this post was submitted on 26 Sep 2024
1009 points (98.3% liked)

Technology

59986 readers
2920 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Apologies for posting a pay walled article. Consider subscribing to 404. They’re a journalist-founded org, so you could do worse for supporting quality journalism.

Trained repair professionals at hospitals are regularly unable to fix medical devices because of manufacturer lockout codes or the inability to obtain repair parts. During the early days of the COVID-19 pandemic, broken ventilators sat unrepaired for weeks or months as manufacturers were overwhelmed with repair requests and independent repair professionals were locked out of them. At the time, I reported that independent repair techs had resorted to creating DIY dongles loaded with jailbroken Ukrainian firmware to fix ventilators without manufacturer permission. Medical device manufacturers also threatened iFixit because it posted ventilator repair manuals on its website. I have also written about people with sleep apnea who have hacked their CPAP machines to improve their basic functionality and to repair them.

PS: he got it repaired.

you are viewing a single comment's thread
view the rest of the comments
[–] tabular 385 points 2 months ago* (last edited 2 months ago) (2 children)

The manufacture should have zero say if their product gets repaired or not. The only person who can give permission to repair it is the owner. It should be illegal to implement tying to lockout parts being used as a replacement. Right to repair

They call it jailbreak because this is an issue of freedom: software freedom

[–] dgmib 125 points 2 months ago (2 children)

They call it jailbreak because this is an issue of freedom

I support your position and the right to repair, but that’s not the origin of the term jailbreak in the context of computing.

The term jailbreaking predates its modern understanding relating to smartphones, and dates back to the introduction of “protected modes” in early 80s CPU designs such as the intel 80286.

With the introduction of protected mode it became possible for programs to run in isolated memory spaces where they are unable to impact other programs running on the same CPU. These programs were said to be running “in a jail” that limited their access to the rest of the computer. A software exploit that allowed a program running inside the “jail” to gain root access / run code outside of protected mode was a “jailbreak”.

The first “jailbreak” for iOS allowed users to run software applications outside of protected modes and instead run in the kernel.

But as is common for the English language, jailbreak became to be synonymous with freedom from manufacture imposed limits and now has this additional definition.

[–] tabular 47 points 2 months ago* (last edited 2 months ago) (1 children)

Thanks for the history and technical explanation. I didn't mean to imply that was the origin (for computing) and was only talking about a specific usage of the word.

I think most people say it to refer to manufacture imposed limits but I wanted to promote a broader usage. That using proprietary software is like being in a jail because your software freedoms are denied.

[–] [email protected] 22 points 2 months ago (1 children)

Oooo healthy online discourse. Where's my popcorn...

[–] [email protected] 7 points 2 months ago

Lemmy is such a rad place, I love it here

[–] [email protected] 1 points 2 months ago

With the introduction of protected mode it became possible for programs to run in isolated memory spaces where they are unable to impact other programs running on the same CPU. These programs were said to be running “in a jail” that limited their access to the rest of the computer. A software exploit that allowed a program running inside the “jail” to gain root access / run code outside of protected mode was a “jailbreak”.

I still miss the narrow window in which you could make use of paging without technically being in protected mode. Basically there was like one revision of the 386 where you could set the paging bit but not protected mode and remain in real mode but with access to paging meaning you got access to paging without the additional processor overhead of protected mode. Not terribly useful since it was removed in short order, but neat to know about. Kinda like how there were a few instructions that had multiple opcodes and there was one commercially distributed assembler that used the alternative opcodes as a way to identify code assembled by it. Or POP CS - easily the most useless 80086 instruction, so useless that the opcode for it got repurposed in the next x86 processor.

[–] meco03211 17 points 2 months ago (4 children)

I'd temper that by saying a manufacturer would need to provide a reasonable option. Some things could become dangerous or even deadly if repaired incorrectly. Or it could be dangerous or deadly to even attempt to repair it.

