Tech Over Tea - Hacking John Deere To Play Doom | Sick Codes
Episode Date: May 3, 2023Remember that guy who hacked a John Deere tractor to play Doom, well this is the guy. Sick Codes is an absolute legend and has some incredible stories to tell and free software, John Deere and more. =...=========Guest Links========== Website: https://sick.codes/ Twitter: https://twitter.com/sickcodes Mastodon: https://sick.social/@sickcodes DEF CON Talk: https://www.youtube.com/watch?v=z2_TLz9TpwY Libre Planet Talk: https://media.libreplanet.org/u/libreplanet/m/the-state-of-free-software-in-farming-food-agriculture/ ==========Support The Show========== ► Patreon: https://www.patreon.com/brodierobertson ► Paypal: https://www.paypal.me/BrodieRobertsonVideo ► Amazon USA: https://amzn.to/3d5gykF ► Other Methods: https://cointr.ee/brodierobertson =========Video Platforms========== 🎥 YouTube: https://www.youtube.com/channel/UCBq5p-xOla8xhnrbhu8AIAg =========Audio Release========= 🎵 RSS: https://anchor.fm/s/149fd51c/podcast/rss 🎵 Apple Podcast:https://podcasts.apple.com/us/podcast/tech-over-tea/id1501727953 🎵 Spotify: https://open.spotify.com/show/3IfFpfzlLo7OPsEnl4gbdM 🎵 Google Podcast: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8xNDlmZDUxYy9wb2RjYXN0L3Jzcw== 🎵 Anchor: https://anchor.fm/tech-over-tea ==========Social Media========== 🎤 Discord:https://discord.gg/PkMRVn9 🐦 Twitter: https://twitter.com/TechOverTeaShow 📷 Instagram: https://www.instagram.com/techovertea/ 🌐 Mastodon:https://mastodon.social/web/accounts/1093345 ==========Credits========== 🎨 Channel Art: All my art has was created by Supercozman https://twitter.com/Supercozman https://www.instagram.com/supercozman_draws/ DISCLOSURE: Wherever possible I use referral links, which means if you click one of the links in this video or description and make a purchase we may receive a small commission or other compensation.
Transcript
Discussion (0)
And we are recording.
Good morning, good day, and good evening.
Welcome to episode 166 of Tech of a T.
Today we have a very interesting guest.
You may know of the work that he's done, but you may not know his name.
Welcome to the show, Sick Codes.
Just do a brief introduction, just to let people know what you do,
because I'm sure they've heard
about it sure man yeah so i did the john deere doom jailbreak um it's a funny word to say but
yeah the first ever jailbreak and uh jailbroken sorry tractor you know ran the the the doom on
it you know ran doom on it the the number one game cheering complete you know
had the works um you know that's the proof that you can run so and so on at youtube while you're
driving a tractor or watch something other some other websites that i probably shouldn't mention
but yeah you can do all sorts of stuff um with a jailbroken tractor yeah this is man this this is
such a ridiculous idea but if you just think about it, like...
So when you think about these computers built into all of these different hardware devices we have,
it's sort of as this weird proprietary thing that just does...
It's not something you're really going to be working on.
But a lot of these systems are just running Linux behind the scenes.
They're just running regular hardware
Like in this case wasn't wasn't advice you have running an Intel Atom
Yeah, I think this one is an Intel Atom. It's right here. I've got it right here. So this is it right here
Says John Deere on it I think
There we go, yeah, yeah, so it's also got GPL stickers all over it.
It's a real funny one as well.
I do not consent to search of this device.
And you can imagine what happens when you go through TSA with that.
They're like, I'm like, no, guys, you can open it up.
It's not a real thing.
It's not a real thing.
It does look a bit like a bomb, to be honest.
Yeah, yeah.
Some guy was like, hey, you left your DVD, like at the TSA line,
because he goes, you put your DVD player in there, Mike.
Yeah, it's not a DVD player.
Yeah, yeah, yeah, definitely.
I mean, it's a console, but it's not a DVD player.
I treat it like it's a full-blown gaming console now.
Stuck in the past.
But, yeah, you're right.
Absolutely right, man. Like, everything runs Linux, GNU slash Linux. a full-blown gaming console now um stuck in the past but yeah you're right absolutely right man
like everything runs linux going to slash linux um except for the ones that were running windows
ce6 or something oh yeah yeah yeah ce6 windows ce6 and they have one in between called vx works
but vx works i think it's linux anyway so ah yep yep yep but it's wind river as well and they have
like their own id and everything um
obviously windows ce is completely proprietary like we both know that right um it's just a different story with the with the other one uh the one they've got now the wind river linux one
and actually they changed the names of wind river recently i don't know if that was like two three
years ago or something they changed it maybe last year but um they definitely changed it i think
because they do a lot of things now maybe they do other they do a lot of free art or something yeah that makes sense uh okay the
company is called wind river but their page wind river linux is still called wind river linux
so i guess like it's sort of split into like two separate things then where you have like the
the company they also moved a lot of their that's it they also moved a ton of the documentation
behind like a login screen, which is really annoying.
And I kept trying to send him an email,
like,
um,
to sign up and like,
uh,
like if to fill out a form to sign up and I filled it out like four times.
And I just,
they just don't reply.
I had one rep from Australia.
Wait,
Wind River's just not replying on that.
Yeah.
Yeah.
It was a while back,
but you know,
I've talked about him publicly now and they probably know exactly who I am.
And every time I try and sign up, they're like, you know, um, probably not, you know, like it's, you know i've talked about them publicly now and they probably know exactly who i am and every time i try and sign up they're like you know um probably not you know like it's not and
you know for good reason like i don't really need to be in there i can find it on they've
got a git project they've got a build project for their github um and john deere obviously
i think there was a slide i had a defcon about you know the qt project yeah um back when they
did some sort of change to a proprietary style model or they did some
sort of license change.
There was a mailing list I found and I had it at Defcon on the slides about John Deere
being one of the reasons that Qt actually went private per se because they actually
wrote in the mailing list to set up all the little tractor animations.
They want a 3D something or other in Qt.
Yeah.
Qt 3D or something like that.
Yeah.
It's pretty funny. And I'm like, oh my oh my gosh john d is the reason why qt went private
and what do you mean by went private i'm talking about like you know ig profiles
yeah yeah yeah but i'm talking about licenses you know yeah yeah
but yeah man it's just been a wild ride since defcon obviously like
sfc recently published that story about well i saw your video that's how i reached out to you and I've watched your videos before obviously um and there's a lot of great
Aussie guys out there like you know another guy Eve what Eve Evo oh yeah yeah Brackus Creations
as well Brackus Creations he's one of my like he's like the the Aussie version of um Lewis Rossman
yeah yeah yeah he's like a legend he's, he's a legend. He's an older dude,
fixes MacBooks,
like ancient Macs
in his garage.
He's a legend.
He's a mad dog.
He has really good videos,
really good tutorial videos.
I actually learned a lot
of my soldering techniques
from him.
But yeah, man,
it was like just modifying
the John Deere tractor,
made it go extremely viral
and I didn't expect
it was going to go viral,
but it did.
And there's a lot
of ramifications since then. So a lot of security stuff has also happened like a lot of
people have been a lot of people have been you know i've seen one company like all the other
companies by the way i've just got this little stm32 man um yeah all the other companies in the
industry they don't really have cyber teams and then after those talks that i did with everyone
they started to like ramp up their cyber and like like one example is Trimble, for example.
I spoke to them the year before and there was one guy there,
he's a nice guy.
He actually went to Defcon too and he was a good guy.
And then the next year I spoke to him and he's like,
only recently, and he's like, dude, everything's totally different now.
I've got a whole team now.
It's like the whole agri-tech sector, security sector has like exploded, man.
It's been wild.
Well, I knew that obviously there was a lot of tech behind modern agriculture.
I didn't know that before you were bringing this stuff up,
they just weren't caring about security.
What were they doing before?
I think it wasn't a priority.
And I can see in there, they've got, like, reports.
They've got, like, I don't know if they're annual reports
or something for shareholders, whatever it is, it's public.
And I was reading through it and, you know,
Control-F, the word cyber, and I didn't see it.
And then in the recent one that I just released,
there's, like, yeah, there's plenty of them.
They've mentioned it a lot of times,
and they've got a lot of posts now.
And they do that really annoying thing
where you publish an article
and you don't put the date on it.
It's so annoying, man, when you see that.
And then you've got to view source.
And anyway, so they've got a lot of articles now about cyber.
They've got a bug bounty program.
And I was the first person in that program, actually.
I left it.
That's another story.
But yeah, because they didn't have bounties.
But they do now. But that's in the private't have bounties, but I do now.
But that's in the private program that I'm not supposed to know about, talk about.
But I know it's there because they told me.
You know a lot of things you're not supposed to know about.
A ton of stuff.
A ton of stuff.
I'll tell you a funny thing, though.
So when I asked them for the source code, it's a big thing, right?
So the source code.
If you want to get into that.
Sure, we can get into that, yeah.
So John D has obviously got that recent thing with the SFC asking John D for the source code.
Yeah.
So I'd previously asked a year before, along with a number of other people, and they said they would send out a USB eventually.
They're like, oh, we'll send you out a USB.
There's a bit of a backstory there, but it's probably not.
We won't talk about it right now.
But they sent out a usb stick and because i didn't
want to give them my address or my name date of birth and all that crap they um they said i said
i thought to myself who should i send it to i think who's the best person to send it to and i'm
like okay let me let me email um uh rms let me know richard storm it so i emailed him and i'm like hey we were
talking for a bit actually previously that i think i got looped into a conversation about
source code and john deere from someone else i think kevin kenney mad dog as well good guy
farmer out of nebraska does a lot of stuff for rights repair and eventually uh which was like
yeah i'll put you under my body and then devin ulibari who's actually at the f at the FSF now, Devin's, he wasn't at the FSF at the time.
He was just a friend of Richard's, I believe,
or like they were colleagues or something.
And then he's like, send it to Devin.
So I sent it to Devin.
Devin uploaded to FTP or NextCloud for me,
and I got it from them.
So think about it, it's full circle
because John Deere, the whole GPL thing,
I'm asking them to produce source code for me,
corresponding full, full corresponding source code for me corresponding full full corresponding source
code or complete corresponding source code and they send it to the fsf for things so from my
understanding what was sent if going by your previous talks that was the wine patches you got
or was that something yeah yeah yeah that's right correct yeah there was a bunch of wine patches
and like documentation i think there were cherry picked wine patches too i went through it the
other day and i was like, yeah,
these aren't the author, the patch rights of the author.
And I was like, these definitely aren't by DR
because it doesn't have their copyright stuff.
And they will let you know when it's copyrighted.
They'll put the big headers on it.
They'll put like headers on it.
I think we were talking about the other day where like when you put,
they have one piece of code in there where it's just exit one
with the header on top and the header underneath.
Yeah. And during your DEF talk or fsf talk uh there was the one with ld config as well where they have this giant line of documentation explaining ld config as well
yeah yeah just in case you have the manuals in there but i think they have manuals on the device
yeah i think i don't know if they have it but they have a ton of stuff they probably shouldn't
have had in production but um but then again
there's another answer for that is like it's probably good to have it there because people
like me can go and modify it you know and maybe as i was saying in the free software talk um that
i was doing the other day that you know john deere may well be the leaders of open source they're
just unaware of their status of that symbol but we're in a good relationship john deere and i like
we not john himself because i don't think
he's real but um i don't even know if he's a real person but he probably is was but they're
they're pretty they're pretty friendly i mean they're like they're on a mission they've got
the same issues like corporate structure stuff but they've got to deal with um you know legacy
business models i guess and it's all you know farming as it is it's kind of like a legacy
industry although it's not going anywhere it's not going anywhere it actually was um the founder
of the company was called john deer yeah okay mr mr dear yeah well it must be real 1804 to 1886
american blacksmith the manufacturer geez you live for a long time while he's like well yeah
at that time yeah for sure 80s all the all the all the wines what
do they call them um concubines what's there's another word for it there's another word for it
wenches that's the one back in the 1800s and crazy wild stuff i couldn't even imagine what
was going on back then um but yeah dude it was like um it was a yeah it's a it's an interesting company they've
got like a big they've got to be a lot of responsibility now they've got their own data
center um you know they run the food supply chain and i don't think people realize like
how important like john deere specifically is to this especially in like the u.s
absolutely absolutely even in india they've got india they have less they have same tractors
but they have because the tractor is efficient it's just an engine on wheels that's all like
you go look at the old ones just put like a big v8 block not v8 like v12 or cummins engines or
some crazy stuff that i don't know because i'm not a diesel technician but shout out to the diesel
techs out there um but they just put the engine on wheels and that's all it is uh and now it's
like an engine on wheels with telematics, telemetry,
all this crap.
But some people want that stuff, like I was talking about in the talk.
You know, some people want to get tracked and monitored and spied on
if that's what you – you know, that might sound like those loaded phrases,
but, yeah, people want their agronomic data to be accessible
on their phone, on their app.
You know, I want to get on the app, mate.
One thing you did point out that i think is really important is that there are a lot of people that are going to work on these farms who don't want to be dealing with
that stuff they want someone else to manage you know like remoting into the machine managing all
that data and then it just working like they're obviously going to be the ones who do want to
do everything themselves but i i don't think it's a problem that john deere provides that as a
service the problem is that it's the only option they had for a while yeah well they do have the
option of like you can simply take the telematics gateway which is about this big and i should have
one around somewhere it's up to there um the telematics gateway, which is about this big, and I should have one around here somewhere. It's up to there. The telematics gateway, I've got four of them, believe it or not,
four of them, all secondhand from eBay.
It comes with all the customer's data from the previous,
because they don't have any scripts there to wipe stuff properly,
but the data is like, I forgot what I was going to say,
but it's like you just take the SIM card out, sorry.
You take the SIM card out.
