[Plura-list] Apple fucked us on right to repair (again)

Cory Doctorow doctorow at craphound.com
Fri Sep 22 12:29:49 EDT 2023


Read today's issue online at: https://pluralistic.net/2023/09/22/vin-locking/

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

Today (September 22), I'm (virtually) presenting at the DIG Festival in Modena, Italy

https://dig-awards.org/en/dig-festival-2023-first-speakers-announced/

Tomorrow night, I'll be in person at LA's Book Soup for the launch of Justin C Key's "The World Wasn’t Ready for You"

https://www.booksoup.com/event/justin-c-key

On September 27, I'll be at Chevalier's Books in Los Angeles with Brian Merchant for a joint launch for my new book *The Internet Con* and his new book, *Blood in the Machine*:

https://www.eventbrite.com/e/the-internet-con-by-cory-doctorow-blood-in-the-machine-by-brian-merchant-tickets-696349940417

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_


Today's links

* Apple fucked us on right to repair (again): "Parts-pairing" is a scam.

* Hey look at this: Delights to delectate.

* This day in history: 2003, 2008, 2013, 2018, 2022

* Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🎒 Apple fucked us on right to repair (again)

Right to repair has no cannier, more dedicated adversary than Apple, a company whose most innovative work is dreaming up new ways to sneakily sabotage electronics repair while claiming to be a caring environmental steward, a lie that covers up the mountains of e-waste that Apple dooms our descendants to wade through.

Why does Apple hate repair so much? It's not that they want to poison our water and bodies with microplastics; it's not that they want to hasten the day our coastal cities drown; it's not that they relish the human misery that accompanies every gram of conflict mineral. They aren't sadists. They're merely sociopathically greedy.

Tim Cook laid it out for his investors: when people can repair their devices, they don't buy new ones. When people don't buy new devices, Apple doesn't sell them new devices. It's that's simple:

https://www.inverse.com/article/52189-tim-cook-says-apple-faces-2-key-problems-in-surprising-shareholder-letter

So Apple does everything it can to monopolize repair. Not just because this lets the company gouge you on routine service, but because it lets them decide when your phone is beyond repair, so they can offer you a trade-in, ensuring both that you buy a new device and that the device you buy is another Apple.

There are so many tactics Apple gets to use to sabotage repair. For example, Apple engraves microscopic Apple logos on the subassemblies in its devices. This allows the company to enlist US Customs to seize and destroy refurbished parts that are harvested from dead phones by workers in the Pacific Rim:

https://repair.eu/news/apple-uses-trademark-law-to-strengthen-its-monopoly-on-repair/

Of course, the easiest way to prevent harvested components from entering the parts stream is to destroy as many old devices as possible. That's why Apple's so-called "recycling" program *shreds* any devices you turn over to them. When you trade in your old iPhone at an Apple Store, it is converted into immortal e-waste (no other major recycling program does this). The logic is straightforward: no parts, no repairs:

https://www.vice.com/en/article/yp73jw/apple-recycling-iphones-macbooks

Shredding parts and cooking up bogus trademark claims is just for starters, though. For Apple, the true anti-repair innovation comes from the most pernicious US tech law: Section 1201 of the Digital Millennium Copyright Act (DMCA).

DMCA 1201 is an "anti-circumvention" law. It bans the distribution of any tool that bypasses "an effective means of access control." That's all very abstract, but here's what it means: if a manufacturer sticks some Digital Rights Management (DRM) in its device, then anything you want to do that involves removing that DRM is now illegal - even if the thing itself is perfectly legal.

When Congress passed this stupid law in 1998, it had a very limited blast radius. Computers were still pretty expensive and DRM use was limited to a few narrow categories. In 1998, DMCA 1201 was mostly used to prevent you from de-regionalizing your DVD player to watch discs that had been released overseas but not in your own country.

But as we warned back then, computers were only going to get smaller and cheaper, and eventually, it would only cost manufacturers pennies to wrap their products - or even subassemblies in their products - in DRM. Congress was putting a gun on the mantelpiece in Act I, and it was bound to go off in Act III.

Welcome to Act III.

