Get the top HN stories in your inbox every day.
gkoberger
That's horrible that Peloton was able to do this. Maybe there's more to the story, but it seems like the court allowed them to shut down a competitor for simply building a similar (relatively obvious) product?
In fact, the CEO of Peloton had the idea for Peloton... IN A FLYWHEEL CLASS. That's insane.
gojomo
I've heard from a Flywheel customer who's been following the case closely that the discovery phase was very damning for Flywheel – blatant theft of Peloton's corporate documents, including things like proprietary operating details, internal financials, projections, & future plans, with direction & understanding of Flywheel management/investors, feeding directly into Flywheel's plans.
So it was bigger than just a patent case, and Flywheel, caught red-handed, had no choice but to settle to Peloton's satisfaction.
sneak
Peloton also engage in all manner of shady marketing, heavily astroturfing all purportedly “community” forums, and silencing criticism or negative comments.
I had one of their bikes, and sold it because the service was crap. I encourage people not to do business with this shady company.
xsmasher
Clicking through the Verge links it sounds like Peloton had a patent that Flywheel infringed on.
We'd need to do a lot more reading to have on opinion on that case.
stefan_
These are the patents I assume:
https://patents.google.com/?inventor=john+foley&assignee=pel...
They are as absurdly simple as you would expect, so I assume Flywheel simply didn't want to/had the money to fight this. Like, here is the ultra-obscure "KETTLER World Tours" in 2018 having you race online against others on archived footage retrieved over the internet:
toomuchtodo
Is there enough prior art to bust the patent? I’d be interested in donating to the EFF specially to invalidate this patent.
gkoberger
Here's the best article I could find on it: https://www.vice.com/en_us/article/qjdz7v/project-magnum-fly...
I agree that Peloton had a patent. My argument isn't a legal one (clearly, legally speaking, Peloton was in the right). I just think it sucks.
zucker42
I think there's a solid argument that patents are generally harmful, especially patents of software or non-revolutionary product features, so I think you can form an opinion.
If we embraced copying a little more I think our society would be better off.
maxerickson
A person can have an opinion on patents that isn't specific to a particular patent or claim.
syshum
It is a classic example of "on the internet" patent,
The problem is not Peloton persay, the problem is the Patent office allowing these obvious "Thing in the real world -> On the internet" patents to pass right on through
noodlesUK
It’s a shame that more exercise bikes don’t have open APIs. Zwift is an absolutely awesome way of keeping in shape if you like cycling, but the barrier to entry is that you need to own a bike and a bike trainer that are both pretty expensive. Maker projects like this one always make me happy, because it’s repurposing an old piece of equipment to function just as well as a new one. Next step would be adding smart controls to the resistance ;)
emb-fit
It's a $2k training bike. You could spend $1k and get a really nice brand new road bike and a smart trainer that controls resistance like a Wahoo Kickr Snap (or several others) for ~$500.
I just don't get why the Peloton thing is so popular when you can get a smart trainer and a bike you can actually take outside for sooo much cheaper. You could even sign up for Zwift and a Trainer Road subscription and come out waaay ahead of $50/month.
The protocols coming out of these things have become pretty much a standard as well. Get an ANT dongle for your computer and the data can be consumed from so many apps, even an open source project like Golden Cheetah. Or just read the data from a head unit that already supports it.
stefan_
I have a ton of road bikes and a high-end smart trainer but I'm under no illusion that for someone not looking to ride outside ever, a purpose-made exercise bike is a vastly superior option. Even the smart trainer companies have figured this out and are making fully integrated exercise bikes.
One obvious reason is that no one cares what the exercise bike weighs and it will never be exposed to dirt or rain. That allows you to make a drivetrain that can trivially last past the useful life of the equipment without any maintenance ever. Meanwhile on the road bike you strapped to the trainer you have a chain, cassette and chainrings for no good reason - all of it ends up feeding into a variable resistance unit anyway!
Similarly putting a road bike you have used extensively on the trainer back on the street generally means doing a complete overhaul - you sweat salt water all over it and don't want your alloy handlebars to break in half because it corroded underneath the bar tape.
Ceterum censeo: we should focus on fixing the reasons that many people, particularly women, feel unsafe riding a real bike outside that they would rather stare at this screen going nowhere inside. Most of them without the mandatory two box fans blasting a hurricane their way, it makes me die inside just seeing that.
nogabebop23
>> you sweat salt water all over it and don't want your alloy handlebars to break in half because it corroded underneath the bar tape.