No, what I meant is like, you know,
remoting to the machine to update and things like that as well like that's that's
something that you know there are going to be people that want to do that themselves but also
if john deere wants to provide that as a service like that's you know having that as a dealer a
dealer service is a good thing it's just not a good thing when that's the only thing that you can do
i think the problem is that they they built their licensing structure
because they have a substantial amount of additional software yeah that um costs uh it's
not cheap like i think you know for a license of five years which i believe is in violation of the
gpl because you can't you're not supposed to be able to run subscriptions and then rescind this
description uh subscription and then make the device stop working
and that's debatable.
It still works, but maybe it doesn't do the right
thing, right?
Or maybe it's a license to their
server. I don't know. It could be some
sort of nuance there that I'm not aware of
because I haven't paid them for that.
But you can definitely, if you're in the device,
you can navigate
with SQLite,
go and flip some numbers to one from zero
and then activate things that you haven't paid for, allegedly.
I haven't tested it, but in Minecraft, I think it's possible.
Yeah.
But you mean like the example is like Dave got all this stuff in there
that I probably didn't think through that someone comes along,
you know, I put Doom on it, clearly I can go in and do stuff
that I shouldn't be able to do that they don't.
Well, you know, that's debatable as well.
I want to be able to do it and I should be able to do it,
but is it their fault for putting it on the tractor
and leaving it there in plain sight, you know, unencrypted?
Or is it my fault for...
Yeah, it's a bit of a conundrum there.
That's where the GPL thing gets a bit murky as well
because there's all sorts of different...
It's a wild...
It's a bit of a wild situation at the moment.
I'm not sure how it's going to pan out.
When we're talking about the subscriptions,
is it the current model that's just...
So when did the lifetime purchase disappear?
Because you mentioned that some of the older models
supported that.
By the way,
this is my tea.
Yeah, I'm not drinking
tea. I've got some
minus 196s.
Is that like Solo? Is Solo still around?
This is a
cho-choo and vodka.
Oh, so it's drink.
Yeah, it's lemon, cho-choo and vodka okay oh so it's drink okay right yeah it's lemon
because i'm in thailand by the way i don't know if i mentioned that yeah um
you asked me about what you asked me you asked me something about
oh the subscriptions okay so i think yeah i think previously there was an older model which was like
a like a i don't know if you remember ClassPad calculators, like the,
we had ClassPads, touchscreen ones, black and white.
I think people ran Doom on those as well.
But those calculators, right, they, that's what John Deere,
not Casio, I believe.
Maybe it was Casio, but I'll have to ask my buddy Alex,
who's a legend.
He's a tech guy as well.
Well, he does John Deere stuff, but I won't talk about it
because he doesn't want me to adopt him.
Shout out, brother.
He's taught me a lot.
There's a couple of Brazilians
that are really smart too
that have taught me a lot as well
because they do a shitload of repairs,
as you can imagine.
Because, you know,
I had the problem with the John Deere dealership.
You know, the find your dealer ability
of John Deere.
There are no dealers in thailand and under
the device how do i fix it gotta get a dealer took dealership owners of dealership uh well i just
became the dealer i think that was how i explained it um but yeah so that the the prices and the
stuff is is wild like eight thousand dollars for a subscription for like i think five years
and that's a subscription on the on the 4240 and 4640
which is like the the wind river one prior to that was like 2630 this is just model numbers
uh 2630 was a windows ce one and then prior to that was the uh vx works one and prior to that
was windows ce again so like i think they flipped back. I'm not sure why.
But, yeah, the latest one coming out, I believe,
is Lifetime Subscriptions.
So I think they maybe, like, encountered some consultants
in licenses because, yeah.
But they can't also devalue products that they've already sold
because, like, farmers get absolutely – they'll do it right, you know i'll do like a right where they drive down the road um which has the um the the
nitrogen protest that happened correct yeah yeah correct yeah and this i think that's so funny the
nitrogen price like i don't really understand like if i think i was watching that global
it's like climate change sorry the um the the thing about the nitrogen stuff it's like they
want to tax fertiliser
or bring out non-natural fertilisers or something.
And I'm like, I think I remember I spoke to a guy from Pakistan
on the plane a couple of weeks ago and I asked him the question.
I was like, didn't you guys ban inorganic fertilisers?
And I'm like, or something like non, so there's a word for it, right?
Some guy from Pakistan, he's like, yeah um and eventually what happened was all the farmers revolted in
they revolt they ended up actually actually import they actually have to import 400 million dollars
of rice in one year into pakistan because the previous uh because the administration there took
took away their cheap fertilizer made them buy like expensive fertilizer allegedly and they ended up raiding
his palace and um he left he got kicked out dude yeah don't piss off the farmers
yeah exactly dude there's a he literally got kicked out because of it and i asked the guy i
don't know if it was the direct cause but i asked the guy he's like yeah i was i was there bro he
went in i was like oh shit and i was like you know what was it about and he said that was the
main thing the fertilizer they had to import 400 million dollars of rice to a country that's
that has that's generating rice prolifically um and then they flipped it back they changed the
law back and they wanted to do that in belgium um and if anyone you know is listening is well
aware of the fertilizer industry i believe it has elements of you know there's prices involved
and there's like you know supply and demand and you know like what's the debiers debiers
diamond thing you know like they raise about artificially raised values oh yeah yeah i'm sure
that goes on there um i think cargill was one of the companies previously cargill foods or something
like 50 years ago got in trouble
or some staff were like trading corn futures.
They enacted an act because they were using the stolen,
not stolen data, sorry, they were using customer data
to trade corn futures, sorry, onion futures,
and they got caught.
Yeah, and they banned or something.
I don't know what happened to it.
But you can imagine the valuable, like, because obviously grain,
like sorghum, barley, wheat,
you know, rice, cotton, whatever, it's all traded, you know, on the exchange boards.
And, you know, if you can tell what the price is going to be
before it pops up, you can like, you know, you can put,
it's like better than the horse races, you know.
It's crazy.
But when you were saying before about devaluing their own products,
like you'd shown prices.
I wasn't the Libre planet.
What was the other one?
We showed the price.
I think I showed the prices.
Yeah.
I think you showed the prices both.
I think zoomed in.
And I think that's,
it's like a,
I think it's precision Sloan instruments has the price.
I can look it up,
but like the lifetime subscription one had like a way higher price than the the yearly one which is probably what's going to happen again like these current
ones are going to like plummet in value still four thousand dollars but like less than uh like
anything comes after it with a lifetime right i mean there are there in terms of like the actual
ability of the PC,
because it's certainly in your computer.
Everyone knows it.
I know it.
They know it.
You know, they might bag it out and say like,
oh, it's just a computer, bro.
I'm like, yeah, well, you know, I seriously invaded it.
And, you know, obviously I wasn't supposed to be in there,
according to them.
But, yeah, it's like the prices are absurd for the value that you get it's probably and i said the value is probably infinite like i mean once you get the other the
process to your words i don't know where it is but yeah some of the prices are exorbitant um
i don't know where it is but yeah oh that's oh that's the missile stuff yeah oh yeah that's
that's yeah there's that as well yeah well yeah, they claim that it's in the Airbus.
It probably is, like some component of it, right?
You know, F-13s, F-22s, F-18s, F-35s, you know,
Stinger missiles, Javelin missiles.
When at Call of Duty, we get the Javelin glitch.
You go around and just like blow everyone up.
I was a big fan of the Gidoo slash Linux.
Yeah.
But yeah, I mean, I think they've changed it on the latest version where it's a
lifetime update a lifetime subscription i believe some of the previous models had it i don't know
because i never paid for one um but there are there is the ability to pay for it uh if you
want to get the official version from um john deere if you wanted to pay for it like what would
the process be because you don't
have like a deal that you bought the device from assuming you had the rest of the tractor
let's just assume that if if you bought a second hand tractor like on like you know just from some
other farmer what would be the process to actually like get that you know you know in there this is
actually interesting this is actually interesting because recently first of all you have to go to
the dealership
or bring up the dealer.
You bring up the dealer and what happens on the device
is there's a menu on the device where you have like a challenge code
and you go in there, you get the challenge code
and I think you read it out to the dealer
or you might already know it because you can do offline installs.
That's what I knew.
When you do offline installs, that's when you know
that you can do it offline.
You can hack it without it.
Yeah, because you don't have the internet to do it.
They can't see me doing it.
But, yeah, like they have a challenge code,
and I believe that you send it.
Because I found it on a Facebook group, I think,
and there was a guy who was posting their challenge codes
and their serial numbers willy-nilly because they were having problems
updating or whatever.
And I went in and took a couple of photos just to figure out
what's going on.
And the challenge code, you read it off, and they read you back like a license code.
You enter it in and then it's activated.
So you can either, you ring them and you ask them, you can ring any dealership, I believe.
Some dealerships have access to it.
And they'll want the serial number and the challenge code, I believe.
But there's definitely, I know that the 2630, one of the older models now, the Windows CE one,
that's end of life since November last year, I believe,
and no future updates.
I believe they've stopped issuing licenses for that,
which is where it gets in a little bit of awkward territory
because that means that literally, what's the word for it?
We talked about it the other day.
Obsoleting. Yeah. They planned obsolescence. They talked about it the other day. Obsoleting.
Yeah.
They planned obsolescence.
They're getting rid of the device.
When were those devices on the market?
They've been on the market for like, I think, 10 years, obviously.
10 years or more, I think.
They still sell for like eight grand.
Crazy prices.
And they have all the unlocks.
And some people, I believe some people have reverse engineered it, but the unlocks and some people i believe some people have
reverse engineered it but the unlocks are different there and um yeah once you unlock
it i don't know if it's lifetime on the 26 30 but there's probably john d and people out there that
will 100 know but they definitely are getting rid of subscriptions for some of them which is
annoying because you know you buy something for a certain value and you want it to at least you
want and it works and it still works and it's going to continue to work
and you accept the risk that it's not going to be updated.
You know, it might be like a 15th of a, you know,
it might be such a small residual risk that you don't have
to worry about it anymore.
You know, maybe you don't even care if someone just,
like, hacks into it on, you know, on a single basis
because it's a distributed industry.
It's not like centralized.
Like a power grid, you hack into the central bloody coal plant,
blow it up, everyone's screwed.
Oh, yeah.
One farmer.
It's more like when you have like, you know,
a networked printer that happens to be out on the open web
and then someone prints something to it.
But a lot more money attached to it.
Right, right, exactly.
I think the worst thing that could possibly happen in John Deere
is if there was a world war
and they were going to use nuclear bombs
and they had the ability to trade that.
Instead of doing that,
they could just break everyone's tractors.
There's so many different things you could do.
Well, there was that story that you would that you mentioned the the you know that john
deere says that didn't happen with the ukrainian tractor oh yeah yeah there's this weird story that
came out on cnn um which is a no we're talking about that um it's a cnn john deere tractor story
and it goes on about uh i don't know if it's legitimate or not but i do know that i asked john deere about it there's a story about
apparently some tractors got stolen from uh a part of ukraine and they were taken or driven away or
taken on the train i believe or something like that according to the story from my memory and
they took it to russia at some place and then they turned them back on and they wouldn't work
and i'm like thinking myself okay if i figure out that maybe that like it doesn't really make sense to me
because like one that means they're still connected to the network which they could be because they
might actually have the sim card and they forgot to take it out because the sim card thing's like
under the seat it's like it's like you literally have to deconstruct it and if they don't know what
they're stealing um if they don't know what the loot is before they open the um before they open the chest or
the crate um to figure out what's in there it's like they don't know that there's a seal sim card
literally tracking it the whole way there and when it got there allegedly uh they were bricked
and that could absolutely happen uh which is also funny because that actually that story maybe it
might be a feel-good story for the time being, but it actually backfired because then people were like, hang on, what the fuck?
What's JD doing in my,
why are they able to break my tractor?
And like, do you want a company
to have that much control over your device?
I'm sure Apple can do it.
Apple can break everyone's devices in a day.
Well, yeah, they can just push out an update that,
you know, breaks devices.
And even if it's not an update,
they could still, like,
if they took that Apple.com,
cut down on the apps, like there's so many different things that go wrong do you really own the device and then you get to that whole argument and i think you know in my opinion
um it's complicated man it's really complicated it's hard to like it's hard to figure out where
the line is of like um what's actually okay or what's not okay and there's definitely things
that you can just easily tick off,
like the subscription thing, clearly in violation of the GPL.
They maybe rescinded it in the new version.
Probably can't do it in the old one because they'll probably have an uproar
or a class action lawsuit maybe that, yeah, it might happen.
I don't know.
But, yeah, this subscription stuff is definitely an issue.
We both know that in any version of the GPL, it's not on.
But, you know, then I looked at – I was reading Richard's book
the other day.
I got him to sign it.
I bought it at the FSF Conference of the Great Planet,
which is awesome.
Shout out to the organisers about that.
It was actually really good.
Everyone had – what are they called?
T400s, the ThinkPad.
It was wild, dude.
Wild.
All with the free boot.
I met the dude who owns the, what's the Trisco one?
What's the OS, the Debian Trisco?
Is that right?
Trisco, something like that.
I don't know how to say the name.
That's something like that.
Yeah, I met him.
Nice guy.
He's got a pretty cool machine.
They're all using that there.
They're all using that fully free.
In fact, I presented on that's the background the background on that that when i switched uh monitors on the stage there was a yeah that was a tris school it was a cool
that was a cool talk and i and i there was a couple ones another one from erin rose glass i
think and she had a really cool talk about about learning management systems you know like um
i don't know if you did you ever use turn it in like the application yeah yeah yeah oh it's awful i hate it so apparently a lot of that stuff's being used for um like
tracking of students being it's been sold three or four times and you can imagine the plethora
of data that we that that would have had since we originally used it, you know, 10 years ago when I was at uni.
Yeah, I can only imagine the amount of data they've got,
given that they actually submit essays in the app and they check for plagiarism.
