Slashdot Mirror
"Cloudy Future" For CueCat
Edgester writes "There is an article at Security Focus about Digital Convergence and the CueCat Barcode Scanner. DC thinks that those Cease and Desist letters completely stopped the hacker community from hacking the CueCat scanners." Oh - and we should just point that in the continuing example of Digital Convergence's wonderful security their site was cracked and all user info was captured.
We love loss leaders. They give us cheap hardware to play with.
Loss leaders don't love us, though! And we definitely don't like the way many of them treat us.
This is obvious damage control on DC's part; not news that slashdot should be spreading. (Except on slashdot it means that hundreds will now go set up mirrors...)
This link, http://www.securityfocus.com/news/89, led to no fewer than fourteen URLs:
http://www.securityfocus.com/frames/ad.html?group= secnews? &_ref=19861971m l?id=89&_ref=19861971e f=19861971m l?&_ref=19861971l ?&_ref=19861971m l?&_ref=19861971m l?&_ref=19861971m l?&_ref=19861971s =home&_ref=19861971t ml?&_ref=19861971m l?&_ref=19861971= home&_ref=19861971t ml?&_ref=19861971
http://www.securityfocus.com/focus/home/menu.html
http://www.securityfocus.com/templates/article.ht
http://www.securityfocus.com/frames/logo.html?&_r
http://www.securityfocus.com/frames/upper_left.ht
http://www.securityfocus.com/frames/left_edge.htm
http://www.securityfocus.com/frames/lower_left.ht
http://www.securityfocus.com/frames/right_edge.ht
http://www.securityfocus.com/frames/upper_edge.ht
http://www.securityfocus.com/frames/top.html?focu
http://www.securityfocus.com/frames/upper_right.h
http://www.securityfocus.com/frames/lower_edge.ht
http://www.securityfocus.com/frames/ad.html?group
http://www.securityfocus.com/frames/lower_right.h
Someone tell these guys to read some basic web design docs. (You can't even link to a printable text-only version!)
sulli
sulli
RTFJ.
I've already scanned in my books and CDs, so I can tell you before you start that it's not as easy as it sounds.
For one thing, if your book collection is anything like mine, you'll have a good number of books that don't have ISBN's (crummy British paperbacks from the 60's), let alone bar codes. Then there are a bunch where there's some stupid sticker, or a bend in the book cover, etc. to make it unreadable. Then, once you've got the barcode, at least a third of them don't successfully get a title and author from Amazon. I even hacked up a CGI-Z39 gateway to look up the ISBNs in Melvyl (Univ. of Cal's catalog), and got about the same hit rate there (though better data when it did hit).
CD's are roughly the same: a third of mine (mostly old stuff and punk) didn't have UPCs on them, so didn't match. I pointed them at barpoint.com, and got a hit rate of roughly 75% on the ones that did have barcodes.
I also did a lot of mucking around with the various different drivers, and wound up recoding some of it in Perl (the UPC->ISBN stuff was in Python), so I spent a lot of time before I even got started messing around with the drivers and stuff.
My $0.02, anyway.
--
-Esme
I (or my father) was on their mailing list, and I recall receiving a catalogue advertising a hard-disk (probably called a Winchester in them days) for some TRS80 machine. At the time I'd no idea what one was, and for the amount of money that they wanted, I wondered who could afford one.
Then there were all the components. Resistors, diodes, switches and so on. Few other places sold them.
Now the local Tandy has become a telephone store. Other shops still exist, but have cut down badly on geekish things. Couldn't even buy a box of floppies (I needed some to install Debian) last time I visited one. And I couldn't find a fuse for my PSU, either. Not a geek hangout any more. We do have Maplin stores, though. The local one is huge.
I heard that in AU some guy had a local (regional?) chain of hamburger joints named "Burger King" - completely legal (in AU), but boy did the bruhaha start when the "real" BK decided to establish "down under" - in the end, BK (US) called themselves something else in AU (though I never heard what name they did choose - anyone know?)...
I support the EFF - do you?
Reason is the Path to God - Anon
They should have forgone the serial number part(I don't need a serial number on mine. if it gets stolen, I'll buy a new one. I mean come on! heh), and sold it for $10 a piece, and made a ton on software bundling. Home inventory(CDs), quickie hardware identification(run the cuecat on your video card, and it'll find the drivers for you!), and such. Forget about the Rat Shack stuff, that's peanuts compared to selling a piece of hardware cheap, and doing bundling with it.
