Turn your Rigol DS1052E Oscilloscope into a 100MHz DS1102E

[John Tserkezis]

Your justifications only show that you fit in the same group as Rigol. I
won't be buying anything from you and I hope your customers will find
someone else to give their money to.

Perhaps he doesn't appreciate that Rigol make these things in
*quantity*. Remember, they're overclocking the ADCs, so they're cutting
costs in every way they can.

His justification would only work on small runs, where it would
worthwhile to have someone MANUALLY plug in a port, test, program
accordingly, and stick the relevant label.

The only cheap way to do it, is to have a production line test jig,
that automagically programs, probes and accordingly presets the
equipment to the required spec.
All of this would be most economically viable for the numbers Rigol are
handling, and even EASIER to obscure a simple "one character" difference.

Instead, they have this part of the communications available to the end
user, via an industry standard interface and keyboard-capable commands.

Mind you, they *could* be doing it as I outlined above. But the fact
remains, if it were so easy to obscure this part from the end user, why
did they almost appear to go out of their way to make it easy instead?



Whether or not the user re-programming is, or is not allowed, likewise
if it should or should not be allowable, is rather irrelevant now.

Whatever the reason, they *HAVE* made it easy, and this pretty much
negates any whining IMO. That bolted horse comes to mind.

 

[Jamie]

I'm afraid I'm not lowering myself to your level Phil.


Where does all that frustration come from?

Maybe he paid full price for a DS1102E ?

 

[Jamie]

Is it worth that much?

I see and understand "Nial Stewarts" point.

$0.50 is like a slap in the face for MS..

I would how ever, do the honorable deed and pay $0.75 for it.


Jamie.

 

[John Tserkezis]

But if you don't have one, and buy the cheaper one instead of the 100
MHz, because you know you can hack it, Rigol loses revenue. Dave has
made this possible.

This correct. Their aim was to sell to one particular market, and
cut-price a lower speced product that would cater for the part of the
market that would not have bought it otherwise.

Not only is there nothing wrong with this, it's normal marketing practice.

The special case here, is Rigol has opted for down-specing an existing
product, to be sold cheaper. Not only that, they've made it obscenely
easy to do it.

Good. That will limit the damage. Of course, it cost them something to
spin the firmware.

Boo hoo. They should have done this in the first place. More so,
which market did they *THINK* they were selling to? It's a scope for
christ's sake. The people using it are possibly the most trained,
geared-up and have incentive to do it.

I'm sure they'll be a lot more careful in the future.

Or less stupid as the case may be.

 

[markp]

No. Overclocking is not illegal.

John

But neither is hacking your own bought 50MHz scope. I can't see how your
views are consistent here.

Mark.

 

[markp]

But if you don't have one, and buy the cheaper one instead of the 100
MHz, because you know you can hack it, Rigol loses revenue. Dave has
made this possible.

But you don't know you've got a reliable 100MHz scope at the end of it
unless you buy the actual 100MHz version! As you say, they may well have
sampled them and bets are off as to accuracy. All you've really got is a
modified 50MHz variant that *may* be accurate. You'd need to calibrate it,
even then no guarantees it won't drift.

Good. That will limit the damage. Of course, it cost them something to
spin the firmware. I'm sure they'll be a lot more careful in the
future.

John

They'll have to spin the hardware too apparently. That'll cost them a bit
more and take longer for the old ones to filter out.

Mark.

 

[markp]

And it's easily possible that Rigol saves a boatload of money by having
only one assembly number to design, code, build, and test. Remember that
(as Dave discovered earlier) they're actually overclocking the ADCs on the
100 MHz model--so one can argue it's really a 50 MHz scope that Rigol
themselves hacked into a 100 MHz one.

And this is where John's logic really does break down as said in another
post. By John's logic Rigol have deprived the ADC makers of revenue by
buying lower specified ADCs and clocking them faster than they are rated.
John argues that this is OK because it's not illegal. But the thrust of his
argument is that somehow hacking a 50MHz scope 'deprives' Rigol of revenue,
and since hacking per se is not illegal this simply amounts to a moral
argument that it is somehow wrong. If that is the case then so is
overclocking ADCs. If it is OK to overclock an ADC, why is it not OK for a
user who has bought a 50MHz version to privately 'overclock' it to 100MHz by
making a firmware tweek or hardware mod? In both cases the results are not
guaranteed anyway.

