that the chip swap was legit

Boom, under a week turnaround without any backdoors in the odometer.

pmmeyourtits ,

I brought it there after bringing it to my preferred auto shop. Guy did everything in the book with me there and told "yeah sorry man, you're gonna have to bring it to VW" after we watched the programmer failed multiple times.

redfox ,
@redfox@infosec.pub avatar

This isn't necessarily the case anymore. They realized they could charge more money after all this parts pairing and proprietary stuff started.

Dealerships can make more money from repairs than selling. Especially if sales margin is lower due to online competitors selling cars cheaper.

This bill attacks one of the things preventing cheaper repairs and shops from helping .

Fedizen ,

HP screaming

muntedcrocodile ,

I wonder what Louis Rossmann has to say about this.

fiercekitten ,

Parts pairing is prohibited only on devices sold in 2025 and later. And there are carve-outs for certain kinds of electronics and devices, including video game consoles, medical devices, HVAC systems, motor vehicles, and—as with other states—"electric toothbrushes."

What’s a good-faith argument for exempting these devices? Or was it simply successful lobbying in protecting corporate interests.

Ottomateeverything ,

I could see an argument about medical devices, HVAC, and vehicles... But I don't think I'd agree with them. Except maybe medical.

Consoles and toothbrushes though? What the fuck?

FiniteBanjo ,

I don't see any argument for vehicles, tbh. HVAC tinkering is almost exclusively high voltage so that makes just a little sense, don't want people swapping a 350 volt AC capacitor with a 250 volt DC capacitor and having it blow up, but Vehicles means a manufacturer can do everything imaginable to limit part availability and kill aftermarket parts purely for profits.

bluGill ,

Vehicles need it because the keyless entry radio needs to pair with the engine start. Otherwise a thief can steel a car in a few minutes by bringing their own computers.

FiniteBanjo ,

I guarantee you keyless start cars aren't more secure because of paired parts. The encryption for the fob's signal isn't the result of a paired part.

atrielienz ,

Define more secure. More secure than what? A non-keyless entry car of the same year and model? A car from ten years ago that doesn't have parts and modules that do a handshake and will immobilize the vehicle if the system is tampered with?

FiniteBanjo ,

I'm not arguing that it is more secure. That's what others said. I'm arguing it is a non-factor in security. Nearly unbreakable encryption methods exist without any reliance on physical part-pairing. The only benefit from it is the manufacturer profiting more off of it as users become more reliant on the manufacturer in case of device failure and replacement.

atrielienz ,

I think the immobilization is key here and not something I would trust from any third party. If a third party has access to the encryption method, so does a hacker with the right tools.

Additionally, it's configured to the VIN specifically so you can't steal or buy genuine parts with a key you have access to and swap them into a vehicle that those parts don't belong to. Chop shops have the ability to do this in the event that these modules aren't configured properly and don't require the right validation from other modules.

FiniteBanjo ,

Encryption can be done purely between first and second party if you want to rely on the manufacturer for some reason, or if you're really the complete owner you should have full access to the vehicle's systems via physical connection and credentials. There is no need for third parties, for a comparison you don't just give out your email account access or computer password do you?

atrielienz ,

The government doesn't as heavily regulate your email password or computer. The government does regulate automakers and the vehicles they produce. Included safety and security regulations.

FiniteBanjo ,

So you're implying Google Email is not secure? You think that because your computer is not physically paired to a google server that the Google encryption can easily be cracked, or that vice versa it couldn't be if it were?

If those are your stances, then you are wrong on all accounts.

atrielienz , (edited )

What in the straw man argument. Your email doesn't drive on public roads you moron. What are you even talking about.

And if you want to completely own a motor vehicle buy and build a kit car. And the.n go get it inspected because the government won't let you drive it on the road until you can prove it's road worthy.

FiniteBanjo ,

You said that part pairing is a security measure due to regulation which computers don't have, so that means you think that computers are less secure because they are less regulated, right? Part Pairing is not a security measure, encryptions without part pairing are just as secure.

atrielienz ,

Lol. That's a poorly worded excuse for a come back that doesn't make an actual point and puts words in my mouth I never said. Additionally it adds meaning to the words I did say that don't make any sense.