Of all the ways to crash - mechanical failure, operator error, 3rd party - this is the one that keeps you up at night? We come from very different cycling worlds...
sombremesa
It's not just dirt and rain. Inexperienced bicyclists have a very real chance of getting hit by a car. I'd pay $500 on my worst financial day to avoid that.
dehrmann
> I just don't get why the Peloton thing is so popular when you can get a smart trainer...
You're missing the point. It's not indoor cycling, it's more like at home spin class or soul cycle. The customer base is pretty different, and the experience is a lot of what they're looking and paying for.
rconti
Right. You can easily argue the Peloton bike isn't worth $2000, but of course the content costs more to produce than Zwift content. Whether you think that's worth it or not is up to you as a consumer.
sukilot
Right. They buying a brand to make themselves feel cool. The quality of the product is irrelevant as long as it looks fancy.
aesclepius
> I just don't get why the Peloton thing is so popular when you can get a smart trainer and a bike you can actually take outside for sooo much cheaper. You could even sign up for Zwift and a Trainer Road subscription and come out waaay ahead of $50/month.
You'd be surprised how much twiddling and research you need to do to find a correctly sized bike and which smart trainer (elevation? resistance? etc?) to get something that will work for the average person. It's the same reason people go for iPhones or Macs or anything else that 'just works', the time cost for getting to where one can actually use it vs. just unpacking a box w/ a 'good enough' smart bike means that a shiny package like a Peloton will always be preferred for a large chunk of the population.
inopinatus
I train at home on a no-name steel frame I built up myself with spares scavenged or traded at a swap-meet, sitting on a second-hand (non-digital) Kurt Kinetic resistance unit, total build cost ~ $250, excl. my own labour and home workshop.
Honestly prefer training this way to the gamified Zwift experience, there's something deeply off-putting about gluing my eyes to a screen when I'm meant to be focusing on 4x5 intervals. I have a Wahoo Kickr; I hardly ever use it.
I didn't have any prior wrench experience, this was a project in part to gain some. All I had were some Youtube videos, a copy of Leonard Zinn's The Art of Road Bike Maintenance, and some basic tools. I did, however, already know my fitting dimensions.
The bikes I race on are what you'd expect though. More expensive than my car.
emb-fit
Go to any half decent bike shop and say you'd like to spend that much on a bike/trainer and they will bend over backwards to make sure you get exactly what you want and need. They will very likely even throw in a custom fitting using all the special tools they have at their disposal.
Not sure what twiddling you are doing with resistance and elevation, smart trainers pick the resistance based on what the app tells it to do in real time.
By no means can a 'large' chunk of the population afford $2,500 up front plus $60/month.
With a real bike on a trainer some people might even decide to try riding outside, who knows...
rootsudo
The Peloton is really a great bike, I seek them out whenever at gyms, hotels, etc.
The price isn't that bad of a deal for someone inside all the time wanting a great bike to workout and the classes.
Thankfully, I'm kinda a nomad so I haven't done it yet, though the past few months I've been stuck in one location and debated about it.
hard
Try to find one! They're fun and good. It's all fake motivation and such but it's really good if you follow the yellow brick road and do it 2-3 hours a day.
viraptor
> You'd be surprised how much twiddling and research you need to do to find a correctly sized bike and which smart trainer
Yeah, I'm surprised. People come into a bike shop and come out with a reasonable bike unless they're really looking for something special. A Kickr stand and a bike which fits you "just works" in my experience. What exactly do you think an average person would need to do beyond that?
sukilot
How did our parents survive with their stationary bikes in 1970?
diiaann
Road biker here. I used to go to Flywheel classes and have done some Peloton IRL in NYC. I also own a Wahoo Kickr and have a Zwift subscription.
I get the appeal of Peloton. First, Peloton is fun. Zwift is so freaking boring. I listen to murder mysteries while on Zwift because I think it's so darn boring. I only do it because I feel like it's a more effective workout. And cost wise, I already have a bike. Second, I know tons of people who don't ever want to bike outside. It's too dangerous or too much logistics.
pc86
Because people don't want to ride in poor weather? Because the terrain is inhospitable to their current fitness level? Because the terrain is inhospitable to any fitness level? Because they may only have 45 minutes to ride and want to spend the full time riding? Because they live in an area with a lot of pollution? Because they have medical issues where they worry about getting stuck away from their home? Because they just like tech or just don't like being outside?
