63 comments

[ 3.6 ms ] story [ 164 ms ] thread
This is an attempt sneak DRM into an industry full of passionate and knowledgeable buyers.

Bad move.

Reading the entire thread from the posted link, it appears they will open source the bootloader.
No, this is just the usual torches-and-pitchforks crowd.
business of all sizes, and government and all their cohort, routinely ignore FOSS license in all parts of the world. Even if ninety percent of those are compliant, its a big, big world. Why mock people who stand up for this situation on the part of FOSS ?
> Why mock people who stand up for this situation on the part of FOSS?

In this case, because they are wrong and the GPL does not say what they think it says.

No it's not. They have a known-good path you can deviate off of that allows you to run whatever you want with no restrictions. Everything still works, but the only thing is that since you can now do things that they might not have thought of, they are not going to be responsible for the side-effects that might have.

Essentially, it's an irreversible switch which allows you to run firmware that is not signed by their private key, which makes it a end-user choice: you can be in a safe and protected world, or you can be in a free do-what-you-want world; all you have to do is choose.

This would be a nice to have with the crealitys.

You can flash the board with custom firmware, you can make small surface level modifications to the LCD, but you cannot access the full LCD firmware. For some reason they made the board firmware open but the LCD firmware closed. Unlike what Prusa did, creality seems actively hostile.

> not everyone feels that Prusa Research has made the Mini as “open” as its predecessors. Some concerned owners have pointed out that according to the documentation for the Buddy board, they’ll need to physically snap off a section of the PCB so they can flash custom firmware images via Device Firmware Upgrade (DFU) mode. Once this piece of the board has been broken off, which the documentation refers to as the Appendix, Prusa Research will no longer honor any warranty claims for the electronic components of the printer.

https://hackaday.com/2019/12/16/prusa-dares-you-to-break-the...

Even though I disagree with the notion of software changes nullifying a hardware warranty, that is a cute way to do it that I’ve never seen before.
Usually software can't easily destroy a device like a network switch. However on a 3d printer you can burn the whole unit into ash if you remove overheat protections. You may also be able to destroy stepper motors or drivers.
And this isn't even theoretical. Buggy 3D Printer Software has literally burned people's homes down in the past.
That's really bad design then.

Any design worth its salt should incorporate a thermal soft-fuse at the heater element that cuts power off if the printhead ever goes above the maximum temperature that any filament can handle.

Pure software interlocks are not sufficient. One might think people would have learned a lesson, nearly half a decade after Therac-25.

Last time I looked into this, there are no fuses in the required range available and I'm not sure they can be produced without significant R&D investment.
In the embedded world, software can absolutely destroy hardware in all sorts of ways. I've done it many times.

Loading untrusted firmware onto a PCB with high current outputs - like motor control - should absolutely void your warranty (for that PCB and anything connected downstream of it).

Honestly that doesn't seem _that_ bad to me. It's a reasonable way of saying "hey, you're going off the happy path for this product and doing so at your own risk". This is an interesting gray area of consumer/hacker technology where bad software can destroy your hardware; there's probably difficulties in supporting warranty related breaks. Is the alternative to just replace parts every time someone bricks their hardware regardless of any/all modifications they've made? Maybe that's what they should do, but I can appreciate that that's a pretty tall ask, especially when the industry is still in it's infancy.
I wonder if it's entirely unfair in this case. Custom firmware for 3D printers do not only brick the hardware, but can do real environmental damage (such as burning down the house[1][2]), so I don't think this approach is entirely unreasonable. It's not that uncommon to see someone modifying firmware to print material such as PEEK which requires 400c nozzle temperature, so this appendix could even be their legal protection for such cases (IANAL).

[1]: The most popular firmware, Marlin, has a feature called Thermal Runaway Protection which turned off the printer when it detected temperature has reached certain threshold. Prusa printers have TRP enabled by default, but some manufacture doesn't.

[2]: https://www.reddit.com/r/3Dprinting/comments/8ah96r/anet_a8_... this is about ANET A8, but flashing custom firmware with TRP disabled or with higher temperature limit may result in the similar situation (ANET A8 stock firmware don't have TRP enabled)

It might not brick the hardware, but it can get it to a state that makes it seem bricked to a non-expert user.

I think the fear would be that non-expert users would try to flash their custom firmware, run into issues, then try to get warranty relief claiming there is a hardware problem.