Further, since your computer is in fact fairly insecure (look up how easy it is to just completely bypass windows and install Linux) I wouldn't be opening myself up to further arguments in this vein if I were you. Emails get hacked all the time. It's literally a scammers paradise. Know one of the things that prevents spear phishing and other attacks? A physical security key. Or multi factor authentication. What are you even on.

FiniteBanjo ,

If you think it's so easy to break AES-256 then feel free to prove it. The whole world would be amazed at your feat. Clearly all other forms of security are meaningless in the face of paired parts, right?

atrielienz ,

Was that my claim? Did I claim this was the only way? Nope. Never claimed that.

FiniteBanjo ,

It's not even a way. Because it's not a security measure.

T156 ,

Particularly as a lot of newer thefts just use an amplifier to boost the key signal, and fake the key being in the car. Part pairing wouldn't help at all there.

themoonisacheese ,
@themoonisacheese@sh.itjust.works avatar

If the security was so bad that removing part pairing would crash this, then it wasn't secure to begin with. Same argument as apple pairing the fingerprint sensor, the emsensor is only doing the reading, not the authentication.

atrielienz ,

They're right though. The security in newer cars and anti-theft features require that a couple of different modules talk to and validate each other. That's how it's designed to work to prevent theft or hacking. When your ECU talks to your keyless entry module or what have you they perform a handshake. That ECU and keyless entry module talk to the vehicle's starting system to validate that yes the correct key at the correct range is being used to send the signal to start the vehicle.

themoonisacheese ,
@themoonisacheese@sh.itjust.works avatar

Again, if you're so deep in the car that this matters, this is not the part that's going to stop you, unless the car is so poorly built that the keyless entry module is readily available without taking apart the entire car. This is a non-problem.

atrielienz , (edited )

It isn't just one module. That's what I'm trying to tell you. There's a handshake. So replacing the Electronics control module or the Powertrain control module those modules have to be configured to the Vin. In my mother's escape the PCM is in the wheel well behind a liner held in by plastic clips. None of those parts can be replaced without being configured to the VIN.

As for poorly designed cars, yeah. They've been making them for years and security has been evolving. Doesn't mean we should set ourselves back in that arena because Joe wants to swap out his PCM with one from the junk yard.

CAN network injection can be achieved through the headlight well on some cars.

https://www.autoblog.com/2023/04/18/vehicle-headlight-can-bus-injection-theft-method-update/

themoonisacheese ,
@themoonisacheese@sh.itjust.works avatar

I know that it isn't just one module. What is the handshake achieving exactly? Because it's not additional security from an attacker trying to replace the keyless entry module with a hacked one, and if it is doing that then this is a terrible security design and the actual solution is not to get to keep using this 'security' threat model.

atrielienz , (edited )

According to the diagram I'm looking at? The front door handle receives the entry signal from the key that's in proximity to the vehicle (I think it's something like within three feet). That signal is sent to a BCM (ECU), that then talks to other PAssive entry antennas on the vehicle to unlock the door. Simultaneously it talks to the PCM and IPC through the Gateway module, sending a Passive Entry enable signal. Those modules talk to the ignition switch allowing the vehicle to be started. Looks like this happens on what's called the High Speed CAN network. So the question is, if I can access this network via something like the PCM and the PCM isn't properly configured to prevent this, can I override the network without having the key with sufficient tech? That's problematic for a lot of reasons. So no. I don't think you should be able to go to a junkyard or pick and pull and buy a module that could compromise your network and I don't understand why anyone would want that. You absolutely can buy a module from the manufacturer and get a shop (not even a dealership, just an independent shop with the right tools) to configure a module.

FiniteBanjo ,

You don't have to have paired parts for secure authentication. You just need parts that have been set up and authenticated beforehand. That is not the same as part pairing.

atrielienz ,

What's to stop me from going to a junk yard, paying for a key and the modules in question, attaching them to a different car and stealing that car?

