farmers around The world has turned to tractor hackers so they can bypass the digital locks manufacturers impose on their vehicles. Like insulin pump “loops” and iPhone jailbreaks, this enables farmers to modify and repair expensive equipment critical to their jobs as if they were using a simulated tractor. At the DefCon security conference in Las Vegas on Saturday, hackers known as Sick Codes are giving John Deere & Co tractors a new jailbreak tool that allows him to control multiple models via a touchscreen.
This finding underscores the impact of the right to repair on safety. The discovered tractor exploit Sick Codes is not a remote attack, but the vulnerabilities involved represent a fundamental insecurity in the device that could be exploited by malicious actors or could be linked to other vulnerabilities. As events such as the 2021 JBS Meat ransomware attack demonstrated, securing agriculture and food supply chains is critical. At the same time, however, vulnerabilities like those found by Sick Codes could help farmers do what they need to do with their own equipment.
John Deere did not respond to Wired’s request for comment on the study.
Australian Sick Codes, who lives in Asia, presented Tractor API and OS bugs at DefCon in 2021. After he made his research public, tractor companies, including John Deere, began fixing some of the flaws. “The right to repair side is a little bit against what I’m trying to do,” he told Wired. “I’ve heard from some farmers; one guy emailed me and said ‘you screwed up all of our stuff! “So I guess I’ll put my money where my mouth is and prove to farmers that they can root these devices.”
This year, Sick Codes said that while he was primarily concerned with world food security and the risks posed by vulnerable agricultural equipment, he also saw significant value in giving farmers complete control over their equipment. “Free the tractor!” he said.
After years of debate over the right to repair in the United States, the movement appears to have reached a turning point. The White House issued an executive order last year directing the FTC to increase enforcement of practices such as voiding warranties on external repairs. This, combined with New York State passing its own right-to-repair law and pressure from creative activists, has created unprecedented momentum for right-to-repair. Faced with mounting pressure, John Deere announced in March that it would offer more repair software to device owners. The company also said at the time that it would release an “enhanced customer solution” next year so customers and mechanics can download and apply official software updates for Deere equipment themselves, rather than having John Deere unilaterally apply patches remotely or force farmers Bring the product to an authorized reseller.
“Farmers like older equipment simply because they want reliability, and they don’t want problems during the most important time of the year when they have to dig things out of the ground,” says Sick Codes. “So that’s what we should all want as well. We want farmers to be able to fix their stuff when something goes wrong, and now that means being able to fix or decide on the software in the tractor.”