They were on the ball back then.
It's gotten really weird with the plagiarism checks as well,
with the, like, with ChatGPT and all of that.
Like, there are people that are getting hit up for plagiarism
with something that is not even
remote like it's been like this is ai generated and it's like you know an excerpt from the
declaration of independence it's like no like what are you saying like these systems are very
imperfect and the problem you have with them is when you have teachers that are taking them at face value
rather than using them as like a a guidepost to you know sort of see what's happening
absolutely and i think they definitely there's definitely like you can tell chat gpt4 chat gpt3
three and a half you can tell it you know like this real if you go if you use the api you can
turn down the right you can turn up the randomness or like the i don't know what it's called there's
like a there's a function for it but it's like you turn it up like the company was called spread
pretty much and it makes it like very very unique um and not in terms of like you know like speeding
articles unique it turns it into like a you know never before seen article and it's pretty bloody
hard to see if it's...
I mean, I can personally tell now
from reading a lot of ChatGPT 3,
the fast one, the cheap one, the free one, I believe,
you can definitely tell when something's been, like,
spat out with that.
But 4 is a lot more complex,
and I've been using AutoGPT recently.
I don't know if you've seen that one.
Have you seen that?
I've heard about it.
I've not looked into it myself.
It got 100,000 stars on GitHub in like a week and a half.
100,000 stars on GitHub.
That's logged in GitHub users.
And I think GitHub has public metrics,
so you can probably go to Insights tab and then see.
It's absurd.
What's that?
It should be over 100 now.
Was it 99 yesterday, I think?
102,000.
Yeah, it's actually legitimately insane.
It's basically just like you can imagine like chat TV,
you send a data, send it back.
And you just, if you want to automate that,
it's just the API key that circulates it.
And by the way, that's 100,000 people that like it.
You also have to have an API key, which means you have to have a paid account so that's a hundred thousand
people probably with paid accounts absolutely legitimately insane i used the other day um it's
pretty fun man it's pretty you set up goals and it just like rolls around and like just automatically
does stuff for you and i'm i think it's pretty good uh and there's another i think there's
something missing from it i want a fully auto one like an agent one and just be like, figure out how to do this
and then bang, you know, like write me a
plug-in to rename all the functions like this
and then just say that, let it
run and then 40 minutes
later it comes back with the full code, you know
because you can imagine like
it's, yeah, and that's when it gets wild
we get into a wild situation here and I'm
using a lot, dude, I'm using it a lot, like I'm using
it to write, you know, Arduino code I'm using it a lot, dude. I'm using it a lot. I'm using it to write Arduino code.
I'm using it, just write me a Canvas emulator right now, bang, it just does it like that.
Write me a GUI for it.
Give me a interactive part that goes write W and change the speed of the clock, all this
crap.
It's phenomenal, dude, especially for maker stuff like Arduinos, whatever. It's legitimately insane.
I mean, it's good for everything, you know?
I think there's a lot of people out there that are sort of, you know,
what's the word for it?
Underusing it?
No, not underusing it.
What's the word?
Underestimating it.
There we go.
Underestimating it because right now it's still a little bit scuffed it's like you
know not perfect in every situation but just keep in mind where we were like six months ago
and where we are now or like do you remember the darling yeah just compare yeah compare
a.i.r is the most obvious one like compare the early a art with what we have now. It's night and day.
Some of the stuff we're seeing now,
it's gotten almost to the point
where you can't tell the difference.
It's still a little bit...
There's a certain situation where you can tell
and certain art styles.
Basically, anything that isn't an attractive woman,
you can kind of tell
because that's the part where it's gotten really good,
for obvious reasons.
But in those situations, it's gotten really good.
Really, really good.
And I don't know where we're going to be, you know,
six months, a year from now.
And I don't know what that means for, you know,
whether that's things that are heavily text-reliant,
like, you know, programming, things like that.
What's it going to mean for, like, artwork or anything else like that?
I don't know.
I would be worried if I was someone, you know,
that was working in that field and wasn't taking this seriously.
Like, this is not something where this
is not like the invention of a car where we're just like you know people that are driving horse
and carriage they just become taxi drivers now like that's not what this is this is something
different exactly right i think if you think about like what it can do like say you're
you know you're a copywriter,
you're a, you know, you design menus,
you write, you know, you explain, you know,
like you go on an airplane or a restaurant,
it's like the exquisite, you know, plum sauce,
whatever, they just be generated like that.
You don't need a marketing team to do that.
Yeah.
I think people, I think the model's there
and I think we're underestimating the amount of text that you need to send it to get a really,
really good response.
And people send, like, generally between 20 words, like, you know,
blah, blah, blah, this, or what color is red, you know,
stuff like that, right?
And then you think about it.
It's like, oh, wow, it knows the colors, you know?
It's like if you delve down into it, I think someone leaked some
of the prompts they give to the actual bot, and it's like essays almost,
like you're not allowed to talk about adult stuff,
you're not allowed to talk about this or that or whatever.
And I think that's obviously problematic,
but that's another story for another day.
And I think that's what happened with stable diffusion.
So I think DALI failed because stable diffusion,
not only did they do adult, or they do stuff that DALI won't doali won't do but it also does it's also self-hosted isn't it uh yes
self-run right yeah something like that something i remember doing it because i got my nvidia
somewhere i do remember trying it out i tried rock m doesn't work it didn't work for me um but i will
get another shot you know what's funny it didn't work did i bought this new sound blaster the other day like it's like the it's like a mad dog sound blaster why
did you buy that ae9 it's like 400 bucks it's got like a little dude it's lit right it's lit um
i've not seen anyone buy a sound card in like 10 years i didn't know that was still yeah but i've
got so because like for mixing headphones right you need if they're
high arm
high resistance ones
like 200 arms
right that's fair
sometimes you might
sometimes you might need these
so like
I um
I bought this
to do it
and then
chuck it in
what do you reckon
there's no fuck
drivers
and then I go on github
and I'm looking at
some dude's project
and it's like
the AE7
um
you know wait
two or three years after the project comes out.
I try to do it.
I try to figure it out.
It's definitely doable.
There was like a project for it.
It was like a dump.
You can modify some sort of whatever on it.
But yeah, pretty annoying.
But understandable given that it's brand new and whatever.
Because you're an Arch user.
You mentioned one of your talks
you were using arch i don't know if that's still the case yeah i'm on arch yeah yeah yeah on arch
yeah yeah a bit diy but yeah you know as well as i do but like going through the arch experience
as i like to call it is like you literally went like starting from i think debbie in like 2011
or something i started with debbie ub, then I went to Debian,
and then eventually I just randomly went to Arch,
I think, when something died on Ubuntu for me or didn't work.
And then I found it quite...
Coming from Ubuntu, I was like, yeah, you can install it, right?
And then the install now is really weird.
It doesn't really make sense now.
But the install, when I did it back then, it was logical.
It was like, there's a file, readme.txt,'t really make sense now. But the install, when I did it back then, it was like, it was logical. It was like, you know, there's a file,
readme.txt,
blah, blah, blah.
It goes in.
But since then,
dude,
like leveling up in terms of like,
you know,
manage some packages now and all this crap,
like it's a different level now.
You know,
like you get,
your skill goes like,
you know,
I think that's what I find anyway.
Like if you,
if you switch to Linux,
you will literally be,
it's like throwing yourself in the deep end,
but it's definitely absolutely worth it. You and I, I's not the same when i uh when i switched to linux i
i just jumped straight to arch i didn't do anything else so really this was this was a
horrible i don't recommend this i did it at the start of a semester for uni so i had to
get things working very quickly uh but it's good. Yeah, absolutely.
I wouldn't recommend that approach.
I'd recommend, you know, try Ubuntu, try Pop! West,
try something where there's a nice installer and then break things when you're not, you know, in semester.
Luckily, it's a start.
So first three weeks are like, you know, doesn't matter.
What did you study? Computer science?
Yeah, yeah, software engineering.
Oh, nice.
And now I make YouTube videos, so I'm using my degree real well.
Yeah, but about computers.
Yeah, you know, that's the justification I use.
My parents ask me when I'm getting a job.
Yeah, it's good.
It's good.
I think I'll show you some cool stuff.
Oh, yeah.
I've been hacking this recently.
Dodge Ram.
Dodge Ram.
Been hacking that recently as well.
Got some cool bugs on that one
that haven't really...
Oh, yeah, I was going to show you this.
This is my box opener.
That's my mail opener.
It's a big time machete.
Yeah.
Big time machete.
Really sharp.
Really sharp.
That is really cool.
It's not going too well for you, is it?
Yeah, it's gone. It's pretty sharp. it yeah it's gone it's pretty sharp like
like it's oh geez okay yeah it's really heavy too it's like as you can tell it's like it's
like hand forged like you know that it's i don't know what that is like the cold rolling still
covered in vaseline the other day um i was reading about vaseline and you're just like
supposed to vaseline it i don't know uh-huh i show you an example. Here we go. Here we go.
Here we go.
Anyway, we'll just stop doing that.
That's my machete.
It's a self-defense weapon because Thailand's a little bit rough.
So I'm not going to ask for you.
But yeah, like that's, you know, just been hacking around.
I think at the moment, John Deere, I think I'm just going to let him,
not let him off the hook, but I think they've got this issue to worry about with the license stuff that probably won't.
I don't know what's going to happen with that.
I think it's going to be big, especially with the right
to repair law passing in, I think, Colorado, was it?
Colorado recently passed one.
I've not been paying super close attention.
Lewis Rossman, who's also a top G
he's been talking about it heaps as well
let's see Colorado right to repair
Colorado approves
first ever agricultural right to repair bill
yes oh it's true it's actually about
agriculture yeah
that's what I think they're titling it as
I don't know the road is also used the same thing
so I guess yeah that must be
also shout out to
Carl from iFixit
he's a mad dog too
Carl is a really nice guy
and Elizabeth Chamberlain
who's on the
I think the sustainability
part of it
she did a talk at
FSF as well
and we did a panel
there was also a panel
shortly after
I don't know if you saw it
on the site
it was a panel
with all four of us
no I missed the panel
Kevin
yeah yeah
it's just like
and actually Richard's
at the panel
oh
yeah Richard's in the audience he asked a couple of questions. And actually, Richard's at the panel. Oh.
Yeah, Richard's in the audience.
He asked a couple of questions.
Actually, I'll go watch that after this, but it's pretty funny.
And he fully interjects multiple times.
It's good.
It's cool.
I think Paul was like, he said open source, and then there was a stoppage in the talk shortly.
But it's pretty good, man.
It's cool to see somebody stick to their guns for so long. And obviously,
you know, I like the software
and that's, you know,
I judge people on their merits, roughly.
Yeah, as we should, but
yeah.
What else did you have in mind, man?
I did want to, like, get into
like, you know,
how the John Deere jailbreak actually, like, happened. Like, what you did to like get into like, you know, the, how the, um, the John Deere jailbreak
actually like happened, like what you did to actually get there.
Yeah.
So like I initially started by just pull, I always pull apart devices and just like
inspect them and figure out what tips I've got on the board.
You know, I'll go and look up the chips that are on the board and figure out, um, what
they do, whether it's like an amplifier or like a Wi-Fi chip or it's like some sort of like TPM or some
weird chip or module.
With John Deere, I ended up getting this socket that had like a BGA 100 chip, which is like
a 100 balls socket.
Sorry, 100 ball chip that stored about 32 gigs, I think, or 8 gigs or something like
that of the entire OS.
And it was just like a flat MBR GPT with like a small partition
for the bootloader and all this stuff.
And basically, I'm like, oh, I kind of recognize this.
It's like straight up Linux, right?
So I mounted it.
I started editing it.
And a lot of troubles happened.
I think the first fail that I had was it reboots.
They had this shitty code in there that it counts
every time it reboots up by one.
And if you reboot it 10 times, it doesn't boot anymore.
Yeah, it takes you to that system error screen
or whatever it was.
Yes, yeah, this weird system error.
And then to bypass that, a guy in Brazil showed me,
but you have to have the USB with the John Deere repo
as like a USB.
They have like the USB set up.
It has to be signed though, GPG key sign.
And the repo has to be in the USB.
And then you put a text file and they're called
dealerauth.txt with a capital A, camel case.
Is that a blank text file and they're called dealerauth.txt with a capital A, camel case, right?
Is that a blank text file?
Correct.
It's just like a marker.
That's exactly right. That's the kind of things if you think about it, it's quite easy
for them to be like, just make a file called
dealerauth.txt, but it's so bizarre.
It's so bizarre to think about
that they, I joked that said that
they didn't know their code
well enough to add like a proper you know catch or error or fail system there for certain features
instead they decided to lock them out to come and inspect it which i think is bizarre
but it actually worked out okay because after i fixed all that i got in and i ended up uh
i think i modified that file made it like read-only or something, something happened to it,
and it stopped happening now.
And actually now, because I've got some extra commands on the system,
I can actually run a command they put in there called reset boot count.
They have a binary in there that just resets it for you.
I presume with a regular boot, that would just be run
so it doesn't brick itself at some point.
You would restart the system over and over again as you're like doing things so we're like a proper
boot it's running that at some point to make sure it doesn't cause that to happen i think they do it
like that or they do it some other way but i definitely know that when i run it because i can
plug in a keyboard a mouse now yeah you know i get the whole works now plug it in and like in a
mouse and everything it's wild and i also get a terminal uh which i added by the way i added the
terminal via i tried a lot of things first i think the first thing i tried was obviously i you know
with the system it's going to be it's some part of it's going to be signed or checksum and you can
see it's going to go through a check to figure out whether or not files being modified before it
boots so i go in i'm like okay the first thing I want to do is change the boot count, which
didn't work, by the way, when I changed the boot count manually, because it was checksummed
in some way or form.
And I couldn't be bothered working out that arrangement of that brain fart, as I like
to call it, of the developer that designed that system.
So instead, I was like, okay, what am I going to do?
