Skip to content(if available)orjump to list(if available)

Locked out of 'God Mode', runners are hacking their treadmills


This type of 'update' is one reason I tend to stay away from so-called 'smart' devices.

If part of the product I've paid for is software, and the company can update it without customer consent at any time, then I can't rely on the product's features. Period.

I experienced this myself on the PS4 version of Terraria. I bought a hard-copy of the game. I mastered the controls, and loved them. Terraria was updated one day, and the controls were all changed, completely. Total rip-off. I liked the game I bought, but it was replaced without my consent.

My feeling is that this behavior should be illegal for purchased products.


I agree. Perhaps the U.S.'s legal framework reasonably allows this kind of behavior, but IMHO it's a sign that the framework needs legislative correction.

The first time I encountered this was when Sony advertised Linux-compatibility for the PS3, which I bought expressly for that purpose. I was shocked when a judge upheld Sony's post-sale removal of that capability.


Government should mandate the ability to downgrade the software to versions that were previously available on said hardware.

I’ve had so many issues with Apple devices losing compatibility with obscure features on apps after updating iOS, I wish I could go back occasionally to accomplish some task, and then upgrade again when finished.

The flexibility is valuable.

For example, on the newest iPad Pro, iMovie is unusable after iOS 15, completely jittery and unable to handle smooth user experiences for some reason.



TV updates are another thing. They change things with abandon and you can't revoke the updates.

Sometimes they break stuff and then you have to pray and wait until they hopefully fix them at their leisure.

IMO, it should be illegal to issue unrevokable updates so you can't get a product to have identical features as it did at the time of purchase. You should always be able to wipe it back to stock. Same with phones.

And the people who might crow about "security" - my device, my rules. I can block it on the network if I want.


>Government should mandate the ability to downgrade the software to versions that were previously available on said hardware.

What about devices that are connected to the internet and need security patches?

As a software engineer can you imagine supporting every version of your software you ever released? Sounds like a nighmare.


IIRC the Linux support was there solely so that Sony could circumvent tariffs in the EU.

Gaming consoles had higher tariffs than "general purpose computers", so Sony added the ability to boot into Linux and argued - successfully - that it was a general purpose computing device and thus in the lower tariff category.


Absolutely agree.

I bought a couple Hue bulbs a while back and a (somewhat) recent update to the Hue app removed the ability to control them via by watch. Completely pointless feature removal. Part of the selling point is that level of control, and yet they just removed an entire feature I frequently used. That's simply straight up removing something that I've paid for, which I don't view as any different from theft.


This is precisely the reason why prior to linux support/removal, exploits weren't targeted. Once linux support was removed, linux hackers started releasing exploit after exploit on the target hardware and software, and it only took a couple months after they removed the linux support.


Upon which we found out that not supporting Linux on the PS3 slim from the get go "because they wanted to focus on games and it was too much effort" was a lie - turns out there was almost nothing extra that needed to be done for it to work on that model too, once the hacks were in place.


Overturned on appeal and then settled for $65/user.


Thanks, I wasn't aware of that.

(Cue next rant about class-action settlements. To make me whole, Sony would have needed to give me a full refund (with interest) or restore Linux compatibility.)


I got a check for $3.02.


This pattern is pervasive. I also dislike needing an app and an internet connection for the most basic functionality with some purchased device. At some point, we need to own the things we buy and that line keeps getting pushed back further and further.

Anec-data: I purchased a cooking device for my parents in December and it has a single button to turn it off. The only way to use it is with an app which requires a login to the company's service. The device even has local bluetooth capabilities. You may be wondering, "What is this device supposed to do?" and the obvious answer is: "It's supposed to boil water." The real answer seems to be, "it collects usage data about customers boiling water."


I'm assuming you are talking about a sous vide device.

This is one of the few (unrooted) smart devices I actually appreciate. You can easily configure it for a specific task (steak? chicken? brussels?), get push notifications when it's done and even turn off it's warm setting remotely if needed.

And given that most of the thing is immersed in boiling hot water, it makes sense to not put controls on the device itself.


i'm glad my anova has both manual and bluetooth controls, because after the first couple of uses i simply default to manual for everything. personally i tihnk modern cellphones are remarkably clunky devices for anything other than reading books and gps. they aren't even very ergonomic as phones, they're annoying for web browsing compared to laptops, and they are definitely not satisfying to use as controls for physical devices.


And in two or three years, when that cloud service inevitably shuts down, you'll be stuck with a pot that doesn't heat water.


Mine cost a quarter of the app-based devices I've seen and the one difference is that I have to take a glance at a little table. I don't mind that.

And whether a device has controls doesn't matter with regards to hot water contact. It has to be properly sealed either way and capacitive buttons work fine for this (not worse than the low-quality buttons they'd use otherwise). The main feature you get with Bluetooth is another point of failure thanks to connection problems, at least that's my average experience with BT.


I recently got an Anova -- with touch controls, and it works great both with and without the app. The top is a big bigger to handle the screen and touch controls.

Making an immersion circulator app-only is likely a BOM-reducing measure, which is fine (given that active time is probably at most a few minutes like twice a day). And you can get smaller form factors too with app-only control (e.g. Ember Mug).


I guess I can see a push notification for a very slow cooking process, but most of the time if you use a smart device in a kitchen frequently, you're going to get things like uncooked chicken juices on it. Not ideal for a personal phone.


Not interesting data. The real reason is that it's easier to connect things through a central service. I sometimes email myself for the same reason.


This is true for things that are connected to the network anyway. It is not true for unconnected devices controlled by Bluetooth. The gratuitous app login is straightforwardly malign.


Why did you buy that?


I have a similar device and was recommended the newer and upgraded version from someone I know. Given time pressure and other priorities at the time, I took the recommendation without much further investigation.


> I also dislike needing an app and an internet connection for the most basic functionality with some purchased device.

Yeah, my watch supports setting (and syncing) the time and timezones using bluetooth. But before you can do that, you must agree to the maker's ridiculous privacy policy which includes consenting to sending them all kinds of data that has fuck all to do with setting the time on a watch. Immediately uninstalled. So that feature is dead weight to me unless/until someone reverse engineers the watch.