[–] tabular 42 points 2 months ago* (last edited 2 months ago) (2 children)

In the medical field when a device can only be repaired by the manufacturer then you can expect long wait times, bad repair jobs and having your own equipment sent in for repair destroyed for "safety".

We let people repair their own car's brake pads.. we shouldn't give up ownership rights for a unwarranted claim to safety. If something is potentially dangerous then making it more difficult to repair is a bad idea.

[–] atrielienz 5 points 2 months ago (3 children)

We probably shouldn't let people repair their own brake pads but that's another argument. Not enough people die from randoms repairing their own brake pads. Repair an insulin pump the wrong way and it will absolutely kill you. Oxygen masks, CPAP machines, pace makers. So many medical devices that people rely on for life or death care.

I'm all for right to repair. But having seen some of the thing people have done to repair safety items I have serious doubts about the efficacy of someone repairing something wrong and killing their grandma. I can appreciate that not everyone feels the same way. I can appreciate that there are absolutely people out there who can and do repair their own devices, cars, machinery etc, and they may do it well. But there are always going to be people out there who don't know what they're doing but will try and then we'll hear about them on the news because they touched a capacitor or something.

[–] [email protected] 9 points 2 months ago* (last edited 2 months ago) (1 children)

We probably shouldn't let people repair their own brake pads

What kind of auth-dystopian nonsense is that?

Repair an insulin pump the wrong way and it will absolutely kill you

You're just as dead if you can't get that insulin pump repaired or replaced because the manufacturer won't or can't support it. When they go bankrupt because other customers have sued them into non-existence, you still own the device they manufactured, and you still need it repaired.

Further, you presume the manufacturer can provide the best repairs. It is entirely possible and plausible that a competing engineer or programmer can improve upon the device, rendering it safer or providing superior operation. Car Mechanics can install a better braking system than the cheap, generic calipers and pads provided by the factory. Repair technicians can replace generic parts of medical devices allowing superior operation.

[–] AnyOldName3 1 points 2 months ago (1 children)

If you've got a broken insulin pump, assuming you're in a country with a functioning healthcare system, you should have been given a spare pump with the original, and probably some insulin pens, so when one breaks, you fall back to the spare, and get given a new one to be the new spare (or could get the broken one repaired). Using the spare is completely safe.

If you don't have a spare, your sugars would go up over several hours, but you'd have a day or two to get to a hospital and potentially several days after that for someone to find you and get you to a hospital, so it's not safe, but also not something you'd die from if you had any awareness that there was a problem.

If you've got an incorrectly-repaired pump, you could have it fail to give you enough insulin, and end up with higher sugars, notice the higher sugars, and then switch to the spare. That'd be inconvenient, but not a big deal. However, you could also have it dump its entire cartridge into you at once, and have your sugars plummet faster than you can eat. If you don't have someone nearby, you could be dead in a couple of hours, or much less if you were, for example, driving. That's much more dangerous than having no insulin at all.

Prosthetic legs don't have a failure mode that kills you, so a bad repair can't make them worse than not having them at all, but insulin pumps do, so a bad repair could.

[–] [email protected] 1 points 2 months ago (1 children)

I'm glad you mentioned insulin pumps, because there is a community of developers working on pumps, making them available to a broader audience, providing more people with better control over their blood sugar levels than manufacturers are willing or able to provide on their own.

https://openaps.org/

What you are arguing for is a threat to systems like OpenAPS, and to the people who benefit from them.

[–] AnyOldName3 1 points 2 months ago

I'm not arguing for anything in the post above, just pointing out that a broken (or badly repaired) insulin pump is genuinely more dangerous than having no insulin pump. That doesn't have to count against the right to repair one, as if you've got the right to repair an insulin pump, and do so badly, it doesn't mean you're legally forced to use it afterwards, just like I've got the right to inject all the insulin in my fridge with an insulin pen back to back, but I'm not legally forced to do so.