FiniteBanjo ,

Literally nothing stops you from doing that with paired parts. Nothing. Keyless cars get hacked, stolen, dismantled, and rebuilt all the time, just like any other car.

Encryption and authentication are equally secure with or without physical part pairing.

atrielienz ,

That's not true. The paired parts are attached to the VIN. Literally programmed with the VIN of the car and a lot of them are single use for specifically this reason. You don't know and you're very insistent.

FiniteBanjo ,

I guarantee you that the paired parts can and will be swapped out or stolen. It does nothing to protect consumers. Give me an example of a manufacturer who uses paired parts and I'll find examples of thefts, hacks, and replacements.

atrielienz ,

Wrong wrong wrong wrong. Go to literally any dealer and ask a tech.

FiniteBanjo ,

I'll be waiting for when you find an example, mate.

atrielienz ,

I'll log into all data for this. Give me a sec.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

You can get whatever paired modules with a paired key from a wrecked car and plug them into a different car and start it.

atrielienz ,

You can't. That's the point. Once those parts are configured to a vin they only work with that vin.

atrielienz ,

"Module Swapping And Ordering Using A Different VIN:

Swapping a used module from a vehicle for diagnostic purposes or to complete repairs is likely to cause vehicle symptoms or programming errors and is not recommended. Ordering a replacement module using a VIN from a different vehicle is also not recommended. Most modules on these affected vehicles are VIN/vehicle specific, and hardware variations between modules do exist. Swapping a module from a vehicle or ordering a module using a different vehicle/ VIN can cause ineffective repairs and additional vehicle downtime. Make sure all appropriate WSM procedures are followed when diagnosing the condition before any module replacements and only order modules using the correct VIN. " -GSB 24-7011

"Starting a vehicle session requires the user to select the Read VIN From Vehicle button in FDRS. Once the Read VIN From Vehicle button is selected, FDRS will read the VIN via the CAN from the PCM using OBD-II protocol from PCM Mode 09 data. The PCM will report the VIN to FDRS, which displays it in the VIN entry box. The user will then select Go, at which time FDRS will retrieve a vehicle model from the servers for that VIN, including which modules are equipped, the powertrain type, and the vehicle program information. This process occurs while FDRS displays a progress bar stating, Downloading Vehicle Information. Once obtained, FDRS will perform a network test on the vehicle and read the part numbers and DTC in all equipped modules." -GSB 24-7011

https://www.macheforum.com/site/attachments/gsb-24-7011_fdrs_programming_job_aid-pdf.117742/

I would be willing to believe that the manufacturer absolutely can do what you're saying but only the actual manufacturer, not a tech at a dealership or independent shop.

If you were to do this with say a 2020 F150 (went to a junkyard, bought a BCM, plugged it into your truck) the other modules would not be able to validate it.

" Perimeter Alarm:

The BCM controls the operation of the perimeter alarm. It monitors inputs from the RKE system, the passive entry system, the power door lock system, the PATS and the ignition status to determine when to arm the perimeter alarm.

The BCM monitors all of the door ajar switches, the luggage compartment lid ajar input, the hood ajar switch, the intrusion sensor, the CAN and the ignition status to determine when to activate the perimeter alarm. When the BCM detects an input indicating an unauthorized entry into the vehicle, the BCM activates the perimeter alarm by sounding the horn and flashing all the turn signals and interior courtesy lamps at regular intervals.

The BCM monitors the RKE system, the passive entry system, and the PATS to determine when to disarm the perimeter alarm.

A switch inhibit feature temporarily disables the door lock control switches and the interior luggage compartment lid release switch 20 seconds after the vehicle is electronically locked. For detailed information of the switch inhibit feature,
Refer to: Handles, Locks, Latches and Entry Systems - Overview (501-14 Handles, Locks, Latches and Entry Systems, Description and Operation) .

Additionally, there is a door lock LED indicator located on each door window sill. The indicators provide lock/unlock indication for each door. They illuminate when the door is locked and are off when the door is unlocked. For detailed information of the door lock LED indicators,
Refer to: Handles, Locks, Latches and Entry Systems - Overview (501-14 Handles, Locks, Latches and Entry Systems, Description and Operation) .