This is true for most consumer tech (whether software or hardware) nowadays. The primary objective is to get "engagement" out of it. Any useful work the product might be doing is the bare minimum needed to convince the user to "engage" with the product.


It’s not that i dont agree but the Terraria example is a bit unfair. First this is issue of the platform. On other platforms you can choose version of the game. And second Terraria is example of probably one of the most supported games. The update you are talking about brings massive amount of content and updates completely for free 9 years!!! after release. Most companies would milk the product with third sequel and dozens DLCs by that time.


I'm not trying to pick on Terraria, but I think it's a great example for the reasons you are bringing up.

Even with the 'value add' of the update, I no longer play the game. Why? Because I invested in learning and mastering the game as it was when I bought it. The forced update removed all value for me, and I'm the one who made the decision to buy it.

If the product is changed significantly after purchase without my consent, then I feel I should be able to revisit my decision to purchase it. Otherwise, it's a sort of bait-and-switch scheme.


The update isn't forced, you have automatic updates enabled on your ps4.

Disable (Uncheck) automatic updates from [Settings] > [System] > [Automatic Downloads]

You'll have to uninstall the game and reinstall it from your hard copy to get the original version of the game you remember.

However, if you'd bought the digital version, you'd be out of luck.


I think it's how it's always been with software. It's ephemeral.

When the devs have to keep up with the system updates etc. there is expectation that they keep working on software. I am sure they would love to just push something that would work forever.

So much software that i bought stopped working. Even when you have "lifetime" license - eventually world moves on and you are without hardware to run the software.

I am not saying it's right but i am also not sure how it can be solved.


> without my consent

Not having read the TOS of the platform (or even ever having used it), I'll hazard a guess this isn't quite legally true.


No it’s totally fair. They ruined the game by completely changing the controls irreversibly and making it unplayable on mobile.


> brings massive amount of content and updates completely for free 9 years!!!

Which can be a bad thing. The Minecraft I played first and the Minecraft I played recently are two different games, and I don't like how overpacked with stuff the new version is.

Most game expansions - paid or not - follow the philosophy of "more of the same", rather than stopping somewhere between that and "less is more". Depending on the game, that can make it tedious.


Yup. I started playing Minecraft on Xbox 360 which my kids and I loved. We still love the game, but it's so different now, it's not the same game at all other than voxels and biome themes and some of the original music. We have a ship of Theseus situation. It's no longer the same game. I'd love to be able to pick a version to play like you can on PC.




> On other platforms you can choose version of the game.

Which ones are those?


> I tend to stay away from so-called 'smart' devices

I tried several alternatives in terms of smart TV (Apple TV, Google/Android TV, Fire TV), and I could not find any platform that let me use all of the apps that I needed without resorting to casting from my phone. And in some cases there was a long process to follow in order to get the device to do what I needed[1], which involved activating developer mode, sideloading apps etc.

In the end, I bought a wireless keyboard/touchpad combo and built a HTPC, reusing old components that I removed from my gaming PC after upgrading it over the years. I installed Ubuntu on it and never looked back.

[1] For example not having the home screen being made of mostly ads, or having a simple web browser installed on the device


Genuinely curious, did you feel anything was missing from Apple TV besides a web browser? I feel it’s perfect for our uses but I always like to know if I’m missing something. Personally I don’t like web browsing on TV but AirPlay fills that gap when it’s needed.


I have to say that Apple TV sucked less than the alternatives but it's also the most inflexible in the sense that it's harder to "jailbreak", so for example if Apple decides that the home page will now be filled with ads rather than icons, I won't be able to do anything about it whereas in Google TV and Fire TV you can sideload an unofficial launcher if you want. Compare this with my current solution where I can just change OS or desktop environment if I feel like it.

Another aspect is the fact that smart TV apps are sometimes not as good as their desktop counterparts. For example the YouTube app on most smart TV platforms does not support viewing show notes or comments. So every time the person in the video says "link in the notes below"... you are missing out on that link. Another example: I like watching martial arts, both the UFC web app and the FloGrappling web app have additional features that are not found in their smart-tv-app counterparts.

Another big one for me, is the fact that in a desktop environment I have better multitasking and I can use browser tabs. For example if I find a Youtube channel I'm interested in, and I see a couple videos that I would like to watch, I just open them in a new tab. On a smart TV you would have to add them to watch later, then go to your library and find them, it's just not as immediate.

Another point is gaming, I am recycling old computer parts that I removed from my gaming PC when doing upgrades, these are relatively old parts but still pretty good, so you can run triple-A desktop games with pretty decent quality, whereas the type of games available for download on smart TVs are mostly just ports of mobile games. I also installed RetroPie which is quite fun!

Then there is hardware upgradeability. Recently I was thinking to add a faster CPU, and then the CPU that is now in the HTPC will go into my NAS since the one I have in the NAS is quite slow. You can't do any of that with a smart TV dongle, all the parts are soldered to the main board :-)

One more thing I like is that it's easier to watch content using alternative clients, for example I watch YouTube videos using the FreeTube app, on Smart TV platforms you might be able to find some alternative clients but the choice is more limited.

EDIT - rephrased some parts as they were not clear


I tried to do the same thing, but the 4K+HDR streaming story is fully broken/DRM'd to hell on PC. You simply cannot stream 4K+HDR in most (all?) services on a modern PC (my HTPC is also a gaming PC... so Nvidia graphics in my case).

I went with Apple TV + Plex (along with D+/NFLX/Peacock/HBO Max/Hulu/AppleTV/Prime/Cable... but I still can't find everything I want)


I think the main problem is HDR right? Because I don't think that 4K per se would be an issue? To be fair my TV is not 4K so I haven't tried 4K streaming... Even on my gaming PC I don't have 4K because I preferred to spend on a higher refresh rate 1440p rather than a 4K panel so I really don't have a direct experience.


> without resorting to casting from my phone

I am curious, why is that undesirable for you? I'm assuming there's something more than lack of individual app support for casting.


