Headset Maker Says 'Ransomware Time-Bomb' Bricked Its Devices
pcmag.comRansomeware, eh? In the same way that me not paying my Office 365 license is a ransomeware time bomb by a greedy vendor when I suddenly can’t access my data after license expiration unless I pay up? Sounds more like a licensing dispute than ransomeware.
When I sign up for Office 365 it is pretty clear that I'm subscribing to a service for a period of time. When I buy a hardware product I expect that it will continue to perform the core function for as long as I own the hardware, unless some other terms are made clear.
I doubt that this topic will rise up to be noticed here on Hacker News, but I'm genuinely curious how other non affiliated parties will view this situation.
The company that built and sold the hardware sounds like they are dealing with a software license expiration. The end users are affected, but they are not the nexus of the issue.
> “the contractor says the problem is the result of an expired software license”
I mean, the article is light on specifics but it seems irresponsible to be throwing around the terms “ransomware” and “malicious code” or letting Orqa co-opt the article into parroting the claims repeatedly with very little in the way of inquiry, specifics, or supporting technical detail. The word is associated with crime.
The article does say:
“But it looks like the bricking wasn't a traditional ransomware attack, but rather due to a corporate dispute.”
The article is also using the term “bricked” incorrectly - if you’re in the boot loader and can still upgrade firmware, especially in a way that fixes the problem, your device is not bricked in the way we typically use that term.
Anyway, this sounds like Orqa should have read their license agreement a little more closely. Maybe they knew there was a fee due but assumed that once the hardware shipped they wouldn’t have to pay. Maybe they’re the bad guys here.
There’re a lot of possible explanations, but it sounds like a contractual dispute, not a case of ransomware.
Honest question. Is a time limited license arrangement normal in other embedded software products? Who would create such a contract and who would sign it?
As a member of the FPV drone racing community I am sad to say that my Orqa goggles have been caught up in a dispute / ransom attack that has rendered my goggles unusable. :(
Glad to see a fellow drone/fpv enthusiast in here!
Why are your googles phoning home?
They aren't phoning home, or at least that is not the issue here. The goggles don't even ship with any kind of wireless capability to phone home, although there is an aftermarket wifi module for video streaming and such.
The issue here is that the bootloader (apparently written by a contractor) was preprogrammed to prevent booting after a certain date. The contractor is claiming this is the result of some kind of license agreement (or maybe disagreement?) with Orqa, the manufacturer.