Today, it costs about a quarter to add a system-on-a-chip to even the tiniest parts. These SOCs can run DRM. Here's how that DRM works: when you put a new part in a device, the SOC and the device's main controller communicate with one another. They perform a cryptographic protocol: the part says, "Here's my serial number," and then the main controller prompts the user to enter a manufacturer-supplied secret code, and the master controller sends a signed version of this to the part, and the part and the system then recognize each other.

This process has many names, but because it was first used in the automotive sector, it's widely known as VIN-Locking (VIN stands for "vehicle identification number," the unique number given to every car by its manufacturer). VIN-locking is used by automakers to block independent mechanics from repairing your car; even if they use the manufacturer's own parts, the parts and the engine will refuse to work together until the manufacturer's rep keys in the unlock code:

https://pluralistic.net/2023/07/24/rent-to-pwn/#kitt-is-a-demon

VIN locking is everywhere. It's how John Deere stops farmers from fixing their own tractors - something farmers have done literally since tractors were invented:

https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/

It's in *ventilators*. Like mobile phones, ventilators are a grotesquely monopolized sector, controlled by a single company Medtronic, whose biggest claim to fame is effecting the world's largest tax inversion in order to manufacture the appearance that it is an Irish company and therefore largely untaxable. Medtronic used the resulting windfall to gobble up most of its competitors.

During lockdown, as hospitals scrambled to keep their desperately needed supply of ventilators running, Medtronic's VIN-locking became a lethal impediment. Med-techs who used donor parts from one ventilator to keep another running - say, transplanting a screen - couldn't get the device to recognize the part because all the world's civilian aircraft were grounded, meaning Medtronic's technicians couldn't swan into their hospitals to type in the unlock code and charge them hundreds of dollars.

The saving grace was an anonymous, former Medtronic repair tech, who built pirate boxes to generate unlock codes, using any housing they could lay hands on to use as a case: guitar pedals, clock radios, etc. This tech shipped these gadgets around the world, observing strict anonymity, because Article 6 of the EUCD *also* bans circumvention:

https://pluralistic.net/2020/07/10/flintstone-delano-roosevelt/#medtronic-again

Of course, *Apple* is a *huge* fan of VIN-locking. In phones, VIN-locking is usually called "serializing" or "parts-pairing," but it's the same thing: a tiny subassembly gets its own microcontroller whose sole purpose is to prevent independent repair technicians from fixing your gadget. Parts-pairing lets Apple block repairs even when the technician uses new, Apple parts - but it also lets Apple block refurb parts and third party parts.

For many years, Apple was the senior partner and leading voice in blocking state Right to Repair bills, which it killed by the *dozen*, leading a coalition of monopolists, from Wahl (who boobytrap their hair-clippers with springs that cause their heads irreversibly decompose if you try to sharpen them at home) to John Deere (who reinvented tenant farming by making farmers tenants of their tractors, rather than their land).

But Apple's opposition to repair eventually became a problem for the company. It's bad optics, and both Apple customers and Apple employees are volubly displeased with the company's ecocidal conduct. But of course, Apple's *management* and *shareholders* hate repair and want to block it as much as possible.

But Apple knows how to Think Differently. It came up with a way to eat its cake and have it, too. The company embarked on a program of visibly support right to repair, while working behind the scenes to sabotage it.

Last year, Apple announced a repair program. It was *hilarious*. If you wanted to swap your phone's battery, all you had to do was let Apple put a $1200 hold on your credit card, and then wait while the company shipped you 80 pounds' worth of specialized tools, packed in two special Pelican cases:

https://pluralistic.net/2022/05/22/apples-cement-overshoes/

Then, you swapped your battery, but you weren't done! After your battery was installed, you had to conference in an authorized Apple tech who would tell you what code to type into a laptop you tethered to the phone in order to pair it with your phone. Then all you had to do was lug those two 40-pound Pelican cases to a shipping depot and wait for Apple to take the hold off your card (less the $120 in parts and fees).