It's fairly inconvenient to have to use your phone as the remote, especially when you want to do something on your phone (or watch something else) while the kids watch netflix.

We have disney+, and my TV apparently thinks we're not subscribed. My phone does, though, and I can cast from that. Yes, we can watch Encanto again, but it's very jarring when the normal interactions with the TV don't work.


Not OP, but speaking for myself, one of the biggest annoyances is that both Google and Apple actively resist the actual standard that's already there and widely supported by playback devices (Miracast), and instead push for their own proprietary walled garden solutions (Chromecast, AirPlay).

Google in particular is the worst offender here because they actually had Miracast in Android all the way up to Nexus 4 - and then deliberately removed it! Other vendors of Android devices generally reinstate it in their distros, although I do wonder how long that is going to last (probably right until Google makes not supporting it a condition of getting Google Play certified).




> I am curious, why is that undesirable for you?

Casting from a phone is a terrible experience. I want to sit down on the couch, mash some remote buttons and watch something. I don't want to find a phone to cast from. Whose phone would we use? Mine, my wifes, my relatives who are over? What if they want to change the program? Now they are figuring out all the casting business? No, pick up the remote and use it like normal.


> why is that undesirable for you?

Why is it undesirable having to go find my phone? Because I'm relaxing on the couch I guess?


Have you tried nvidia shield?


Did you see the update that shows ads for steaming services you don't have on the top 1/3 of the screen due to an update?


I have an LG TV for 2 years and it never showed any ads. Everything works great so far. Where do you see ads


LG uses WebOS which is not among the ones I tried. In some of the other systems the ads generally cover the upper half of the home screen, then you have the app icons below that.

This screenshot shows the home screen in Google TV and gives you an idea of what I'm talking about

And this screenshot is the home screen in Fire TV:


Yeah, I completely agree. Vehicle manufacturers can't just come and change out the steering wheel and dashboard in your vehicle, for example. Why can software vendors change out the total functionality of a piece of software you paid for? Especially irreversibly, in the case of DRM-laden platforms like game consoles, iOS, etc. where you cannot undo an update once it's installed, or cannot refuse an update if you want to actually use the software. Recently an iOS app I use almost daily pushed an update that removes a feature I relied on. The dev has never fixed the issue and has made other minor changes since, subtly indicating their change is intentional and permanent, so I'm just screwed forever and lost a core piece of functionality I depended on. Great. This is fine.


  > Yeah, I completely agree. Vehicle manufacturers can't just come and change out the steering wheel and dashboard in your vehicle, for example.
Actually, they can. There was a huge airbag recall a few years ago, affecting maybe half a dozen automobile manufacturers because they all bought their airbags from the same supplier. In at least one case, the dash had to be modified in order to fit a replacement airbag because drop-in replacements could not be procured quickly without disrupting new car production. It would not surprise me if some of the cases also required modifying or replacing the steering wheel.


How is this relevant? The owner has to physically bring the vehicle into the dealer. The dealer can't change or replace anything while it is in my garage or driving down the street. There are physical barriers that require the owners consent beyond checking a box.


It's a tangent, but it's incredible to me that people used to ship video games and other software on physical media and it worked fine. Now you can drop a big turd on the steam store initially and it's just business as usual. Cynicism aside, I really do admire the dev and QA teams that pulled this off. It's such a different world now.


It cuts both ways, games would take half decades to get done or only cover a thousandth of the ground current games cover. Imagine what Minecraft would be, shipped on physical media.

We also wouldn't get games like Goat Simulator who basically set a low expectation bar in exchange for low cost, best effort game play. I'm kind of ok with more "garbage" if we also get more weird/low budget games that wouldn't exist otherwise.


> games would take half decades to get done

...which is still true today. It's common that large titles take 4+ years in development if they're not built on an existing game's engine and actually release in a finished state. Activision was able to release a new CoD every year because they cycled through 3 studios of which each had 3 years time for a game that's mostly a mod of the previous one with slight improvements to the underlying tech. And even then it's now almost expected that it'll take another 3+ months to get in a state that the game was meant to be released in.

> only cover a thousandth of the ground current games cover

That may be true if you go back to the Atari era, but even ~30 years old RPGs can still hold up well in terms of content. It's great that now we don't always need publishers to create & ship games and can release updates online, but that's no excuse to sell incomplete products.


There was a time in the gaming market were quickly developed, cheap, often not-so-good games on physical media were a thing: 8-bit home computer era. So it's possible to imagine that coming back in more modern times, in a timeline were internet wasn't the obvious alternative.


I agree, I'm not saying things were necessarily better then.


I've read somewhere that it wasn't always the case that something worked flawlessly on physical media.

Things are way different now.


Indeed. The old MacAddict magazine shipped a CD with every issue. The CD contained loads of shareware/games/utilities/productivity software etc.

The CD also had a folder named "updates and patches" where you could find installers for the latest bug fixes of the most popular MacOS software.

CDs bundled with monthly magazines was a valid conduit for getting patches to users at the time.


Take a look at the games from that era and the games you get right now. Sure, more has changed than just being able to update things, but the ability to fix issues later and continually update games has lead to much much better games with way more content. And you can always chose to wait a year for everything to settle.


I actually think that may not always be for the best. Games are released in beta, and qa takes place in the months and years after release, if ever.

Updates can be issued, but it increasingly means that things are released in a state where updates NEED to be issued


I'm still playing older games. What new games do you recommend?


My feeling is that this is a temporary thing that leverages previous generations propensity for compliance and happily being controlled and screwed over constantly.

I have been appalled at the way people bend over and open their wallet since I was a preteen. Nordic and all the other rent seeking shits count on people blindly using their product they way they are told to. I'm surprised Nordic isn't suing their customers yet.


The problem with 'smart' devices I think is something akin to a conflict of interest.

On the one hand you're purchasing hardware, which you expect to own and control.

On the other, there is software that runs on a subscription model which 'coincidentally' restricts the functionality of the hardware, because they want to stop people from bypassing the sub.

