Slashdot Mirror

Anyone interested in Economics will tell you that end-users screwing with products is bad. Now, as a n economist and a hacker my two paths diverge. I think that if a free piece of equipment is released to the public, it cannot be considered an economic scarcity, (laymen defined as "if something was free of charge, and there'd be none left after 5 minutes, it's an econmic scarcity");

Anyways, So they release this product to the public, planning on increasing popularity and (factors of demand) of another product (Database registration). So basically if enough users get cuecats, then there's a huge market for cuecat licesences from other businesses. Now that DigitalConvergence has a potential strangle hold...

Back to the hacking =)
It is true that if a product is hacked then it thrives new tests which makes the product run better. However, if it is in the hands of the consumer (wether they are paying for it or not), this can turn ugly. Websites popup with FAQs on extracting features, etc.

So lets bring these two sections together.
So you (say you're DigitalConvergence) have an investment in a popularity inducing object (said Cuecat). A website all of a sudden pops up providing obsolescence and alternatives/substitutions to you're product. Now if this were another company DC would either buy them, or succum to the "competitve market"...

But NO, It's a Flyingbuttmonkey with a plan. This buttmonkey wants to exploit your product, making you lose millions.

So look at it this way...


1) A company can continue with a cheapo investment.
2) The company must sucuum to people hacking their free of charge product.

Economically speaking, the hacking is a market sucess, however a product failure... So the end-user lucks out, and the product fails.

This would be good (non-economically) only if another alternative came about (not based on exploitation).



Moderators: Look lightly upon my post and I shall reward you with an MD5 of PI.

Anyone interested in Economics will tell you that end-users screwing with products is bad. Now, as a n economist and a hacker my two paths diverge. I think that if a free piece of equipment is released to the public, it cannot be considered an economic scarcity, (laymen defined as "if something was free of charge, and there'd be none left after 5 minutes, it's an econmic scarcity");

Anyways, So they release this product to the public, planning on increasing popularity and (factors of demand) of another product (Database registration). So basically if enough users get cuecats, then there's a huge market for cuecat licesences from other businesses. Now that DigitalConvergence has a potential strangle hold...

Back to the hacking =)
It is true that if a product is hacked then it thrives new tests which makes the product run better. However, if it is in the hands of the consumer (wether they are paying for it or not), this can turn ugly. Websites popup with FAQs on extracting features, etc.

So lets bring these two sections together.
So you (say you're DigitalConvergence) have an investment in a popularity inducing object (said Cuecat). A website all of a sudden pops up providing obsolescence and alternatives/substitutions to you're product. Now if this were another company DC would either buy them, or succum to the "competitve market"...

But NO, It's a Flyingbuttmonkey with a plan. This buttmonkey wants to exploit your product, making you lose millions.

So look at it this way...


1) A company can continue with a cheapo investment.
2) The company must sucuum to people hacking their free of charge product.

Economically speaking, the hacking is a market sucess, however a product failure... So the end-user lucks out, and the product fails.

This would be good (non-economically) only if another alternative came about (not based on exploitation).

Hey, I've been doing my part all evening to spam investment boards about the upcoming Digital Convergence IPO. The more the merrier, though! Bust in! Here's a sample:

Digital Convergence (DGTL) recently filed plans for an IPO. This company gives out free barcode scanners (called "CutCat") and accompanying software. The idea is that you can scan things and their software will pull up an appropriate web page in your browser. On the side, they can collect demographic data. For example, they could determine which gender and age group most often scans a certain type of product.

I think this is a horrible company, a must avoid stock for the following reasons:

• DGTL gives away CueCat barcode scanners and software, hoping to get money from advertisers and publications. The problem is that their software is inessential: it took folks a matter of hours to write substitute software that reads a barcode without contacting DGTL. So at the key step where they're supposed to cash in, they're completely cut out of the loop! Whoops!
• Apparently realizing the enormity of their error, DC has been sending vague, threatening letters to people already distributing alternate software. Unfortunately, these letters appear to be legal bluffs. Decoding software is available on dozens of sites and appears to have no real legal strings attached.
• A clearly disconcerted president of the technology group at DGTL fired off a letter showing gross misunderstanding of intellectual property law-- upon which the health of the company critically depends. (Or would depend, were the IP law favorable to their cause-- which it isn't.)
• These threatening letters have incensed the open source community-- a group well-qualified to undermine DC's business model by providing alternate software to drive the CueCat, shutting of DC's revenue.
• The product raises privacy concerns. You register with DGTL and then every time you scan something, they know it. Apparently DGTL has given assurances about privacy. Then again, they left their entire customer database unguarded for hackers to take. Read their own toned down account. (DGTL has also touted the scanner's "built in encryption", which turned out to consist of XORing each byte with the letter 'C'. I fear these some of the stupidest people ever put on God's Good Earth.)
• A key asset that DGTL hopes to develop through the barcode scans is a database of demographic data. There's a problem, however: Digital Convergence has a lot of enemies now. It would be a simple matter for ONE PERSON write a little program that sends fake scans with fake user IDs to DGTLs servers. This could permanently corrupt the demographic database, making it worthless, because-- quite possibly-- there could be no way to distinguish real scans from fakes after the fact.
• Just as the company's fundamental business model has fallen under shadow, they file for an IPO. Avoid, avoid, avoid.