I figure out whichever way I get in.
So I looked at the UDE rules and maybe some white listed devices.
Maybe there's some like USB sticks or network devices.
And there are, there's some TP link,
USB sticks that work and you can get in wirelessly.
But the problem with that is I didn't want to connect to it wirelessly
because I didn't want to go call Deer and then they get my IP address
and they come and hack me.
They've asked me for a name before and I said, nope.
That's the same when I said the USBb to richard right or devon um yeah like they they they also added i think i
tried uh i tried to do a change to change the fs tab in you know slash etc fs tab and change the
reader as the ro no a time all this stuff and And I changed it to read-write. It didn't boot.
And then I think the way I got in, I just added a cron job.
There was like a little cron job in a cron.de folder.
It was not like at daily or anything. It was like some random one, like log rotate.cron.
It looked like a – I don't think that's custom as well,
but there was a file there, log rotate.cron.
I went in and just added my own one underneath of it
where I just pop up an Xterm emulator every minute.
And then as soon as I booted it,
I'd actually done some other modifications
where I tried to put SDL libraries in there,
which you need to run Doom.
You need like libSDL.
And it's kind of fucking annoying
because obviously Wind River doesn't release Doom for the device.
Oh, yeah, I'm not crazy.
Who would have thought that?
Yeah, so I ended up getting Doom.
I think I got it from MageOS.
I think it's called MageOS or something like that.
I got chocolate Doom for MageOS.
It's like a red-out one.
I think it's Dead Project.
Or it might have been Fedora, ARMv7, HL.
I don't know which it was.
Whichever one it was, Bash didn't run,
but I just copied Bash from the actual existing os into this little i
made a little sub i made a little cx root like i added like a essentials to get it to run in there
and i think i've got to announce the rest of the disk uh and then because i think they had a problem
with running doom right so to get sdl and there was another one in there lib sdl and something
other but i couldn't i tried to preload it but i think glibc or something was was not the right version and you can't do that there's
you have to run it through someone was like yeah do it through ch root it's the it's the easiest
way to do it so i do that and then eventually i got chocolate doom running on it but i wanted to
get gz doom running on it and gz doom is a lot more graphics intense and this doesn't have a really good GPU on it, obviously.
It's not like a 4090 or something.
It's got a 3D track.
That's all it needs to do.
It doesn't need that much.
Yes.
And I think it's CPU-made track.
There's QT lines and stuff.
But anyway, I think I got that.
I basically just got it running on top of Doom.
And I had a really good mod where you do
the mowing on the tractor and it would and it would yeah but i stole that i borrowed it from
another guy called another user called skelligant in new zealand who is a doom modder and they had
a really good uh mod with like a mowing one it was like it was like lawn of the dead it's called
lawn of the dead and you like mow around i was feel like I've heard about that one. Yeah, Lord of the Dead.
So that's like the original one.
So I went in and changed it.
So I put corn and I put like a whole bunch of other stuff on it.
And then I DM'd.
I got into the GZoom Discord and DM'd Skelligant.
And she's like, I'm like, is this okay?
And it wasn't okay because I put in dogs and cows and sheep
and you can mow them over and like cause all sorts of gore and and and i someone was like that's that's so inappropriate i'm like i didn't realize
it was that bad i don't know i'm not a farmer so i don't know that it's not okay to you know
obviously they go to the slaughterhouse eventually but um but yeah i didn't know it was wrong so we
ended up changing it she changed it for me all the sprites um from the one that i had in gz doom
modified into chocolate doom so it's really basic um so you, all the sprites from the one that I had in Jeezy Doom, modified it to Chocolate Doom, so it's really
basic. So you can skip
the whole level. You just run straight to the exit, but
you can mow around now.
Now it's just like a skin change. You change the
icons, change the
sprites, and yeah, it worked.
It was wild. It worked. And then
I'm playing John Deere Doom Edition,
not John Deere Doom Edition, Corn Edition
Doom or whatever, on the John Deere tractor at, not John Deere Doom Edition, Korn Edition Doom or whatever on the John Deere tractor
at DEF CON in front of like 2,000 people,
70,000 views on YouTube, whatever.
And then John, yeah, it was wild, dude, wild.
John Deere, obviously, I surprised the heck out.
I didn't tell them anything prior.
I didn't tell them.
Yeah, I said, there's going to be a surprise at DEF CON
and blew them away.
And I think I was just saying the other day,
I was like,
they should,
um,
they should consider putting a doom stock in the next edition of,
uh,
chapters just to be like,
yeah,
we were,
we were always going to add doom to our tractors.
Like it was not a big deal.
We were always going to do that.
It's not even a big deal.
If they had a sense of humor,
that's definitely,
uh,
that would definitely be what they do.
Um,
one thing you brought up with the,
uh, the, the dealer.txt file,
there is...
I can understand why that was the simple method they did.
Looking at the way that ISP companies work.
So in Australia, sometimes the government will be like,
hey, block these torrenting sites,
block this site, block that site.
What they do is DNS block,
because they assume that nobody is going to actually go and change their DNS to something else.
So from John Deere's perspective,
they're assuming that nobody is going to go out of their way to know,
oh, you need to make this text file,
and then you can just circumvent all their
their things like with you know with gaming for example they're going to have these fancy DRM
systems because people are you know people are well known to be trying to crack games and get
into playing them but you know you were saying before these companies didn't have like massive
security teams anyway they just didn't think it was a thing that needed to be worried about
so they took the
easiest possible approach because that's just you know the cheaper way to do it that would be my
assumption at least totally man and they were also unaware that i would have the capability to
extract the firmware from the device without some sort of like trick you know what i mean like they
didn't expect that people would generate... This is a socket
for a different chip, but it's like a
TSOP48. This is the typical
one you find on a USB stick. It's a long one.
That's why a USB stick is kind of long.
You just chuck it in there and then
basically plug it into a socket reader and it
will just... You can mount the disk.
You can mount the disk like it's a USB stick.
Having
that capability to modify the disk, you know, you just mount the disk like it's a USB stick. And having that capability
to modify the OS
unless it's an encrypted device,
which you can also get, by the way, if it's encrypted
because that's a bit more complex.
You've got to turn it on, debug it
or get some sort of control over it.
And then while it's
booting or whatever, you can steal the key somehow.
So it's definitely possible. And we've done it recently
for that car that I showed you.
So you decrypt updates of some sort.
But a guy in Latvia helped me with that.
Nice dude.
It's funny when you think about it because, like,
I did all this from Thailand.
Obviously, I'm Australian as well, like yourself.
But, like, I did this from Thailand.
Some people do it from, like, you know, Latvia and all this stuff.
Like, John Deere making a tractor in Des Moines, Iowa or East Moline.
Oh, it's raining.
Imagine making one of those tractors and then being like,
this is one day going to end up in the hands of a random hacker in Thailand
who's going to run the game Doom in 1993 or 1994 on the tractor.
It's such a bizarre concept.
It's really raining.
It might actually accidentally drop out.
I don't think it will, but it might accidentally drop out.
We'll approach that if it happens.
Yeah, it floods downstairs.
It's pretty funny.
Well, it's not funny for me because I'm upstairs,
but I mean, it's the other way around.
But yeah, that's one of those things.
What else did you have a question about?
What sort of response did John Deere have
from your DEF CON talk when you just like, you know,
it just appeared out of nowhere to them?
The first time I got on their radar,
I believe I emailed the two, three years ago,
I emailed them an apisupportatdeer.com.
That was their security email address at the time,
as far as I know.
They didn't have a bug down.
He didn't have a cyber page on their website.
They'll say, like, that's wrong or something.
He's falsifying it.
But they definitely didn't because I would have found it
and emailed him there, right?
And I sent him an email, and the guy got back to me,
a nice guy.
He works somewhere else now I believe, but he
was a nice guy. He's like, you know,
we worked it out for a couple of weeks. It took about a
month, I think we resolved it. The original
bug that I found two years ago
was I could submit the VIN number.
Like, I signed
up as a developer. I could submit the
VIN number to add the machine to my account.
And it would say, this machine's already taken.
Understandably.
However, in the response, it was.
The JSON response had, like, address line one, address line two,
customer's first name, customer last name, phone number,
who owns the tractor, where is it?
You know, all this data that's allegedly, according to them,
it's not PII.
It's just PI.
I don't know what this, They've got this weird thing there.
It's like, it's not sensitive information, personal sensitive.
I don't know.
But anyway, I told them.
I'm like, this is pretty cool.
We've got this access here.
What do you think?
And they're like, yeah, that's obviously not supposed to be like that.
Maybe it is.
I think some guys DMed me.
They're like, I don't know.
It's a different story.
But they ended up fixing that.
Subsequently, after that, a whole bunch of other people uh joined
up with a bunch of other hackers and nice guys and couple girls and we hacked them got in their
mainframe and everything and there's about 10 of us i think smoked them not smoked i'm sorry we
stole their single sign-on keys from octa uh zero day that one of the guys had uh rejects yeah nice guy and then other buddy uh we had a lot of
fun we had a lot of fun john um kelly ashish and wabafet yeah all these crazy hackers were out we
had a good time we just like got in there smoked them and since then someone else another crew sam
curry and a couple guys um brett burhouse i, they've gone in as well and smoked them.
And this is so funny because they got paid for it, right?
So they're in the private program.
I think they got like over six figures from JD from this.
I'm thinking, well, so, you know, for me,
I actually published it publicly.
They're not allowed to because they did the NDA inside of it.
So it's kind of like a double-edged sword, you know?
Like, do you want the clout?
Not necessarily clout, but do you want to change the entire cyber that's what i did because like they didn't know a bug
bounty before that so just submitting it to them and like doing it publicly literally changed the
did they have a method to submit bugs you just send it to their just like email them there's
no bug bounty no they created they created a hacker one program uh-huh yeah hacker one you
go in and you submit the bug to them
and it says,
like that's their central place
where they develop,
where they do bugs.
It's Bug Bounty,
Bug Bounty program.
No, before they had
the Bug Bounty,
what was the method then?
Nothing, yeah.
There was nothing, okay.
Nothing.
Yeah, email, email, nothing.
Email.
So I emailed them the program.
That was,
I heard after
that they originally had,
they had plans
to implement
a security program and i'm
like they're like yeah they're like yeah we have one in already that works i'm like yeah well i
expedited the heck out of it's not really you know it's like it happened real quick but they did get
it done and you know kudos to them for getting it done because they've got like a couple hundred
bugs resolved now they have a private program they have a public program it was private when i joined
and the reason why i didn't send the bug through the private program was because there was no money they don't that usually when you do like a private program
you have money right like they pay you for the bugs whereas this one was like private and you
don't get paid it's like what the heck's the point of that you're a good samaritan yeah exactly it's
like and then they're like they were saying something to like the effect of you know you'll
join john deere's global mission to help secure our food supply.
I'm like, I'm not part of your fucking mission.
I'm like, I'm on my own mission, mate.
I'm doing my own thing.
Yeah, yeah, yeah.
And the good part is like, you know, since then,
all the other companies in the industry, Case, you know, Class,
Bayer, Bayer Monsanto, all the other companies, right?
Agco, huge companies billions
of billions of dollars of like ag tech they're all like focusing on ag security because of all that
you know like they i brought it to the light you know they thanked me personally like someone's
like oh thanks thanks for bringing that up because now i can go to my director or my ceo i'll be like
look at look at you know look at look at this dude did to john deere yeah thanks for doing that to
john deere and not us so we can you, deal with this before you come to us.
Correct.
Correct, yeah.
It's a weird situation, but it definitely improved it.
I think, yeah, like CISA, Central Intelligence,
I don't know what it is, Central Infrastructure Security Agency,
they, you know, very receptive of it as well.
They actually have to reach out to them to help John do the fix it originally
because I don't think they need it anymore
because they weren't ready for what I was about to do.
But it definitely shaped the company.
They do a lot of stuff now that's related to cyber.
And I think recently they just,
I'm not a fanboy yet,
but they just recently released a data tool
that apparently in the past had been a subject
to like a big part of the right to repair
was that you had to get this dealer tool to access it.
But now you can actually buy it from John Deere.
It's a bit expensive,
but it's allegedly for sale to John Deere
and you can actually interface with the computer
and do sorts of diagnostic stuff with that.
That was the electronic data tool or data link or whatever.
Yeah.
Yeah, that's it.
Yeah, electronic data link tool on the that's it Electronic data link tool
On the John Deere shopping website I believe
There's something on the website
It's not for sale at the moment
Or it's due to chip shortage
Chip shortage like two fucking years ago
Get with the program
Put your orders in early
So that's a separate thing from JDLink, yes?
So JDLink is a device.
It's also Wind River.
And it's a separate device that goes under the chair.
And then this is the screen.
But they interface with each other.
Right, okay.
Over automotive internet.
Automotive internet.
And they all talk to each other.
And they can all control each other.
So updates happen through the gateway which has like wi-fi bluetooth all these other connections
and that's how the updates get through with the sim card as well it's got a sim card um and
satellite as well it's got everything right gps as well it's got and radio just keeps going on so
that gateway receives any information and then goes through to the display
and then the display can also talk back to it and vice versa and they both talk to the machine
through canvas um and the funny thing is now that i've got access to the display i can actually type
out canvas messages in a terminal um which is cool so i can do a lot of stuff with the tractor i mean
if i was a malicious person i could definitely i could tell it to i could turn the tractor off i could drive it left you know there's a lot of
things you could do i don't know how i don't know what the most dangerous thing you could do in a
tractor would be but probably something that involves speed and they have auto drive don't they
yeah yeah yeah well that's the thing called auto track subscription by the way it needs
a subscription by the way so auto track auto trackTrack goes in a straight line and it's pretty accurate, right?
It's accurate with radio.
It makes it within a centimetre, I believe.
And without radio, it's within like a couple of feet,
which is actually not useful because you can't do crops in a straight line.