Visual and audible feedback is also provided when locking or unlocking the vehicle. For detailed information of the vehicle locking and unlocking feedback,
Refer to: Handles, Locks, Latches and Entry Systems - Overview (501-14 Handles, Locks, Latches and Entry Systems, Description and Operation) .

Arming The Perimeter Alarm

The perimeter alarm is ready to arm any time the ignition is off. The perimeter alarm pre-arms when any of the following occur:

Pressing the lock button on a RKE transmitter
Pressing the door lock control switch to the lock position with a front door open, and then closing the door
Locking the vehicle with the passive entry feature

Once the system is pre-armed, there is a 20-second countdown before the perimeter alarm is armed. Each entry point to the vehicle (hood, door and luggage compartment lid) is armed separately and must be closed before that entry point begins the 20-second countdown to become armed. If all entry points are closed, the turn signals flash upon locking indicating that all entry points are entering the 20-second countdown.

Perimeter Alarm Activation

The perimeter alarm has a 12-second delay when the driver front door is opened without using a valid programmed RKE transmitter or a passive key to unlock the vehicle. During the delay, a chime sounds. If the perimeter alarm is not disarmed within the 12-second delay, the alarm activates.

The perimeter alarm activates when:

the driver front door is opened without first receiving an unlock command from the passive entry feature or a valid programmed RKE transmitter, and the 12-second delay has expired.
any other door, the luggage compartment lid or the hood is opened without first receiving an electronic unlock command from the passive entry feature or a valid programmed RKE transmitter.
the ignition transitions to RUN without a valid PATS key read received.
the BCM detects an attempt by a diagnostic scan tool to establish communication on the CAN .

The perimeter alarm only activates 10 times per arming cycle. After that, the alarm does not activate. To enable the perimeter alarm again, disarm the perimeter alarm and then arm it again.

Disarming The Perimeter Alarm

The perimeter alarm disarms when:

pressing the unlock button on a door lock control switch within the 20-second pre-arm.
the smart unlock feature activates within the initial 20-second pre-arm.
pressing the unlock button on a valid programmed RKE transmitter.
pressing the luggage compartment lid release button on a programmed RKE transmitter (this only disarms the luggage compartment lid entry point with the rest of the vehicle remaining armed).
using a valid programmed key to change the ignition to RUN.
unlocking a front door or opening the luggage compartment lid using the passive entry feature.

CAN Protection Strategy

When the perimeter alarm is armed, the BCM monitors the CAN . If a scan tool is connected to the DLC , and an attempt is made to establish a session with the BCM , it activates the perimeter alarm.

Every time the BCM detects an unauthorized access (alarm activates), all BCM programming, PID monitoring and self-test sessions are blocked for 10 minutes. At the end of the 10 minute time period, the horn chirps to indicate the 1 minute of opportunity to communicate with the BCM and program keys if none are available.

Refer to: Anti-Theft Key Programming - Scan Tool (419-01B Passive Anti-Theft System (PATS), General Procedures) .

Component Description

Door Latch

The door ajar switch, the lock/unlock solenoid and the lock/unlock status input switch are part of the door latch and not serviceable separately.

The door ajar switch is monitored by the BCM and the primary function is for the courtesy lamps system.
Refer to: Interior Lighting - System Operation and Component Description (417-02 Interior Lighting, Description and Operation) .

The lock/unlock solenoid is controlled by the BCM for locking and unlocking the door.
Refer to: Handles, Locks, Latches and Entry Systems - Overview (501-14 Handles, Locks, Latches and Entry Systems, Description and Operation) .

The lock/unlock status input switch is used to illuminate the door lock status indicator.
Refer to: Handles, Locks, Latches and Entry Systems - Overview (501-14 Handles, Locks, Latches and Entry Systems, Description and Operation) .

Hood Ajar Switch

The hood ajar switch is a single pole switch (integrated into the hood latch) that is normally closed when the hood is closed. When the hood is opened, the hood ajar switch opens to indicate an open hood.

The BCM sends a signal to the hood ajar switch, and based on the input, the BCM determines if the hood is open or closed.