These are just my opinions, of course. I did my best to get the facts straight, but I'm not perfect. Additional comments on this corporate disaster slouching toward NASDAQ are available at:

• Salon : ...there are a million problems with this concept.
• Linux World: In the end, the :CueCat is a classic example of a broken business model.
• Dr. Dobbs Journal: What ought to scare Digital Convergence more [...] is a database of all CueCat barcodes/URLs, whereby users could go to a specific web page without being tracked.
• Dallas Observer: ...you can simply drag the scanner 600 or 700 times over bar codes printed next to stories and ads, and presto, you get an error message.
• Internet News Radio:The CueCat is starting to look like a mangy stray.

Last I checked, the drivers are still available.

There's no way to shut the lights off, short of installing a switch. Pierre's kernel driver lets you hook up any number of cuecats (as many as you have amperage for), to the mouse, serial and usb ports all at once.

Because the userspace decoders all actually depend on the keyboard handler, they cannot play nice with a cuecat on the mouse port.

Of course, you can also just disable the 'encryption' and use the thing like a regular keyboard wedge.

___________________________

There's no way to shut the lights off, short of installing a switch. Pierre's kernel driver lets you hook up any number of cuecats (as many as you have amperage for), to the mouse, serial and usb ports all at once.

Because the userspace decoders all actually depend on the keyboard handler, they cannot play nice with a cuecat on the mouse port.

Of course, you can also just disable the 'encryption' and use the thing like a regular keyboard wedge.

___________________________

When it comes to signatures on paper, they must be done in permanent ink. No exceptions. I feel that this stupid e-signature fiasco will undermine all that. Sure, perhaps some e-sigs will change by only a few bytes, but that's corruption nonetheless, akin to this.

I posted this earlier and it got eaten. Anyway, here are *TWO* ideas for screwing Digital Convergence:

Idea #1: Digital Convergence just announced an IPO. We can do our part on internet investment discussion boards to make sure that their potential investors are well-informed about this company... every day until the IPO!

• DC gives away hardware and expects revenue from use of its software. However, since its software stinks and is easily replaced, the business model is hosed.
• A recent letter from the president of the technology group at DC shows a total lack of understanding of IP law-- upon which the health of the company critically depends. (Or would depend, were the law favorable to their cause.)
• Apparently realizing the enormity of their error, DC has been sending vague, threatening letters to people who have found uses for CueCat that undermine their business model. Unfortunately, these letters appear to be bluffs.
• These threatening letters have incensed the open source community-- a group well-qualified to undermine DC's business model by providing alternate software to drive the CueCat, shutting of DC's revenue.
• The product raises privacy concerns, particularly in light of the recent hack into Digital Convergence's customer database.
• A key asset that Digital Convergence hopes to develop is a database of demographic data through the barcode scans. However, the true value of this supposed asset is essentially zero, because it can be (and likely will be) easily and irreparably corrupted. (See Idea #2.)
• Just as the company's fundamental business model has come into serious question, they file for an IPO. Could this be a hasty attempt by execs to grab some cash before this leaky ship sinks beneath the waves?

Be sure to relay only FACTS on internet discussion boards-- that will suffice. Of course, wouldn't it be a shame if frank and extensive discussion of these facts cut a few percent off their $100 million IPO?

Idea #2: Since Digital Convergence plans to build a database of demographic data, how about a little program that pulls random items out of the UBC database, encodes them, and ships them off to the DC servers every couple minutes? This would irreparably corrupt their database, making it worthless-- weeding out fake scans would be essentially impossible. If you're worried about legality, print out 10 pages of barcodes for obscure items you'd never own or desire and scan them again and again whenever you have an idly thinking about something else. That way, you're using their product exactly as intended, yet still corrupting their database. What can they do?

Crapitty crap crap. Here's a link that works


___________________________

• DC gives away hardware and expects revenue from use of its software. However, since its software stinks and is easily replaced, the business model is hosed.
• A recent letter from the president of the technology group at DC shows a total lack of understanding of IP law-- upon which the health of the company critically depends. (Or would depend, were the law favorable to their cause.)
• Apparently realizing the enormity of their error, DC has been sending vague, threatening letters to people who have found uses for CueCat that undermine their business model. Unfortunately, these letters appear to be a bluff.
• These threatening letters have incensed the open source community-- a group well-qualified to undermine DC's business model by providing alternate software to drive the CueCat, shutting of DC's revenue.
• The product raises privacy concerns, particularly in light of the recent hack into Digital Convergence's customer database.
• Just as the company's fundamental business model has come into serious question, they file for an IPO. Could this be a hasty attempt by execs to grab some cash before the ship sinks beneath the waves?

Be sure to relay only FACTS on internet discussion boards-- that will suffice. Of course, wouldn't it be a shame if frank and extensive discussion of these facts spoiled their $100 million IPO?