I think Australia has this issue previously where we can't
or couldn't or previously, but I don't know if it's now,
but row crops, which is like when you do them in, you know,
just rows, rows, rows.
Like it's not exactly perfect because we don't have RTK radio.
There are newer signals coming out like L1, L2.
I don't know if it's in Australia, but they're way accurate.
And people can do also something called Ntrip, which is it's just literally like Ntrip casting, L2, I don't know if it's in Australia, but they're way accurate. And people can do also something called Ntrip,
which is, it's just literally
like, Ntrip casting, I think, is
just basically Wi-Fi based time. It's like
a date. Because all
GPS is time based, right? They're just sending
the signal down, and the time
difference is how they correct the signal. That's all it
is, based on how far away
you are, I believe, from the satellite.
And that's how they correct the signal and then it goes straight, right?
With the new stuff, you don't need the satellite anymore.
You do it on your phone, I believe, with some of the Wi-Fi.
But the problem is in Australia, we don't have reception out there.
So it's hard to do that as well.
So people are doing their own thing when they get their own base station.
They have like a little, like an open WRT, but probably is.
They have like a little base station and it emits radio waves and then you correct off that and you just put it in the
same spot every year as long as the land doesn't as long as the land doesn't move um you'll be okay
yeah that's that's that's some of the the networking basis of it but you don't need all
that i mean if you really want you can do it by hand but it's obviously not for massive massive
massive farm operations it's not it's obviously not for massive, massive, massive farm operations.
It's not obviously practical.
And some of them are very extremely profitable.
Like I think cotton is a really big industry, cotton and sugar.
I don't know about sugar, but we have a lot of sugar in Queensland, right? And a lot of cotton, I believe.
I don't know.
There's a lot of cotton in Australia, I believe.
But it's super.
These are like million-dollar machines.
And I think John Deere has a patent on the cotton baler
they're insane machines you can look it up it's like it rose it gets the cotton and then bails it
into these massive bales and they're absolutely insane i think they're like incredibly incredibly
uh expensive and also incredibly innovative when you think about it oh yeah yeah the youtube videos
like from well well documentaries like they do these German ones like, welcome to the mega machine.
It's like really cool documentaries like this is the Mercedes
Vans factory in Bernhaus or something like that.
Those documentaries, there's a really good one about ag.
It's like mega machines, ag, it's excellent, excellent.
And actually, the best way to learn about ag is farming simulator.
Farming simulator is absolutely incredibly accurate Simulator is absolutely... You did mention this in one of your talks.
Dude, incredibly accurate.
I literally had no idea.
And I think there's a new one coming out.
I think it's coming out in May.
It's Farming Simulator for Mobile 2023.
Giants, Giants.
Dude, it's a really popular game.
Do you want to add any Steam charts or something? No, I'm...
It's a popular game.
Let's find out right now.
Yeah, it's a popular game.
Farming Simulator 2022 Steam charts. It's a popular game. 2022.
Steam charts.
2023, I think.
2022 is 20% off right now.
Yeah, there's a mobile one coming out.
Giants.
I think it's coming out in May or something.
Currently has 16,000 players online.
It's quite a few when you think about it.
Yeah, yeah, for sure.
For a simulator game for farming, for sure.
Yeah, it's so accurate, though.
It's actually super accurate.
They put all the machines there.
They license it properly.
It's all accurate.
It's actually literally, you know, yeah, it's super accurate.
It teaches you about the crop types and like fertilizers and things
like that and it was honestly um yeah that's how i learned a lot of stuff uh literally yeah just
doing that like grain cart speed and things like that it's pretty interesting it's a funny game
funny game i know that in some of the older games the physics was a little bit a little bit off in
some places so if you know you know you want to go to a hill at a little bit off in some places. So if you want to go to a hill
at a little bit too much speed,
you might just...
Yeah, I think the latest one,
I think it's Unreal Engine.
I think it feels like Unreal Engine, I believe.
But I was playing on the mobile.
It was even funnier on the mobile,
just like running on the mobile.
But yeah, it's super...
It teaches you like,
not really the crop price,
but it's pretty interesting
how much money they
make um based on like the land size and things like that but yeah dude i literally knew nothing
about farming before i did all this which is really funny like i didn't even know there was
internet and farming like i thought it was you know people just drive i was gonna ask you like
what you knew about it before all this john deere stuff happened. Dude, I didn't even know what a combine was compared to a tractor.
I literally didn't even know.
I said to a guy, like, I saw a combine, and I had a guy called Willie.
Nice guy.
We had a little falling out.
He's a nice guy.
I spoke to him, and I said something like,
look at this massive tractor.
He's like, that's a combine, bro.
And it was a massive combine.
It was this drinking Red Bull in Thailand, right? In Thailand, but it's imported from Austria. There's a drinking Red Bull in Thailand, right?
In Thailand, but it's imported from Austria.
How weird is that?
Oh, these are the original Thai.
This is the original Thai.
There, there, check that out.
You can't even read it.
Oh, that's in English.
Yeah, that's fine.
You can't read that, right?
It's fully Thai.
Yeah, no, I got no idea.
I just see squiggles.
Yeah, yeah.
Me neither. Me neither. i'll just drink it i've been with my machete top the top off yeah yeah so you just you you had just
no knowledge of this it's just like why did you actually what caught the interest of like
with doing something with john deere then like how did that okay so there was a there was a couple of a couple of events that happened for this to happen uh
there was one guy um ben from uh nissan i was a nice guy man dog he one day we were chatting online
on twitter or something we reached out um and we talked about uh green star which is the like the
like the networking stuff,
satellite stuff.
And apparently he mentioned to me some sort of thing about they were using
HTTP 10 years ago as opposed to HTTPS.
Oh, lovely.
And thinking about farm data and espionage, things like that.
You can spy on data that comes out, right?
Well, look, considering the username and the password were in the, you know, they were just doing basic auth, that doesn't surprise me at all.
It's going to be there for a while, too, that repo, because if they get rid of that update repo, it's...
If you think about it, if you think about this GPL stuff that we're talking about, right?
Those packages are currently publicly available, right?
So, like, you know, it's debatable whether they are violating it or not.
Maybe they have to produce source and some of the code
that they've got in those packages,
but I'm not the person that goes in and figures that out.
But they're publicly available,
so you can easily be reversing it anyway, any binaries.
Most of it's in plain text anyway.
There's a lot of shell scripts, Python scripts, things like that,
although they compile to Python, which you can easily decompile.
scripts, Python scripts, things like that.
Although they compile to Python, which you can easily decompile.
Anyway, yeah. Yeah, I think that was one event.
And the second event was a guy called Paul Roberts,
who's a big write-repair guy from security.
He runs security ledgers like a blog, Paul Roberts.
He also runs secure repairs, and he's on the repair board,
I think, or something like that.
Anyway, he one day reached out and just said like hey dude it's really weird john d has no cbe what
the hell i'm like i took the bait right i took bait and i was like i went and have a look at
their website and ended up finding that pin number bug trivial bugs right and then the rest is history
man next level like and i've got the team we're hacking it with a bunch of other bugs right and then the rest is history man next level like and i've got the team we're
hacking it with a bunch of other guys yeah and then eventually it did the john deere thing so
it's been like two and a half years i think yeah john i've seen john deere kind of evolve i know a
lot about their company now obviously um and i've been to des moines not des moines i've been to
betterdorf iowa i had a corn conference called corn con like defcon but corn con uh-huh um and yeah corn com was pretty funny
john johnson runs out john johnson funny guy he's actually ex john dear security team okay so he was
like uh you know come and talk for us i didn't talk to john he was also there there's two people
john do that i talked to a lot i think think it's John, Carl, Amelia,
and I forgot the other guy's name,
but he's Dave Bailey.
That's all shit.
Dave's a man dog.
Shout out to Dave.
He's on, they're really smart people.
Really smart people.
Yeah.
G'day Dave.
But they watch all the stuff
that I do as well, by the way.
So they prefer, they like the shout outs.
They appreciate it.
And they always DM me up like,
hey, thanks for the shout out, man.
John Johnson's a nice guy too.
They've got a new business information security officer car got car recently got um what's the word for it promoted
so nice congrats mate a deputy cso now so but um yeah these guys are pretty smart i mean they were
helping me um like you know i was like i had a one-to-one with them you know like some of these
bugs obviously have impacts on the real world it's not not all fun and games with Doom, but we both know this, right?
It was fun for me, but for some farmers out there,
they can obviously, maybe John Deere has other plans for some.
It's a complicated industry with a lot of, I wouldn't say corruption,
but it's a word that's similar to that.
But it's not necessarily corrupt, but it's just more legacy business models.
There's a lot of, I'll scratch your back or like,
you know, say if you have a tractor from one company and you go to get it repaired and they don't like you, they're not going to,
they're going to be like, go to the other dealership.
You know, there's a lot of that, a lot of that complex stuff.
Cause obviously it's male dominated and it's a very decision based,
logical, not logical like that.
I mean like, like they didactic they'll
say yeah you know if it's not exactly like it was last year i'm not fucking touching it don't bring
that stuff into my farm because it's going to screw up the farming season right um and yeah
it's it's just the way the industry is like you know i can't change it it's just the way the
industry was built.
If you zoom in on Google Maps, you'll see just literally farms everywhere.
Like 20% of the US is farms.
I believe more than that.
It's ridiculous.
India is 50%. 50%, I believe.
Agri-aware.
Jeez.
So if you piss them off, farmers, it ends in tears.
Like, you know, they removed the pakistani guy
you know they had the belgian one recently i don't know what the result is but um i believe
i believe they reverted the pushing forward the nitrogen restrictions i want to say that
someone will correct me if i'm wrong uh there's one in the netherlands too i believe
and what's interesting right if you think about it,
a lot of the farmers are connected in ways that maybe the public can't.
They don't use like chat room.
A lot of them use WhatsApp.
They do a lot of WhatsApp, TikTok as well, some of them.
And they usually meet in the comment section, right?
That's where they all meet, IG, Facebook.
They'll meet in the comment section.
So like that's literally, yeah, it's, you know,
like content goes up, maybe the daughter or the sons
or whatever finds it or the wife and it ends up in this,
hang on, sorry, man, someone calling, yeah,
ends up in this, do not disturb, do not disturb.
Yeah, I don't know what happened there.
Yeah, ends up in this way where they just meet
in the comments section and eventually it works out that they organise things
like big riots.
There was one in the Netherlands, Farmer Riot.
Not riot.
Farmers, oh, that was last year.
But yeah, it gets into intense situations.
And most of it is about policies from people
that don't understand farming, that have never worked on a farm such as myself you know who oh so i got confused with two things
the um it was the dutch one where they were cutting restrictions that got um that got overturned
um not the belgian someone correct so it works yeah yeah um because they because they actually created like a uh like a
party and i don't like a political party i don't think they have like i don't know how they have
their parliament work but they've got like a massive amount of seats that they won um
what is it about nitrogen emissions um and some of it... They got 20% of the vote.
Jesus.
What, like Greens?
Like their political... The Farmers' Protest Party.
They got 20% of the vote in the recent election.
Oh, really?
Yeah.
Like they have...
The pro-farming group.
They set up a party just to advocate for farmers.
Oh, wow.
That's interesting.'s set oh wow it's uh
ukrainian grain wow interesting big big yeah yeah 10 days ago tens of thousands of indian farmers
did they're having massive impact because you know you remember like you know without trucks
australia stops oh yeah yeah it's like without farming people don't eat and there's this thing about farming it's where like i just said
like someone said told me about it but we're three meals away from world war three like if you go
hungry for one day there is people start looting they go rioting like it's one day you know one day
of food at this next level well you don't even need food for people to start rioting.
Just look at the start of COVID with
toilet paper. Like, people...
Right. Like, that's just...
Just that by itself should give you an indication
of how quickly, in, like, a
crisis, people are going to turn.
Yeah, absolutely.
And so, if you think about what you do with tractors,
it will be slower
to onset, but if you think about what you do with tractors, it will be slower to onset.
But if you bricked 300,000 John Deere connected tractors and then fucked up, sorry, like screwed up an entire season.
You can spare it here if you want to.
I don't really care.
Yeah.
Like screwed up an entire season of harvesting.
It would be like, yeah, next level. And I think
that's why, at the time when I
started the John Deere stuff, it was kind of weird to
see John Deere had no security things.
Knock on wood, they had internal
teams, but as
time goes on, everyone's taking it a bit more seriously.
There's a next CC precision
ag task force, which is a little bit different. It's more about signals.
Talking about L1, L5, all these
civilian and defense-related signals and things like that and moving away from the
older ones which are unencrypted i believe or something rather and or or slower or expensive
etc or satellites aren't good enough because they've been up there for 40 years but the new
ones the new stuff that's coming out obviously has to be seriously protected by ai farming coming
out john deere's producing ai tractors i think some of the other ones are as well.
I met a guy from Bear Flag too.
Bear Flag Robotic.
It's a company that John Deere bought for like $250 million.
They're building like a shell that goes on the top of the tractor
and steers it automatically around the corners without any driver.
Fully autonomous tractor.
Yeah, there's two of them.
Yeah, there's a green one where it looks just like a dog,
like a mound.
That one there is in-house, I believe,
and that's just like an engine on wheels, right,
without the seat.
That's all it is, right?
It's a heavy engine on wheels.
It's massive, by the way.
Is it electric?
I think it might be electric.
Yes, I believe so, yes.
That's what I'm seeing.
Yeah, I think it might be good.
It's probably just like a proof of concept
or like they'll do that
and then they'll get R&D stuff involved
and then they'll actually come out with a product,
which is pretty cool.
But the previous one,
they've got Bear Flag Robotics,
which is like an additional...
No, there's a word for it.
It's an add-on for the current existing Tractor Force.
But they just put a shell on the top
and it has a bunch of sensors right like
a tesla you know like we just got a shitload of sensors and when you think about this really
interesting industry because it's similar to automotive right tractors are similar to
automotive they're also similar to mining equipment like big cat trucks
head of the little trucks that hold like 500 tons. Not that much, but there's...