I do think the right to repair should be universal, but as I think that medical stuff should be paid for by the state, NHS-style, that would end up meaning that the NHS could repair medical devices themselves if they deemed it more economical to do so and recertify things as safe than to get the manufacturer to repair or replace them. The NHS is buying the devices, and gets the right to repair them, and that saves the taxpayer money, as even if they don't actually end up repairing anything, it stops manufacturers price gouging for repairs and replacements, and if the manufacturer goes bust or refuses to repair something, there're still ways to keep things working. It doesn't mean unqualified end users can't use their new right to repair their medical devices and risk getting it wrong, but if you've got an option of a free repair/replacement, most people would choose the safe and certified repair over their own bodge.

[–] linearchaos 4 points 2 months ago (1 children)

The argument that because some people can't, or won't do a good job, no one should isn't a very good one. Under that same logic you could exclude wiper blades.

You end up like New Jersey where you can't pump your own gas. There are already guidelines and fixes for this wrapped around repairing your home power. You're not allowed to architect major changes without the sign off of somebody who is a registered professional but you're absolutely allowed to fix things that are already there.

For more people die from not fixing their brakes, because it's difficult and expensive than ones who fix their brakes incorrectly.

[–] atrielienz 2 points 2 months ago (1 children)

That depends entirely on who's safety is on the line. When you repair your brakes wrong (to follow the original example), and it causes a pile up that kills 4.or 8 or 10 people, someone should be held liable for that.

When you repair the electrical box in your basement wrong and it causes a fire that takes out the houses on either side of you, someone should be held liable for that.

This is like saying "just because some people who drive drunk kill people doesn't mean that everyone shouldn't be able to". The difference here though is that we know there's a statistically significant increase in the likelihood of death or serious injury from driving drunk.

There's a statistically less likely chance of death or bodily injury when people repair their own devices, but I would wager that has a lot to do with the fact that the pool of people doing it have the knowledge to do so and aren't completely ignorant of how those devices work, or it takes into account that right to repair also encompasses people getting a third party who is qualified to repair the device to do it, but outside of what the manufacturer allows per user agreement. Once more random laymen start doing it because they are allowed or perceived themselves to be allowed, I would expect that the number of wrongly repaired devices would go up.

Some states have mandatory car inspections. So for instance, if you repair your brakes wrong and leave a caliper bolt off or don't grease the slides or any number of other things there's another qualified person looking over that and noting it. So there's less possibility that it won't be fixed properly. We do not have anything like that for medical devices except when they are repaired through the manufacturer.

I'm not even arguing against the right to repair. I'm just pointing out the hurdles that are going to be there and saying they should be addressed. I'm actually generally for people learning how things work so that they can do simple repairs or even complex repairs if they need to.

But I still think that some things should be handled by professionals. Or at least with a professional QC'ing the work.

In the field I work in, work can be done by the owner but only with a qualified and licensed A&P present. Would you suggest that any old person off the street should be able to repair a plane and fly over your house?

[–] linearchaos 2 points 2 months ago (1 children)

I don't think there's any solid argument that precludes people from doing maintenance on their own car. There's always some form of inspection or monitoring that can be done. Brakes in particular are perfectly reasonable. I particularly miss ease of maintaining drum brakes. They were literally designed to be maintained by the end user, you pull the wheel, The drum slides right off and the parts are readily available. If you want to get fancy you could buy a tool to help you remove the spring.

Things should be designed to be maintained by the end user and the end user could choose to go to a mechanic if they wanted to.

Honestly what we're running up against at this point with car maintenance is design to cost. Every part that is maintainable on a car could be designed to be easily maintainable for a cost. Rather than the manufacturer paying that cost, there making us pay the cost at the mechanic. You can literally buy repair parts that are easy and convenient to work with that are improvements over OEM.

In the case we're talking about for this article it's literally a wire on a lithium ion battery pack in a wrist mounted device that failed that they're refusing to replace.

And it's not like he's going to fall out of the sky and land in somebody's backyard.

