
High-end CNC machines can't be moved without manufacturers' permission - aaron695
http://boingboing.net/2014/01/06/high-end-cnc-machines-cant-b.html
======
analog31
This is completely beside the point of the article, but I work for a company
that makes fairly large precision equipment. A potential service nightmare is
when the customer moves the equipment and screws it up. A lot of this
equipment is designed to only be installed by the supplier, due to the amount
of documentation and training that would be needed for customer installation.
And something like a big CNC may have some fairly detailed site and
installation requirements.

Maybe the GPS is so it can receive targeted ads. "Customers who machined this
part also ordered..." ;-)

~~~
Cthulhu_
Yeah that sounds like a valid reason, too. These things work with millimeter
accuracy; jolt them and the accuracy may be off. Position them just slightly
off-level and they might be off.

~~~
VLM
Oh no not that meme again.

The reason why machinists who know only a little about machining demand you
must level a lathe bed or it won't work, insist on that old wives tale, is
because a simple "cheap" way to prove the lathe bed isn't twisted is to simply
plop a precision level on various parts of the lathe bed and various
directions... If the lathe bed is level everywhere, it must be a flat plane
(well, plus or minus curvature of the earth over 100 foot monsters, obviously)

Obviously machine tools don't have to be level; otherwise you'd never see them
on ships, deep sea platforms, mobile "back of truck" repair trucks, things
like that. They have other, somewhat more laborious or expensive ways to
determine and shim flatness.

If you made the flimsiest imaginable 3-d printer, then sag might be
relevant... however you're talking about beasts of a machine that can drop
10-100 rotating HP and not twist or distort... anything less than 45 degrees
isn't going to matter.

Now one problem I have personally seen is some CNC gear has what boils down to
a conveyor belt that streams out metal chips. So if you mounted it 10 degrees
tilted, you might have chips not fall on the conveyor belt. This is usually a
simple adjustment to various guards / guides / baffles. Its not a very serious
concern.

As a cross industry comparison, learned helplessness is a common feature in
IT/CS land, where your average luser is extremely proud to not know anything
about his computer that he uses 8 hours per day, and no one expects him to
know anything either. However in machine world its somewhat unusual to have
IT-like levels of learned helplessness, so the average machinist dude can
quite easily handle shimming a lathe or adjusting tilts and such.

~~~
superuser2
Is it possible that tools meant for ships/oil rigs/trucks are built
differently from those that have the luxury of sitting on a stationary floor?

~~~
elemeno
They're almost certainly not expected to work to anything near the level of
precision that these sorts of high-end CNC machines do - judging by the
comments in this thread, you're talking about micrometer level precision. They
are to 'machine-tools' what your home server is to google's data centres.

------
EvanMiller
Another possibility that hasn't been mentioned is that the purchase agreement
might include some kind of first refusal for the manufacturer to repurchase
the equipment if the original owner wants to sell. This kind of provision
prevents the emergence of a used-equipment market, the existence of which
would cut into the manufacturer's pricing power on new equipment. Requiring
the manufacturer's consent to relocate the equipment would be one way for the
manufacturer to enforce such an agreement.

tl;dr if you sell expensive machinery then do everything in your power to
prevent buyers from reselling.

~~~
fsck--off
The market isn't small enough for these tactics to work.

It's much more likely that this was a response to the very real and well
documented problem of illegal exports. Another Japanese company, Mitutoyo, was
caught several times illegally exporting these machines to embargoed
countries, including North Korea and Iran. Some of Mitutoyo's executives were
jailed for this.[1] Adding tamper-proofing and tracking is a great way to make
sure that regain confidence and avoid prison.

Edit: I'm not sure why this was downvoted. A representative from Mori said
something similar on the board linked to by the original article:

"Regarding the device, Weapons of Mass Destruction. Worst case for a negligent
violation would be Dr. Mori himself spending time in the slammer. That along
is enough motivation for DMG MORI to follow the regulation very carefully.
Other reasons include all of those stated above!

btw, no need to waste time on bypassing it. It is pretty solid. We have to
make it so Iran, N. Korea, etc's best can't bypass it." [2]

I think that this is a perfectly plausible explanation and don't think that
the real ulterior motive is controlling resale, especially when other foreign
competitors do not have the same restrictions.

[1] [http://www.japantimes.co.jp/news/2006/09/02/news/mitutoyo-
ti...](http://www.japantimes.co.jp/news/2006/09/02/news/mitutoyo-tied-to-iran-
north-nuclear-quests/#.UmWKRlPp47k)

[2] [http://www.practicalmachinist.com/vb/dmg-mori-
gildemeister-m...](http://www.practicalmachinist.com/vb/dmg-mori-gildemeister-
maho-cnc/mori-ellison-gyroscope-unlocking-273841/)

~~~
Fuxy
Then why not just white-list all the areas not covered by the embargo so
customers are not required to got trough this lengthy procedure every time
they want to re arrange the shop.