Mark.

 

[markp]

That's only done to cut costs. If component selection *was* an issue,
it would have been locked in hardware. A jumper perhaps, a bridge on a
track, something.


I don't think so. The testing would have occurred during the board
construction phase, before it has been programmed with firmware and fit
into a case.

Not necessarily. They may use the firmware itself to test a parameter such
as the bandwidth of a particular amplifier stage. This might require a high
tolerance for the 100MHz version and a lower tolerance for the 50MHz
version. Unless they are using some fancy and expensive ATE tester that
could do this it might be far easier and cheaper to use the firmware itself.

It appears the ONLY difference between the 50/100Mhz version is one
character in the serial number, via unencrypted, keyboard-capable RS232
communications, on a port that's user accessible. Oh, and the sticky
label.

We don't know that this is the only difference, as you say it *appears* to
be the only difference.

Call it what you want, it's sloppy, they *have* been caught with their
pants down.

Sloppy it is. Unencrypted serial comms and a simple hardware mod to bypass
firmware settings is asking for this to happen.

Mark.

 

[markp]

In this case Rigol actually went to the trouble to design-in circuitry to
enable this 50MHz "cripple" feature. The front end was clearly designed
from day one to be at least 100MHz bandwidth, and they then decided to
dumb it down to meet a lower end market and price point by adding the
cripple feature.
So George is essentially right, the only effective difference is the
price.

They could as has been pointed out do sampling, some may fall below the
100MHz threshold and are destined to become 50MHz versions. There is no real
guarantee that a 50MHz scope when hacked will perform as well as a bought
100MHz scope. But that's the risk the end user takes in carrying out the
mod.

 

[markp]

What you have done is possibly a criminal act in the USA, using a
computer to deprive Rigol of revenue. In the US, "using a computer" to
perform an act can be a much more severe crime than the act itself.

Is buying a piece of equipment and modifying it yourself to use yourself
without trying to profit from it at all a criminal act in the USA? Does that
mean you can't put go faster stripes on your car if the manufacturer had a
version that had a similar product? Remember there are no warranties with
such a modified product, usually the disclaimer states any modification or
tampering simply voids the warranty. As long as you don't directly profit
from that modification e.g. by selling them on I can't see the problem.

Software is another issue. With software you have a license to use not
necessarily to own, and there may well be clauses that prohibit reverse
engineering or using multiple installs, but these are clauses in a contract
that are clearly stated at the time of purchase. Not so when buying things
like scopes on eBay.

I have some sympathy for Rigol here. Many of our products have an
option that can be enabled in firmware, and that we charge for. We put
a lot of engineering effort into the firmware, and need to be paid for
it. If buyers of my gear can order the cheaper one and make it into
the expensive one, by copying an EPROM maybe, or setting a bit in
flash somewhere, I can't recover the cost of the feature. The act is
arguably legal theft. It's certainly moral theft.

Products are increasingly IP and less hardware these days, and the IP
is expensive.

Of course, Rigol made it too easy. They will probably go back and make
it harder to do, and that will make the scope cost more in both
versions.

I say! Sending encrypted packets over serial would be a good start. Also
don't allow a simple hardware mod to allow switching between modes by
bypassing any firmware change would be another. These are pretty basic
mistakes, the only result is a potential hack and loss of revenue by not
selling as many 100MHz versions. BTW this doesn't mean the users that have
done this mod have deprived Rigol at all, they are now using a device that
is now out of warranty and, more importantly, has no guarantee of
performance. As long as they don't directly profit from that by reselling
and claiming 100MHz operation I can't see how they have deprived anyone.

 

[Jamie]

---
Jeez, John, I see you still haven't quit being a cheater...

1052E's go for $595 max _retail_, and 1102E's go for $795 max, also
retail, so that's a difference of $200, of which Rigol sees maybe $50.

Applied to 100 scopes, that's $5K which is probably chump change for the
likes of Rigol.

