I'm sure many of you reading this are aware of TI's removal of assembly (ASM) capabilities on the TI-83 Premium CE almost a year ago, with the TI-84 Plus CE receiving a similar update just a few months later. If so, you probably also know about arTIfiCE, which allowed users to continue to use ASM on these calculators using a bug in the CabriJr app. This was not a surprise to anyone familiar with the TI calculator community, considering Ndless, a similar jailbreak for the TI-Nspire which as of this writing is still updated for the latest OS for these calculators. Needless to say, it seems that nothing TI does will stop people from finding ways to run ASM.

It seems TI has realized this as well, as reported by critor on TI-Planet. OS 5.6.1 for all models of the CE was released this week, and interestingly did not make any attempt at fixing the arTIfiCE exploit, only the port unlock (used by Cesium as well as several downgrade tools), as has been done in many updates in the past. This update also fixed the exploit used by Bootswap, a tool that allows modification of the boot code on older hardware revisions. According to critor, failing to block arTIfiCE was not just an oversight by TI, but actually intentional. TI seems to have heard the overwhelmingly negative feedback from the community and is willing to allow users to continue to use arTIfiCE to run ASM, at least for now. While TI has not mentioned any specific expectations to be met for this to continue to be the case, critor has speculated that the unwritten rules are as follows:
  • No more publication of discovered flaws (which was the speculated reason for ASM removal in the first place)
  • No release of tools to downgrade the OS of the calculator.
  • No release of tools to alter the calculator's boot code.
Note that the last two bullet points refer to tools that have been seemingly fixed with OS 5.6.1.

As critor says, there's certainly no guarantee as to how long this will be TI's attitude. Personally I would like to believe that TI will hold this position moving forward (although it isn't the most ideal), as it allows a large part of this community to continue being "officially" supported by TI. However, we all know TI isn't known for sticking with their decisions, especially regarding ASM.

So, what do you think? Are you willing to potentially give up downgrading your calculator in order to have ASM capabilities back? Will TI change their minds about this decision? Only time will tell, but for now this seems to be a victory for the assembly (and by extension C and ICE) programming community.
Well I think that's it's a good thing we can still run ASM programs Smile.
I will take a stalemate over a cat and mouse game any day.
That being said, I'm not really convinced this is TI's position. Its entirely possible that they are still planning on patching the cabri app, just not in this update. I guess time will tell.
I also think we are giving TI way too much credit for literally doing nothing. If we had some indication that this was a deliberate attempt at reasoning with us, then this would be a different story but that's just not the case.
EDIT: It seems like this is more deliberate than I initially thought. Perhaps there's some merit to the idea that TI is willing to play nice, at least a little bit Laughing
As good as this "seems", let's remember they're still holding us to the fire here.
They still could fix the Cabri bug at any time.
Meanwhile we're being asked, even expected, to stop releasing flaws when our discovery is like 80% of the reason most of them get patched anyway.
There's no guarantee here that IF we do X, Y, and Z the status quo will remain. It's a hypothetical stalemate, not a real one.

Perhaps rather than being dumb, TI should actually talk to us. It would be easy enough to actually come on these forums, join in a thread or even start one, and get a feel for how we feel, rather than to play these games of cat and mouse.

TI in all of their wisdom seems not to realize that, while it is their business and platform, their own developers are outclassed by many on this forum who can crack their code, figure out bugs and exploits faster than they can patch them most times, and have no qualms about blowing open pandora's box on ALL the bugs because they're in a word "done with being jerked around by TI".

Those same developers, I'm sure, would be more than happy to contribute to the hardening of the calculator's security profile in a way that benefits TI AND the community, but TI apparently has chosen it would rather make enemies of them. What TI fails to realize is that they are spending the time and money hiring developers to fix the bugs and exploits we uncover, when we are actually already doing much of that legwork for them for free, under no contract or obligation to do so. And in exchange... they keep taking away the features we enjoy.

In summation, given the level of "the finger" we've been given from TI, anything less than them actually, in writing, agreeing to not fix a known exploit, or agreeing to bring back asm support in exchange for X, Y, and Z from us is nothing more than fallacious wishful thinking on our part.
In my humble opinion, TI can kiss my a. Too many times they've proven they don't give two shits about our passion so why should I care about their "attempts at cooperation."