The hardware effectively becomes useless if the subscription service becomes unavailable or is taken down (e.g. if the company is acquired and the new company doesn't want to support that stuff any more). It might still function mechanically, but it now has a broken appendage through no fault of your own.

I just don't think I could justify a purchase like that nos unless I could square that circle. I'm not going to pay 2k for a Peloton bike that holds itself hostage unless I pay another 40 a month.


It feels like these should be rentals that require a monthly fee but no upfront cost.


This is exactly what I thought when I saw the commercial. Its incredible that so many people are willing to pay that upfront cost.


The method to get into "God Mode" is the same, except now it prompts you for a code. Someone has figured out how to calculate it and actually created a website to generate codes for you.

Apparently the algorithm is very simple according to Reddit

>long responseCode = new Random((long) Integer.parseInt(iFitCode)).nextInt(999999);

It's not a perfect workaround, as it resets on the next boot, but I've seen that people are installing apps such as Taskbar which float overtop the iFit app and start on boot, allowing you to still launch your apps like Netflix etc even without God Mode enabled.

It's only a matter of time before Nordic decides to block this method as well. We should also be looking into how to block updates to these devices.


Normally you can block any device's update if you figure out the server for the update content/update check, and block it out from your router and/or DNS.


The "solution" for that will be embedded 5G connections.


I put all my gym equipment in a faraday cage


The remedy for that will be wrapping the internal antenna in foil or cell tower emulation.


Amazon sidewalk, actually. Should prove cheaper and work near any sense housing.


That would work equally well with LTE. It's not happening because it would increase cost.


The "solution" is to allow the device use only "official" resolver servers, accessed via encrypted channel, secured by a PKI with a private root.


First covid then gym equipment, 5G is the worst


> It's only a matter of time before Nordic decides to block this method as well.


The public statement from them sounds like it was legal whining about liability issues, and if that's actually true (which, well) then if it has to be sufficiently intentional on your part that may be sufficient for them to leave well alone.

Certainly worth preparing for that not being the case though.


IANAL, but are there any actual cases where someone or a class successfully sued a company for using their product off-label in such a way? This kind of stuff seems to me like how schools no longer permit students to go out for lunch, citing liability that they almost assuredly never had in the first place.


I can at least see the argument that tapping the screen a couple times in a certain pattern might not be sufficient, but having to generate a code is. I think it's a ridiculous argument, but I wouldn't be even remotely shocked that some octogenarian judge who doesn't own a cell phone is convinced by it.


Yeah or that's just the excuse they use to justify blocking access so more people subscribe to their services.


That's what "if that's actually true" was about, yes.


This is great, thanks for posting this site. I am one of those who bought this awesome treadmill for several reasons, including to watch netflix and plex. It's been frustrating not being able to easily do this... I have just been listening to podcasts from my phone.


DHCP advertise an http proxy to it with a PAC file and block non-proxy communications. It should do the right thing eventually, at which point you can catalogue the usual traffic exchanges and then block anything not in them and/or just the software update URLs (which requires inspection over time, as there may be many).


Surely one can just block the update service via something like a pihole? I do this for my Vizio TV. They're notorious, as as most smart TVs now, for calling home and everywhere else.


I know this is terrible for consumers, but I'm endlessly amused by all the hacks and workarounds in this game of cat and mouse.


Thank you for this. I was hoping someone had figured it out but I hadn't found this yet.


Thank you! I love the hardware but I'm pissed about the software. This is helpful.


Jeeze, I will stick with my modular solution: an ipad on a music stand. This is compatible not only with any commodity treadmill, but also bike trainers, ellipticals, and making vroomvroom noises on the motorcycle when it's too icy to actually ride. I could also swap out the ipad for a laptop, non-ipad tablet, or a collection of cute succulents should I desire it.

snark aside, I'm a bicycle guy and I really like that we have an ecosystem of bluetooth trainers and apps that all work pretty well with each other. Simulating hilly courses is actually really useful and has made me a better rider, so it's not like I'm advocating being a total luddite. While I prefer to ride outdoors in the sun, my area in Iowa is extremely flat and the only difficulty comes from the wind, and I find the new toys are a lot more fun than a dumb trainer with a sufferfest DVD. I don't really know much about the treadmill scene but I hope you guys have access to similar stuff.


> I will stick with my modular solution: an ipad on a music stand.

I actually don't get the point of getting a 4000 treadmill rather than one that's half the price and an ipad


You save… uhhh… one power outlet?

But really, my understanding is that these fancier treadmills map incline/speed/whatever data to the video file to make it “more realistic”. I think there may even be a sort of MMO/live ghost feature?

Personally I think I’d rather just have music I like and work out at a pace that’s comfortable for me, but to each their own I suppose.


I'm a zwift user and I really like it. You can designate a course and it will adjust the resistance to match the elevation changes. There is live or ghost racing (with simulated drafting, which is cool) and other neat things, but the routes and structured training is what I'm there for.

My tacx trainer was only $300 or so when I bought it, which was comparable to non-bluetooth trainers. That said, I already owned a fancy roadbike to use with it, which is not a negligible cost.


You don't even save a power outlet! A lot of workout equipment these days have built in USB ports.


> You save… uhhh… one power outlet?

A power tap block is $3. :)


For me, it was the deck on the Peloton. At the time of purchase, it was the cheapest slat deck treadmill I could find.


I walk 60 min a day outside, rain or snow in the northeast.

A treadmill to me is just so boring and doesn't feel right compared to actually moving.

Walking outside when it is 10 degrees out with an audio book is still a better experience to me than a treadmill.


> I will stick with my modular solution: an ipad on a music stand.

My smart rower consists of a C2 Model D sitting in front of an old-school panasonic plasma TV in a spare/theater room. Both components are over 10 years old by now and neither show the slightest signs of giving up the ghost. That TV doesn't even know how to talk to the internet, and I lost the USB cable for the PM4, so everything is effectively off-grid.


Funny, I use iPad on a music stand, too. With my bike trainier (Hammer H3). BTW, you can get the Sufferfest content on the newer Wahoo Systm app. I don't mind paying the $15/month for it for a the three to four winter months spent training inside. (They also have newer content, too, than the old DVDs.)


