Hacker ports iconic FPS Doom to John Deere tractor
Nothing runs Doom like a Deere.
As we’ve pointed out on many occasions, iconic FPS Doom can run pretty much anywhere.
Romero and Carmac’s genre-defying title runs on any number of unlikely machines: from kitchen appliances and pregnancy tests to Apple’s ill-fated AUX OS and potatoes.
And now — finally — we can add tractors to the list. Presenting at the annual DEFCON security conference, Australian hacker SickCodes demonstrated the 2.5D shooter running on a John Deere 4240.
Under the hood of the John Deere 4240 is an NXP I.MX 6 platform, running Wind River Linux 8, a popular spin of the FLOSS operating system intended for embedded applications.
The Register notes that another version of the tractor runs Windows CE, Microsoft’s (now-discontinued) OS for embedded systems.
Dissecting the hack
SickCodes partnered with New Zealand hacker Skelegant to create a build of the game specifically for the hardware. Naturally, this, too, was heavily modded.
Skelegant replaced Doom’s Martian hellscape with (what else) a field of wheat. Similarly, the DoomGuy’s arsenal of high-power firearms and directed energy weapons became a tractor wheel.
Porting Doom to the tractor was not an easy task. SickCodes had to physically disassemble the machine, according to The Register, and modify its internals.
Fortunately, once the code was physically on the machine, he faced no further challenges.
The tractor’s computer does not check whether an application is signed with a John Deere-exclusive cryptographic certificate, or against a pre-defined list of checksums.
The keys to the kingdom
Additionally, the code runs as root — or, put plainly, with administrative privileges. This is a huge security no-no.
There’s a reason Windows asks for your consent when installing an application, or when a program seeks higher levels of access.
A cardinal security rule is that applications should have the least amount of permissions needed to do their jobs.
Why? Because if an application runs with root privileges by default, it can do any number of harmful things to the underlying system.
By limiting what an application can do, you limit the potential damage caused by a malicious application.
This rule is called the Principle of Least Privilege, or PoLP. It’s a fundamental precept of modern operating system and hardware design.
Chipmakers, for example, implement this with the protection ring model. Modern processors restrict the access of user-facing applications to parts of the computer’s memory, IO, and CPU instructions, while giving drivers and the underlying operating system kernel unfettered access.
This issue is especially bad considering John Deere 4240’s underlying software is fundamentally insecure.
If, as iFixit founder Kyle Wiens pointed out, “outdated and unpatched Linux and Windows” is the gasoline, unfettered root access is the match.
We note that John Deere is the leading tractor manufacturer. It holds (roughly) one-third of the market. Its tractors play an essential role in the global food chain.
The idea that a threat actor could remotely disable or damage agricultural equipment is, frankly, terrifying.
There’s a certain irony here
John Deere is known for its vociferous opposition to the right-to-repair movement. Computers sit at the heart of their tractors.
Like a smartphone or a Tesla, they’re locked down. Owners are limited when performing basic repairs and upgrades. Instead, they must rely on a certified (and expensive) engineer.
This situation is weird by itself. But it gets stranger still. As documented by Vice, owners of John Deere tractors increasingly turn to forums, pirated maintenance software, and hacked firmware releases to keep their machinery running.
Farmers are now combatants in the right-to-repair market, rubbing shoulders with figures most commonly associated with the consumer tech industry.
Those include Louis Rossmann and John Bumstead (who I covered here, and again in a separate article for Wired some months ago).
A poetic justice (and a warning)
For many, the appearance of Doom on a John Deere tractor feels like an oddity. Yet another unlikely home for the game.
But for farmers and right-to-repair activists, this exploit is something closer to poetic justice. Cory Doctorow, author and civil liberties activist, described it as “significant.”
“Deere – along with Apple – are the vanguard of the war on repair, a company that has made wild and outlandish claims about the reason that farmers must pay the company hundreds of dollars every time they fix their own tractors,” he tweeted.
“The company’s insistence that they are guardians of farmers and the agricultural sector is a paper-thin cover for monopolistic practices and rent-seeking.
Monopolizing the repair and reconfiguration of Deere products gives the company all kinds of little gifts – for example, they can refuse to fix the tractors of dissatisfied customers unless they agree to gag-orders,” he added.
Have any thoughts on this? Carry the discussion over to our Twitter or Facebook.
- A new exploit lets hackers unlock any Honda made since 2012
- Tesla Apple CarPlay hack now works on any model
- This sicko hacked his Tesla Model S Plaid to go 216 mph
- Hackers can use Bluetooth to unlock and steal some Teslas
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.