An Australian-based hacker known as Sick Codes has developed a new jailbreak for John Deere tractors, as reported by Wired.
Sick Codes was able to trick John Deere tractor touchscreens into thinking they were being accessed by a certified dealer. This allows access to machine logs stored on a tractor's touchscreen computer, which can be used to diagnose and repair problems.
Further hacking involved using small processors called microcontrollers wired into the computer's circuitry to to unlock more functionality. Sick Codes was then able to gain unrestricted root access to the tractor's computer, allowing him to dive in, look at, and change anything at will. The work primarily focused on John Deere's 2630 and 4240 touchscreens, which are among the brand's most widely-used models.
The hack was revealed at a talk at DEF CON, a security conference run in Nevada each year. Sick Codes demonstrated his mastery of the hardware by showing the John Deere touchscreen running a modified farm-themed version of Doom.
Restrictions put in place by equipment manufacturers have often forced farmers to wait for dealers to step in to repair their tractors. Farmers don't like waiting around during frantic harvest times, though, and often resent not being allowed to fix their own machines. Hacks that provide access to crucial repair features have thus become popular, while others have returned to using older equipment to avoid the digital lockouts on modern rigs.
Many farmers have called for "Right To Repair" legislation that promises them unrestricted access to the machines they've paid for. Calls are also being made to stop manufacturers from denying owners from warranty coverage if they choose to make their own repairs.
Being able to unlock a John Deere computer and get full diagnostic information will be helpful to many farmers. On the flip side, it's likely the news will lead to John Deere fixing these security holes in future hardware. Thus, the to-and-fro between hackers and manufacturers will rage on for some time yet.
Got a tip? Let the author know: email@example.com