There would be no easy way for Prusa to tell whether the boot issue is actually a hardware problem covered by the warranty or a firmware issue caused by bad firmware being flashed.

They don't want to sign themselves up for having to assist users recovering from flashing their firmware.

This is fair.

Warranty and customer service abuse is one of the biggest reasons that shipping hackable hardware is a pain. For every 1 person who knows what they’re doing when they mod their device, there are at least 10 or more who will try to get customer support, refunds, or warranty claims going when they get in over their head after copy-and-pasting commands from the internet to mod their device.

I think it’s reasonable to expect users who modify their hardware to forfeit their warranty rights. The company making these devices shouldn’t have to warranty or support every untested, 3rd-party modification.

Why does hackable hardware even offer a warranty in the first place? Is there some kind of legal requirement that you must offer a warranty?
Yes, as a direct to consumer seller located in the EU they have to offer a two year warranty on manufacturing defects.
They’d have to prove that you damaged something beyond their instructions. And if it can be proven that their instructions could damage the product beyond the intended purpose or allowing flash access, they must honor the warranty. At least in the US.
Why would a bootloader ever be considered part of the same program—they don't even ever run at the same time.

Also, this person (https://github.com/prusa3d/Prusa-Firmware-Buddy/issues/1440#...) misread the GPL, when they said this:

> but the license clearly states that it is not an aggregate if they are combined to form a larger program in or on a storage or distribution medium

The GPL very much does not say that:

> which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate”

Otherwise GRUB, which boots Linux, would force your entire OS to be GPL. Worse, GRUB can boot Windows when dual-booting, and because Windows will never be GPL, GRUB's ability to boot Windows would be a GPL violation. The bootloader on the Prusa Mini is basically GRUB in this case.
I don’t think that my installing Grub and Windows for my own use would be a GPL violation under that line of reasoning. I can freely co-install non-GPL and GPL software, so long as I do not propagate (or convey) the result. One excerpt: “This License explicitly affirms your unlimited permission to run the unmodified Program.”
> Why would a bootloader ever be considered part of the same program—they don't even ever run at the same time.

Hmm, its not so easy, I think. A bootloader is code that might be in the address space after boot and may well run even after boot. Real world examples of this are the PC-BIOS (if you agree to classify it as kind of a boot loader) and Sun OpenBoot PROM. The PC-BIOS routines are used during runtime of older Operating Systems and to bring up the newer ones. Diagnostics Mode on a Sun can be entered any time by pressing a special key combo (Stop+A) and this will run OpenBoot code.

Even for more modern systems using U-Boot it is not clear cut. At least U-Boot deemed it necessary to clarify it in its license:

"U-Boot is Free Software. It is copyrighted by Wolfgang Denk and many others who contributed code (see the actual source code and the git commit messages for details). You can redistribute U-Boot and/or modify it under the terms of version 2 of the GNU General Public License as published by the Free Software Foundation. Most of it can also be distributed, at your option, under any later version of the GNU General Public License -- see individual files for exceptions.

NOTE! This license does not cover the so-called "standalone" applications that use U-Boot services by means of the jump table provided by U-Boot exactly for this purpose - this is merely considered normal use of U-Boot, and does not fall under the heading of "derived work" -- see file Licenses/Exceptions for details. "

EDIT: Just to be clear, I agree with lights0123's main argument, I just wanted to point out that it's not trivial and that "they don't even ever run at the same time." is not the strongest supporting point.

That is the argument presented, but I think it's worth noting that the issue or motivation underlying it is probably more a concern that Prusa might become (or is perceived to already be) less open than it was/says it is/markets itself as being/should be from a Prusa fan than it is sanctity of the GPL from a GNU fan.
matthewlloyd believes that distributing a bootloader and Marlin on the same flash memory makes them one large program, so Marlin's GPLv3 license should cover both. Prusa believes that the bootloader and Marlin are two separate programs aggregated together, so they can have separate licenses.

It does not make sense to me to consider a bootloader and whatever it boots to be one program. seems like GRUB (GPLv3) generally is not considered to infect everything it boots / chainloads.

> Where's the line between two separate programs, and one program with two parts? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).

https://www.gnu.org/licenses/gpl-faq.en.html

I don’t see any way this holds up. The bootloader hands off execution to a separate program, so they have about as minimal communication as possible. They don’t even run at the same time.