If this post needs to be deleted for reasons of open profanity, go ahead.
In my opinion, it looks far worse for them from a security perspective to have something that's undeniably a bug, than to change their minds and re-add the assembly program feature. If I were an exam board, I would start questioning how many other bugs their calculators have - just because the current one doesn't compromise exam mode doesn't mean that's true of any other potential security holes (and there definitely are still loads of bugs that could be used for that, if anyone who knew enough about the calc actually cared about cheating).

In any case, I won't attempt to update bootswap to work with 5.6.1 so long as the Cabri Jr bug hasn't been fixed.

I personally don't think that TI is going to change this position any time soon, as it gives leverage over potential exploit developers that wouldn't be present otherwise. The CE is so insecure that it seems basically impossible to fix all of the vulnerabilities in it without just redesigning the entire thing. It would be far cheaper to not give anyone capable of exploiting said vulnerabilities an incentive to do so, compared to actually fixing stuff. Ideally, that would mean re-enabling assembly programs and then working together with the community to patch up any remaining major security flaws (and numerous members of the community have indicated their willingness to assist with this). However, the current situation also provides a fairly strong incentive not to publicly release exploits, though it also means that developers are less likely to disclose issues with the OS, in case the CabriJr exploit is removed.

I firmly believe that the CE will continue to be able to run assembly programs for the rest of its lifetime; it's up to TI whether they want to listen to the programmer community or waste time and money on a futile attempt at preventing this.
I don't believe in the slightest that TI cares about any rules, even if implied. The previous implied rules were 'don't mess with exam mode and we won't touch ASM' yet TI broke their own rules and removed ASM anyways. There is absolutely no way they won't break their own implied rules again. Unless TI starts talking to the community, I'm all for updating downgrade tools and jailbreak exploits. It's not like TI can fix them in a timely manner. I firmly believe that if someone will never use Exam Mode on their calculator then they should have the ability to downgrade and get easy access to removed features.
Congrats TI, you have done the absolute bare minimum nine months later. As in, not fixing one specific bug.

slow clap

I'm calling this out for what it is: a truce on very, very shaky grounds. Having the CabriJr exploit being blessed as the officially-unofficial ASM solution instead of actually re-enabling proper ASM support doesn't exactly strike me as a vote of confidence from TI.
Why no release of tools to downgrade the OS? Is it so they can surprise us with no downgrade tools ready for a release that patches arTIfiCE so there is no way to downgrade?
It's pretty obvious (and, in my opinion, reasonable) why TI doesn't want downgrade tools to be released. While many of the people in the calculator community would only downgrade to an OS version with less restrictions (a common choice is 5.3.0), we have to realize that, to the average calculator user, it is much more enticing to downgrade for a different reason- namely, to exploit a particular bug in exam mode. Given that TI's primary goal is for their calculators to be allowed and used on exams, it makes total sense why they don't want users downgrading.

mr womp womp wrote:
I also think we are giving TI way too much credit for literally doing nothing. If we had some indication that this was a deliberate attempt at reasoning with us, then this would be a different story but that's just not the case.

Assuming critor's article accurately conveys his private conversation with TI, it actually looks like that is the case here:
critor (via Google Translate) wrote:
Well according to oral exchanges to date, this is neither an oversight, nor a postponement to the next update.

This is absolutely not an official communication, but we have been allowed to tell you about it.

Although there was never a response and the communication may have given the impression of being one-sided, Texas Instruments has received and heard the multiple feedback from its community, and wishes to give developers a chance. to continue to distribute their creations for TI-83 Premium CE and TI-84 Plus CE , through the use of CabriJr and arTIfiCE !

Obviously this should still be taken with a grain of salt, as it's by no means an official communication from TI, but assuming the person critor spoke with truthfully represents the company, it looks like this is a deliberate decision they've made, at least for now.
Jeffitus wrote:
it looks like this is a deliberate decision they've made, at least for now.