Now if I cheated a little and claimed that those 100 scopes would never
have been bought except to be "converted", then I could claim that the
extra sales more than offset any losses (especially since it costs them
the same to build either scope) and that the hack was actually a
blessing in disguise, if not leaked on purpose...
---




---
If he hacked one of my products and wasn't in violation of any IP
restrictions, then I'd be unhappy but that's the way it goes...

BTW, you think wrong.

Again.

I do hardware, firmware, software, AND bleeding edge 555 circuit design.

So there...

JF

 

[George Jefferson]

My customers understand they they have to pay for firmware, because it
costs us money to develop. And they pay for extended temperature range
boards, and they pay for extended warranty, and they pay for BIST. We
offer them different things at different prices, and they have the
option to buy from anyone who makes them a better offer. I do expect
them to not hack my boards to steal our investment in firmware
development. They are professionals with ethics, and they don't.

Would you charge your customers for an update in firmware that just changed
a version number but claimed to fix several bugs and improve performance?
Well that's what Rigol is effectively doing and you are supporting them. So
why do you expect me to believe that you are ethical? Of course no matter of
your pleading to be believed to be ethical would convince me. All con
artists attempt to deny their behavior and of other cons. A con artist wants
everyone to believe they are legit and must also stick up for other cons so
people don't "catch on".

So you are against the hacking of the scope but not against them selling two
identical models for two different prices under the false pretenses that
they are truly different? Why are you against it? Simple! because the
hacking revealed their improprieties.

I wouldn't sell to you, because you would.

Of course you wouldn't... because you would be afraid I would find similar
unethical behavior in your own products. There is nothing you can say to me
that will change my attitude towards you. I have seen other posts where you
mention such unethical business practices. Maybe they were jokes but if you
are ethical then you would understand and be glad of my skepticism since it
is the only way to keep those that are unethical honest.

 

[markp]

I'm not talking about "my views", I'm talking about the law. The US
has a rather draconian anti-hack law, DCMA, and Dave et al may have
conspired to violate it. Of course, he doesn't live here.

My view is that it was a tasteless thing to do.

John

The key word is *may*. I don't believe any law has been broken because in
reality anyone who mods something would not be breaking the law as such
unless the reason is to defraud. However, what they get after the hack is
not guaranteed to work. It's an unofficial hack, no guarantees it'll be
stable or anything else. Furthermore if no EULA is signed, no agreement is
made not to modify or reverse engineer for personal use, no attempt is made
to sell or pass it off as a 100MHz scope, there can be no attempt to
defraud. They are not doing anything but using the hardware they were sold
and running it 'out of spec', and for no financial gain. The argument comes
down to you thinking this is 'tasteless'. But presumably you think that
overclocking ADCs beyond their rated spec, not buying proper rated parts and
flogging that as a guaranteed working product is OK because that's 'not
illegal'? I find your position somewhat un-tenable.

Mark.

 

[terryc]

It may be illegal to use a computer to hack firmware if it
deprives the IP owner of revenue.

There in lies your problem; prior publication. The IP owner has nil
chance of proving that his IP doesn't rely on someone else's IP. That is
how the whole process of technical development has taken place. The
concept that some brilliant individual created something new is 99%
bullshit. I've never met any programmer who is totally self taught
without recourse to any example(someone else's IP).

 

[terryc]

The difference there is that you don't have access to AMD's
verification/test suite which shows some of the functionality on one of
the cores as broken so it would be marked as bad and disabled. It is
certainly the same die as the 4 core processor but it may not have
passed all the tests.

AFAIK, this is what CASIO did with their calculators.

 

[David L. Jones]

On Mar 31, 11:23 am, John Larkin


I pretty much agree with you but has anybody verified that the
hardware is indeed identical? They don't install a faster processor or
A-D or better grade amps?

By all accounts, no, the 100MHz unit is an identical board. People who tried
to examine the hardware front ends (and other parts) could not find any
differences between the two models. That's what originally prompted me to
suggest there was just a component value difference in the models, but of
course as it turns out it's much simpler than that, they are identical. If
they weren't identical, then there would be no need for the software logic
switch to set the 50MHz limit, they'd simply do it with BOM changes.

The sample rate and all other performance features are the same between
units, so there is no need for better or faster ADC's or processor in the
100MHz model.

Dave.