[–] atrielienz 1 points 2 months ago

If inspection or monitoring were mandatory you'd have a point. But it isn't mandatory. Not everywhere. Not even most places. Only 19 of the 50 states require vehicle safety inspections periodically. So at most the vast majority of vehicles probably haven't had one since the car was new unless the state where that car is registered requires it. For a country that's very car dependent with car accidents being one of the leading causes of death in the US, that's terrifying.

[–] tabular 3 points 2 months ago* (last edited 2 months ago) (1 children)

The FDA found there isn't evidence that 3rd party repair is any less safe than 1st party repair.

If one part needs to be replaced and the company who owns the patients/copyright tells the manufacturer to not sell it to others then the patient cost is needlessly a whole new machine. How many lives would be saved by lowering cost of getting medical equipment working?

[–] atrielienz -2 points 2 months ago* (last edited 2 months ago) (3 children)

I read the article. Third party repair not being your grandson who's replacing the seal on your CPAP mask, because that's not what I mean not does it mean going to a third party repair place.

It being less safe for the vast majority doesn't mean that there aren't going to be people who get it wrong. People repair their brakes wrong all the time. It's absolutely caused accidents. But not enough to be statistically important in the grand scheme of 8 billion people. That doesn't mean it doesn't happen or that it can't.

There's a reason a lot of YouTube videos that show you how to repair things are "for educational purposes only". It's because they can be held liable if something bad happens because you followed their guide.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

People repair their brakes wrong all the time. It's absolutely caused accidents.

It also allows end users to install parts superior to OEM, improving braking capabilities, and preventing accidents.

Any automotive technician can tell you that manufacturers take engineering shortcuts, resulting in a product with certain deficiencies. The manufacturer's motivation is to put out a product that widely appeals to the general public. They want nothing to do with a product specifically tailored to the needs of a particular individual.

[–] tabular 2 points 2 months ago* (last edited 2 months ago) (1 children)

You focus on an incompetent grandson hypothetical but it's not as if the 1st party repair is immune from hiring people who can make negligent mistakes, or even take malicious acts. If it's difficult to replace a seal on a mask then perhaps it's a CRAP design.

Companies will preach safety when lobbying against right to repair but when a mask is forced to be recalled for sound/vibration dampening material entering people's lung they will kick and scream.

Safety is not my main goal, it is the freedom to do what you want with what you paid for.

[–] atrielienz -1 points 2 months ago

I focus on that because it is a danger of people doing the work themselves. I didn't say that companies weren't capable of the same problems. I said that it's unlikely that the grandson would face the same kind of legal repercussions that a business or corporation would and that's problematic.

If you'll take a step back and stop assuming that I'm arguing against right to repair and just look at what I actually said you might see that I have a point.

And while I agree that there is also risk in not repairing the devices in question or being able to have them repaired by the manufacturer which is a significant risk, I still feel like it's important that it be said that there exists a risk in people making more technical repairs themselves.

[–] [email protected] 1 points 2 months ago (1 children)

So because some people are reckless, all people should be unable to fix their shit?

[–] atrielienz 0 points 2 months ago

People keep ignoring the fact that I didn't say that. I actually feel the opposite. You inferred or interpreted what I said that way and that's on you.

[–] [email protected] 3 points 2 months ago (2 children)

This depends on the area of medical device. I work in medical device but totally different from this, mine get implanted into your body.

  1. I doubt many people have the knowledge to to truly troubleshoot our devices beyond what the doctor is allowed to do. We need a bunch of expensive and specialized hardware to troubleshoot.

  2. We are legally required to investigate and report any complaints(https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfmaude/search.cfm) . If we don't get the complaint we can't investigate and report it.

  3. If a certain number(honestly I don't know the specific number) of complaints occur we are legally required to create a corrective action to help the patients immediately (or as soon as possible) and a preventive action to ensure it doesn't effect other patients. If a person has an issue and "repaired" it themselves they don't get counted in this and as such could cause more patients to suffer.