By contrast, independent repair outfits like iFixit will sell you all the tools you need to do your own battery swap - including the battery! for $32. The whole kit fits in a padded envelope:

https://www.ifixit.com/products/iphone-x-replacement-battery

But while Apple was able to make a showy announcement of its repair program and then hide the malicious compliance inside those giant Pelican cases, sabotaging right to repair legislation is a lot harder.

Not that they didn't try. When New York State passed the first general electronics right-to-repair bill in the country, *someone* convinced New York Governor Kathy Hochul to neuter it with last-minute modifications:

https://arstechnica.com/gadgets/2022/12/weakened-right-to-repair-bill-is-signed-into-law-by-new-yorks-governor/

But that kind of trick only works once. When California's right to repair bill was introduced, it was clear that it was gonna pass. Rather than get run over by that train, Apple got on board, supporting the legislation, which passed unanimously:

https://www.ifixit.com/News/79902/apples-u-turn-tech-giant-finally-backs-repair-in-california

But Apple got the last laugh. Because while California's bill contains many useful clauses for the independent repair shops that keep your gadgets out of a landfill, it's a state law, and DMCA 1201 is federal. A state law can't simply legalize the conduct federal law prohibits. California's right to repair bill is a banger, but it has a weak spot: parts-pairing, the scourge of repair techs:

https://www.ifixit.com/News/69320/how-parts-pairing-kills-independent-repair

  

Every generation of Apple devices does more parts-pairing than the previous one, and the current models are so infested with paired parts as to be effectively unrepairable, except by Apple. It's so bad that iFixit has dropped its repairability score for the iPhone 14 from a 7 ("recommend") to a *4* (do not recommend):

https://www.ifixit.com/News/82493/we-are-retroactively-dropping-the-iphones-repairability-score-en

Parts-pairing is bullshit, and Apple are scum for using it, but they're hardly unique. Parts-pairing is at the core of the fuckery of inkjet printer companies, who use it to fence out third-party ink, so they can charge $9,600/gallon for ink that pennies to make:

https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer

Parts-pairing is also rampant in powered wheelchairs, a heavily monopolized sector whose predatory conduct is jaw-droppingly depraved:

https://uspirgedfund.org/reports/usp/stranded

But if turning phones into e-waste to eke out another billion-dollar stock buyback is indefensible, stranding people with disabilities for months at a time while they await repairs is so obviously wicked that the conscience recoils. That's why it was so great when Colorado passed the nation's first wheelchair right to repair bill last year:

https://www.eff.org/deeplinks/2022/06/when-drm-comes-your-wheelchair

California actually just passed *two* right to repair bills; the other one was SB-271, which mirrors Colorado's HB22-1031:

https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=202320240SB271

This is big! It's momentum! It's a start!

But it can't be the end. When Bill Clinton signed DMCA 1201 into law 25 years ago, he loaded a gun and put it on the nation's mantlepiece and now it's Act III and we're all getting sprayed with bullets. Everything from ovens to insulin pumps, thermostats to lightbulbs, has used DMCA 1201 to limit repair, modification and improvement.

Congress needs to rid us of this scourge, to let us bring back all the benefits of interoperability. I explain how this all came to be - and what we should do about it - in my new Verso Books title, *The Internet Con: How to Seize the Means of Computation.*

https://www.versobooks.com/products/3035-the-internet-con


_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🎒 Hey look at this

* Book giveaway for The Bezzle (Martin Hench #2) https://www.goodreads.com/giveaway/show/371380-the-bezzle-a-martin-hench-novel

* West of House https://brokenneedle.gumroad.com/l/westofhouse (h/t Wil Wheaton)

* T-Shirts Now Available! http://www.imagineeringdisney.com/blog/2023/9/19/t-shirts-now-available.html

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🎒 This day in history

#20yrsago New voting machines are criminally bad https://www.salon.com/2003/09/23/bev_harris/

#15yrsago Your chance to mark up the Wall Street bailout bill https://web.archive.org/web/20080929041702/http://publicmarkup.org/

#15yrsago Hank Paulson’s bailout 419 letter https://web.archive.org/web/20080923194140/https://www.thenation.com/blogs/jstreet/363133/bailout_satire

