Consumers want to do more with the products they buy, which is giving manufacturers a headache because of the extra safety checks they have to build in to stop people from injuring themselves.
When they get their Billy bookcase home from Ikea and unpack the lumps of wood, screws and Allen keys, many people worry more about how well they will get on with the cryptic instructions than whether they can turn the bookcase into an objet d'art. But others dispense with the free tools and attack their newly bought furniture with saws, hammers and drills, turning them into hybrid table-chairs, mutant sideboards and even guitars.
Other than splinters and swollen thumbs from poorly aimed hammers, Ikea-hacking is an innocuous past-time. But product hacking has become a headache for companies who find they have to invest time protect consumers from themselves when they find applications that aren't in the manual.
Kenneth McGuire, principal scientist at Procter & Gamble, recalls one letter the company got from a dissatisfied customer when it changed the formulation of one of its soaps. He did not like the taste. When asked why he was eating it rather than washing with it, the complainer replied: "It keeps my system regular."
McGuire says: "We have to think about all the crazy things people might do with our products."
The motivation for hacking a consumer product is often a lot more readily understood than a soap being used as a dietary supplement. People noticed that the batteries and motors in disposable electric toothbrushes can last a lot longer than the toothbrush head. So they pull them apart to fit new heads or find new uses for the power supply and motor. Instructions posted on blogs and forums show people how to perform the operation.
Architect William McDonough and chemist Michael Braungart came up with a term - upcycling - for this kind of product hacking in 2002 when they wrote the book "Cradle to Cradle" on. And, if everything goes well, the manufacturer need not be bothered about the activity.
The problem is, things do not always go well. There is not too much damage that a disassembled toothbrush can do. But with products that rely on high-voltage, high-current supplies, it's a different matter. McGuire says: "If someone gets shocked, companies like Procter & Gamble can get sued."
The case may not go anywhere, particularly if there are clear warnings on the outside, but the legal costs can quickly mount up before the situation gets resolved. Simply to get on the market, consumer products already have to meet stringent standards.
"Obviously, we are governed by CE regulations and we have to design to those," says Smith. "They make sure the outside doesn't get so hot you can burn yourself on it, or drop liquid into it and injure yourself that way. This is how we've wound up with industry-standard knitting needles and fake jewellery that you can poke into and dangle over products to make sure the product won't give you an electric shock."
Smith adds: "But brands go beyond that to protect their reputations. For example, I tried to fix my wife's hair dryer. The manufacturer had clearly gone beyond what CE marks require, using things such as anti-tamper screws. They did a really good job of stopping people from going in. It shows that the manufacturer is interested in protecting the brand. It's all about raising the barrier to entry.
"Also, from a consumer's point of view, designing for safety is very consistent with ease of use. The simpler something is put together, very often the harder it is to break into and the easier it is to use," says Smith.
As they become more complicated inside, products that used to be hacker-favourites are gradually getting locked down to avoid safety problems. The car, for example, is moving away from being something that you can tune up in the privacy of your own garage to a black box with very few user-replaceable parts. There is a good reason for this when it comes to electric and hybrid vehicles.
The old 12V electrical systems are dying out. In hybrids, they have been supplanted by systems running at much higher voltages to avoid big energy losses when transferring power from batteries to the motors that keep the vehicle moving.
Ken Gregory, principal engineer for electrical and electronic systems at Tata Motors in the UK, says it's a familiar sight today to see someone at the side of the road with the bonnet up, poking around inside. How much they can do tomorrow to even repair a vehicle, let alone tune it up, will be limited by the presence of electrical power cables delivering electricity at hundreds of volts. "The last thing we want is for someone to electrocute themselves by poking around inside," he says.
Instead of waiting for their products to get hacked, some manufacturers have taken a more active stance and developed versions that are designed to be tampered with. The Roomba vacuum-cleaning robot made by Massachusetts-based iRobot, for example, has a little brother that can't sweep the floor but makes it easier for home hackers to get inside its hardware, to create machines that can draw or mobile Linux servers. All of the Roombas have a serial port that can be used to access its firmware.
Charlie Vaida, spokeswoman for iRobot, says: "iRobot was founded by roboticists, and given the fact that Roomba has proven to be a very useful, durable and dependable platform for doing robotic research, we think it's important to allow and encourage people to experiment with the robot."
The robots are designed to stop their motors when picked up. Vaida adds: "When hacking, there is a safe mode that maintains full functionality for controls like these."
Products such as the hackable Roomba demonstrate the changing nature of product hacking. In place of the saw and screwdriver, the growing reliance on software to implement functions is encouraging home users to give their appliances an upgrade through firmware changes. MP3 players in Europe routinely have their settings overridden - put in place to avoid hearing damage - to boost their maximum volume.
Some brands of WiFi home router have become popular because it's easy to change their firmware - often to boost range, which is artificially restricted by code to maintain RF emissions within local guidelines.
"It's actually pretty dangerous putting software downloaded from the internet onto your hardware," says Smith, pointing out that it's hard to tell without disassembling the code image whether it is acting as a Trojan horse for malware. "Think, about the malicious uses of that. The issue now is not that people will hurt themselves but expose themselves to security problems. The software might make it possible to spy on your use of the computer or enable potentially worse things such as identity theft."
Techniques developed to stop off-brand ink cartridges being used in printers will start to be deployed by manufacturers who want to avoid problems caused by firmware being modified by users.
"This is a big problem for consumer products that have upgradeable firmware. People assume that if you power up a product today the first thing it will ask for is a firmware upgrade. You need to be sure it's the right firmware upgrade," says Smith.
The firmware might be encrypted using a key stored inside the microprocessor rather than main memory to make it harder to extract. Only if the key matches can the processor decrypt the code.
Protecting the product on its own might not be enough with internet-connected systems. "You are designing a large ecosystem with these products," says Smith. "Unless the security is thought through, it's easy to get things wrong."
Smith concludes: "As more things get connected to the internet, you can't simply solve the problem just by designing the product itself well. You have to think about what is interacting with it. You can't just bolt things on, but think it through from the beginning."