 

[Martin Brown]

You don't favor copyrights or legal protection for intellectual
property? If you spent years writing a book or a symphony or
developing a product that was mostly firmware, you wouldn't mind if
people copied it and sold cheap knockoffs?

I didn't say that at all. I am in favour of protection of genuine novel
inventions and copyright on creative works. I am absolutely opposed to
the idiotic USPTO granting patents on mathematical identities and
blindingly obvious prior art in the software field.

Remember I originate mostly software. And that is far more easily copied
by the unscrupulous since it is designed to run on a generic computer.
These days mostly PCs but I have done stuff in the past that ran on
everything from a humble Z80 (with a lot of paging) to a CrayXMP.
Strange thing was we learnt a few new tricks with every compiler the
code was compiled on. The Z80 compiler was very strict and minimalist.

There is an argument against copyrights and patents, but it would
change a lot of things.

Your DMCA is an insane piece of legislation intended to pander to the
rip-off merchants in Hollywood and US music industry. ISTR analogue
playback of DVDs in the US is deliberately hobbled to satisfy them.

Yes. Their mistake was making it too easy.

Exactly. Got it in one.

It looks as if hardware-hacking the varicap bandwidth limiter is
legal, but doing it through the serial port may be a crime in the US.

More fool the US legislators. The customer must always be ripped off.
Are you seriously claiming that you think the DCMA is good legislation?

The hardware is clearly capable of 100MHz operation and a trivial
command sequence will enable it (or reversibly degrade the bandwidth).
Cutting a track and a quick hardware mod would also do the job.

I don't see that changing a few bytes in NV ram using undocumented
commands is any different to swapping out the front end transistors or
whatever other tricks were done on some of the old analogue scopes to
soup them up. What about using some of the undocumented hardware
features of the profiling instructions on my Intel PCs. No doubt you
would say that infringes the DMCA since I don't have Intels blessing.

Agreed. Hackers are amazingly inventive.

Serious point here. I don't mind registering and binding the licence key
to the MAC address of one PC and/or owners name. That is pretty much
what I do. Once it is installed I cannot stop them giving it away, but I
can tell if I ever see an illicit copy who gave it away. This is usually
sufficient to discourage all but the most untrustworthy characters. Most
people are basically honest but require a bit of encouragement.

I rather like the game industry copy protection where an illicit cloned
game would play OK for 5 or 10 minutes and then have gravity decrease to
zero or mutate the laws of physics in some other way. Enough time to get
people hooked on the gameplay but still needing to buy a copy.

I absolutely hate paranoid invasive security measures like dongles on
parallel ports I no longer have that only work on slow machines or
require the DVD inserted every 10th use. These generally only
inconvenience genuine purchasers without putting up that much resistance
to a concerted attack by professional pirates. The Chessmaster series of
programs is a good example of this daft insert the CD method and it is
protecting something that retails for about £10.

If you have ever been in the Far East you will know what I mean about
knock-off software being everywhere (and often laden with malware).

I don't intend to hack any of them and I never steal IP. I hope that
people won't hack my products and steal my engineering investment.

You never knowingly steal IP. You have no way of telling when the slimy
fat lawyers from Patent Carpet Baggers Inc will come knocking and demand
that you pay a huge ransom for infringing their US patent on "whatever".

And 50 MHz is a good place for a bench scope, clear of a lot of FM and
TV crud. The Rigol looks great at 50 MHz, but noisy and ringy at 100.

But if you happened to want to use it at 100MHz then enabling that
feature would be useful. In the UK 85MHz bandwidth would be OK.

Waveforms with sharp rise times always look worse at higher bandwidth.

Regards,
Martin Brown

 

[Martin Brown]

You don't favor copyrights or legal protection for intellectual
property? If you spent years writing a book or a symphony or
developing a product that was mostly firmware, you wouldn't mind if
people copied it and sold cheap knockoffs?

I didn't say that at all. I am in favour of protection of genuine novel
inventions and copyright on creative works. I am absolutely opposed to
the idiotic USPTO granting patents on mathematical identities and
blindingly obvious prior art in the software field.

Remember I originate mostly software. And that is far more easily copied
by the unscrupulous since it is designed to run on a generic computer.
These days mostly PCs but I have done stuff in the past that ran on
everything from a humble Z80 (with a lot of paging) to a CrayXMP.
Strange thing was we learnt a few new tricks with every compiler the
code was compiled on. The Z80 compiler was very strict and minimalist.