The picture at the top of the article is not the $4000 treadmill. I think this is what the article is talking about:

If you're into running on a treadmill, this looks like a very sweet setup. It has a huge touch screen that's just in the right spot, you can easily reach it while running, and it has gimmicks like automatic adjustment of inclination.

It's not cheap, but it looks like really nice hardware. I totally understand why some people would want something like that, especially if you can install generic Android apps on it!


It's funny you mentioned the sun. I enjoyed the sun a little too much when I was younger. So one feature I enjoy in exercise bikes these days is the radiation protection.

The accessory part is also pretty neat though. I use a low end exercise bike that came with a snap-on plastic tablet holder. It works pretty well but it got me thinking about hacking the thing. I was finally able to mount a scanner radio, a ham radio, exercise bands, and my phone along with the tablet. Then my kids decided to take it off my hands for a while...I think Dad looked a little too motivated.


In this particular case, some of the runs from iFit instructors are actually quite good, and it cool that it adjusts the speed and incline to match the instruction. Probably not worth the extra $$$$ but it is pretty cool. But now I also want to be able to watch regular videos. I usually walk outdoors for an hour a day to get my 10,000 steps in, and the Chicago winter makes that tough, so I'm thinking an hour of walking on the treadmill while i catch up on my favorite shows might be a good substitute.


> ipad on a music stand

Thanks for the idea. I might get some kind of tablet so I can watch things without moving my (cheap) stationary bike in front of the living room TV.


If you want a really nice version of this, companies like Heckler Design, Manfrotto, Triad Orbit, and König & Meyer make excellent stands with tons of adapters for lights, cameras, mics, speakers, phones, ipads...

My current WFH setup includes a Manfrotto 244N magic arm attached with a RAM mount to a Rokform RAM ball that very securely attaches to my Rokform iPhone case. It's clamped to my desk with a Manfrotto 035 SuperClamp. The RAM adapter is P/N RAP-B-366U and the double swivel on the RAM side is a RAP-B-201U . The Rokform part is "Universal Ball Adapter Phone Mount" SKU: 337101

RAM also makes a great iPad "X-Grip" holder, along with tons of different mounts for different situations, especially vehicles and things like exercise bikes (e.g. look for stuff like a "RAM® Double U-Bolt Ball Base for 1" - 1.25" Rails" or indeed their actual handlebar mounts). These are sturdy, pro-level mounts, not the cheap disposable junk from no-name brands on Amazon.

For my Zwift stationary bike setup that I use my old road bike on, I just use a $15 Niteize Handleband to attach my phone plus a Vornado 783DC made-in-USA DC brushless fan to keep the sweat levels low.

Another couple brands worth checking out would be Joby's stuff (I have an old GorillaPod DSLR that holds my webcam these days) and "The Joy Factory" who make pro-level iPad clamps / stands.


>My current WFH setup includes a Manfrotto 244N magic arm attached with a RAM mount to a Rokform RAM ball that very securely attaches to my Rokform iPhone case. It's clamped to my desk with a Manfrotto 035 SuperClamp. The RAM adapter is P/N RAP-B-366U and the double swivel on the RAM side is a RAP-B-201U . The Rokform part is "Universal Ball Adapter Phone Mount" SKU: 337101

No offense, but that sounds insanely complicated for putting an iPad on a stand in front of a threadmill. If it was me I wouldn't even want to know what a RAM adaptor is, I would just want to buy a tripod with a clamp for an iPad.


Give it a go with just your phone too before shelling out for a tablet. When I go to the gym I sometimes just lay my phone on top of the machine by the controls (about music stand level) and at that distance from my eyes the diagonal is plenty large enough


Same. I have a couple of used treadmills that I repaired for dirt cheap and a crappy TV mounted to the wall. Treadmill cupholders make great remote holders.


"NordicTrack says it supports right-to-repair rules. However, because of its equipment’s moving parts, the spokesperson says, it believes that restricting access to its operating system is important for safety. "

The real reason they don't want people using other apps or watching third party videos is because anyone doing that is not spending money on iFit. Or, at least, not as much as they could be. NordicTrack likely discounted these treadmills to squeeze out competitors with the intention of making their money back by locking customers into iFit.

If a few users hack their treadmills, that's not going to hurt NordicTrack's bottom line. If most users are doing it because it's as easy as tapping the screen 10 times, then there's a problem. So, NordicTrack has made it harder to gain admin access. Not impossible. Just harder. More people will go back to spending money on iFit, the determined few will roll up their sleeves, and the business model will be restored.

The problem is that this business model is a bait and switch. When people pay for a treadmill they don't expect to be locked into further monthly payments to unlock its features. It's inherently dishonest, and the victim, aside from users, is the competitor who produces an honest product that's paid for entirely up front and is, hence, more expensive and less competitive.


NordicTrack treadmills are quite expensive actually. Full incline model are $3000 and $4000, and there is no competition for them.


I really wonder about the payoff in the continual cat and mouse game here. At some point, you are going to be paying a sizeable sum to your devs to try a lock out a relatively small amount of technically capable people who will circumvent the system rather than pay a subscription fee. I agree making a little harder once probably convinced a few people to pay up...but after that it has to be diminishing returns and eventually negative returns. I wonder what the tradeoff would be if they marketed their system was one that as open and you could do so many things with it. Like, imagine if the commercials showed how you could use your treadmill but also connect to any app you wanted, like Netflix. To me, that would be a big draw.


On top of that, iFit is not very good. Continuously adjusting incline stopped being interesting about 2 months in. The only thing I liked was that it recorded a running total of distance and elevation, which was good for motivation. I walk outside more than I use the treadmill nowadays, and I use my Apple Watch for motivating statistics. I will probably just sell my treadmill or just give it away.


Do they not want to enable access to god mode because you can tinker with the treadmill parameters and do unsafe things or because they think Netflix will somehow break the treadmill?

If it's the former, then they should keep god mode for treadmill service operations inaccessible but also allow loading apps like Netflix and Hulu. I'd wager that streaming apps are what most of the people using god mode want.