While I agree with right to repair I think certain things should be exempt. That said then there should be a requirement of the manufacturer to ivestigate/repair the equipment.

[–] tabular 1 points 2 months ago* (last edited 2 months ago)

When a defibrillator implant incorrectly shocks a pregnant women as an edge case she has to take meds to slow her heart so it doesn't shock her. Doctors never think of the software running on it, and can't get the code because it's proprietary. People would be able to fix it, perhaps without even removing it, but can't because business. https://www.youtube.com/watch?v=easb_6LCFDI

[–] tabular -1 points 2 months ago* (last edited 2 months ago)
  1. A person doesn't need to study medicine or own surgical equipment to get their body repaired. Same logic applies for the repairing of their medical devices. Right to repair does mean you have to personally repair it.

2+3. I don't think that's a problem. Presumably they're already in contact with others to share information. Do that but as part of a larger, more open community.

[–] orclev 15 points 2 months ago (2 children)

It's OK for manufacturers to say using aftermarket parts voids the warranty, it's not OK for them to prevent using them entirely. Likewise if there's a safety concern that should be handled by regulation and things like safety inspections, not by forcing all repairs to go through the manufacturer. If whatever it is is that critical to the safe operation it should be publicly documented so that third parties can manufacture it correctly to the needed tolerances.

[–] tabular 5 points 2 months ago

I'm not so sure it's actually okay for manufactures to say using aftermarket parts voids the warranty - they need to prove it's actually your fault the device is broken (America's Magnuson–Moss Warranty Act). If you've seen those little stickers over screws that say "warranty void if removed" - those are actually illegal (in America).

[–] meco03211 2 points 2 months ago (3 children)

if there's a safety concern that should be handled by regulation

Regulation won't detail what a company does to that level. They might say something like "fasteners shouldn't come loose" but it wouldn't have a torque spec.

If whatever it is is that critical to the safe operation it should be publicly documented so that third parties...

That would run face first into proprietary info and corporate classified info.

[–] [email protected] 4 points 2 months ago

That would run face first into proprietary info and corporate classified info.

The other side of regulation should be around purchasing. Bad repairability, delays in repairs, and proprietary parts need to be more important factors when deciding on what device to buy. Either at the government level for public institutions, or at least at the corporate level for private

[–] orclev 3 points 2 months ago* (last edited 2 months ago)

That would run face first into proprietary info and corporate classified info.

Behold all the fucks I do not give. If it's that critical they lose all claim to being proprietary. It's just like patent, there's no such thing as a secret patent, so anything that safety critical doesn't get to stay secret either.

Regulation won't detail what a company does to that level. They might say something like "fasteners shouldn't come loose" but it wouldn't have a torque spec.

It doesn't now but it's utterly trivial to fix that. Just make the regulations say that components must meet the manufacturer specifications and require manufacturers to publish and maintain all the specifications of all safety critical components. If they want to keep it secret then that means it's not safety critical and they're responsible for any accidents resulting from its failure.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago)

Proprietary information and corporate classified information do not exist once they are incorporated into the device and sold to the end user. That information now belongs to the end user, who will continue to need it even if the company is out of business, or refuses service to the owner of the device.

Any attempt to conceal that information from the end user should make the company liable for any failed repair performed by any individual, including harm arising from that failed repair. The only way to avoid that liability is to release all information to the end user, so they are fully informed when making a repair decision.

[–] [email protected] 4 points 2 months ago

Yes, dangers exist from third party repairs.

Refusal or even simple failure to provide critical repair data to the end user or their agent denies the end user the ability to make an informed decision about repairs.

The company should be liable for all damages from a botched 3rd-party repair unless they provide to the end user complete specifications and unrestricted access to the device in order to make informed decisions about repairs.

[–] [email protected] 1 points 2 months ago

If it's dangerous to repair it, it's dangerous to own. That's the domain for regulations by the government, not arbitrary software restrictions by software manufacturers.

They don't implement these to keep you safe. They do it purely to make more money.