There are plenty of completely legitimate reasons.
solumos
The one thing that bothers me with ANT is that it's supposed to be an "open" protocol, but in reality it's this proprietary thing that Garmin has locked down. In my experience, there are a lot of hoops to jump through just to get a basic app set up (all of their example code appears to be ~5 years old).
It makes me wish there were an open, real-time, fitness data project that had more easily usable SDKs for these kinds of things (along the same lines as Golden Cheetah).
faet
I bought a $300 magnetic resistance bike, cadence monitor ($20), and a heart rate monitor ($40). The Peloton subscription is $12/mo for the app which I use on my phone. The only thing I'm missing is 'resistance' and 'output', but for roughly $1600 in savings I'm fine with it.
The classes are fun and they also include other things like strength, yoga, running, etc. There is no way to get classes around me for $12/mo or even $12/session.
walrus01
'really nice' road bikes don't start at $1k. More like $3k. $1000 doesn't buy much these days, from the perspective of a serious road cyclist it'll be some barely usable thing with Shimano sora or worse level components on it. And will weigh over 20 pounds.
Someone who knows what they're doing with road bike mechanic stuff can probably piece together a decent dedicated indoor trainer bike for $1000. Using a combination of used and new components.
StavrosK
I have a $150 bike for commuting, and it's fantastic. I don't worry about getting it stolen, and riding it is hard because it's heavy/has shitty components, which is exactly what I want from a bike.
Since my commuting distance is fixed, I want the ride to be as hard as possible, otherwise I don't train effectively enough. I should probably trade it for an even shittier one , to up the difficulty level.
greyhair
It really comes down to what your goals are.
Are you riding centuries on a regular basis? Yup, $3000.
Are you just out riding to get some fresh air, sunshine, and exercise? $500 is plenty.
It's heavy? I am only riding twenty miles. Oh, and it has inch and a quarter tires, with a wee bit of tread, and I cannot remember the last time I got a flat tire.
As I opened with, it all depends on your goals.
sukilot
You don't need a $3000 bike for an indoor trainer. Everything that makes a road bike expensive is irrelevant or counterproductive in a trainer.
jzoch
if you're willing to buy used you can get incredible road bikes for 1k. I just bought a used 2016 Giant Advanced SL2 for 1.2k. It was > 4k at the time it was purchased.
fortran77
It may have been possible or the company to post the API publicly after Peloton shut them down without incurring any further legal liability. That would have been a responsible thing to do...and a way of getting back at Peloton.
soared
Open apis pretty much ruin honest competition, leaderboards, live races, etc. People already game metrics on their pelotons to get top 10 in races, and I don’t think companies want to deal with that on a larger scale.
It’s a great idea, but I don’t think it’s always the right idea.
xoa
The issue of cheating is genuinely valid one, but so is being able to use the hardware with a variety of software. And in this case, are you sure open APIs are actually in conflict? "Open" doesn't have to mean "forgeable", wouldn't it be possible to have a fully open and documented bike API that also cryptographicly signed output? Software could choose to not care about the signature and just run off the API directly, or to require a signature from a specific set of manufacturer keys, or for that matter both (why not support both casual groups and competitive ones depending on what users want?). Obviously for hardcore competitive types it'd still come down to the security and gameability of the hardware itself, and even if it was fairly solid it'd still mostly be about discouraging lazy cheaters, since as far as home use goes nothing stops someone from attaching an electric motor or something if they really want to screw with things.
But I don't think full open APIs any software can use in this case precludes getting as much security as is possible to get out of the software/electronics side of things. And full open APIs would be super useful for longevity, variety of use, etc.
mnd999
Hidden electric motors have been used to cheat in real pro cycling. If they can’t always catch it there Peleton etc. have no chance.
I guess at least that makes it realistic.
ThePowerOfFuet
Disconnect the pedals, attach electric motor, bam: cryptographically-signed leaderboard cheating.
deadbunny
Not sure I follow your argument, if people are already cheating how would an open API be any different/worse?
newsclues
Closed systems are unhackable or cheat proof?
I don’t think so
JadeNB
It's even better than that—closed systems are hackable and vulnerable to cheating, and it's in their peddler's (as opposed to pedallers' …) interest to make sure that you don't know about the vulnerabilities of which they are aware.
_jal
Is your dwelling impossible to break in to? I don't think so.
I also think it doesn't have to be.
djmips
This whole article showed how to hack a closed system. Closed APIs clearly don't prevent cheating and that's not why they exist.
sukilot
Who cares? It's an exercise bike.
If the high score is what you want you can play a video game.