My solution to this problem would be legislation that allows customers, if they wish to, to return devices for a full refund if the company that manufactures the device makes a change that removes functionality that the customer valued. This doesn't prevent the company from making the change, it simply makes sure that they incur a cost for doing so, and it makes whole any customer affected by the change.


What counts as functionality?

For example suppose the UI of a treadmill has a "Last 5 workout programs used" section on the front page of the UI to allow the user to select with one tap a recent program. An update replace that with a "recents..." button which takes you to a new screen that shows the last 10 programs used.

Is no longer providing one tap access to the most recent 5 programs removal of functionality? Or is the feature just that it has a way to recall recent programs so as long as there still is a way to do that, even if more convoluted, it does not count as a feature removal?

How about functionality that was not in the device when it was purchased but was added by an update? If the law does apply to that, then in effect the manufacturer will be locked into only ever adding functionality. After a few updates the UI is probably going to be a total mess.

If the law only applies to features present at purchase, then manufactures will just ship bare bones devices that only implement what is necessary to make the claims on the box and in their advertisements not false. Then the first update will add a ton of stuff to make it more than bare bones.


After a few updates the UI is probably going to be a total mess

After a few messes the UI teams will figure out that you have to advertise and implement features in a way that doesn't interfere with user's habit. E.g. has a start screen where you may pin "last 5 workout programs", "recents...", any menu item, and a button to access other functions at top right.


Wow this is by far the best solution to this pervasive problem I've seen, no irony. This way, you don't need legislators go into technical and domain specific detail. Producers are incentivized to provide optional updates or "downgrades" if necessary, and if they shut their cloud services off and brick the device, people have a right to return it. Additionally, it can't be abused by customers if the company acts well.

However, we still need to tackle the subscription issue, I.e. That manufacturers can hide behind "you didn't renew the subscription for this printer/treadmill so now we brick it". Any ideas?


You won't need legislators, but you will have to make your case to whoever is manning the returns department at Walmart.


You misinterpreted. Of course you still need a judiciary process. But you’ll won it because the law would clearly be on your side.

Still hard to prove your case, but no company will take the risk because they could have thousands of customers ready to prove they have been abused.


This basically means that everything that has software updates can be returned forever.

Like most of things in life, the answer is very rarely a new myopic and ill-conceived law added to the thick stack of existing incomprehensible legislation.


This basically means that everything that has software updates can be returned forever.

It doesn't. It means that functionality cannot be changed in a degrading way, but upgrading and non-conflicting security updates are still allowed.

For a customer, money upfront and money over time is the same (adjusting for the interest rate). They don't need just a dead brick, whatever it costs in production. When your saas stops having a feature, you stop paying. This is no different, except that I'd vote for a law which amortized the upfront cost to the real usage time. E.g. I bought a treadmill with 2-year warranty for $4000 and it stopped doing a claimed feature after a year (iow, became broken from my perspective). I either receive a service which returns the feature, or get $2000 back + 20% fine for inconvenience.


Not the first time a company has pushed an update that removes important features.

To my knowledge the first high-profile instance of this was when Sony updated the PS3 to remove Linux support, which resulted in a successful class-action in the US. [0]



Successful for whom? The layers or the consumer? Sadly in many class action cases the "victims" get effectively nothing.

The way class action is done in the US it only makes sense for the law firms.

I have stacks of class action letters and in almost every case I get exactly zero...


> Successful for whom?

Consumers who don't want products to have features disappear. The main thing class action suites accomplish is punishing the offender so that potential offenders in the future think twice.


> I have stacks of class action letters and in almost every case I get exactly zero...

I was pleasantly surprised when I got around $250 CAD from a Lenovo class action suit. I bought one of their consumer laptops that had a piece of crapware on it. It was big news when it happened. Otherwise, I normally get maybe $20 for the class actions that I sign up for.


> Otherwise, I normally get maybe $20 for the class actions that I sign up for.

Your area requires lawyers to solicit class members to sign up for class actions? Lucky! Around here you'll just be grouped into the class action without asking for consent. If you're lucky they'll mail you a notice about the suit on a postcard and let you "opt out" by locating a non-editable PDF of a form buried somewhere on their site, printing it & filling it in by hand, and sending it to their headquarters by certified mail at your own expense. (If you're less lucky you get to write up your own free-form opt-out letter and hope it meets their standards.) If you don't do this then you lose the ability to sue as an individual, or to refrain from being (ab)used to bully the defendant (and enrich the lawyers) in the event that you don't agree with the basis for the suit.


My pet feature removal case is when they pushed an update for a GTA that removed a good bunch of the original songs from the radio. The articles I found are for GTA IV but I'm certain that the issue was with an earlier version at first.


Thats because Sony originally marketed OtherOS but then changed the functionality after the users had purchased the machines.


I feel like that was actually a fairly legitimate removal by Sony. Sony was selling the consoles at a loss in order to make money on the games. People were taking advantage by buying cheap Linux computers, never allowing Sony to recoup money from the initial sale. I don't have much sympathy for the people abusing the system in this particular case. Probably an unpopular opinion around here.


>People were taking advantage

>I don't have much sympathy for the people abusing the system

I disagree with the premise that it's unethical to use a product I purchase and own from a for-profit company for a use that turned out not to be profitable for it. Note that it wasn't much of a hack; Sony sold consoles with the option to install another operating system from its menu [0].

Since the move was so unprofitable to it, Sony should not have offered the option to users in the first place. But since it happened, executives at Sony then just decided that it made business sense for Sony to disable the option in a firmware update.

I just don't understand the framing where it's as if Sony did a favor for its customers who then "took advantage," when Sony just miscalculated a business policy to serve its own self-interest.



Yep, they made a mistake supporting it. And they never will again.


"OtherOS" was added to evade game console tariffs by claiming the PS3 as a computer, a similar tactic to the one used to attempt to classify the PS2 as a "digital processing unit" to avoid EU import duty.

Sony's removal of OtherOS wasn't just deceptive and an abuse of customers' trust, it was conspiracy to commit customs and tax fraud.