It also doesn’t make sense to consider different, independently engineered pieces to be one in the same simply because they were shipped on the same storage medium.

Otherwise, would GRUB or the old LILO literally force your entire OS to be GPL? That would be insanity.
Yeah, this seems like an even weaker connection than disibributing a GNU/Linux-based VM or Docker image with a non-GPL/LGPL application in it.
> It does not make sense to me to consider a bootloader and whatever it boots to be one program.

Yes the name says it: a bootloader loads some other program into memory.

It seems fairly clear from a licensing point of view that a bootloader is a separate program from what it boots (which can be pretty much anything). It does seem like something which could concern the community though. What if (in future) the bootloader only boots Prusa-signed firmware, and lines for programming the board directly are disabled in hardware at the factory? If Prusa aren't planning any user-hostile behaviour, they should act fairly quickly to keep their community happy.
I have an original Prusa Mini I upgraded to the Mini+. I ordered it and it arrived in December 2019. Like other Prusa Minis, it comes with an "appendix" you must physically break to be able to install unsigned firmware. And, of course, breaking the appendix voids the warranty and drops all liability on the part of the manufacturer. My warranty has long expired but I haven't broken it yet.

Personally, I think that in this era of Hardware Root of Trust devices and locked bootloaders, if we were to try to prevent such devices from existing, I think the appendix is a fairly brilliant solution that could be applied elsewhere.

For example, my iPhone. Apple doesn't allow side-loading because, well, they're afraid Facebook or Epic would force users to side-load against their will, among other business reasons. But if they were legally mandated to offer an appendix that could be snapped to enable sideloading, it would hopefully keep Facebook at bay (there's no way Facebook can convince people broadly to do such a thing), and would satisfy us hardware hackers.

It's still not perfect, but I think it could be an excellent "first step" in unlocking these devices that, among many solutions, could potentially be bipartisan and harder for tech companies to argue against.

I mostly think the "appendix" system works, but I think the first party should still assume limited liability for the hardware of the device after the appendix is broken, so they still have an incentive not to conspire against their users.

Furthermore:

> Apple doesn't allow side-loading because, well, they're afraid Facebook or Epic would force users to side-load against their will, among other business reasons.

I think "other business reasons" are the bigger issue here. Facebook and Epic wouldn't "force" users to side-load content any more than Apple "forces" you to use the App Store on iOS. It's an available option that you can use at your own discretion.

Apple (unlike Prusa) has painted themselves into a pretty favorable corner. They've made their value proposition immaterial, which allows them to pretty easily deflect any accusations that their 30% cut is out of line. Apple has full control over the goalposts here: they could claim that their cut goes to hosting alone or covers the entirety of the review process.

> I mostly think the "appendix" system works, but I think the first party should still assume limited liability for the hardware of the device after the appendix is broken, so they still have an incentive not to conspire against their users.

The seller can not absolve themselves of liability in this way. They still assume liability under their warranty and must prove changes you made are the cause of malfunction even if you modify the device.

https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty...

US law does not apply to a business in the Czech Republic.

But even if it was in the US, what you are citing mostly applies to things like cars that you can put aftermarket parts on. They could just say that modifying the firmware is "[using] a product for something other than its intended purpose" and the FTC will just look at you and shrug.

In the EU you actually have something similar. You have the warranty given by the merchant, which can be voided by breaking stickers, appendixes, etc. and the legal warranty (in German it is called Gewährleistung) which cannot be voided by stickers or tricks like this.

However, if you want to invoke your legal warranty more than 6 months after purchase date YOU have to prove that your modifications didn't cause the defect.

Same in The Netherlands. Works perfectly fine, especially since you have a reasonable period in which the effort slowly moves over to the owner. In a mass-quality-deficiency case you could still find an easy way with other owners to create the proof you need and still get the manufacturer to be responsible, so if such a case were to occur it's still reasonable.
From my other comment:

If you are slighted by a foreign company you can still receive a judgement against them or their functionaries, and in extreme matters the company and its distributors would start having issues with CBP and with their banks.

The damages required for such issues can be quite high, $50-75k for federal court filing, but existing precedent would allow you to go after distributors in a local court for a lower amount.

If you buy a toaster from Europe, modify it to try and heat your entire house with it, then try to make a warranty claim that it caught fire... sure you could try to sue them in US courts and get a foreign judgement. The much more likely outcome is your case gets dismissed and the judge has a good laugh.