Intrusion And Inclination Sensor

The intrusion sensor is powered and monitored by the BCM at all times. When the perimeter alarm is armed, it monitors the passenger compartment for movement by emitting acoustic ultrasonic pulses. If movement is detected, it sends a signal to the BCM .

The inclination sensor is powered and monitored by the BCM at all times. When the perimeter alarm is armed, the inclination sensor monitors the vehicle for tilt or inclination from events such as significant cargo removal or addition, jacking up a wheel assembly, loading onto a tow truck, or suspension modifications causing significant front/rear ride height differences. If sufficient tilt is detected, the inclination sensor sends a signal to the BCM .

When the intrusion/inclination sensor is replaced, the LIN New Module Initialization procedure must be carried out using a diagnostic scan tool.

BCM

The BCM controls the operation of the perimeter alarm. Based on input, the BCM arms, disarms, activates or deactivates the perimeter alarm.

The BCM requires PMI when replaced. Additionally, at least 2 keys must be programmed and the parameter reset procedure carried out." - All data

On older cars you probably could go to a junkyard to get the PCM, BCM and so on. But that doesn't work on newer cars specifically not ones with PAT systems. You'll immobilize the car or put it in limp mode. If any one of those modules doesn't recognise the saved in the other modules. And you'd need a lot of parts to get around that.

FiniteBanjo ,

You responded to yourself, you know?

Before I even begin, none of this is more secure than non-paired parts because you can use a standard encryption on devices without physical pairing.

Now, you mention you are already aware of PCM, BCM, etc bypasses but you trust in the PATS. Here is how to work with those:

https://lemmy.today/pictrs/image/3af878c0-dbae-4d0f-8dc8-17d7e6f00ee5.jpeg

#4 is the Passive Anti-Theft System (PATS) transceiver electrical connector (part of 14401)

#5 is the PATS transceiver

Replacement is commonly done and the component that these are registered to is the Instrument Panel Cluster (IPC) which are commonly programed and hacked without permission from the manufacturer. Plus, most examples of PATS just disable the fuel injector, so you could bypass that in like 10min if you really wanted to. In fact, the only two parts paired in that example is the key to the PATS component because the PATS is not a paired part to the IPC, it's easily replaceable.

Passerby6497 ,

Otherwise a thief can steel a car in a few minutes by bringing their own computers.

.....you mean like they do currently?

bluGill ,

Which is why manufactures are now putting those pairs in so you cannot do that anymore.

atrielienz ,

I do for things like ECUs that are programmed to the vin to prevent theft or tampering that would allow an attack vector for the vehicle.

oo1 ,

For toothbrushes, are they worried repair won't re-seal it effectively so make it unsuitable for use in the wet environment?

liara ,

I hope you're right and this isn't about them getting ready to DRM brush handles to brush heads. Sonicare brush heads are ridiculously overpriced compared to the knock offs

oatscoop ,
@oatscoop@midwest.social avatar

Which is dumb, because there's nothing stopping anyone from replacing the seals/glue when they put it back together. And at least in the USA manufactures have been covered for damages/harm resulting from a flawed consumer-based repair since since 1975.

Melt ,

I guess console because they want the whole thing intact to enforce DRM?

state_electrician ,

Exactly.

brsrklf ,

Good thing part pairing doesn't exist for the Switch.

Mine is the Ship of Theseus at that point.

altima_neo ,
@altima_neo@lemmy.zip avatar

Even HVAC, WTF?

Ottomateeverything ,

I mean, I don't want the thing supplying the air I'm breathing to accidentally not burn all the gas and lead to carbon monoxide poisoning etc.... Things like the ductwork and shit, for sure, but not like, a burner.

oatscoop ,
@oatscoop@midwest.social avatar

The great irony is it's frequently the "ductwork" that's the problem: plugged or badly installed exhaust pipes, which the manufacture has no control over. The rest are the appliance itself wearing out or failing with no warning.

I've repaired furnaces myself several times including replacing burners and exhaust fans -- it isn't rocket science. It's no different than working on any other "dangerous" thing like a car. If someone somehow manages to fuck up so badly it hurts or kills someone that's on them.

