When Google ended software support for its first- and second-generation Nest thermostats in October 2025, it rendered a significant portion of their functionality obsolete. For many owners, their smart devices were suddenly transformed into expensive, wall-mounted e-waste. This move has ignited a broader debate about consumer rights, product longevity, and the legal boundaries of modifying hardware you own. At the center of this debate is a new nonprofit initiative that is actively paying hackers to find ways to revive and unlock such devices, directly challenging corporate control and decades-old copyright law.
A Nonprofit Bounty for Consumer Liberation
The effort is spearheaded by Fulu, or Freedom from Unethical Limitations on Users, a nonprofit founded by right-to-repair advocates Louis Rossmann and Kevin O’Reilly. Modeled after software bug bounty programs, Fulu offers cash rewards—starting at USD 10,000—to individuals who can develop technical workarounds for features deemed hostile to consumers. These include digital locks that prevent repairs, the use of third-party parts, or the restoration of functionality in products a manufacturer has abandoned. The goal is not just to create fixes, but to publicly demonstrate the restrictive nature of modern product design and the legal framework that protects it.
The Nest Thermostat: A Case Study in Planned Obsolescence
The discontinuation of support for early Nest thermostats became Fulu's first major target. Without Google's servers, the devices lost their remote control and scheduling capabilities via the app, leaving only basic manual adjustment. Fulu posted a bounty for a software fix. The challenge was quickly met by two separate parties: a developer named Cody Kociemba, who published his "No Longer Evil" workaround on GitHub, and another using the pseudonym Team Dinosaur. In a significant show of support, Fulu awarded the full bounty of approximately USD 14,000 to each, proving there was both demand and technical talent willing to tackle the problem.
Fulu Bounty Examples & Status
| Target Device | Issue | Bounty Status & Notes |
|---|---|---|
| Nest Thermostat (1st/2nd Gen) | Google ended software support in Oct 2025, disabling app control. | Bounty Paid (USD ~14,000 x2). Fix published by Cody Kociemba ("No Longer Evil") allows continued use. |
| Molekule Air Pro/Air Mini | Uses NFC DRM to block third-party air filters. | Bounty Paid. Fix proven by Lorenzo Rizzotti, but not publicly released due to legal concerns. |
| Xbox Series X | Disk drive encryption prevents unauthorized part replacement. | Active Bounty. Pot exceeds USD 30,000 due to donor matching. |
| GE Refrigerators | DRM-locked water filters require manufacturer-approved parts. | Active Bounty. Aims to bypass restriction for cheaper third-party filters. |
The Legal Minefield of the Digital Millennium Copyright Act
The core conflict lies in U.S. law, specifically Section 1201 of the Digital Millennium Copyright Act (DMCA). Enacted in 1998, this law prohibits circumventing technological protection measures, like encryption or access controls, even if the goal is to repair or modify a device you own. Fulu explicitly warns its bounty hunters that their work exists in "open violation" of this statute. This legal risk was starkly illustrated by Fulu's second successful bounty, awarded to an Italian student named Lorenzo Rizzotti for disabling DRM on Molekule air purifiers. While he proved a fix was possible, Rizzotti chose not to publish his method, citing fear of legal repercussions from the manufacturer.
Key Legal Context: DMCA Section 1201
- What it does: Prohibits circumventing "technological protection measures" that control access to a copyrighted work. This includes encryption, passwords, and other digital locks on software and devices.
- Relevance to Repair: Applies even if the goal is to repair your own device, modify it, or use unofficial parts. Manufacturing or distributing tools to bypass these locks is also illegal.
- Fulu's Stance: The nonprofit operates knowing its bounties incentivize work that violates this law. It aims to highlight the conflict between the 1998 statute and modern consumer rights.
A Broader Movement for the "Right to Repair"
The Nest thermostat fix is part of a larger campaign against practices critics label as "planned obsolescence" and a violation of ownership. Fulu has active bounties on other devices, including GE refrigerators with DRM-locked water filters and Microsoft's Xbox Series X, where encryption on the disk drive prevents part replacement. The bounty for the Xbox fix has swelled to over USD 30,000 thanks to donor contributions. These efforts aim to provide tangible evidence for legislative change, arguing that laws like the DMCA stifle innovation, increase electronic waste, and unjustly limit what consumers can do with their property.
The Future of Ownership in a Software-Defined World
The story of the revived Nest thermostats highlights a fundamental shift in what it means to own a product. When functionality is dependent on a company's continued goodwill and server support, ownership becomes conditional. Fulu's bounties are a direct, if legally precarious, response to this reality. By funding and publicizing these hacks, the organization hopes to pressure lawmakers to update regulations for the modern age. As Kevin O’Reilly of Fulu stated, the mission is to show "how ridiculous it is that this 27-year-old law is preventing these solutions from seeing the light of day." The success in bringing old Nest thermostats back online is a powerful first step in that campaign, proving that where there is a will—and a financial incentive—there is often a hack.