And there's also like, you know, like diggers and equipment like that,
like earthworks and construction and forestry.
They're all really, really similar industry,
really similar industries.
They've got different threat models.
Like there's one, like if you have a...
I suppose they've got a Rob Labby from...
Rob Labby, I think it is, from the Mining Ice Act.
Shireen or Shireen, I can't remember her name.
Nice girl.
She's also Australian because obviously BHP built it.
And then Australia, you've got mining.
Mining.
Massive on mining.
So there's a Mining ISAC, which is an information security exchange center
where they send, like they talk about security behind closed doors
so the companies know what's going on in the industry,
specifically to that industry.
There's one for mining.
There's one for like a couple of industries right there's one for auto
there's no one for ag yet uh i proposed it to a couple of ag companies but they're like
you know just wait for john deere's assistance on that one but they need it because like yeah
then they can talk amongst each other and be like yeah these are the threats we're facing because
you know in a mining situation how do you stop an autonomous you know 100 ton mining truck that's
like 40 meters tall you can't stop it
you're gonna wait till it runs out of fuel um whereas a tractor you can like run up to it and
you know pull the pull like a hose out or something like because they're only going like
four k's an hour um and whereas automotive you can't there's significant there's all these cars
around you in automotive whereas like in farming there's like no cars around you and you're in a
barren field and there's just one person but you've got like a chainsaw in front of your tractor as
well there's all these different threat models as well it's kind of interesting to think about
i would like to hear from some farmers what they think about the like the fully autonomous tractors
because if we just look at like you know the you know general consumer vehicles with the automated
teslas like a lot of people are very wary about that. And that's just something that you're personally using.
If it's something attached to your entire livelihood,
I don't know what sort of...
If that's something that actually does appeal to them,
how much data they would need to have
knowing that it works consistently
for them to want to employ it,
or what would need to happen for them to actually to employ it or like what what would need
to happen for them to actually want to go and use something like that right as far as i know um
it dropped out a little bit the internet dropped out a little bit but from for farming um the
autonomy part it's you still have to monitor it you know what i mean like it's just like handling
like yeah same as like a robotic arm at a Mercedes factory.
It's tough to monitor it.
And I think, obviously,
it frees up the farmer's time as well.
They've got more time to do other stuff like manage the farm or things like that.
But there's also the other part of it,
like do you really own the farm?
Are people just going to,
is it going to be all centralized?
There's a lot of fleets now
where the people that are getting older
or they don't have time to manage their farms,
they just let someone else farm the field.
I think the other half of the question dropped off because i didn't know whether it's suspect i was saying um because you've brought up before that farmers like
things to be like they don't want things to get in the way of farming season they they're like
they they want things to be consistent and they know it works. I don't know what sort of state these devices would need to be in
for them to actually trust it with, like, you know,
just even if they are monitoring it,
just having something that's doing the work for them.
I think it's going to be years away.
It's going to be, I do believe I heard a whiff
of something about NVIDIA and John Deere.
I think I heard it internally.
Can't confirm or deny that.
But I do, you know, I heard it from them, I think.
Well, NVIDIA's big on AI right now, so that makes sense.
Yeah.
Yeah, I mean, they've got hot GPUs.
AMD does too, as well, by the way.
They're getting pretty close, aren't they?
They've at least done stuff publicly.
The AI tractor that was using NVIDIA stuff, so there's at least
that they've talked about publicly.
So they definitely get it. But if you think about the
model that you need to run a tractor, right?
The AI involved in a tractor
is pretty rudimentary,
right? The only obstacles, you're not
looking out for humans, you're just looking out for
goats and fences
and stuff.
The problem that they would have is there's not,
like the amount of tractors to get the data to run it
is significantly limited.
And I do believe that's where some of the issues
with the data that they're getting from customers
may be used to run the AI to sell back to them.
So like, you know, surveillance tools surveillance tools you know i don't know
what the situation is there i don't i haven't read the terms enough or i haven't signed the terms
ever um but yeah they they stuff they're obviously having the ability to run like a tractor is
completely different to a car like i was saying before yeah yeah autonomous tractor they're
already walking a straight line doing the corners is where you turn the wheel.
Like, it's probably the same thing every time.
You just calculate the distance.
But they are doing it with AI, I believe.
And I think it's definitely coming out.
It's going to happen.
Oh, sure, yeah.
I think maybe six years, five years, maybe a bit shorter than that.
Because I don't think at the moment, I don't think that they can run it at the moment.
With the current hardware and the current,
not the current hardware,
but the computer hardware in the tractor,
that's not AI ready.
They'll have to have another one that comes and does it.
Maybe the new ones go 20 years in it.
But that's for like the top tier farms that can afford the really expensive equipment.
It would be like 10, 15 or so years after that
for like the smaller farms that buy the
second-hand equipment to actually start adopting it yeah and that's that's what i explained in the
talk as well about the the fleets that passed down the generational device that's why everyone's got
this end-of-life devices because the previous generation had the had it when it was in in life
and so that's why i jailbroke the 4240 the latest one because i know
that even though it's cheaper right now because people prefer the old one it's going to be
used uh for a large number of years from now like maybe 10 years the good thing is it's
going to slash leno so it's never going to be out of date like they can just keep updating it
well that's that's the thing if they're going to keep updating it like i, that's the thing. If they're going to keep updating it,
I'm sure at some point they'll be like, nah.
It's already running a really out-of-date kernel anyway.
Yeah, it was like 3.2
or something. I think it was even older than that.
I can't remember.
No, I think it was 4.1
something. I want to say 4.1.
I can check it out. It probably is.
4.1, 4.2.
I had it on the login screen.
It was definitely on the,
the older end of LTS kernels,
assuming it's an LTS kernel.
Yeah.
I think it's a wind river managed one.
I don't know if it's,
I think Yocto Linux is involved.
I can't even know what that is.
It's like a project that does RTOSs or what.
I can't remember what it was.
Yocto.
It's definitely,
it's definitely on the older side of OS was. Yocto. It's definitely on the older side, you're right, of
OSes. Yocto
project at embedded...
Yocto project is not an embedded Linux distribution.
It creates a custom one for you.
Oh, God, I hate... Can we stop with
stupid taglines? Just tell me what your
project is about. It's like the funny thing on
the GitHub. It says if you look down, it's got the
FSF mailing addresses. Oh, it's so funny.
And I brought that up at the talk and uh devin was in the crowd and i was like devin shouted out he's like that's
our old mailing address so they haven't even updated the mailing address oh it's awesome
yeah oh so yeah man you're you've been acting as this middleman between the SFC and John Deere.
What has that been like?
So SFC has...
They want to investigate this,
but they've got to get access to the device.
They don't really have time, I guess, to do it.
It's not free to do what I do.
And I do it for free because it's fun.
Theoretically.
But
to analyze a device and
figure out what licenses
are involved and has the GPL
been violated? Do they have to remove
projects and put in
free ones or non-free ones or whatever?
It's pretty complicated and i think
john deere is also asking me for comment sometimes and so like they're both of them
so the quasi jury for an argument that's kind of happening in public it's kind of weird
but you know the way that i like originally you know i'm still
learning about the gpl maybe i'm wrong maybe i'm right um but i think rob lanley he's a mad dog
because of rob lanley the dude did the busy box and then they had the problem with the license
for busy box or the guy didn't want to move the gpl the guy wanted to the original guy wanted to
move gpl3 and rob didn't want to go so he made toy box he forked forked it and made Toybox. I think they're on different lines.
MIT, I think.
Or he made his own,
BSD Zero, I think,
or something like that.
And then he moved it to,
and now Android uses his project.
Busybox is still massive, right?
Yeah, yeah.
Rob's got some,
Rob had some really good talks on YouTube.
I remember a couple years back,
I watched those talks.
I was like,
holy heck, this dude's smart.
And he's the dude who made Aboriginal Linux.
He didn't make BusyBox, but he maintained it after the original.
You mentioned that one when we were talking offline.
I had no idea.
Landly.net.
He's a mad dog.
He's a mad dog, dude.
He's a really smart guy.
He's very active.
He's a really smart guy.
Get him on the show, then.
Get him on the show.
Oh, that would be awesome.
There's a lot of people that I'd like to talk then. Get him on the show. Oh, that would be awesome. There's a lot of people
that I'd like to talk on the show.
Absolutely.
Richard, get Richard on there.
You're going to do it
on Media Goblin
or it's going to be WebM
or OGG.
It's complicated.
He does...
I'm going to watch that talk
after this,
the one with the panel
because I remember
he did interject.
It was quite good.
It was quite interesting.
It's real.
It's a real deal.
So you... What was it like meeting Stallman?
Like you've mentioned some stuff offline,
but you said he was a bit of a character,
and it's very much like what you would expect Stallman to be.
So, like, we were at the front at the FSF.
It was at the Boston Convention Center.
I can't remember what it's called,
but I was at the front having a cigarette, um i saw this guy walking up with belly with a gut nice guy
belly and he's at his uh his girlfriend his girlfriend i believe or his partner and walked
up and i'm like holy and he had a mask on i was like richard and he's like hey he's like i know
it's really interesting he's like hey how you going like he's no slower than that he's more like you know like he talks real slow and he's like
really interesting guy you know obviously he's in his 70s or something now right yeah but maybe
he's 70 now yeah we got a couple of we have a couple of fighters together I was pretty smitten
dude I was pretty starstruck 70 yeah using the dude's software for 40 you know everyone's been
using his software for years. Yeah, yeah.
And literally, you find the GPLs everywhere.
You've got the about section, licenses, GPLs,
literally everywhere.
But I think in the other video the other day
about the licensing thing,
I'll go back to what you were saying,
but he only has 40 employees, I think, at the FSF.
Wow.
We were saying something about,
he's like, we're not a big organization.
We've only got 40 employees.
You did all that with 40 employees,
like all that damage,
not damage,
but like all that,
all that,
no,
not damage,
probably the word for it is like all that creation,
right?
Yeah,
yeah,
yeah.
In the industry for with like a,
such a,
such a team,
right?
Red Hat's probably like what?
70,000 or some crazy stuff.
Oh,
I don't know.
Completely different scenarios.
Red Hat employees.
I know it's a ridiculous amount.
They have 19,000 employees.
Oh, okay, yeah.
$1.6 billion.
Oh, here we go.
Their total assets in 2018, $5.5 billion.
They've got a lot of...
I mean, they own Kubernetes, I think, as well.
They've got, like...
They've got...
Number 27 on the Fortune 500 companies.
Yeah, Red Hat's a little bit big. They've got like, they've got number 27 on the fortune 500 companies. Yeah.
A little bit big.
So Richard immediately, I think the, one of the,
one of the early things he was kind of concerned that maybe the conference,
cause he was quite late at the conference.
He came on day two.
And I was obviously busy.
They bought nice.
It was, it was cool to meet him, you know, like regardless of what everyone does,
you know,
it's cool to meet someone that writes a lot of software hasn't had a massive impact on life in
any case and then i met him and i'm like you know he's an interesting guy and we went into the
conference and um yeah dude he watched a couple of talks asked a couple of questions uh we took
a couple of pics and he's just been a just just yeah and everyone's pretty receptive like everyone there is um you know they're all hardcore free software advocates yeah i also met uh also
met hot wheels what's his name again frederick brennan frederick brennan was there as well
he started hn oh yeah the q anon thing and then yeah he, not before that. He started it.
Yeah, real nice guy as well.
Real nice guy.
Hot Wheels.
Yeah.
You probably understand who he is.
Mad Dog.
He doesn't own it anymore as well.
He sold it.
No, they stole it off him.
I don't know what happened there.
Complicated situation back in the day. But he, yeah, he was also there, which is pretty cool.
Cool to meet him as well.
Yeah, and then, you know, meeting him and Richard in one day
is pretty interesting.
And any time anyone mentioned open source, I'm actually.
Oh, yeah, every time open source and Linux.
I don't think he interjected with the good news.
I think he did, yeah.
But I think he did that talk about the interjection,
and it's the real deal.
And I think some will get pissed off about it
but if you think about, if you read his book
I think the Freeze and Freedom book 2.0
I've read about half of it so far
but yeah, this guy
hasn't changed his mission in X amount of years
it's been static the whole time
and had that not been there
everyone knows that it's something with a different
ballgame right now
and there's a lot of push to like get away from gpl people call it fire is viral but people call
it whatever they want and i think um there's you know people people say it's on the way out but
then you look at who they work for it's like seuss or something like that it's like they've got their
back by like a mit company or a party or whatever or whatever. But yeah, it's kind of interesting to watch this whole play out.
I think it is accurate to say, though, that MIT,
that side of it has definitely gotten a lot more momentum.
Like, GPL, it's still like, you know, GPLv2, GPLv3, AGPL especially.
These are all really big licenses still,
GPLv3, AGPL especially.
These are all really big licenses still,
but they are absolutely dwarfed by the adoption of MIT and Apache and things like this.
Right.
Yeah, the only difference here is that if you look at the,
in terms of maybe impact or legacy software,
things that have been there for a very, very long time.
There's, you know, I'm
not 100% sure, but I definitely know that I think
most of my code, if I go to slash bin on my computer,
most of it's all GPL.
Well, probably because we're using free software, right?
Definitely in a
non-free thing, there'd be a lot more of it.
Yeah, but I haven't used one for a while, so maybe I'll check it out.
But
yeah, definitely, yeah, there's definitely a lot of MIT out there. I think it's obviously growing, but um, but I haven't used one for a while, so maybe I'll check it out.
There's definitely a lot of MIT out there.
I think it's obviously growing.
I think we just need to not forget the GPR.
I don't think it will be forgotten anyway,
because a lot of people are proponents of free software,
and it's going to live there forever.
I think free software is more... This is one of the things you did mention in the video
the other day that I had.