Ottomateeverything ,

Yeah that's totally valid. Agreed.

But I also wouldn't really trust third party parts for the appliance itself. I think once you do, that immediately becomes a possible problem. If it was in my house, I'd only buy from the manufacturer for something like that.

But on the other hand, Idk that it's necessarily wrong to legislate forcing these companies to allow it. I generally believe consumers should have the option on their own, but some things are too dangerous. I'd pretty much be against medical devices but HVAC is a little more uncertain to me.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

So you want to be stuck with the same thermostat forever? Imagine it comes with one of those Amazon ones with a persistent camera and microphone in it that you can't opt out of.

n3m37h ,

A thermostat doesn't have refrigerants/gasses in them. It's nothing more than a complicated on off switch

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

Yet, a WiFi thermostat that stops getting updates is an extreme risk to that system if an attacker can access it. They could easily create a situation that causes a fire or a gas leak.

n3m37h ,

Proof or GTFO

Ottomateeverything ,

What... The.. Fuck?

If your thermostat could cause a fire or gas leak, your HVAC system is flawed. This is entirely a fabricated concern. If anything, I'd chalk it up as reasons why maybe right to repair the HVAC isn't a great idea. A properly setup HVAC wont let anything tell it to do that.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

You can overheat the furnace and then short cycle it repeatedly, same with the a/c. You could shut off the furnace and cause the pipes to burst. Run the a/c in the winter.

Ottomateeverything ,

Firstly, I said this one was iffy to me.

Second, the subtopic was HVAC and thermostats are like, the electronics that control the HVAC which I wouldn't even really necessarily bucket into HVAC. It's like HVAC adjacent.

Third, this whole topic is about right to repair, not right to replace. So the on topic argument is "you want to be able to repair the same thermostat with off brand parts", to which I say, yes? Probably? I don't see how that's a problem.

And fourth, who the fuck would buy an Amazon thermostat, lmao.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

It's about parts pairing. HVAC companies could pair the thermostat to the system and you wouldn't be able to replace it with one of your choosing. People are buying smart TVs with Amazon and Google crap in them that came be removed or even bypassed in certain cases. Google owns nest, the most popular smart thermostat brand. Amazon has their own smart thermostat. People wouldn't think twice about having that included with their new HVAC system. It would be a selling point, just like smart TVs and all the other crap out there that will stop getting updates in 5 years.

Ottomateeverything ,

That's more "device" pairing than "parts" pairing. The thermostat to HVAC communication is a standard. Sure, if someone started forcing that, that'd be bad. But that's more akin to Apple's "iOS only works with MacBooks" type shit with Airdrop and such than it is to their "you can't replace the camera in your phone unless it's from us". They're both problems, but the one you're describing is both not happening and a different issue. I'm not saying it won't happen but it's a different topic.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

I believe most mini split systems have built in thermostat/remote control.

Fosheze ,

You need some sort of licensing to do most HVAC work anyways. Theres no point in forcing companies to make all the parts available to the average joe when the average joe can't legally do the work anyways.

tyler ,

The goal of the bill was to get something with teeth passed. Fighting every lobby at once would be impossible, so they leave those devices out of it and will now be able to work on different laws for those things. At least that’s what I read they’re doing for the John Deere stuff at least. The legislators know it’s going to be a difficult battle, so they segmented the law to make it so that a failure in one spot wouldn’t cause a loss everywhere.

Aylex ,

Heh. Teeth.

sramder ,
@sramder@lemmy.world avatar

I’m waiting for Apple to announce they are pulling out of Oregon 😂 [^1]

[^1]: Also the impending injunction 😒

postnataldrip ,

the pairing restriction would "undermine the security, safety, and privacy of Oregonians by forcing device manufacturers to allow the use of parts of unknown origin in consumer devices."

If only there were options that would encourage the use of safe, genuine parts.

