Paul Roberts, iFixit:
The demonstration last week at the DEF CON hacking conference of the Doom video game running on a touch screen monitor manufactured by John Deere set off a flurry of media coverage, with publications ranging from Wired and Vice to Jalopnik with a healthy smattering of gaming websites in between.
The presentation, by the independent security researcher Sick Codes, was a sure bet to go viral. First, it took place at one of the most prominent hacking conferences on the planet—a venue that has seen everything from demonstrations of “Jackpotted” ATMs barfing out currency to remote, software-based attacks that took control of a Jeep Cherokee. Doom on a Deere slotted right into a long, proud tradition of DEF CON “mic drop” demonstrations.
Whatever else he accomplished, Sick Codes used his DEF CON presentation to underscore a critical point: that farming equipment is just another piece of hardware that farmers own—like their laptop computer or the washing machine that washes their clothes. And, as property owners, it ultimately falls to the farmers to use and maintain it as they choose.
I might buy a Dell Latitude laptop with Microsoft Windows installed on it, but nothing prevents me from wiping Windows away and installing Ubuntu Linux, Chromium, or some other operating system of my choice. Why should tractors, harvesters, or planters be any different? The short answer is: “it shouldn’t.”
As the folks at Hackaday noted, Sick Codes’s work was performed on console modules separated from the hardware and run in the lab—not in the field on a real piece of Deere hardware. Significant and complex work needs to be done before we will see the latter. By comparison, the celebrated 2015 remote takeover of the Jeep Cherokee by researchers Charlie Miller and Chris Valasek was the culmination of more than a year of intensive research and testing on an actual Jeep Cherokee. All that just to bypass internal security features, not develop an entirely new, bespoke software to run the vehicle.
But the journey of a thousand miles starts with a single step, as the saying goes.
For more information on what Sick Codes did and his motivations, check out this recent episode of Malwarebytes Labs' podcast, Lock and Code.