Johnny555
This is the reason I bought a Keiser bike instead of a Peloton, it has a simple display that works with Bluetooth sensors (I use my watch to record my sessions). I use the Peloton app in an iPad (I could pair the bike with the iPad app, but don't).
The bikes are about the same price, but the Keiser screen is a simple LCD display that's much cheaper to replace if it gets broken and is fully usuable without a subscription.
Plus, I think the bike looks better.
troydavis
I did the same and my Keiser M3i has been fantastic. Their GitHub repos are current and their lead developer actually answers implementation questions: https://github.com/KeiserCorp
When I'm considering buying a smart device that I'd be uncomfortable throwing away if/when the company ceases support, I ask them beforehand: Is there an open API and/or SDK? Does code or protocol escrow exist? This saved me from buying a smart watch and a smart ring. The manufacturers seemed healthy at the time but were bankrupt or acqui-hired and shut down within a year.
mttjj
Hmmm. Both of you are getting me very close to pulling the trigger on the M3i. Just so I’m clear, you have to buy the “M Series Converter” bluetooth device as well so it can connect to 3rd party apps, correct? Or I could just record an Indoor Cycling workout manually on my Apple Watch, right?
troydavis
Someone else answered your question, but I’d add that I previously owned a Sunny SF-B1002 “dumb” belt drive spin bike for about $350 and it worked great. It’s 90% as good for much less money. I only upgraded because I use it a lot and wanted a couple M3 features (infinite frame geometry adjustment and numbered/repeatable resistance control), or I’d still use the Sunny.
Johnny555
I had to get the converter to sync with my (Garmin) watch, so I imagine that you'll need it to pair with apps. It wasn't really clear whether I'd need the converter or not, but turns out that I did -- I figured I'd return it if I didn't need it.
I haven't actually tried pairing it to my iPad or other devices.
mttjj
Thanks for the info!
emb-fit
Mentioned some of this in another comment:
"It's a $2k training bike. You could spend $1k and get a really nice brand new road bike and a smart trainer that controls resistance like a Wahoo Kickr Snap (or several others) for ~$500."
That being said the M3i seems to be one of the more flexible options if you are gonna go the stationary bike route.
Johnny555
$1K would get a decent road bike, but not really one I'd consider "really nice".
I have a really nice road bike, and a decent steel framed commute bike. I've used both on a trainer, but it's not the same feel as a spinning bike, particularly when standing up and cranking hard on the pedals.
A good spinning bike will last a decade or more with little maintenance, but you'll be changing tires often on the road bike trainer as well as all of the other maintenance that comes with a bicycle.
You can get a good workout on a bike+trainer and if that's all your budget (or space) allows, it's a good option, just don't expect it to be a spinning bike.
ohazi
Products like this make me furious.
Selling a product whose interface/API/whatever is deliberately obfuscated so that the manufacturer also has a monopoly on a subscription service or an app for said product is blatantly anti-consumer, anti-competitive, anti-environment, and should be illegal.
Fuck Peloton. Fuck Flywheel. Fuck all the proprietary IoT companies.
And apparently fuck me for having the gall to want to control my air conditioner from my computer rather than GE Android app #12 that has God-knows-what baked in and that's going to be abandoned in two years anyway.
Nobody should ever feel like they have to throw out an otherwise functional refrigerator-sized appliance because of software obsolescence.
I am absolutely willing to die on this hill. We need a GDPR-sized hammer to fix this.
squarefoot
> Fuck Peloton. Fuck Flywheel. Fuck all the proprietary IoT companies.
And not just in the IoT field. Pretty much every company that could use their closed software/firmware/designs plus lawyers to enforce their right to render a product useless or obsolete, or simply becoming the only authorized to repair it then refuse the repair, so the user must buy a newer one, will eventually do that if allowed by the law.
John Deere has been really hostile to their customers, for example. https://www.vice.com/en_us/article/xykkkd/why-american-farme...
encom
Don't forget Apple. They absolutely hate customers servicing the hardware they bought and paid for, and they fight it with both technology and lawyers.
Remember that awesome time when Apple disabled phones, because they had a 3rd party home button installed? Absolute scumbags.
nkristoffersen
I mean, it sure seems like a scumbag move, until you understand the full reasoning behind enforcing encrypted keys for each piece of security hardware. Which I believe was to close a security loophole.