Maybe because not enough people write to their representatives to let them know how they feel about intellectual property issues. However, I think it would take a *lot* of mail from constituents to conteract the messages they seem to be receiving that allow things such as UCITA and DMCA to pass votes.
:-)
What type of laws do you thing would benefit us consumers? Should the government pass a law stating that all systems must be totally secure? How would this be enforced? How would anyone know whether their systems are completely secure? I don't believe it is possible to prove a complex computer system as being secure. It can only be proven insecure. As such, prosecutors could only go after companies whose servers have been cracked. Maybe crackers could then become employees of various law enforcement agencies.
Anyway, civil recourse against breaches of privacy seems to be the only sane route. Companies should be liable for gross negligence about security, but then how gross is gross?
As far as "the police/military/sceret services[sic]" just sitting back, I would rather have that than Carnivore/BadEvilGuyFinder watching everything. The system just needs time to settle into equilibrium.
end of line
I hate this CueCat thing as much as the next geek (I got mine - free and clear, no trace), as well as all the bull that went on with the iOpener, etc.
Seriously, why don't we build our own open-source bar-code scanning solution? True, one can get laser and wand scanners that output to serial ASCII pretty cheap and all, but even for those one must surf the used market. Doing it ourselves though is the way we work - we are geeks, right? A soldering iron and some simple parts never hurt anyone (outside of a burn here or there, right?)...
These devices are simple! Something could be built quite easily with a handful of parts (heck, most or all could be found in a busted remote control). Find something to stuff it all in, and a scanner can be built.
What isn't so obvious is the software to decode the barcode - plenty to normalize the scanning speed, direction of scan, and probably a million other things that I don't know of would need to be coded, but come on! Open Source enthusiasts have managed to put together amazing packages of complexity - a bar-code decoding package shouldn't be too difficult, I would think. What is stopping us?
I would think that we could come up with a true open design for a wand style reader, made from a few parts (I would imagine on the low end the scanner would consist of a high brightness red LED, a phototransistor, and a low val resistor, like 470 ohm - vcc (5 volts) would be run through the resistor (to drop current and voltage a bit), then split to drive the collector of the phototran, and the LED. The emitter of the phototran (I am thinking a NPN phototran here) could drive a pin on a parallel port. Throw all of this into a nifty case - like a BIC pen). Once the code is done (GPL'd, of course), distribute it with schematics for the reader, maybe a few pictures of a completed sample device, and construction hints...
We have an itch to scratch - let's scratch it!
I support the EFF - do you?
Reason is the Path to God - Anon
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
Are there any places out there that let you search for CDs via the bar-code number the same way that Amazon lets you use the ISBN?
I'd like to see someone take that hack that directs CueCat scans to an Amazon page another step further...
I'd like to be able to scan the bar-code on the back of a CD and have a CDDB (or MusicBrainz, etc.) record be returned.
Obviously, you first would have to find a place to search the bar-code against and then filter those results and plug them into a CDDB query...
Well, I can dream anyway...
"Do no unnatural thing today." - Captain Flak
The new version of FooCat BarCode (0.1.3) returns author, title, url and image url (cover shot) for books, CDs and DVDs in tab-delimited format. Check the CueCat Project page later today.
n 6ChfX.
N zc3Nxe3B7dXJzcnNx.FhMC.c3pwdXF3dXN6cHFx. 0 http://www.warnerbros.com/pages/music/index.jsp?fr omtout=home_menu_music_item1 WARNER BROS. RECORDS, INC.
s earch.d2w/Details?code=093624609322&medi aType=Music&searchType=ISBNUPC&prodID= Return Of The Rentals Rentals (The) /web_images/products/00/15/26/c/15262574_c.gif
Here's an example:
^[[21~.C3nZC3nZC3nXE3b7DxjZCNnX.fHmc.C3PWDxf3Dx
DATA 000000002838610102 UPA 093624609322 9362460932
CUE 9362460932 http://t.dcnv.com/CRQ/1..ACTIVATIONCODE.04.c3Nzc3
BN 093624609322 http://search.borders.com/fcgi-bin/db2www/search/
tab delimited fields, one record per line.
---- ----
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I totally agree with you on the merits of alternative uses of the device.