Also it's not very difficult to trick a GPS sensor into thinking its somewhere
else as long as your signal is a lot better then the ones coming from the
satellite so i would disagree with them being solid.

~~~
drchaos
> it's not very difficult to trick a GPS sensor into thinking its somewhere
> else as long as your signal is a lot better then the ones coming from the
> satellite

and that's probably the reason why they include a gyro and shut down the
machine if it is moved at all, regardless of what the GPS says.

~~~
Fuxy
And once you're dome moving it you fake your location by spoofing the GPS and
call to get it activated again and none's the wiser.

A gyroscope doesn't do much besides detect if it was moved it can't tell where
it was moved so you're basically relying on spoof-able input.

~~~
tlow
That's not entirely true. Early navigation was done with gyroscopes, see
[http://en.wikipedia.org/wiki/Inertial_navigation_system](http://en.wikipedia.org/wiki/Inertial_navigation_system)
specifically:

"The INS is initially provided with its position and velocity from another
source (a human operator, a GPS satellite receiver, etc.), and thereafter
computes its own updated position and velocity by integrating information
received from the motion sensors. The advantage of an INS is that it requires
no external references in order to determine its position, orientation, or
velocity once it has been initialized."

~~~
avn2109
While it is true that INS's exist, the cost of a reliable and accurate one is
on the same order of magnitude as the CNC Machine itself. Also, errors
accumulate [0] over time in an INS (aka "Integration Drift"), such that it
becomes wildly inaccurate after a certain critical threshold. Also, almost all
INS's require regular calibration and tuning, [1] and are sensitive to
vibrational stresses (which is abundantly present in a machine shop).
Therefore it seems unlikely that these machines include INS's.

[0]
[http://en.wikipedia.org/wiki/Inertial_navigation_system#Erro...](http://en.wikipedia.org/wiki/Inertial_navigation_system#Error)
[1]
[http://www.aerostudents.com/files/avionics/navigationBasicsA...](http://www.aerostudents.com/files/avionics/navigationBasicsAndInertialNavigation.pdf)
(scroll down to bottom for tuning discussion)

~~~
tlow
Again, it is true that drift exists, but you're mischaracterizing, from [0]:
"these errors accumulate roughly proportionally to the time since the initial
position was input. Therefore the position must be periodically corrected by
input from some other type of navigation system."
[0][http://en.wikipedia.org/wiki/Inertial_navigation_system#Erro...](http://en.wikipedia.org/wiki/Inertial_navigation_system#Error)

------
jheriko
> Effectively, this means that machinists' shops can't rearrange their very
> expensive, very large tools to improve their workflow from job to job
> without getting permission from the manufacturer (which can take a month!),
> even if their own the gear.

Have you ever seen such a workshop being rearranged? The people doing it might
- for instance - not place the machine on a good enough quality of flooring,
or they might be moving to a facility that is totally inappropriate (no good
foundations) because they aren't talking to the right people and have a dim
and naive view of machinery...

Also my experience of such rearrangements is that they are not to improve
workflow, but more usually to satisfy some new management type's desire to
have an impact on the workplace.

In short, I think this is prudent - it at least prevents a classic engineering
management cock up - and protects the machine manufacturer from having their
name tarnished by the sloppy practices of their customers.

The case where people know what they are doing is the exception and not the
case in my experience...

------
freejack
Two things:

\- a GPS lock can easily be defeated by the earnest with a GPS simulator,
about a $2k fix. This isn't a great solution for the honest buyer, but anyone
with ill intention could easily activate these in Kansas and re-export to a
controlled state.

(edit: a GPS sim can't help with the gyros, so maybe its a better "lock" than
I originally reckoned ;-)

\- there are excellent "open-source" substitutes available. The Mechmate
community is thriving ([http://mechmate.com](http://mechmate.com)) and these
plans make it possible for a DIYer to build their own 4 axis CNC with
tolerances to a thousandth of an inch or better. My father-in-law is a a
cabinet maker ([http://woodforyou.net](http://woodforyou.net)) who built one
of these for his business a few years ago, here's a demo video showing his
results...
[http://www.youtube.com/watch?v=lU3-6AapV3I](http://www.youtube.com/watch?v=lU3-6AapV3I)

(Edit 2: I wrote this before I had an appreciation for the difference between
a CNC mill and a CNC router. The Mechmate is a CNC router and used for very
different purposes than a CNC mill. Anyways, comment might still have some
value for some. Sorry for the noise ;-)

------
toufka
What happens when a GPS satellite fails? Or if you have an earthquake? Seems
like precisely in those times of national need that one's most sophisticated
technologies might be sorely out of commission. A seemingly pretty nice way to
inflict 'collateral damage' on one's self. Especially if such a precautionary
set of rules were put into more and more machines.