CBP will only get involved if the product is illegal or dangerous.

Completely disingenuous example. There is usually a warranty for a specific purpose -- you were sold the item to fulfill a specific need. Any modifications done without disrupting that purpose are warranted and can not be used as a reason to reject a claim.

The solution is to not offer a warranty, though some states do not allow you to disclaim suitability for a particular purpose and establish an implied warranty for items you sell.

Breaking the appendix does not void your warranty. The seller must prove your modifications broke the device.

https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty...

They are not a US company nor do they operate from within the US at all. That law does not apply to their warranty.
They do trade shows here, at least before the pandemic, so they do have some exposure to US laws.
They market to US customers, sell to US customers and process payments through US financial institutions, so legally they operate in the US. Just as Prusia himself is protected by GDPR protections from US companies which offer services to citizens of EU even if they aren't physically located there.
Honestly, I'm not well versed in US law but as far as I understand, you need to show nexus to apply it which has totally different and much more nuanced criteria compared to the GDPR (which simply spells those out)
You need to show nexus mostly for tax related matters. If you are slighted by a foreign company you can still receive a judgement against them or their functionaries, and in extreme matters the company and its distributors would start having issues with CBP and with their banks.

The damages required for such issues can be quite high, $50-75k for federal court filing, but existing precedent would allow you to go after distributors in a local court for a lower amount.

We are talking about a warranty-related claim, not a claim about damages they'd have to pay regardless of the warranty offered.

But anyway: If I travel outside the US and buy a harmful appliance in a local shop, a US court would probably not take the case. Am I right? What would the manufacturer have to do to get exposure to US law?

> it would hopefully keep Facebook at bay (there's no way Facebook can convince people broadly to do such a thing)

I bet Facebook would be able to get users to do it. "Sorry, you can't see this photo from your friend until you upgrade your iPhone by following these instructions." You refuse and your friends stop including you in activities. You basically get peer pressured into doing what a large corporation says.

(I actually wonder why they don't sell peer pressure as a service. "If you don't pay your balance due of $123.45 by 7/1, we'll message your friends saying that you're a deadbeat." Maybe I should patent that before someone else does, because it sounds horrible.)

> (I actually wonder why they don't sell peer pressure as a service. "If you don't pay your balance due of $123.45 by 7/1, we'll message your friends saying that you're a deadbeat." Maybe I should patent that before someone else does, because it sounds horrible.)

Alas, this is not a new idea:

- https://www.theatlantic.com/technology/archive/2010/11/faceb...

- https://restofworld.org/2020/okash-microlending-public-shami...

- https://www.experian.com/blogs/ask-experian/can-a-debt-colle...

- https://www.theguardian.com/money/2021/may/09/loan-sharks-ta...

Well likely because the legal liability for getting a debt wrong would outweigh the advantages.

That and most state's consumers protections prevent this sort of behavior.

The iPhone is so valuable and an unlocked one would have so much unique value that an industry would pop up modding customer phones and also selling modded phones. The average consumer would think “oh yeah don’t buy from Apple buy from these folks” and it would become common for people to have the devices.
> they're afraid Facebook or Epic would force users to side-load against their will,

As an Apple user, this is my biggest fear about allowing other App stores. Facebook, etc hate Apple’s privacy policies, but the iPhone market is too big and too rich to ignore. If now they can tap the iPhone market without having to deal with Apple’s privacy requirements, I am sure they would be delighted. Soon, they would at least have more features in the side-loaded version to try to push people towards it.

The companies like Epic and Facebook would have saved money by this move, but I as a privacy minded consumer, would have lost.

This is user choice at work. The only thing that can address this issue is free software that users can modify easily.
Like other Prusa Minis, it comes with an "appendix" you must physically break to be able to install unsigned firmware.

In the same way as warranty seals, this sort of stuff can usually be worked around with not a lot of effort. One of the comments there already mentions:

You can test if the "appendix" is the issue by connection BOOT0 and SWDIO to GND. That is all the appendix does.

"There's a few thousand mice but only one cat." "What you can make, we can break."

The point is that you must physically remove it or severe the traces, which is then obvious if the device is returned for a refund or warranty claim.

It’s not meant to be complicated. It’s only meant to be easily identified during the RMA process.

The point is that it can be done relatively easily, and reversibly. Of course, it probably does act as a filter for low-effort scams.