I've got a PalmPilot and a keyboard interface from the folks that brought us the "Happy Hacker's" keyboard; I could use that as a portable bar code collector.
Velcro the components to my belt, and I could run around my apartment, barcoding all my books into a notepad, and then decode en masse to put together a library listing.
Note the use of the PalmPilot; the reader is a whopping lot more useful if there is some way of collecting a bunch of bar codes as you walk around.
The other piece of the puzzle is to be able to PRINT your own bar code stickers to attach to things. That then means that there is no "fixed" interpretation; you have to create your own framework in which to interpret the code.
As with putting a bar code on each CD you burn, so that you can do an inventory in ten minutes of 100 CDs...
There's lots and lots of cool stuff to do with this; hopefully we'll get past the idiocy of the present situation.
If you're not part of the solution, you're part of the precipitate.
Most of the people responding here missed my point. In an ideal world this would be used for knowledge and easy access. I pointed out that i knew that this would b used for commercial purposes and that that was really sad.
I could care less about the damn barcode reader, it was a stupid little toy to play with. I'm talking about their end result... Linking traditional media to web accessible information.
That's what I would love. Not commercials, not ads. Real information. We all know that it won't be used for that. I remember when the net was good for that also.
I predict the hacker contingency will play with them for a few months, then something else will be the sparkly object that distracts them. Then the hacker's scanners will join the majority of idle scanners, forgotten for months at a time until someone needs to go to Radio Shack for something, and the little tickle in their hindbrain reminds them that they have a CueCat that's fallen behind their computer desk.
Except that they didn't install the software, and won't do it, because they don't want to be bound by the obnoxious license "agreement", so using the cuecat isn't really possible for those hackers, who, ironically, are probably in the top 5% of people who might actually want to buy something at Radio Shack!
This is where DC is hurting themselves.
They don't want their intellectual property to be reverse engineered. Of course there's no legal backing of this desire of theirs, but can't you show minimal respect for the mentally challenged (taking into account actual amount of intellect involved)?
--
I went down and got one after reading the article on Slashdot. Then I proceeded to to over to Freshmeat and find the Linux driver and a Perl module... Oh yea... those letters really stopped me from using a CueCat on my Linux box...
Why is it that the gov and the courts and everyone else that has been put into power to protect 'us' the people against the evil things in this world never seem to do anything about companies like DC who issue ceast and desist orders at the drop of a hat and will then leave there servers open to attack so that other evil people can get our personal info. I some times think that the police/military/sceret services just sit back and let things happen, and don't do anything until we say something! Just my 0.02c
Since the C&D letters, the CueCat
Linux Driver has steadily progressed
from 0.0.8 to 0.1.3, and has gotten a
lot better. Pierre Coupard and other
folks have done a lot with the device.
Since the C&D letters, the driver has
added support for multiple CueCats, we've
put together 2 different models of serial
port converters for the CueCat (think Palm)...
and added support for using the CueCat on
a serial port, keyboard port, or mouse port.
The driver is now a loadable module, and even
supports the USB CueCat which isn't even
officially RELEASED yet!! We've also been able
to test the CueCat with all kinds of different
barcodes and figure out many of the CueCat
codes for them.. On a hardware level, we've
figured out how to wipe or even reprogram
the ID code... I don't know about you folks
or about Kevin Poulsen for that matter,
but I see this as a successful project so far..
For the 1 week after the C&D letters, people
were a bit worried and the development went
more private, but that's only 1 week! That's
a reasonable amount of lag time to allow lawyers
to digest the problem. After 1 week without
response from Digital Convergence, we all just
started breathing again and went back to work.
PS... Happy RSA Freedom day..
-- The Funk, The Whole Funk, And Nothing But The Funk
As I see it, they have a flawed business model. They want to give away the hardware that gives access to their service, but then they want to make sure that the hardware only responds to their service. That's all well and good, but I don't see how they can prevent anyone else from using it for their own purposes. They may have a case against someone who decided to set up a rival service, but I'm not sure how the law would treat that.
They probably would have been better off selling the CueCat Reader for a small fee (maybe at cost) and then providing some sort of special service (beyond simple linking) with their software. That way they don't lose any money if the hobbyist wants to disect their CueCat and they give your average joe a reason to purchase it.