~~~
AlexDanger
Consumer GPS devices have some interesting lock-down rules built into them.
They shut themselves down if they detect you are travelling around Mach 2 or
above 18000 metres altitude.

The reasoning is fairly obvious - they dont want to see dumb missiles getting
upgraded to a DIY guided ballistic missile thanks to a $100 Garmin gaffa taped
to the side and a cheap flight control computer.

[http://en.wikipedia.org/wiki/CoCom](http://en.wikipedia.org/wiki/CoCom)

~~~
mct
_They shut themselves down if they detect you are travelling around Mach 2 or
above 18000 metres altitude_

The intention was for a GPS device to disable itself if it was traveling
faster than 1k knots AND above 60k feet, not traveling faster than 1k knots OR
above 60k feet. Unfortunately, many GPS devices improperly implement this as
an OR condition, rather than an AND condition. This becomes problematic when
using a GPS in a high-altitude weather balloon to determine altitude and
location, which a few friends and I did a couple years ago. We had to be very
careful when selecting the GPS we used to avoid this pitfall.

~~~
wyager
Which GPS units are acceptable for this? I'm working on a HAB and I'm worried
about this CoCom bullshit. The one I'm thinking of uses a SiRFstarIII or IV;
any idea of those use || instead of the proper &&?

~~~
ash
Wikipedia article on CoCom links to a post that links to this page:

[http://ukhas.org.uk/guides:gps_modules](http://ukhas.org.uk/guides:gps_modules)

------
thejteam
I don't know about the one mentioned, but I've used very high end CNCs. The
ones that I used are VERY carefully calibrated by the manufacturer on site. A
slight change in the slope of the floor could throw the calibration off. They
wouldn't want to spend time troubleshooting a problem caused by somebody
moving the equipment. That said, we didn't have anything like a GPS on the
thing that would shut it down if moved.

~~~
wolfgke
Then better implement something like the "tainted mode" in the Linux kernel:
if you load a closed-source (tainted) module, you can continue to use it, but
the vendor (in this case the kernel developers) will refuse to give support.

------
bpizzi
Slightly off topic, but I'm working in that field, and those high-end CNC run
nothing more elaborated than windows XP. They do ship some linux distro, but
that's very seldom, much more than... windows nt4.

The CNC must be reachable from the programmers computers as well as from the
remote connections that manufacturers sells as maintenance. Needless to say,
it's a nightmare for any decent CISO.

Of course the CNC manufacturers' don't make it easy nor encourage the
installation of third party securing tools. Very big companies spend a lot of
time thinking on how to secure such machines on their network without touching
the OS, and I've not yet heard of someone having found a simple and powerful
securing policy (not involving a complex vlan implementation). The result is
that, with some hacker abilities and a known target, one could worm its way
threw the CNC OS of a lot of companies who don't know nor want to secure their
network.

If one fellow colleague working on the manufacturer side happen to read that
comment, I would be happy to push the discussion further.

~~~
nknighthb
> _a complex vlan implementation_

How exactly are they setting this up that it's complex? Isolated VLANs with
VPN access are a routine solution to this kind of problem. A decent network
engineer would probably have it done before you finish telling him what you
want.

(If instead of a decent network engineer, I had to do it, I'd just be finding
the password for the switch I hadn't logged into for a year. The configuration
would be done about 15 minutes later.)

~~~
bpizzi
From my experience, there's a tremendous lack of _decent network engineer_ in
those companies (mechanical industry, family business, ...).

Devil advocate: people in charge of IT stuff there are project or support
guys, almost never network engineers. Either they don't care about serious
security or they simply have no clue on how they should do it. And when they
outsource their IT security, they're so bad at choosing that the solution
implemented is worst than doing nothing.