There is an argument against copyrights and patents, but it would
change a lot of things.

Your DMCA is an insane piece of legislation intended to pander to the
rip-off merchants in Hollywood and US music industry. ISTR analogue
playback of DVDs in the US is deliberately hobbled to satisfy them.

Yes. Their mistake was making it too easy.

Exactly. Got it in one.

It looks as if hardware-hacking the varicap bandwidth limiter is
legal, but doing it through the serial port may be a crime in the US.

More fool the US legislators. The customer must always be ripped off.
Are you seriously claiming that you think the DCMA is good legislation?

The hardware is clearly capable of 100MHz operation and a trivial
command sequence will enable it (or reversibly degrade the bandwidth).
Cutting a track and a quick hardware mod would also do the job.

I don't see that changing a few bytes in NV ram using undocumented
commands is any different to swapping out the front end transistors or
whatever other tricks were done on some of the old analogue scopes to
soup them up. What about using some of the undocumented hardware
features of the profiling instructions on my Intel PCs. No doubt you
would say that infringes the DMCA since I don't have Intels blessing.

Agreed. Hackers are amazingly inventive.

Serious point here. I don't mind registering and binding the licence key
to the MAC address of one PC and/or owners name. That is pretty much
what I do. Once it is installed I cannot stop them giving it away, but I
can tell if I ever see an illicit copy who gave it away. This is usually
sufficient to discourage all but the most untrustworthy characters. Most
people are basically honest but require a bit of encouragement.

I rather like the game industry copy protection where an illicit cloned
game would play OK for 5 or 10 minutes and then have gravity decrease to
zero or mutate the laws of physics in some other way. Enough time to get
people hooked on the gameplay but still needing to buy a copy.

I absolutely hate paranoid invasive security measures like dongles on
parallel ports I no longer have that only work on slow machines or
require the DVD inserted every 10th use. These generally only
inconvenience genuine purchasers without putting up that much resistance
to a concerted attack by professional pirates. The Chessmaster series of
programs is a good example of this daft insert the CD method and it is
protecting something that retails for about £10.

If you have ever been in the Far East you will know what I mean about
knock-off software being everywhere (and often laden with malware).

I don't intend to hack any of them and I never steal IP. I hope that
people won't hack my products and steal my engineering investment.

You never knowingly steal IP. You have no way of telling when the slimy
fat lawyers from Patent Carpet Baggers Inc will come knocking and demand
that you pay a huge ransom for infringing their US patent on "whatever".

And 50 MHz is a good place for a bench scope, clear of a lot of FM and
TV crud. The Rigol looks great at 50 MHz, but noisy and ringy at 100.

But if you happened to want to use it at 100MHz then enabling that
feature would be useful. In the UK 85MHz bandwidth would be OK.

Waveforms with sharp rise times always look worse at higher bandwidth.

Regards,
Martin Brown

 

[Martin Brown]

He sure didn't protect them. He apparently organized an effort to hack
their scopes and cost them money, and went public with it.


Maybe they have lawyers to help them fend for themselves.


Jones still hasn't said why he did it.

Because he could. And there is clearly interest in what he reported.

It isn't logically that different from reporting on finding undocumented
instructions on a CPU. Undocumented useful commands on a piece of kit.

In the "Land of the Free" with DMCA I expect that is also a criminal
offence.

Regards,
Martin Brown

 

[Dyna Soar]

Kirwan wrote:

They made it too easy to hack. Now they're going to have to rework the
firmware to make it harder, which will cost them something.

They screwed up, they bear the cost.

I commented that what he did may be a crime under US law.

Dave is an Australian, living in Australia. Why would (or should) he care
about US law?
Do you consider Australian law whilst going about your day to day business?

Personally,
I class it with vandalism.

That's bullshit. How can you vandalise something you legally own?

Obviously. But I'm curious as to why he did it, and especially why he
went to the touble to make a video and post it on youtube.
Why, Dave?

Why not? He seems to not be breaking any Australian law. Why does he have
to justify himself to you particularly regarding the laws of another
country? Your questioning him demonstrates your arrogance towards a law
abiding citizen of another country.