To my memory the bricking of phones was a bug related to not handling the non-matching key condition correctly. But I believe they fixed that bug quickly?
fiftyacorn
John deere only made sense to me when I found out bill gates as it's largest shareholder
notimetorelax
The legislation will probably originate somewhere there. At some point world should realize that software sales are not different from hardware sales.
thereisnospork
Its a pretty good hill to die on. Everything IOT should be forced to communicate over transparent and self-documenting protocols so a. anyone can write an app to control said device and b.[0] Alexa/Cortana/Siri can query to set up a voice control interface.
[0] Maybe in the future when their capabilities get a bit better, but the gist is every device should respond to a 'hello' ping with a list of commands and NLP'able descriptions such that for an air conditioner 'alexa set temp 67 degrees F' just works.
btashton
This kind of response is a big part of why I have given up building commercial IoT products for now. It's great to want to have some super abstract high level self discovering protocol, but when you actually start to build on it it really hampers the product.
If you want to build a smart light switch you are trying to get the response time very low and worry about things like syncing behavior around the network. Doing these things ends up being very domain specific and you do creative engineering to make it happen. These are very different than the requirements for say a vacuum cleaner.
Then we have standards that come out like Bluetooth mesh or HomeKit that say this is exactly how a light switch should work. Great, except your light switch has this cool feature that Philips did not think of in the committee meeting and now you are forcing it in and your product once again suffers.
These standards all suck, some small percentage of your customers want custom access (rightfully so), and a large percentage are comparing you on price and experience. The outcome is a closed off product. With maybe a cloud API.
Like I said this is why I don't want to work on these products anymore. You cannot win.
hakfoo
> Then we have standards that come out like Bluetooth mesh or HomeKit that say this is exactly how a light switch should work. Great, except your light switch has this cool feature that Philips did not think of in the committee meeting and now you are forcing it in and your product once again suffers.
This seems like it could be solved by a meta-standardizzation: a standardized extensibility model. So the light bulb supports "on", "off", and "dim", and the vaccuum supports "begin cleaning", "return to charging base" and "open dust cup lid", but both support a "Get model-specific register and function list" command, yielding something like WSDL.
Maybe Philips bulbs activate their RGB disco seizure mode with Model Specific Function 82, and GE bulbs have colour temperature control on Model Specific Function 74, but so long as the bigger, smarter device controlling both can query this and package it up for users, it works fine. And when your new vaccuum has "knit new cat out of collected cat hair" they can define it as MSF 74 if they want, so long as the catalog is accurate.
ViViDboarder
You don’t have to follow a standard to not use an obfuscated API.
Following a standard is great but extending beyond that for your own features or using a variation is still fine if the API is accessible by users.
Animats
A good model for this is the HID protocol for "human interface devices". This supports keyboards, mice, joysticks, game controllers, etc. over USB. It's simple enough to be used by very basic devices, and descriptive enough to extend to most control-like devices.
Most home automation stuff doesn't have that big a command vocabulary.
mattmanser
I completely understand and sympathise with this sentiment, as I'm sure many others will.
It's one things to want standards, but when it's still an emerging field, with so much different functionality, it's an impossible task.
Any poster who advocates standardization at this stage would probably be wise in reading about the early computing days, when you had so many different standards, before it crystallized behind IBM MS-DOS. Or even HTML, where would we be today if MS had listened to "standards" and not released XMLHttpRequest/MSXML library.
No ajax, no modern web.
This is a perfectly normal, and perhaps desired, period of experimentation where standards will just hold the industry back.
thereisnospork
I don't think it should be a protocol so much as 'english-ish'. So not a framework which defines a lightbulb (and every other IOT), but a defining human/NLP readable language so a human/alexa can have a conversation with an arbitrary device[0]. Trying to be rigid in definition for the scope of all IoT is madness[1], and imo this is where the future of the NLP AI is: acting as a fuzzy intermediary between people and 'smart' devices to save users and devs both from that madness.
[0] >send 10.10.10.143 'what are you'
>> "A light bulb serial number ######"
> 'list commands'
>> on() | off() | color(int red, int green, int blue) | strobe(frequency)
>help color
>>"""description of color function"""
etc.
Where there isn't a predefinition for say 'strobe' specced anywhere, or 'light bulb' for that matter, but a person or reasonably intelligent AI can work it out from context. There does need to be a bit of a framework and around 'what are you' and 'list commands' for this to work.
I hope I've explained this well, but it doesn't seem far off for an AI to credibly facilitate the bulk of human-smart device interaction with a little bit of help breaking the ice.