Zachariah ,
@Zachariah@lemmy.world avatar

What, like companies selling high quality, reasonably priced parts?

rockSlayer ,

My favorite part of the MN right to repair bill is that it requires OEM parts/software/schematics to be offered to consumers at the lowest possible price, including any rebates, sales, deals, etc. It's not quite an "at cost" situation, but it's probably about as close as you can get without crossing that line

sramder ,
@sramder@lemmy.world avatar

It sounds good, but that’s enough wiggle room to drive a truck full of money through. Even “at cost” has been abused pretty badly.

rockSlayer ,

Yea, I agree. I think these bills should require the maximum cost to be cost of manufacture at the date of engineering; i.e. a part designed in 2008 can not cost more than the materials to make it and it must keep that price for as long as it is used.

But progress is progress, we'll get there eventually as long as we keep up the political pressure.

Edit: please read the spirit in that example rather than to the letter. There's a lot of nuance that I just skimmed over, and that's because I don't want to write the bill.

naonintendois ,

The issue with that is it leaves no room for paying the engineers who actually designed the device. The cost of designing the parts is really expensive. I have no issue with a small markup. I definitely agree though that the costs shouldn't be so absurdly prohibitive to repair though.

douglasg14b ,
@douglasg14b@lemmy.world avatar

Don't forget the actual cost of manufacturing. The building, the workers, the people working behind the scenes on finance or logistics, or manufacturing details...etc

Manufacturing takes a lot of people on a lot of different levels not only to get it up and running but to keep it running and that's expensive.

pearsaltchocolatebar ,

Tooling for manufacturing is also insanely expensive

rockSlayer ,

I think that it would still leave room for engineers to be paid a living wage. After all they aren't getting paid for designing parts, they're getting paid to design a product made of interoperable parts

sramder ,
@sramder@lemmy.world avatar

Even better. I thought we were just talking about the cost to provide the repair information, which should be free after so many years of shenanigans.

Good points about parts cost/availability. Hopefully ORs bill keeps costs down with the threat of competition.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

That's what the auto industry does. They have to sell you access to their system to allow third parties to program modules, but that cost can be excessive, especially if a small shop only needs to program one module in a blue moon.

sramder ,
@sramder@lemmy.world avatar

I was actually thinking about OBD2 when I wrote that. The old CRT pedestal style code readers cost as much as a new car, fairly reasonable from an automakers perspective but expensive enough to put plenty of small shops out of business.

It was one of the first big top-down push that I remember. It’s a pretty good parallel for the current right to repair legislation. The automakers fought it tooth and nail back then too. They made similar claims about their new cars being so complex that they simply had to be serviced at the dealerships. And, to your point, they are still getting away with it to a degree.

stinerman ,
@stinerman@midwest.social avatar

The "undermine the security, safety, and privacy of Oregonians by forcing device manufacturers to allow the use of parts of unknown origin in consumer devices" line is the same reasoning used by AT&T back in the old days as to why you couldn't buy your own phone or use a dial-up modem.

umbrella ,
@umbrella@lemmy.ml avatar

like a fucking replacement display could spy on you...

autotldr Bot ,

This is the best summary I could come up with:

Oregon Governor Tina Kotek today signed the state's Right to Repair Act, which will push manufacturers to provide more repair options for their products than any other state so far.

The law, like those passed in New York, California, and Minnesota, will require many manufacturers to provide the same parts, tools, and documentation to individuals and repair shops that they provide to their own repair teams.

“By eliminating manufacturer restrictions, the Right to Repair will make it easier for Oregonians to keep their personal electronics running," said Charlie Fisher, director of Oregon's chapter of the Public Interest Research Group (PIRG), in a statement.

Apple opposed the Oregon repair bill for its parts-pairing ban.

John Perry, a senior manager for secure design at Apple, testified at a February hearing in Oregon that the pairing restriction would "undermine the security, safety, and privacy of Oregonians by forcing device manufacturers to allow the use of parts of unknown origin in consumer devices."

According to Consumer Reports, which lobbied and testified in support of Oregon's bill, the repair laws passed in four states now cover nearly 70 million people.

The original article contains 311 words, the summary contains 185 words. Saved 41%. I'm a bot and I'm open source!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • incremental_games
  • meta
  • All magazines
    •