This is one of the things you did mention in the video the other day that I had.
Free software is much more than just the FSF now.
The FSF was obviously an incredibly important component for founding this movement.
And they exist now as this really extreme wing that shows you the conclusion of what free software can be.
But there is this more moderate section that does interface with... What you see with the moderate free software interfaces a lot better and interacts a lot better with the open source side.
There's more of a dialogue there
as opposed to, you know,
open source missed the point of free software
and the other blogs and stuff that Stallman's put out.
And whether that's a good thing or not,
that's up for debate.
But there is certainly this growing discussion
happening here about what software should be.
I don't know what your take on whether that's a good thing or not is.
I can tell you, for example, I think, so, you know,
you've probably seen talks of Richard before where he goes like,
you know, if you have any cell phones, don't take any photos
because you want to be part of the botnet or whatever.
But he was fine with taking photos the other day.
So, you know, there is obviously, he understands that people out there like i had my phone i took a photo in
my iphone you know where he had no issue you know he did no issues with that um and you know but the
core i think the core fundamentals part of it i think is definitely obviously solid on and never
will an unimmovable object you know unstoppable force uh this is the same thing
yeah but yeah the fsf meeting him in person they're really nice people man they're like
they don't appear like some of those blogs that are online a lot of those old or legacy
documentation and not the documentation but like faqs back when things were a bit more militant or
non back when things were a bit aggressive there was a bit of an arms race for software licensing.
I think maybe now that people are aware of both licenses
and the arms race maybe is a bit slower
or it's a bit more tame,
that people actually understand that they do need
free software for certain tasks,
like missiles and bombs and things and tractors.
But the other side of it is, you know,
there's a proprietary side of it,
like, you know, QNX, for example, QNX, BlackBerry's OS.
So he's definitely okay with...
Then he talks about special software, specialist programs and things like that.
There's definitely a place for proprietary software.
He's not definitely...
The way I got it off him was...
Sorry, the way that I discussed it with him was I think he mentioned
that there is specializedised software out there
that may be proprietary, that is just necessary.
And I think in the case of farming,
people maybe thought that farming software
was a basically necessary thing.
However, it turns out that it's a full-blown GNU slash Linux OS.
Just uncovering these little hot pockets, I guess,
of industries that are maybe not abusing but like using
profusely uh gpl stuff in a certain way that may or may not be like against the license but they're
definitely using free software and maybe just nobody knew about it before things like that and
um yeah it's just a surprise yeah he was really interesting man really interesting guy um you know
i didn't ask him about his past or anything, but it's interesting to see and see in the flesh.
He's telling me something now.
So you feel like there's a bit of a disconnect
between the image of Storm and the image of the FSF
and the way that he acts when you talk to him in person?
Yeah, he's obviously a very cordial human being
and he gave us a business card.
And I was like, oh, business card.
No, it's my pleasure card, like business pleasure.
He's a pleasure card.
I've got it on my phone.
Pleasure card sounds like a very different kind of card.
Yeah, yeah, yeah.
But it's a nice dude.
You know, I'm happy that I met him.
Like, you know, I'm happy that I met the dude who created the GPL.
And it's definitely, I think the image of him online is a bit different.
Everyone kept asking me, did he eat something on his foot?
I'm like, no.
Everyone loves that video.
People are like bringing it up.
I'm like, I don't know.
I didn't see him eat his shoe.
But he was wearing a mask the whole time, jacket up, had his T400,
sent me an email shortly after as well just about the talk
and some notes that he had.
It's nice taking notes.
But yeah, he had genuine questions.
I think the image may be a little bit skewed.
I think people may be a bit militant on the free stuff.
Like the Software Foundation's only got like 40 employees,
I think, or something.
And the GNU project, I don't know what's going on,
how big that one is, but they're pretty close to each other.
And I think apparently they shared an office before.
But yeah, they both have a certain task.
I think the image might be a little bit skewed
by people who maybe they've had something.
I don't know.
You can't really just figure out what the motivation
is for people to...
Like the other day I saw your FSF one.
We were talking about it previously.
But I mean, I saw that post that you were referencing
and I was like, someone just decided one day
to come up with that. Was it for a reason? Or maybe they had like an issue with GPL? Maybe were referencing and I was like, someone just decided one day to come up with that, was it for
a reason or maybe they had an issue with GPL
maybe someone at the workplace is not using it
what is the motivation
behind some of these things, and I know definitely sometimes
it's other companies
I remember with the original stuff
I won't get into it, but I believe there's a lot of
you go to the GitHub profile
and you see who it is and it's like, works at Red Hat
works at bloody here, works at here right at? What's it here?
What's it here?
In, um, Daruda Vault's case, he is very, uh,
he's very supportive of free software,
but he also has a lot of problems with the way the FSF is run nowadays.
Like he, uh, he used to be the maintainer of the Sway window manager
and a bunch of other
projects.
What's his main one?
There's a
Git
repo. Give me one sec.
There's a Git remote software
drew to vault.
The FF7 is pretty quiet. They're pretty quiet.
They don't really talk much.
What is this project?
Why am I blanking on it?
What does it do again?
It's a Git remote.
One of the web host ones.
What is it?
Git T.
Hmm?
Git T?
Is that it?
No, no, no.
Git Lab?
No, it's not Git Lab.
It's one of the smaller ones.
I'm completely blanked on it. I'm going to remember it later.
It's not GitT, right?
No.
Sourceheart. Sourceheart. That's it.
Okay.
Okay.
Sourceforge. Sourceheart.
Sourceheart.
Sourceheart.
He's a big
supporter of free software, but he's one of the people that you know as there's
this like there there's a support of free software that exists nowadays that is entirely separate
from what the fsf has and i think a part of that is because of how like how abrasive and how
militant the fsf has been throughout the history.
So now there is this, you know, you have this younger generation coming up that is interested
in free software, but they feel like there is a more, you know, more cooperative approach
and more, a less, like, aggressive way to push for it.
And whether that's a good thing, as I said before, like, whether that's a good thing or not whether that's a good thing or not is another question
but there is definitely this
this I guess
split
in free software
about what direction it should be
going into the future and
it seems like there is more
I could tell from my comments
on that video that
there was a lot of people
that seemed to be in support of that less militant side.
And we'll have to see what happens over the coming years,
whether that's a good direction for this movement to be going.
Because that seems like it is the direction
it's going to be going now.
I think it might be, if you think about it,
maybe is it a tonal issue if it's an like
if it's like because for me right if i write code gpr i use it um you know i try to separate
like the humanness of the like it's the code versus the actual personality of someone or
the industry or the thing but for me i don't i don't see it in that way but i think a lot of
people can see that they're like
you know maybe they've heard on the grapevine maybe someone said to them maybe they watched
a video or maybe they've just read it in a way that that speaks out to them and says like you
know um this is a communism software type type model um and it definitely obviously has elements
of things like that and but yeah that's just the way i think that's just the way
it is or i don't know if you can do it any other way if you think about it maybe there isn't a way
to do gpl3 without like without having it say like you can't use this and blah blah blah like i think
it's worded in a way that maybe maybe chapter t can rewrite it in a in a nicer format i'm not sure
but i do know that you know a gpl like in gpl3 they're significant
um licenses like yeah there's nothing out there like them
i don't know if the leadership has to change but i do know that it's a small organization and they
yeah it's it's not even really if it needs to change like a lot of like people like
stalman are going to be leaving he's 70 like in the coming years he are going to be leaving. He's 70. In the coming years, he's going to be leaving,
whether he likes it or not.
But there's definitely people there that I met which were very...
There was a lot of people that I met at the FSAF,
at the conference, that were very, very nice people,
very personable.
Yeah, everyone's on the same mission, though.
Regardless of the personality of an individual,
I think that they all have the same mission,
and that is to protect, as far as I know,
protect software and keep it free as a freedom
with the four freedoms.
Yeah.
I think that's the important part.
Like, even with this disagreement,
like, everyone, even though they disagree with the FSF,
they still, we're all still trying to go towards free software.
It's just a matter of the different approaches that are being taken here.
And I think if you think about some industries,
when they stick around for a while, grifters come in,
and I do believe I've seen, you know, not a bad way to put it,
but like, you know, like you see something happening
and then eventually people start selling T-shirts about it or something,
and then it just ends up in like a,
it ends up in like a top-taker donations for something, and then it just ends up in like a – it ends up in like a – it's like taking donations for something,
and it turns into a frigging – like a cash thing.
But I think for some, not necessarily projects,
but like, you know, some people like –
they built their software in GPL3.
They want to go private.
Like OpenAI, for example.
Right, yeah.
It was in the name, OpenAI.
They're like, oh, shit, we're doing –
we're killing it.
Let's go private.
Yeah, I know Elon had a lot of issues
with open ai because he invested a lot of money into it early on with the assumption it was going
to be you know remaining open uh but now well you know microsoft came in and gave them some money
and now microsoft basically oh i think they i want to say they own 49 of the company or something and all of their ip
or like something like that yeah but if you think about that like that business model right if
you're working at a company and you're like and you've got pr you've got sway and you're like okay
well this is the wrong license we can't use this but we want it let's trash gpl for a bit and see
what happens like i think that's what some of it does come around like that and i know other projects definitely do it definitely
talk about like that i think like you know linus and richard have a massive dispute over gpl3 um
they both think each other was insane um i don't know about that way but yeah from that video i
watched that video where they had that thing when they're on stage together and they're like, can we just laugh? That's a good video. They're on stage.
It's a complex thing, man.
I mean, I'm not the expert.
Yeah.
Are you there?
Can you hear me?
Yeah, you just froze.
Yeah, yeah.
That's all right.
Yeah, I just said like,
I'm not an expert on GPL.
You know, like I'm still studying.
I think I'm going to finish that book
that he wrote,
Free As In Freedom,
because it does have a lot of,
you know,
there's like a footnote by RMS that says, like,
just the presence of free software on a non-free system
doesn't make the whole system non-free, right?
Because then you can say that with DIA, right?
DIA's got packages on there that are proprietary.
They don't have to be publicly released.
However, John DIA put in their agreement or their manual
that you can get the full corresponding source code
and that's defined in the gpl as the everything that you can imagine to make the thing including
keys secrets make scripts make files shell scripts um etc build tools tool chains whatever to build
it and that's a big statement and i didn't get that file from them i think that's where the
dispute comes from it's like they offer that, which is like literally everything
to make a tractor on my own.
I can literally make a VM and just run it.
I've got it running on Raspberry Pi by the way, low key,
but also high key, right?
And then, yeah, like they offered that and then just didn't, you know,
go through the offer properly.
They just sort of fuzzled it out a bit.
There's been some, I forgot what the company was.
There was this big company in China
that did the same thing
and someone just showed up
at their office like, hey, I'm here for the source
code. Give me the source code. Yeah, that was
I forget her name, it's
RealSexyCyborg. Yeah, yeah, yeah.
I believe she
showed up as well asking for source code and I do
believe that they had no idea what they were doing
as far as I know.
I'm sure John Deere would like you to show up like that because then they'd be i think really i think i think willie willie the guy he actually showed up they also had no idea but um
yeah that's another story i think i think he did show up i think he showed up so he said he did
but i don't know if he did but um but yeah i think johnny is well aware of this argument about gpl like i've
spoke to him about it you know like you know asking him like is there tools out there that
will go and find what's linked you know what's whatever and you know what's public and what's
not but i'll just go back to the original argument they fully offer the full like actually on the
device you go to the settings you go to manuals and you're going to support or help and scroll down it says you can obtain the correspondence for the device you're typing on
yeah and if they're not supplying the full corresponding with that i don't know if that's
wrong or not that's just like a euler like it's like a nothing agreement but it made me think that
they know that there's code in there that should be that should be public or not but i'm not 100
sure and that's that's kind of where the dispute starts from. And that's kind of why I'm the arbitrator, which is really
weird.
You're just the guy who managed to
find the code. You're not the lawyer here that's
sorting all this stuff out.
Exactly. And John Deere's
got one or two lawyers, I think.
Oh, yeah, I'm sure.
They're not a full indie company.
They're a startup. yeah yeah so that's why they don't have a you know monthly is it
monthly yearly what is the subscription model honestly i think it's i think they have yearly
subscriptions and then yeah yearly or there's optionals it's like one two or three yearly
ah yeah but i believe i leave i believe green star five is five years green star five
it's coming out soon and it's there's a youtube video about it i believe uh it's just coming out
soon but there's no information on it green star five i've just talked the wrong word
yeah it's yeah no information on it but uh it's definitely coming out and it's a newer version
it's like a touch display but it's also apparently it's uh i think it's like a non-outdoor display
the other one can go out in the rain yeah well you had that picture of it just you know the
fancy picture yeah with the rain going down it yeah that's on the official site it's a good
photo actually because it is ip65 like it's it's weatherproof um apparently but uh yeah it
definitely mine's not because i've actually i've chiseled it around and screwed with it and it's
definitely not weatherproof anymore because i got rid of the glue um none of those exposed
layers you had on it definitely not oh yeah
that's that's just
that's just taped
on the back
so that it doesn't
fall out
and 12 volts
ground
and then I've got
RS-232
so I can
I can shell into it
so I have to change
the password
at first as well
but I think
yeah there's a new
one coming out
called Green Star 5
and I believe
it to be the same
OS
so it's already
jailbroken
so
and they're like you know maybe they removed maybe it's already jailbroken. And they're like,
maybe they removed,
maybe it's encrypted.
It would be funny to see that.
But they can't also go out and,
oh, here we go, G5.
Here we go, here we go.
I'll send you the link.
Oh, okay, yeah, sweet.
It's a PDF.
Guidance, G5.
The new one's coming out.
So if you look up G5,
G5 universal display.
So it's a larger screen, faster processor, brighter, 1080p.
Actually, it's just a better screen, right?
Oh, here we go.
You can see G5, yeah?
G5 Universal Display.