Well at least that's what they said, yes ("deliberately leaving that door open", I guess is the word for word translation of what was said during the call).

Of course, anyone is free to believe what they want, but hey regardless this is still good news for endusers.
Okay so this is gonna be a bit of a lengthy post.

First, remember there are several parties in this from the TI side as well. You have the programmers who actually write the OS, you have their bosses, and you have the exam regulators.

Now, assuming they were forced by the exam regulators to remove ASM, it wouldn't make sense for them to add it back now. Perhaps they were required to "remove it permanently". Anyway, adding the actual Asm( token back right now would definitely be a bad move for TI.

About the programmers that actually work on TI-OS: we often make fun of them for writing terrible code, but honestly, this is to be expected. They aren't the people who wrote the original code base, those have left TI many years ago. TI-OS has also existed in some way for what, over 30 years now? Do you know of any software product that has existed for that long without becoming unmaintainable? Point is, these programmers are not incapable. They only do the things TI pays them for, and TI doesn't see the need for a major rewrite.

Anyway, it is possible, maybe likely, even, that current TI-OS developers are on our side. Our hobby is their entire job. They would also never have gotten into a programming job without liking programming in at least some way. They also definitely have a story of how they learned to code, perhaps on an old 80s computer, maybe by writing homebrew for their favorite game console... It is rather unlikely they would want to take this away from us. At least, the "person" part of them. This says nothing about their "professional" side. If TI forces them to remove something, they'll have to do it. Maybe they don't like us finding exploits either, because it means they will have to fix them.

At least the programmers, the people who actually modified the OS to remove the Asm( token, knew that the PTT exploit from the video wasn't caused by ASM functionality. Maybe their R&D department didn't, or maybe even they knew and they only had to do it to please the regulators. In any case, the people who ordered them to do it probably don't even understand what ASM means.

Also, think about what ArTIfiCE means for them. The exploit is in the CabriJr app. They'd have to implement app downgrade protection, which would require extending their app verification functionality, would definitely break something backwards-compatibility related, and there's currently no harm being done. Or maybe they haven't been able to fix the exploit yet because it's a complicated exploit that requires a lot of work to fix (which seems unlikely, but well, you have to consider every possibility).

(tongue-in-cheek, it is also possible the OS programmers are only pretending to be unable to fix the exploit, but anyway)

Or maybe CabriJr was written by someone else, and TI doesn't have the source code? This would mean they can't fix it. Or at least, they can use it as an excuse for not fixing it.

So considering they were forced to remove Asm(, they can't just add it back, but they've seen our reaction now, and see no harm in keeping the status quo. All of this makes sense. They fixed flash unlock and downgrade-related exploits, because those are harmful to them as a company. They asked us to not look for more exploits. Less work for us, less work for them. They've "endorsed" ArTIfiCE for now, as it looks like the exam regulators are at least vaguely happy, and they probably didn't want to remove ASM themselves at all. Now, whether we follow their unspoken rules is up to us, but this seems like a generally good idea. If we prove "obedient" now, they may loosen up in the future. It sucks that they don't want flash unlock exploits either, but it's understandable from their point of view. Maybe we could find a compromise in no exploits being documented, but to have some (e.g. in Cesium) still being released? If you're capable enough to find an exploit, you should also be capable enough to understand that it can be used for evil and take appropriate precautions.

Let's at least agree to not get mad at them right now. They didn't fix ArTIfiCE, so from their standpoint it looks like they're doing us a favor. Of course we're still mad at them for removing ASM in the first place, but now that ArTIfiCE is at least semi-official, if anything, chances are only lower that they will change anything about it in the foreseeable future. Maybe they realized their mistake this time. Let's not do things that screw them over as a company, and they'll hopefully not do things that screw us over as a community. Of course, if they break their side of the deal, we'll be ready. But let's not give them a reason to dislike us even more for now.
fghsgh wrote:
Now, assuming they were forced by the exam regulators to remove ASM, it wouldn't make sense for them to add it back now. Perhaps they were required to "remove it permanently". Anyway, adding the actual Asm( token back right now would definitely be a bad move for TI.