Also, while I bought my PS3 to learn parallel programming, I found that it wasn't that great for it. The CBE was really unintuitive, there was only framebuffer access to the GPU-RSX chipset, and with just 256MB RAM, $600 would have been better put towards a dual core CPU and any discrete GPU if you wanted a functional Linux computer.


I see your definition of "legitimate" is "in their own best interest regardless of legal or moral legitimacy"


Classically the feature was taken away to make you safer :)

> The block on privilege mode was automatically installed because we believe it enhances security and safety while using fitness equipment that has multiple moving parts,


yep, thats why they let you watch netflix on tredmills at the gym!


This is related to why I bought a concept2 erg recently. Hurt my achilles and needed to switch to a low impact exercise, which I prefer to be able to do at home rather than going somewhere else (so swimming is out).

Looked at Peloton, but it's about twice as much as an erg up front, has running costs each month, and what seemed to be many more points of failure (which includes the electronics). The Concept2[0] is a tank that should last me a very long time. Space is an issue (I had to shove my dining table to the side), but the workout is amazing and I have a lot of faith in the machine to last. Plus it has a pretty straightforward bluetooth connection if I want to get data out and multiple USB and ethernet ports on the very simple monitor it came with.



I own a concept 2. I have 4.6 million meters on it. I watch programming videos in Spanish while I workout(To learn Spanish). This is my "Smart Workout Machine".


Can you share some YouTube channel recommendations para practicar español


Mainly I am using LinkedIn Learning right now, it's what my company is paying for right now. Learning platforms like that let you search by language and closed captioning sometimes, then LinkedIn let's me share that to my "activity feed" and "certifications".


I have a concept2 rower as well. I didn't buy it for the SDK[0], but I love that they keep the tech minimal and provide tools for third party developers. It's a company I'm glad to support.



Concept2 machines are bomb proof. These things are designed for intensive use in gym settings which far outweighs the use I put in a single individual. I've put in countless meters on mine over the years and it's still practically good as new.


I normally ride a bike on a smart trainer during the winter (when not riding outside), but am planning to buy a Concept2 Erg before next winter. It should be great for core and back strength, something cycling -- especially indoor cycling -- benefits greatly from but just doesn't do.

It's amazing to me just how (relatively) cheap the Concept2 is. Solid, well made, and reliable.


Concept 2 is indeed the cheaper and better option for an erg. Aside from being very sturdy machines at reasonable prices compared to your nordictracs and pelotons, old models are supported essentially forever with spare parts and detailed installation/fix instructions. I dont know of any rowers who don't swear by them.


I picked up a model A for just this reason. $120 on craigslist for a 35 year old machine. It is super solid, but will need to replace a few minor parts soon. And from what I can tell they are all available for purchase from concept2, which is awesome.


Mmmmm, a Model A. I miss those days. No electronics whatsoever. Just that mechanical odometer ticking over ever so slowly.


Following Wirecutter's suggestion, I got a ProForm 505 treadmill. Like Wirecutter said, it's cheap, a bit janky, but does the job adequately for a "non-pro" like me.

When unpacking it and setting it up, there were multiple notices everywhere: On the packaging, as a separate note in the packaging, in the manual, on the treadmill itself. Those notes all said that the treadmill is "locked" and you need "online activation" to unlock it.

I was getting very nervous, since I thought I bought something that does not need online activation.

However I think it was also Wirecutter that mentioned that you can just press the iFit button for longer than 15 seconds--or was it 30 seconds?--and it's "unlocked". I did that once and it worked ever since, never needed to do anything online, or connect it via Bluetooth, WiFi or anything else.




Suitable story, hacking walled gardens on HN.

Reminds me of the Rigol DS1054Z 50 MHz oscilloscope, that you can trivially 'hack' into the more expensive DS1074Z 75 MHz or DS11074Z 100 MHz scope. Rigol hasn't disabled this hack, even though they can easily do it. They likely loose money if they do so, since customers move to other scopes.

Also, some Tesla updates make the experience worse instead of better (V11 update is terrible, inconsistent UI and much more menu diving). I should have disabled auto-updates, and read the forums before doing the update next time.


This is the first I've heard of it - but is this perhaps a straightforward avenue for conventional price discrimination? Businesses that want the 100 MHz may well just pay for it because they don't want the hassle the hack might lead to. And the people who'd use the hack probably wouldn't have paid for the more expensive one anyway. So Rigol might be extracting maximum value thanks to the hack, rather than despite it.


I think Rigol gave in to the hackers? Last year I bought a DS1054Z from amazon and it came with all the options permanently enabled.


Your aside reminds me of the PSP hacking days. Whenever there was an update, you'd have to hold it and check forums to see if it patched your root exploit.


The system for key validation to enable the various features on that scope [1] is actually, if I recall correctly, a well designed system using sound, strong cryptography except they used short enough keys that you can easily brute force it. That's what they keygen programs for it do.

It is almost inconceivable that they would know enough to use good cryptography but not know that they needed long keys, so a lot of people believe they intended for it to be easy to hack.

One theory I've heard that makes sense is that this is for price discrimination. Your hobbyist user, buying a scope to figure out what is going wrong when they try to talk to their humidity sensor with their Arduino, is not going to pay an extra couple hundred dollars to get the protocol decoding add-on. Paying $400 for the basic scope is already near their limit. So let them have all the features--it makes the Rigol scope more attractive to those users without really costing Rigol anything.

So why not just include all the features without requiring keys to enable them?

Because people using the scope for business will pay more for them. That's because if they use a keygen program to enable them and use the scope to design or test some product, and later something goes wrong with that product and someone gets hurt and they find themselves being sued, they don't want to have to deal with how a plaintiff's attorney would try to spin that in front of jury.

Sure, it would probably not be hard for the defense to respond and explain that the scope behaves exactly the same regardless of whether the key was purchased from Rigol or came from a third party keygen program, so you might think no harm would be done by plaintiff bringing this up.