[1] As you mentioned, scoping even a light switch without feature creep is a challenge.
moron4hire
I've worked in the same space. This is bullshit crocodile tears. All of the device control protocols have systems for creating custom features. BLE is particularly easy to use, though it's really not that different from older specs like ZWave and ZigBee.
nextaccountic
Do you know what's the fix for this? Open source. And letting people flash their own firmware.
flir
Years ago, there was Jini (Apache River now). It never gained much traction. But I always liked the idea of interoprable home devices announcing themselves on my network. "Hi, I'm a mass storage device. If anyone's got data they need storing, send it my way!"
crooked-v
HomeKit is probably the closest thing at the moment as, while it's a proprietary protocol, it's already been mostly-reverse-engineered enough to have open-source HomeKit controllers for most devices, as well as open-source bridges from non-HomeKit devices to HomeKit protocols.
Mister_Snuggles
Home Assistant[0] is a great tool to act as this bridge. It can act as a HomeKit device, so anything it knows about can be exposed to Apple devices via the Home app. It also has integrations to talk to virtually anything, or you can build your own IoT devices with ESPHome[1].
untog
I have been really happy with a HomeBridge and HomeKit setup. The only downside is the eventual hardware: for various boring reasons I was forced into getting Lutron smart light switches, and they require a hub. That hub has a Telnet connection that Home Assistant uses and it’s super flakey.
I just wish there was more truly open hardware out there.
ex3ndr
HomeKit protocol is open and there are extensive documentation available.
Pxtl
Web. A self documenting protocol is it runs a webserver that accepts simple form requests.
"But web tech is insecure!"
If they can't secure a form post, what hope do they have of securing a proprietary api?
Yes, home appliances running webservers would have downsides for management, but that's where routers could add value. It would be trivial for a router to scan port 80 of every device on your network and present a page to pick your devices. That's something I'd even use an app for.
"Port 80? But what about encryption you complete monster!"
How the hell is that cert going to work? Even if they had some magical way to store a cert on the device securely, surely they're going to screw up keeping it up-to-date, or do you want your "it's MY device! Mine!" to depend on an external provider for security?
Just make sure the devices can run on some kind of VPN.
Router can keep them on a VPN and run a proxy with proper SSL for outsiders. Then you only need one device in your network secured to modern standards, all your IoT run in the router's IoT sandbox and all access to them is through a proper SSL-encrypted proxy portal.
There. It would be possible to make that layman-friendly infrastructure. Router detects you connecting to LAN device over port 80 and says "hey, this looks insecure, do you want to move this device to the secure sandbox? You can access all IoT devices securely through my app! Y/N/OMG this is awful never ask me again!"
pentae
My condo building has these fancy new Technogym "MyRun" cardio machines which are basically regular workout machines with giant iPads on them. So now instead of turning them on and starting a workout I must wait 3 1/2 minutes for the touchscreen to boot every morning and every other week theres a failed software update causing the machine to shut down mid workout to restart the software in an endless loop. Or it just won't turn on due to the software on/off switch not working and we have to call the technician. It's unbelievably bad. Unless you actually care about connecting your workout to an app (i dont) a prehistoric cheap workout machine from 20 years ago has a better experience and is actually maintainable
DebtDeflation
>GE app #12 that's going to be abandoned in two years anyway
Not merely abandoned, but abandoned with gaping security flaws, no other way to update the device, and an always-on internet connection. We really have not thought this IOT stuff through.
dcow
Or, maybe the whole impetus behind the free software movement isn't wacko bullshit after all...
We had a solution and everyone pissed on it because the misinformed and perhaps intellectually lazy lawyers and leaders and yes even engineers convinced everyone that the GPL was unfit for a capitalist society.
“Was” is admittedly unfair because free software is not actually dead. It’s just popularly dead. If this type of crap actually outrages you, it’s not GDPR that we need (it makes no sense if you think about it, too), it’s smarter consumers and more courageous engineers/leaders. Go speak with your feet and use free software products. And help breath life into a culture that has been wounded by greed.
TeMPOraL
At the risk of repeating the "Stallman was right" meme, Stallman really was right about this stuff. The more I work in and with tech, the more I'm appreciating GNU/FSF philosophy.
Some time ago I finally understood what's the point of GPL vs. just Open Source - the former is written with end users in mind, not developers. And unfortunately, these days not only developers aren't end users, they're very often working against end users.
sukilot
Convinced who, exactly?
Free software isn't illegal. You can run Linux and not buy IoT/IoS junk. Yes, you might have to decline Netflix and Disney.
