Long-time Slashdot reader drinkypoo writes: John Deere, current and historic American producer of farming equipment, has long been maligned for their DRM-based lockdowns of said equipment which can make it impossible for farmers to perform their own service. Now a new security bypass has been discovered for some of their equipment, which has revealed that it is in general based on outdated versions of Linux and Windows CE.
Carried out by Sick Codes, the complete attack involves attaching hardware to the PCB inside a touchscreen controller, and ultimately produces a root terminal.
In the bargain and as a result, the question is being raised about JD’s GPL compliance.
Sick Codes isn’t sure how John Deere can eliminate this vulnerability (beyond overhauling designs to add full disk encryption to future models). But Wired also notes that “At the same time, though, vulnerabilities like the ones that Sick Codes found help farmers