However, civil trials have time limits on how much total time each side gets to present their case and to rebut the other side's case. If defense has to take time to educate the jury on the whole Rigol key system and how keygen programs are safe, that's time they don't have for other things.

I've seen that kind of thing happen. I was a witness for a plaintiff in a suit. Early on, defense was able to find something totally minor but that looked bad if you didn't know the details of state tax and corporations bureaucracy [2]. It took them 2 minutes to use that to make us look dishonest. It took much longer the next day to explain all the details to counter that. For the rest of the trial, we were short on time and had to drop some things.

Later, when I was on the stand defense asked some questions about a particular piece of software the plaintiffs developed. They asked detailed technical questions and I answered them. Then they said "play the video of tzs's deposition from <date several months earlier>". On that video I was asked the same questions I had just been asked in court, and answered that I had not worked on that software and didn't know the answers. Defense then said "no further questions" and walked away.

I expected our lawyers to then ask about this, so we could explain why I apparently was either lying my ass off in the deposition or lying my ass off a few moments ago, but they didn't. They later told me they were short on time, and decided that having the jury think I was a liar was less of a problem than dropping the other stuff they would have to drop to deal with that.

So why the apparent discrepancy between my deposition and my later in court testimony? The deposition was 100% correct. I had not worked and that software and didn't have any deep technical knowledge of how it worked.

Later however, I was designated as the person on our side who would be answering all technical questions about our software. This would cover all our software that might come up in the case, not just what I had worked on. So I spent a considerable amount of time after that deposition studying the source for such software, and by the time of the trial I was able to answer deep technical questions concerning it. (Which defendant was fully aware of, by the way, since between my first deposition and the trial, there was a deposition where I appeared in the role of expert on all our software).

[1] Besides doubling the bandwidth, there are keys for expanding the amount of memory, adding advanced trigger options, adding protocol decoding for various useful protocols like I2C and RS-232, and I think some other features that I'm forgetting.

[2] Briefly, when you paid your taxes you got a receipt from the state revenue department. You were supposed to file a copy of that receipt with the state corporations office. Someone failed to do that. If one then queried the corporations office we were listed as having not paid our taxes.


We need an Electronic bill of rights.

1. You must allow full root privileges for Electronic devices to the owners

2. You may not circumvent owners rights through leasing or other means.

3. You may not create barriers to device owners using their devices how they see fit.


I'd also like code to become open source, at least after a while - last product sell date + X years or something.


This can be problematic if the hardware vendor purchases software from a third party, and that software is not discontinued.


Like GPLv3's anti-Tivoization clause?


GPL v3


If Nordic is being honest that the issue is safety- preventing users from diddling with their software and accidentally making it unsafe, then they can simply install a browser so the users can view what they wish online.


From Nordic's POV, this is a safety issue, it affects the safety of their bottom line. Adding a browser would also compromise safety, again not the safety of the user but the safety of their bottom line.


But the first person interviewed was already a subscriber. They bought the hardware. They were paying for the content. He was making a pretty healthy contribution to their bottom line. Now that customer is alienated to the point of being interviewed for an article. I'm guessing they wouldn't recommend it to a friend or family. Taking away stuff from paying customers seems like a path towards not having recurring customers.

If it was just about the money, they should have e.g. have pop-up ads cover the screen only for non-subscribers, such that people aren't inclined to buy the device, not subscribe to the ifit content, and watch youtube instructors or whatever.


I wish more people were open to this notion of safety than the one that companies try to fool their customers into believing is for their own good.


Hilarious take


No they aren't being honest. Almost anything can be used in an unsafe manner if the desire to do so is there. Fundamentally you have a belt whipping around on two rollers at speeds upwards of 10 mph. It's an unsafe, if used improperly, machine to begin with.

The safety argument isn't so much an argument as it is a trigger word to elicit a response in people.


Frustratingly, the safety argument may win out. But it also reflects a poor design. What the people in the article seem to want is to be able to use an Android tablet as an Android tablet, they aren't dicking around with the safety-related parts. So the sensible (but often not done) thing to do would be to offer three modes. A "gym mode" suitable for most public equipment (just get into iFit or whatever it is), a "home mode" which permits installation and use of other apps (like Netflix), and an actual privileged mode that can get into the safety-related settings. 99.9% of people at home will be content with just that home mode level, and never care about anything beyond it.


Unfortunately for them, the response it elicits from me (and likely an increasing number of others) is the classic Franklin quote. The more companies try to squeeze their users, the more the users are likely to wake up to their BS.


It's entirely possible. The iFit app which runs on my treadmill is an embedded web browser. From "God Mode" there is an iFit Admin app which reports information such as the embedded chromium version being used for iFit.

I actually walked down to the basement to test this - even when closing the iFit app while in God Mode, the physical controls on the treadmill including speed, incline, the stop button and the magnetic safety key, continue to work as designed. If you close the app then you can't see your current speed, but you can still stop the machine.

That being said, I haven't dug into how the iFit app sends commands or retrieve data from the treadmill's controller. It seems possible that a "rogue" app could somehow interfere with this communication or send its own set of commands to throw you off the machine, but feels very unlikely. Plus, the tablet on my treadmill is running Android 7. I'd be much more afraid of remote exploits on the embedded browser on this ancient OS than someone with physical access loading a malicious app.


C1750 treadmill, was able to drop into android launcher, install f store, dropbear. After being able to ssh into the treadmill I found the mediatek soc they use has an exploit app to get a root shell. Further decompiling of the ifit app apk shows it’s written in c#/mono, sending bytes to a usb device for treadmill control. I ran out of patience trying to intercept writes with strace and just went back to running.


The lengths a person will go to to procrastinate on starting a run ;) very impressive!


sounds strange, I would have expected a Java Android app with jni calls to c/c++ through Android ndk


They can still make updates for safety obtain consent from the device owner before being installed. I should be able to opt out of measures for my own safety.


I imagine the same issues would be presented if they embedded chrome or webkit with how often both of those have RCEs.


The iFit app is actually an embed a web browser. If you open the iFit Admin app, it reports a chromium version. I haven't dug into it too much, but definitely an embedded browser.