The only place consumers are screwed is when they get stuck with monopolists like John Deere -- and no one got "convinced" there, just screwed.
ohazi
We need a free hardware movement.
lstamour
Inevitably the long-term solution is going to be more layers of abstraction. Web application firewalls for every wifi device in your router, for example, or operating systems maintained by cloud vendors (for “edge devices”). If always transmitting connectivity isn’t required, maybe HomeKit-style app-based (offline or app-based updating) devices that use other devices as repeaters which can then be reverse engineered from their apps (largely illegally in many countries). I don’t think we’ll see open specs unless Apple or Google or government make a significant push, or a future large-scale chipset manufacturer uses open source as a way to both get customers and maintain long-term support for their chips. But we know how well GPL works with most hardware (poorly, unusably, etc.)
TeMPOraL
What worries me is not layers of abstraction, but layers of control. Who owns that WAF? Who owns the apps?
And if it's not user that owns it in practical (control) sense, then I hate it already and personally won't buy it.
lostlogin
> app #12 that has God-knows-what baked in and that's going to be abandoned in two years anyway.
It was a revelation putting a Pihole on the network and making a firewall rule that forced any non-Pihole port 53 traffic back to the Pihole. Samsung and Google make a lot of connections to home.
twicetwice
HTTPS is great for users, but I'm annoyed that it will let companies get around this sort of thing. I want to control the traffic on my network.
TeMPOraL
That's why the combination of DoH and certificate pinning worries me - individually they're sound security technologies, but together, they're a nice package to disenfranchise end users with respect to networked devices they own.
dvcrn
> And apparently fuck me for having the gall to want to control my air conditioner from my computer rather than GE Android app #12 that has God-knows-what baked in and that's going to be abandoned in two years anyway.
My aircon is infrared based so I bought a $20 infrared emitter, recorded all the button signals from the remote control and plugged it into HomeKit. Now I can voicecontrol/Remote control my antique aircon better than current models that still don’t support HomeKit
Bonus points: I put the emitter in line with both aircon and TV and use the same device to control both
sokoloff
Is it really that different than the razors-and-blades, inkjet printers, games consoles, or electric toothbrush business model? Or even the new cars and service model [wherein more money is made in the service bays than on the showroom floor].
TeMPOraL
I wasn't around on this planet when razors-and-blades model was first invented, but it wouldn't surprise me if people raised objections back then.
To me, the general model of selling/giving away a device that serves only to lock the customers into buying overpriced consumables is ethically questionable. I find it exploitative, dishonest, wasteful and anti-competitive. Such business model requires the corrupting the law to create completely artificial constraints, to make it illegal for competitors to offer said consumables, in order to prevent competitive pressure from pushing the price of consumables down to where it should be[0].
I can't give a detailed and coherent argument for why I feel that way, not just yet - part of the reason I comment in IoT/DRM/another-product-turned-into-bullshit-service threads is to try and discover that argument through discussion. But it really feels wrong, compared to a hypothetical reality where both the devices and their consumables were properly priced closer to the marginal cost of production, which can happen only if people can freely build on top of platforms.
--
[0] - And if I'm listing negative adjectives, I might add parasitic - in the sense that if you imagine business models as organisms, this one took over host society's legal system to ensure it could to outcompete more straightforward (honest) ones.
devcpp
I don't think you need to expand so much on the reason why you're opposed to this business model, it's all understood and well-documented. The usual argument against this sentiment is that it's difficult to establish clear legislation on it. See the very similar debates on planned obsolescence and right to repair.
> Such business model requires the corrupting the law to create completely artificial constraints
So what? As long as no such laws exist that's fine, and a corrupt country will get bigger problems anyway. The problem is that it's not true since constructors can increasingly rely on complexity: reverse-engineering is getting more and more complex (see recent iPhones).
gorgoiler
It has to be fixed through regulation. The free market does not support long term, expensive solutions, such as APIs.
If you provide the bike with a public API, it’s going to cost more. You now need to actually test the API works, instead of simply testing the bike works, end-to-end, with your own software.
A stable API with supported version changes and backwards compatibility is a much more challenging engineering prospect.
Forever ‘twas this. Maybe they can start by using something like an automotive CAN bus.
mikece
Awesome project. I wish more smart devices offered a “run it locally on a Pi if you’re paranoid or a control freak.” I avoid IoT devices in general because I have no idea where the data is being stored, if it’s stored securely, or if it’s being sold. I prefer to manage this all myself.
foxrob92
>I wish more smart devices offered a “run it locally on a Pi if you’re paranoid or a control freak.”