When I have the chance to chat with them about those subjects, the common
position is almost always "we don't get why the machine manufacturer don't
sells us a secured solution".

------
venus
That is a rather misleading headline. A better one might be:

"US arms export regulations force CNC manufacturers to implement anti-
relocation lockout mechanisms"

Of course it's not just the manufacturers being dicks; they implement that or
they can't import to the USA.

~~~
jey
Really? I thought the vendors just can't sell to Iran, not that they have to
build in lockouts that enforce compliance by their customers.

~~~
venus
According to the thread the story is taken from, the machines are now under
the purview of ITAR: [http://www.practicalmachinist.com/vb/dmg-mori-
gildemeister-m...](http://www.practicalmachinist.com/vb/dmg-mori-gildemeister-
maho-cnc/mori-ellison-gyroscope-unlocking-273841/)

------
belorn
We should not be too surprised at this. As long that property laws can be
circumvented with technology, more companies will get into the business of
retaining full control after sale. With practically no drawbacks and only
benefits, it goes against economics to not do it. It doesn't matter if its a
CD, game, website, a car, a high end CNC, or a coffee maker. Retaining
effective ownership after sale is just so useful from a corporation point of
view. Never again does a product need to escape into the control of an
customer.

That this story might be explained with regulation is not much of an surprise.
No US politician would dream of publicly stand for the view point of taking
down private ownership and giving the control to corporations, even if
regulations then can easier be enforced. They would be called communist and
fascist, and any political career would be over. However, circumvention of
property law is not the same thing, so it enables many new way to control what
previous was hard if not impossible.

------
letstryagain
I don't think this uses GPS. A high-end CNC machine would have about 0% chance
of seeing any GPS satellites.

Even the linked thread said it uses gyros without mentioning GPS.

~~~
yaddayadda
The linked thread actually does have a couple, albiet tenuous, mentions of
GPS:

    
    
      - "All of our Citizen swiss lathes have the same GPS feature." (http://www.practicalmachinist.com/vb/dmg-mori-gildemeister-maho-cnc/mori-ellison-gyroscope-unlocking-273841/#post2141101)  
      - "Why can't they simply check for "Out of USA" or "in $BannedCountry now"? They do have GPS, right?" (http://www.practicalmachinist.com/vb/dmg-mori-gildemeister-maho-cnc/mori-ellison-gyroscope-unlocking-273841/#post2141382)

------
cpenner461
A rather interesting/insightful comment from the article:
[http://bbs.boingboing.net/t/high-end-cnc-machines-cant-be-
mo...](http://bbs.boingboing.net/t/high-end-cnc-machines-cant-be-moved-
without-manufacturers-permission/18591/33)

~~~
caprad
Not really. There is a lot of logic failure in this comment.

What does the fact they don't install them on US machines have to do with them
not using it as a business opportunity? This is a non-sequitur.

Since this guy hasn't heard of them being used to enforce finance deals means
absolutely nothing, how could anyone cancel out a point because of that?

And his third point skips out on the fact that adding this functionality to
the machine can cause extra problems.

------
alan_cx
I might be missing a huge point here, but aren't very high precision, high end
cnc machines virtually vital for the production of nuclear devices? If thats
the level of machine we are talking about, I can well understand this.

~~~
wyager
So are computers. Should computers be shipped with mandatory GPS units that
shut them down when they go into "bad guy" countries?

~~~
walshemj
Have you not seen the paperwork that come with high end computer equipment - I
helped by some Pr1me gear back in the day and along with the kit came a sheaf
of paperwork explaining just how much shit you would be in if you reexported
it to one of the country's on the naughty list.

------
001sky
_a situation that the manufacturers have turned into a business-opportunity by
using the technology to assist in repossessing machines from delinquent lease-
payers -- and requiring permission for privilege of deciding where to place
their key capital assets._

Yikes. Classic Holdup Problem. There are certainly ways to force inventory
checks without GPS software locks; this must have been implemented because of
the desire to have actual remote 'kill' capability. What I don't understand is
the line of sight issues with (actual) GPS sensors. If the machine is blocked
from the birds...like it would typically be indoors...something seems odd.

------
exarch
Information wants to be free. Eventually, everyone who wants to know will know
how to build a CNC machine like this, without any interlocks.

