Today I came across an article on Hackaday . The article was Hackaday’s response to a DMCA Takedown Notice they have received from Tektronix. The DMCA Takedown Notice was aimed by Tektronix at a previous article that explained in great detail how to enable software options in Tektronix oscilloscopes without actually paying the licensing fee. What really shocked me was Hackaday’s attitude towards those software keys.
First off, let’s talk about how software options are installed on some Tektronix oscilloscopes. Instead of using actual text keys that a user would have to type into the oscilloscope, Tek has come up with rather nifty little hardware dongles. I find them nifty because they do not tie the license to a given scope. Technically speaking, you are buying a “floating license.” Just insert it into the scope you’d like to use a certain feature on and voilà, the software option is enabled.
Apparently, these modules, or rather the whole key authentication, can be hacked quite easily. Hackaday responds to this fact as follows:
“The real story here is that Tektronix designed a woefully weak system for unlocking these modules. Learn from this. If you’re ever designing a hardware key, don’t do it like this!
An EEPROM, a connector, and a plain text string of characters which is already published publicly on their website is all that is necessary to unlock these “crippled” features. Let’s just say that again: apparently every hardware key is the same and just uses a plain-text string found on their website which is not encrypted or obfuscated. If you were selling these keys for $2.99, perhaps this would be adequate but Tek values these modules at $500 apiece.”
All I can say, in kind: Hackaday, you have demonstrated how disengaged you are with the matter.
Judging by the comments under the referenced article, I couldn’t help but notice that understanding software options and associated cost seems to be a common problem among hobbyists. Since most of my readers are hobbyists, I thought I’ll help out.
First off, let me state the obvious: When purchasing a license module, you are purchasing a license that allows you to use a certain feature on your oscilloscope. You do, however, not pay for an EEPROM, a connector and a plain-text string. The module is merely the delivery method of the license key (i.e. your right to use that software option). It’s the same with PC software keys that are nowadays offered on a plain plastic card in retail stores. Nobody would accuse Adobe of selling overpriced plastic cards. People know they are paying for the software, not the card. Therefore, I was quite surprised to see how tough it seems for some to understand the concept of license keys in modern test equipment.
The irony is really this: Hackaday and many commenters suggest that Tektronix should learn its lesson and improve proper encrypted serial number based keys. Guess what happens to the cost? That’s right, developing such a system will cause non-recurring engineering (NRE) cost that has to be recovered from the customers legally purchasing the options. Isn’t it funny how a group complaining about the cost of such software options suggests a narrow minded solution that will only increase such cost?
The next thing that seems very hard for many people to grasp is why they have to pay for something that is technically available (but not enabled) in the instrument they purchased already. This is actually a very common complaint I hear at trade shows in particular. The complaints usually go on about how much more certain options cost and how that’s just not right for something that’s already there.
Like with the previous statement, this is something that is usually viewed from the wrong perspective. It is not the case that users who use more advanced features have to pay a steep surcharge. It is more so the case that customers who don’t use these features get a hefty discount. And companies don’t do this because they’re super nice. Sure, this is also used to drop the “starting at” sticker price a bit, but the secondary reason is something that hobbyists probably have a hard time understanding. Hobbyists are used to being “alone” when trying to figure things out. If they run into issues with their equipment, they will consult other hobbyists on online forums. A commercial user who paid a 5-digit amount of money for their instrument will call an Applications Engineer at the company who he bought the instrument from and demand instant help. And he will receive it. Thanks to pathetic customer support of cheap Chinese companies like Rigol, this doesn’t even cross a hobbyist’s mind.
The amount of support (and the associated cost) is highly dependent upon the feature set that a customer uses. If you take a look at what kind of software options are available, you’ll find that only very few are generic. Most of them are designed for very specific and complex tasks. Helping someone with a support request originating from such a complex task costs a whole lot more money than telling someone how to push a button on the front panel.
I hope this helps to better understand how software options work and what is really involved. Just as a disclaimer, I’d like to add that I am not a fan of DMCA Takedown Notices and similar legal action without first approaching an alleged copyright offender in a less formal way. That’s why I am in no way commenting on that side of the matter. Tektronix is one of my blog’s sponsors. It’s important to know that this has zero influence on why I am writing this article. As a matter of fact, even though I am defending Tek, I am certain that Tek will in no way like me addressing this issue and thus drawing more attention to it. However, this article is very important to me on a personal level.
Links and Sources:
 Hackaday.com: http://hackaday.com/2014/08/05/hardware-security-and-a-dmca-takedown-notice/
” A commercial user who paid a 5-digit amount of money for their instrument will call an Applications Engineer at the company who he bought the instrument from and demand instant help. And he will receive it. Thanks to pathetic customer support of cheap Chinese companies like Rigol, this doesn’t even cross a hobbyist’s mind. ”
Pathetic? You are pathetic! Why? Because the mean difference between Rigol and other brands like Tektronix is the price. If you get a 15K logic analyzer come with this kind of tool. The difference between a 400 one is huge, in addition
When you get a 10 or 15K, if you have a problem with your stuff after 1 year you need to pay for a new one (and electronically speaking it is simple designed).
Nevertheless, the DMCA Takedown Notice is, in my eyes, is something natural as well as counterproductive. If a student get a DMCA notice when I try to get something not affordable with his purse, he will buy its future oscilloscopes from other manufacturers. For this, Rigol continue to sell scope that can be easily hacked and he know it, but say nothing against hobbyists. But in few year, rigol could be above Tektronic, due to a good business plan. Rigol work with agilent, and agilent is a huge spin off from HP.
If you can afford a 10K in a scope, if I get a hacked key or not, there is not difference for the market.
I don’t know the Rigol customer service, but have you already trying to contact them once? Because speculate about a poor customer support is easy, but if you don’t try it once, you can’t complain about it.
Note: My excuses if my grammar or my sentences are not that well written, English is not my mother tong.
Of course I have tried the Rigol customer support. Multiple times. Usually takes at least weeks, usually months to get a response. With companies like Tektronix or LeCroy I get a response usually within hours. Even on weekends and late daytime hours.