No. :-)

Stephen Satchell's theory behind the DC letters. Basically, DC is only going after barcode to web translations, not simply cuecat decoders. Even though DC has refused to answer what their "intellectual property" is, their letters have gone exclusively to sites that have software that can let you use your cat with the web. Satchell further points out that NeoMedia Technologies, not DC, actually have a patent on barcode to web lookups. NeoMedia is sitting on the patent until, I guess, there is enough money being made to jump in and begin extorting licensing fees...

I went over to Michael Rothwell's page about it, and well, was completely underwhelmed by his initial response. Besides, lawyers will never take anything seriously unless mail addressed to them are from another lawyer.

So, perhaps a better response would have been something more like this:

Dear Sirs,

Thank you for your letter dated August 30, 2000 regarding my website flyingbuttmonkeys.com. After consulting my lawyers, a few questions remain. I have summarized these questions for you here.

1. What Intellectual Property owned by Digital convergence was revealed on flyingbuttmonkeys.com?

2. Would you please cite the exact law I am accused of violating?

3. Would you please describe how one would consent to the End User License Agreement covered by the Cuecat and Digital Convergence Intellectual Property?

4. Would it be possible for the user to use the cuecat hardware without agreeing to the End User License Agreement?

5. If a user expressed consent to the End User License Agreement described above, please explain how the user would express consent to any changes made to the End User License Agreement by Digital Convergence or any other third party?

Thank you. I appreciate your response.

Sincerely...

Michael's code is here.
--

And now, flyingbuttmonkeys has their code back up.

What a hoot!

See also http://www.flyingbuttmonkeys.c om/media/newsradio.mp3 for a phone interview with me from this morning.

(I would like to thank slashcode for inserting the space in the url).

---- ----

InterNet News Radio ran an interview with me this morning about the CueCat. I have it mirrored
here. It runs today, Sept 18, 2000, so you'll have to look for it in their archives starting tomorrow. However, I'll keep the mirror at my site.



---- ----

As I recall, Digital Convergence did not hestitate to fire off bogus legal threats. This is no "good will" to abuse.

They have a busines plan with a hole large enough to float the USS Truman through. Namely, they hope to profit from a service that can easily be obtained elsewhere for free. They're trying to cover this gaping hole with legal intimidation.

An altruistic outfit might reasonably expect a somewhat altruistic public response. But once the lawyer threats start, forget it.

http://www.barpoint.com/ offers a wireless laser-equipped barcode scanner, with a docking cradle, and software that gets you coupons and produces shopping lists. $29 deposit, plus $25/year. They were smarter than CueCat, in that they made it clear that they own the device, but also made it cheap and useful.

Of course, you can always use your cuecat to get a $25 discount on a 'real' barcode scanner...

Interestingly, http://www.readerware.com/ has added support for the CueCat to their software, and it does not report back to Digital Hemorrhoid. Normally, the CueCat device sends a request with your serial number and activation code embedded. THe CueCat output looks like this:

.C3nZC3nZC3nYDhv7D3DWCxnX.fHmc.C3rXD3T1C3nXD3nW.

It's an ALT-F10, your serial number, the bar code type, and the bar code data, spearated by periods and lamely base64+XOR67 'encrypted'. The CueCat software turns that into a request that looks like this:

http ://a.dcnv.com/CRQ/1..ACTIVATIONCODE.X.SERIALNUMBER .FhMC.c3Rxd3t1c3Nxd3Nw.0

YOu can actually replace your activation code with anything. My software replaces it with "ACTIVATIONCODE". It briefly replaced it with "MOTHERFUCKER" but I switched it back. The X seems to usually show up as "04" but doesn't have to be, and seems to be irrelevant in any case. And the Serial number can also be replaced.

Their game is to track all products and magazines, books, etc. scanned by their users in order to target marketing. YOu have to answer a long list of nosy questions when you install the windows software, unless you don't run the "autorun" program, and just run "setup" instead.

This probably explains why they're pissed about Free software existing. Mine, for instance, strips out the activation code unless you actually want to send it in. This anonymizes your scans.

Of course, I can't distribute my software because of some questionable legal shennanigans. I wonder if ReaderWare got a nasty letter... oh wait, they're a company that can probably afford lawyers, unlike me.

---- ----

Notice that on the second page of the letter from KENYON & KENYON they cc: a certain John Huncke, Digital:Convergence Executive Vice President of Business Affairs. From checking his bio linked above, you can see that he previously was an attorney for various media corporations and "a clerk at The Rose Law Firm in Little Rock, Arkansas during Hillary Clinton's tenure", which should tell you a lot about his outlook towards intellectual property and innovation.

Now at: http://www.flyingbuttmonkeys.com/cuecat/

---- ----

I've written a decoder, available at:
http://www.flyingbuttmonkeys.com/~rothwell/

... it understands ISBN, UPC, EAN, Code128 and parts of other barcode formats. I do not know what the actual protocol is, but I reverse-engineered a rather large lookup table. Digital Convergence replied to my request for documentation on its output format with "over our dead corporate body," more or less. So, lookup table it is, until I discover the true pattern, if one exists.


---- ----