If we've given up on growing up as a species, and now believe that humanity's
only hope of survival is to limit the spread of information, then we're well
and truly doomed. And, sadly, it's probably for the best. After all, who wants
to live in a dystopian, nerfed society full of imprisoned intellects? Who
wants a bunch of angry apes who're all one bad day from unleashing Armageddon
loping around with warp engines and antimatter bombs and black hole
generators?

As a side note... reading the commentary on this story is both intriguing and
disheartening. The "hacker" mentality that apologizes for, and is comforted
by, this sort of manufacturer-imposed limitation on an owned product, this
denial of the right to tinker, is a very different mentality than was common
when I earned my stripes. Have legally-imposed culture changes like the DMCA
really corrupted our community so much? Have constant, overblown reminders of
the threat of terrorism rendered us so fearful of each other? Could an
individual raised in a community with this mentality ever produce open,
populist-enabling technologies, PGP and P2P and DeCSS and modchips? IP itself?
Are we still hackers, or are we all just consumers, now?

------
Cthulhu_
> A subtly weakened or defective part from a big mill like the NV5000 might
> find its way into a vehicle or a high-speed machine, with disastrous
> consequences.

Which is why - at least according to those awesome TV shows - parts in high-
end vehicles and machines are checked via precise 3D measuring instruments as
part of the quality control process. Just pointing that out. Pretty sure few
companies fully trust CNC machines to deliver perfect results all the time.

~~~
walshemj
Yes thats why they have QA/Test departments where do you think the ISO9000 and
BS5750 quality standards came from?

------
scottoreilly
This seems incredibly brittle - just like software DRM that needs to phone
home. What happens 15 years from now when they shut down their servers?

~~~
krasin
They don't connect to the company server. They just shut down and display a
message to the operator. It's up to the operator to receive an unlock code
from the manufacturer. So, there's no server involved. It's all human-to-human
interaction.

But again, in 15 years all these codes will be lost by the manufacturer
itself, so your main point is valid.

------
joncp
There's a legitimate use for GPS spoofing.

~~~
IvyMike
Shutting down a competitor's machine shop, for one.

~~~
nobodyshere
A little earthquake or nearby explosion of some kind and all factory machines
shut down. Aaand wait for a code, but first compose a request with all machine
numbers.

------
forktheif
If you did want to stop CNC machines being used in Iran or North Korea, why
not just use the GPS chip to disable the machines if they're inside those
countries?

I don't see what's to be gained by causing the machines to fail if they've
been moved to the other end of a factory.

~~~
karthikb
No GPS inside of a metal box (like a shipping container). You can also spoof
GPS since it's a one-way passive signal.

------
hindsightbias
When the CNC mills from Toshiba made it to the Soviet Union in the 1980's, it
had a significant impact on submarine warfare:

[http://www.auilr.org/pdf/4/4-1-8.pdf](http://www.auilr.org/pdf/4/4-1-8.pdf)
THE TOSHIBA-KONGSBERG INCIDENT (pdf)

------
robabbott
Sure, we'll use the embargo clause to explain this. The real reason is that,
when you have machines capable of making new machine parts, you want to know
when they move around and start building Skynet.

------
danielweber
These aren't widgets sold to people on the street. These are very
sophisticated buyers of extremely expensive stuff who can afford to pay
someone to read the fine print.

------
jasonwatkinspdx
Some of the highest precision CNC manufacturing equipment for particular
processes is subject to nuclear non-proliferation arms controls as it can be
used to make key components in uranium enrichment equipment. So for machines
relevant to those laws, a GPS lowjack might be a sensible precaution. North
Korea has been picking up this machinery from someone, so I can imagine
Japanese industry and government being very paranoid on the issue.

------
tantalor
_requiring permission for privilege of deciding where to place their key
capital assets_

Owners should have this right.

 _I 'm interested in the security implications of this_

What does gyro sensor lockdown have to do with malware?

 _the mills are designed to be opaque to their owners_

You're not really the owner if somebody can lock you out.

 _lest they disable the gyro /GPS_

Disabling the sensor would probably trigger the lockdown.

~~~
gaius
_Owners should have this right._

Like many things, it depends. If the device is supported by the vendor, and
requires very high precision such that jarring it could un-calibrate it, then
this is perfectly reasonable, otherwise support costs would become
prohibitively expensive for everyone. Why would they care if you've bought it?
Because they are protecting their reputation.

Consider the situation of the typical Windows desktop that becomes more and
more unusable as the user installs more and more toolbars and other malware.
Windows takes the blame for it, but the problem would just go away if it
prevented random stuff being installed.

------
w_t_payne
Interesting attack vector ...