Yep, I think so, if their website's going to load.
All right, here we go.
Okay, we're good.
RS-232 document and use subscription.
That's interesting, man.
That means it's exactly what.
It's got a shell.
It's got a shell.
This is cool.
Looks like it's...
It's just a bigger screen, right?
It's a bigger screen.
It's quite nice.
It's got remote everything again.
It looks exactly like the existing one.
It's just a nice screen, bigger screen.
Bright, clear,, 1080p resolution.
Wow.
We've entered 10 years ago.
Yeah, it's funny, right?
It's definitely...
If it works, it works.
You don't need something crazy for it.
Yeah, it looks exactly like the current one.
And if I right-click the new screenshot in the thing,
it says they literally use the Gen 4 photos.
So, yeah, just open up the image in a new tab,
and it's like sales manual for Gen 4.
So they're using the photos from the Gen 4 for 5.
So it's definitely obviously...
Wait, wait, wait, wait, wait, wait, wait, really?
It's like go down to the bottom, like the yellow top view,
and just right-click, open the image in your tab,
and this is Gen 4.
So Gen 4 is the one that I hacked, and Gen 5 is the one coming out.
G5, they're calling it, G5, yeah.
So it's definitely, yeah.
But it does look like they've got serial GPS.
And I don't know if that's the current one.
It probably is.
But there's definitely the accessibility of,
it's very similar to the previous one.
So it's probably already jailbroken.
Assuming they don't, you know...
One of the devices you mentioned where they had like the...
What do you call it?
Oh, fireproof crap on it.
Yeah, and it just tore the board apart.
Yeah, so they had like a chip sitting on the board,
on the gateway, and it's like covered in this yellow fire retardant,
I think, or like it's obviously heat something or other.
It's heat single.
It's some sort of glue.
And they shoved it everywhere inside and it goes on the chips
and expands heat, whatever.
Sorry, transfers heat.
And one of them is on the chip that has the is the emmc which is a 153
ball g uh flash chip which has the memory of the entire os on it and it's stuck on one of those
things and they i don't know if they did this on purpose but when you take it apart which is pretty
hard because i cut myself multiple times you're like cut around and open it up it rips off the
chip on the board and literally just permanently ruins the board
because the chip flies off.
And they did it in a way that some of the traces on the chip are like,
I don't know if it's like a, I don't know what the word would be,
like a tamper evidence seal.
You rip it off and because it rips off in a certain way,
the sticker's all screwed up.
I think they honestly might have done that with that chip
because it's happened on my device, two of mine,
and I think another guy who's a Mad Dog LP, nice guy.
He actually works for it anyway.
But he also had the same issue where it would rip off the chip off the board.
Chip was fine though.
I still was able to dump the firmware chip and modify that.
But I couldn't put it back on because the rest of the board was pretty much toast.
Right, right.
I believe so. I believe so.
I believe so. Actually, you know what? I actually went down with a microscope and rearranged some of the
traces. I fixed it up.
I think so.
I've got two of them now, so yeah. I've got more than one.
It's been a while. I haven't looked at one for about a year, but I've
definitely got more than one of them anyway.
So one of them doesn't work.
Shredded.
Well, one last thing I wanted
to just bring up is with all
of this stuff that John Deere has, like, with
their own sort of software, one thing
you brought up in LibrePlanet,
the, uh, was it Defcon,
was AgOpenGPS.
Um,
which I...
Yeah, dude, cool project.
Yeah, it does look pretty cool.
I told, uh, Richard about it. He went off about the name he's like i guess it's got the open in it yeah yeah yeah and he's like he's like the name's not
good enough i'm like well richard you'll have to convince him to change it but um it's gpl3
it is fully open and you can download it and run the demo.
I think I,
why is wine to run it,
but it definitely opened a little demo up.
Um,
and it was like running like a fake little truck,
but there's a telegram group. There's a telegram group with legitimate guys that use it all day,
every day.
So this guy's actually legitimately out there farming it and it's free.
So thinking of those prices,
we were talking about eight grand here and seven grand here for a display
for a read on this one
and people using i think they're using laptops in the tractor or they're using like third party um
third party like tablets or something they've got a couple of supported devices but they're
definitely on the path of doing a fully free um tractor uh guidance system to anyone who wants
to go and have a look at this uh shout out to farmer brian t on youtube
he's got this big playlist showing like him actually using in his uh in his devices on the
telegram group group group too they they have a lot of guys that post photos of them in the tractor
and stuff all day like they've got they've got pcb designs that they've made so that i can go
and download them and submit them to pcb way and get them printed and they've got PCB designs that they've made so that you can go and download them and submit them to PCBWay and get them printed.
And they've got like, you know, it's pretty substantial, man.
Like just randomly, you know, there's a lot of tinkers
in farming and inventors and things like that.
And this is a pretty cool project.
Like I'm not going to lie, it's probably competitive.
There's a few features that they're probably missing
and it's competitive against major existing software, which brings in a question. Is this software that they sell probably missing and it's competitive against major major um existing
software which brings into brings into question is this software that they sell at the other
places worth eight grand you know obviously yeah so situational there is value in convenience
but yeah richard will say something different but he'd be like you know no it's like you have
to pay for your free like it's a different situation but there's a two-sided argument there right if you think about it um you pay like if
you go to the manual for the john d i think i put it in my talk where it says like yeah you know
enjoy the comfort of a dealer logging into your tractor remotely from from an office in john d
headquarters i'm like i personally wouldn't wouldn't prefer that but some people want the
customer to be they want to put their hands behind their bed,
like, oh, the guy, he's rocking in.
Look, honey, he's on the screen.
His mouse is moving around.
You know when your any desk
or something into someone's computer,
like, oh, there's my mouse.
There's my mouse.
And you're like,
and they're like, oh, that's so cool.
They get this weird sense of,
you ask them about it,
and they love it, apparently.
They love when someone takes over the computer.
Very interesting situation.
Yeah, I can see why some people get scammed then.
Yeah, yeah.
Like as the technician part of it,
it's like definitely, definitely something to be scared about.
But, you know, the fact that we had access to the mainframe
and I was able to log into the system
and do some certain things,
if we had gone further enough,
there would definitely be the ability
to access people's farms remotely.
And that's where the scary part comes in.
You know, someone who wants to do a sophisticated ransomware attack, even inside a job, you know, to access people's farms remotely. And that's where the scary part comes in.
You know, someone who wants to do a sophisticated ransomware attack,
even inside a job, you know,
they would have a substantial amount of ability to disrupt farming.
And if you think about some of the ransomware that's going around now with stuff where they steal the data,
or they'll do like, I think, not Latitude,
but there's one recently with, not Pepsi,
it was like not pepsi
it was something else it was like one really recently it's a very very big company and they
were like cisco or something no it's not cisco i don't want to get in trouble but not that i would
um but it's one of the companies out there recently that that's being like
not answering questions or something not not talking to them or whatever and they're going
to post it and if i think if somebody dealt with DR, maybe it wouldn't become money,
but if they threatened to destroy tractors remotely of some sort of,
like if they built some sort of kill switch and said, like,
I'm going to drop the bomb, like that would be bizarre.
That would probably get paid for that.
Crazy stuff out there.
It's quite dangerous, this kind of stuff other stuff yeah if you get rid of a lot
like the ransomware where they got rid of the encryption stuff and now they're doing
now they're doing we're threatening to release your data instead they don't even care about
encrypting it um the next one's gonna be like i'm gonna i'm gonna destroy things you know
which is like terrorism like literal terrorism. Yeah, well, you know. Cyber terrorists.
Substantially, you know.
Let's hope people don't do that.
And what about AI?
Cyber terrorism.
AI cyber terrorism.
Set the goal.
Set the goal.
Go and destroy this company.
And just goes off and does it.
Disastrous results.
Cyber AI terrorism.
Let's look.
I'm excited.
I'm excited to see it pan out. cyber terrorism anyway man is that right finishing on that gloomy yeah sure let's uh
let's finish on that um well yeah this was i'm sure we could just I'm sure there's tons of stuff we could keep talking about
but
yeah I'll let you go
let
just chuck my links in the
yeah let people know where they can find you
I've got your website
masteron I think is sick
at sick.social
it's kind of boring on your own server
but you slowly get followers and slowly get interactions.
There's a couple of
servers that I should have accounts on, but
they've screwed it up with
the following ability.
You're not supposed to be able to follow. It should be
like you just bang that.
I want to go to my friends' ones that I know
and be like, I know all these people. I want to
recognize them all and just follow them from the
ones I know and just sort of expand.
But they've got something
where we can't cross-service stuff,
but hopefully they fix that.
On Twitter,
SIG codes on Twitter.
LinkedIn as well.
A lot of stuff on LinkedIn,
SIG codes on LinkedIn.
Yeah, and then
I've got a YouTube channel
where I've got like two videos on there.
I think my site says SIG.codes.
I've got a tutorial on there
about running,
because I've got Docker OS X. I've got a tutorial on there about running because I've got
Docker OS X.
I've got the project
about running
Mac OS VMs in Docker.
It's a big project
with 30k stars.
It's pretty funny.
And I've got another one.
And then I did Ableton.
I was doing a lot
of wine stuff.
I did Ableton
the other day.
It was pretty good.
Ableton latest
on Linux.
Wait, I think I saw
this Mac OS Docker thing ages ago. I think someone saw this I think I saw this
Mac OS Docker thing ages ago
I think someone just sent me a link to it
I didn't realise it was your thing
It's so funny because people see me from
that they're like, aren't you the dude who does Docker
and then the other way around, it's so funny
I'm like, yeah dude, what's going on
It's a jack of all trades, no, multitasking
But yeah dude, those things that i've also got yeah
i'm using a lot of twitter and um yeah discord as well discord as well i'm in your discord channel
as well so well i will leave uh everything linked in the description so if you want to go check that
out they uh absolutely can um do you have anything you are able to say that you're working on right now?
Or is there nothing crazy going on?
Besides the Dodge Ram thing you were saying about before.
Yeah, I was with Dodge Ram.
I think I'm working on, I've got some airplane Wi-Fi stuff I was looking at.
I think it's old, but you never know because airplane stuff always looks old,
but sometimes it's not.
They're just, these are really light materials.
I'm working on, what else have we got?
I've got a bogey machine at the back. You can probably see it in the light materials. I'm working on, what else have we got? I've got a voting machine
at the back.
You can probably see it
in the back corner.
That's a US voting machine.
Pots County or something.
And I've got-
Why do you have-
No,
so where did you get
a US voting machine?
Oh,
what do you think?
eBay.
eBay.
They're just on eBay.
Okay,
sure.
It's massive.
It's like this big,
right?
It's just come in the mail.
I'm like,
what is that?
And it was like,
it just rocked up one day in the mail.
And it says like, it's really weird.
I wanted to get a Dominion machine, but I remember seeing them on eBay and then I should have bought one at the time.
It would have been funny to look at.
So that was a bit of a hot topic at the time.
I probably wouldn't get, like, regardless of whether it's true or not,
I love seeing the, I love going in there and have a look for myself.
It's maybe a deal. Like, I'll go and look at it and be like, yeah, can I run Doom I love seeing the, I love going in there and have a look for myself. So maybe a deal,
like I'll go and look at it and be like,
yeah,
can I run doom on this?
What are they actually doing in there?
And then regardless of whether or not they're doing something wrong,
it's always cool to see from the inside yourself,
you know,
and then publish some research about it and be like,
Oh,
you know,
this is kind of sus guys.
You know,
it's kind of weird what's going on here or,
or it's nothing to see here.
That sort of thing.
Um,
but yeah,
I've been working on that.
Just been working on, yeah, a couple of arduino stuff canva stuff just random stuff oh
the sound blaster card eventually yeah yeah yeah you got a lot of things going on it seems yeah
i'll actually do a lot of hardware hacking stuff as well yeah like the oh i'm offering trainings
now too i've got training stuff as well so like like mostly B2B, something, yeah, I do a lot of talks recently,
but just a lot of random tasks,
man.
Penetration tests.
Yeah.
Go check out the talk that he did over on LibrePlanet.
That should be in the description as well,
probably.
Yeah.
Yeah.
Cause it's a,
it's a hard,
it's like Framitude or something.
It's like a media goblin as well,
but it's on the FSF website.
LibrePlanet.org or something.
But yeah.
Cause you know,
being,
being there, no one's going to see it unless they know about the link. I'm living on planet.org or something, but yeah. Cause you know, being, being there,
no one's going to see it unless they know about the link.
Yeah.
The email,
the email,
when we signed,
like when I accepted it,
it's like,
you know,
the,
the rules were like,
it has to be like OGG format or like web M.
You know,
like it was kind of funny.
It was kind of funny,
but yeah,
I did it in the right format.
So yeah.
Uh,
was that all you want to mention then?
Yeah, that's fine. I mean, that's fine. mean that's that's yeah okay uh as for me the main channel brady robertson do videos there six days a week
mainly linux tech videos uh then we've got the gaming channel brady on games uh current playing
through hogwarts legacy and yakuza zero both very very good games. Come check them out.
FFXVI's coming out soon, so that'll be fun to play.
God, we're going to be playing a lot of Final Fantasy XVI.
Anyway,
also, if you're listening to the audio version of this,
the video version is available on
YouTube at Tech Over Tea.
If you are watching the video version, you can find the audio
version anywhere that
there's podcasts. There's an RSS feed.
Chuck it in your favorite app and it should be good to go.
I'll give you the final word.
What do you want to say?
Yeah, man, just keep fighting the good fight.
Everyone's out there doing their missions.
Keep it up.
Yeah, just especially with the times and times,
currentyear.com.
Just, yeah, just keep moving on, everyone.
Keep doing the good stuff.
Yeah, man, you keep up the good work
as well hopefully you got something uh something fun that uh grabs people's attention again
slot machines i forgot but we'll talk about that another day
why not why not um yeah okay that's gonna be it for me and i'm out