Wouldn't that defeat the purpose of the "smart device" (from the manufacturer's point of view)? The business model often seems to be locking you in to a subscription (rent seeking) or selling your personal information (surveillance capitalism).
TaylorAlexander
Just wanted to plug repair.org who is working to protect actions like this (I have no connection to the org). You can join as an individual member to support their mission financially:
ChuckMcM
This is a great reverse engineering project.
What it points out to me, painfully, yet again, is that cool stuff can actually do everything its bought to do without a "monthly service fee." And yet here we are.
userbinator
It's interesting to see the discussion here focusing mainly on "open from the producer/manufacturer" side, when what I think is the really important point here is that "opening from the consumer/user" side can be easy and empowering: companies and services will come and go, but your ability to take control effectively depends only on your willingness to discover and explore.
I avoid a lot of "smart" products in general, but feel comfortable with working on the equipment I do have --- whether it's maintenance, repair, or modification --- and I think that's the most important thing to keep in mind; to not be scared of treating things as anything other than mysterious black boxes. It seems that a lot of people treat "reverse engineering" as some equally mysterious and imposing idea, when it's really just about problem solving or figuring out how something works.
Also, I don't think the RPi is necessary here; the bike is a Bluetooth device, so any computer with a Bluetooth interface can receive its data and process it. I'm not an RF expert, but rebroadcasting BT seems like it would create more interference.
usrusr
> Also, I don't think the RPi is necessary here; the bike is a Bluetooth device, so any computer with a Bluetooth interface can receive its data and process it. I'm not an RF expert, but rebroadcasting BT seems like it would create more interference.
The rebroadcasting is done because the goal was to get the data into a proprietary piece of software that expects data to come in over Bluetooth.
And rebroadcasting will actually be just fine on the air medium because right after receiving is exactly the time when the bike won't send another message.
The RPi is complete overkill of course, a tiny $3 nRF52 module could do that job just fine.
ohazi
> your ability to take control effectively depends only on your willingness to discover and explore.
This should be the limiting factor, and this is often the case when a product was designed sensibly and the interface just wasn't documented. Reverse engineering a device like this is relatively straightforward.
But more often, companies deliberately obfuscate, encrypt, or booby-trap their interfaces in order to actively prevent reverse engineering, and this is the reason for the frustration you're seeing in the other comments.
noisy_boy
> your ability to take control effectively depends only on your willingness to discover and explore.
Lots of folks have additional constraints of time due to family/other responsibilities etc. I can afford to spend an hour or two if the API is open from the manufacturer's side to write a script or setup a simple service; I definitely cannot afford to spend time on packet sniffing or such low-level reverse-engineering.
amluto
> First, the node binary needs permission to advertise Bluetooth services:
> sudo setcap cap_net_raw+eip /usr/local/bin/node
Use AmbientCapabilities= in the unit file instead.
ptx2
That's much better, thanks for the tip!
gojomo
Drat, I was hoping this would also have a recipe for unlocking/reinitializing the attached Android-based tablet, on some of these bikes. Then it could run other biking apps - or just provide reading/music while riding. (Maybe even: it could do the BLE translation?)
The community hasn't figured out how to root the tablet, yet, but there are some hints as to the manufacturer/boot-launch-software – https://www.reddit.com/r/FlywheelAnywhere/comments/gexqte/ha... – if anyone has any ideas or is interested in a challenge.
sagz
I'm trying to create an Android recovery for a peloton, which is similar https://github.com/Goayandi/mediatek_mt8176_development/issu...
ggm
Was it really "bricked"
askvictor
No; this is hyperbole, and cheapens the meaning of the word bricked. It's core function still worked perfectly. The app no longer works. The app was always a subscription service. There was an offer to swap (for free) with another bike, which continues to let you pay to another subscription service for similar or better functionality.
I'm all for hacking your gadgets, and open APIs, but let's get a sense of perspective.
ggm
"I reverse engineered the data feed protocol on my spinner" would have made me click.
Get the top HN stories in your inbox every day.
> A simple fix is to just use the previous power value if ever: the cadence is non-zero and the previous power is non-zero and the current power is zero. A slight improvement is to keep track of the slope and factor it in when calculating the predicted value.
Looks like somebody rediscovered the Kalman filter without realising it :)
I recall implementing one for an IoT device, to de-noise gas sensor readings a few years ago.
Pretty fun read. Makes me wish I could gather the courage and patience to get back into hacking on embedded stuff