If this were the case, someone would have come out and said so, given that they know they've pissed off a lot of secondary customers. Something as simple as "we were lobbied by exam regulators to remove it, but we're not fixing Cabri's bug" would deflate much of the ire they've evoked. Which means it's likely not the case. What's more likely the case that an older, patched, bug was revealed to TI and rather than doing their due diligence to fix it properly, they just nuked Asm( as their way of "fixing it".

Either way, I sustain my point that a lot could be fixed if they'd just talk to the community directly publicly instead of back-alley channels of communication and speculative nonsense. Maybe because we're not their primary customers they think having the community's support behind them is of little consequence, but perhaps they should take a minute to look at the most successful projects, especially software, out there of late. Look at the degree of interaction with "the community" the renders success... how they actually watch the content creators who stream their game/program and use that feedback to improve and as a result the quality of their products vastly increases. We do much of the legwork for TI with finding (and sometimes patching) bugs, the least they could do is fix the things *properly* without screwing the community in the process.

Secondly, if you read critors post, much of it goes on about how TI "underestimated the sensitivity of young HS students to injustices". So, in reality, their supposed "truce" is also a veiled insult. Somehow, because the community has no chill for b.s. fixes for already-fixed bugs that remove features that promote programming on a supposedly "programmable device" on a device marketed for its "programmability", that makes us "sensitive". Take a few minutes to think about what they're really saying here. It's not "we made a mistake removing assembly for a b.s. fix and now we've pissed off a good number of customers, and should probably not fix this bug". Instead its "we pissed off an oversensitive group of young people, so i guess we'll leave it as is, but also here's our list of demands that we (TI) may not even abide by in the long term anyway."
*Ahem!* There's internal politics involved here. TI Education Technology has staff who support and are impressed by what this community has done. There are also staff who oppose having any fun. What you're seeing here is a standoff between two internal parties and a third not privy to their discussions. Stuff like Bootswap understandably upsets the anti-fun staff. Although the oldbies in this community have all been willing to play by a no-cheating-tools ethos, we barely get any feedback from TI, which makes it hard to find out in advance if something like Bootswap would be seen unfavorably. After all, Bootswap is not directly a cheating tool.

I've said this before, and I'll say it again differently: the root problem here is communication. As long as TI continues to believe they need to keep a strict NDA system in place, that isn't going to change. And that's a problem, because it means we can't humanize each other. I'm sure the anti-fun staff at TI think of us as deranged hackers looking to help students cheat their way through school who can't be reasoned with; just as much as we often see TI as being a faceless corporation incapable of being reasoned with. And without good communication, frankly, it's true: no party can reason with the other without being able to talk.

As for why TI loves their NDAs so much, well, here's something our younger community members probably don't know. Calculators are actually only a small part of TI's business. Texas Instruments is primarily a semiconductor design and manufacturing company. That means that their core business is actually designing and producing "computer chips"---although many of the chips they produce are entirely analog! Their primary interaction with customers is through industry meetings and publications. Similarly, Education Technologies primarily interacts with customers through T^3 and teachers' magazines. (What, you think paying for the calculator makes you the customer?) Outside of Education Technologies, TI is not a consumer products company. I suspect one thing preventing good communication is that TI's management and corporate culture don't understand how to be a good consumer products company.

But an even bigger problem is that the people---teachers---who create demand for calculators aren't the ones paying for it---students. I'd bet a reasonable sum of money that the decision to ban access to native code was driven primarily from some from bean-counting MBAs who argue that students don't matter to the business. Unfortunately, they're not even wrong. But I don't think they're right, either. After all, the pocketbook patsies of today are tomorrow's customers, and I think that cold attitude could ultimately kill Education Technologies by making it emotionally easy for teachers to consider alternatives. If you only remember calculators as dull tools, why not just switch to Chromebooks?

I don't know what more we can do about our communication problems. We seem to be trying to talk with someone who doesn't want to talk. It's the most frustrating part of this community.

Well, that was a ramble with no unifying theme.
#OS5.3.0gang
  
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.

» Go to Registration page
Page 1 of 1
» All times are UTC - 5 Hours
 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

 

Advertisement