#15yrsago Stanford and Harvard b-school profs vs. free/open source software https://news.slashdot.org/story/08/09/22/2254228/stanford-teaching-mbas-how-to-fight-open-source

#15yrsago Sexist pigs earn more than normal men https://www.science20.com/news_releases/old_fashioned_men_make_more_money_study

#15yrsago Corrupted Science: the history, cause, effect and state of bad science https://memex.craphound.com/2008/09/22/corrupted-science-the-history-cause-effect-and-state-of-bad-science/

#10yrsago Chaos Computer Club claims it can unlock Iphones with fake fingers/cloned fingerprints https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid

#5yrsago Anonymous stock-market manipulators behind $20B+ of “mispricing” can be tracked by their writing styles https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3198384

#1yrago Twitch does a chokepoint capitalism: "Amazon is charging Amazon so much money to run the business via Amazon that it has no choice but to take more money from streamers." https://pluralistic.net/2022/09/22/amazon-vs-amazon/#pray-i-dont-alter-it-further

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🎒 Colophon

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/).

Currently writing:

* A Little Brother short story about DIY insulin PLANNING

* Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

* The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. FORTHCOMING TOR BOOKS FEB 2024

* Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

* Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

* Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: Plausible Sentence Generators https://craphound.com/news/2023/09/17/plausible-sentence-generators/

Upcoming appearances:

* DIG Festival (Modena, Italy), Sept 22
https://dig-awards.org/en/dig-festival-2023-first-speakers-announced/

* Launch for Justin C Key's "The World Wasn’t Ready for You," Book Soup (LA), Sept 22
https://www.booksoup.com/event/justin-c-key

* Launch for "The Internet Con" and Brian Merchant's "Blood in the Machine," Chevalier's Books (LA), Sept 27
https://www.eventbrite.com/e/the-internet-con-by-cory-doctorow-blood-in-the-machine-by-brian-merchant-tickets-696349940417

* An Evening with VE Schwab (Boise), Oct 2
https://www.thecabinidaho.org/all-events/ve-schwab

* Wired Nextfest (Milano), Oct 7-8
https://eventi.wired.it/nextfest23-milano

* The Internet Con at Moon Palace Books (Minneapolis), Oct 15
https://moonpalacebooks.com/events/30127

* 26th ACM Conference On Computer-Supported Cooperative Work and Social Computing keynote (Minneapolis), Oct 16
https://cscw.acm.org/2023/index.php/keynotes/

* 41st annual McCreight Lecture in the Humanities (Charleston, WV), Oct 19
https://festivallcharleston.com/venue/university-of-charleston/

* Seizing the Means of Computation (Edinburgh Futures Institute), Oct 25
https://efi.ed.ac.uk/event/seizing-the-means-of-computation-with-cory-doctorow/

Recent appearances:

*  Against Enshittification | Medium Day 2023
https://www.youtube.com/watch?v=mSeBelDVrgE

* The Jim Rutt Show
https://www.jimruttshow.com/cory-doctorow-2/

* How to Take Back the Internet (Wired Have a Nice Future)
https://www.wired.com/story/have-a-nice-future-podcast-21/

Latest books:

* "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).

* "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.

* "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

* "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The *Washington Post* called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html

* "How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59 (print edition: https://bookshop.org/books/how-to-destroy-surveillance-capitalism/9781736205907) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)

* "Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html

* "Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.

Upcoming books:

* The Lost Cause: a post-Green New Deal eco-topian novel about truth and reconciliation with white nationalist militias, Tor Books, November 2023

* The Bezzle: a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books, February 2024

* Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

* Unauthorized Bread: a graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025

This work - excluding any serialized fiction - is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

(Latest Medium column: "How To Think About Scraping: In privacy and labor fights, copyright is a clumsy tool at best https://doctorow.medium.com/how-to-think-about-scraping-2db6f69a7e3d)

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xBF3D9110957E5F4C.asc
Type: application/pgp-keys
Size: 4820 bytes
Desc: OpenPGP public key
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20230922/3c11eb5c/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20230922/3c11eb5c/attachment.sig>


More information about the Plura-list mailing list