-Jennifer
I've scanned many barcodes with a couple different copies of their device now, and I've found that it consistently reads UPC/EAN, 3 of 9, Code 128 and all these other symbologies really well. I try to scan the Cues in the catalog -- maybe a 33% first time scan rate. Appalling. I've tried varying my scan speeds, the angle with which I hold the scanner, the distance from the page, starting and stopping within the white space near the ends of the code, but nothing seems to help.
I don't know if it's because the barcodes in the catalog are too dense or if they were printed poorly. I imagine the 22.5 offset angle probably made for some uneven aliasing during the catalog printing process.
Has anybody else noticed this problem?
John
The Church of the SubGenius -- because somebody had to put all that slack in there...
John
"An Internet company that's given away one million cat-shaped barcode scanners to magazine subscribers and Radio Shack shoppers is claiming victory in a skirmish with hackers over how the feline freebies can be used."
PR 101: Manage expectations. When you have completely lost, declare unconditional victory.
"We had to make a bold statement up front that we didn't authorize you to do this, we encrypted our cat data, and you're not allowed to take over that output," says David Mathews, vice president of new technology at Dallas-based Digital Convergence.
Bold statement (n.) - Impotent claim that is ignored by everyone. See political speech, press release.
"Digital Convergence was aghast. "If people take over our cat and start using their own databases, the world becomes cloudy," says Mathews. "Our revenue model is being the gate keeper between codes and their destinations online."
Oh the horrors! The world will become cloudy if we don't stop using our own databases! Why, we might even get access to our own information and then where would we be? I mean, think it through people! Is a free world the kind of world you want for your children?
"By way of example, Mathews points to one hack, created by network engineer Michael Rothwell, that allows users to scan the ISBN number on the back of a book with the CueCat. "You could swipe a code, and it would serve up a page on Amazon.com. But what if [the publisher] doesn't want it to go to Amazon.com, they want it to go to web site under their control..."
Think of the implications! We might wind up at a web site that is not under their control!
"By the Linux community taking over and redirecting where these swipes go to, they were circumventing our software."
Oh the shame of it all...
________________
________________
Private Essayist
I almost fell out of my chair when I saw this one in the article:
"You could swipe a code, and it would serve up a page on Amazon.com. But what if [the publisher] doesn't want it to go to Amazon.com, they want it to go to web site under their control... "
Umm...tough shit what the publisher wanted. What right does the publisher have to force me to a certain web page? None whatsoever. Yet another example of a clueless corporation trying to control every little detail and getting pissed when normal citizens won't play along.
The thing that really made me laugh though was this SciFi channel commercial - 30 minutes long, you know the type. The setting was in Heaven, where Bob the Angel (can't remember the name) visits Heaven's R&D department, and the top-of-the-line item that Heaven's R&D department has come up with is - no, not an Aston Martin with flamethrowers and ejector seat, but THE CUECAT!!!
Then they described it as the biggest technological breakthrough ever. Seriously, that's *exactly* what they said.
The word arrogance doesn't even come close.
You're probably right about the lawyers, but offering a similar service under not such an obvious name might be a good idea. Maybe some jobbing hardware hacker can design the same thing but for the COM port - and while she's at it, make it accept data from remote controls too, so I can operate my DVD drive from my bed ;)
--
It's a
-- Danny Vermin
If we can distribute software for the CueCat, in a way that suits our needs without going through DC - What's to stop Staples or OfficeMax from offering their own software that reads barcodes printed in their catalogs without going through DC?
They're seeing the big picture now... so I think. They screwed up and now they're going to have to fight for their life or go out of business having provided all of North America with free bar code readers.
Those who ask why they're bothering with a few geeks aren't seeing the bigger picture of them allowing "rogue" software to proliferate.
While I agree entirely that we have every right to use the device as we see fit, (I've downloaded various decoders alrready) they ain't going to just let this one go.
Perhaps their TV tech will be the real "killer" app of for them and ordinary bar code reading won't matter a great deal, but I figure them for toast.
QUESTION:
Anyone think of some sort of action to "teach" them a lesson?
-- While normally I would consider the following very unethical, given this companies willingness to use scare tactics against honest legal hackers, I suggest the following:
Every time you see a Radio Shack, stop in and pick up another CueCat. Collect them, discard them, whatever, every geek here that picks one up and doesn't use it (in their intended manner) makes a nick in their bottom line. If we all do it that becomes a major dent.
Hopefully they take note and apologize.
--Aaron Greenberg
I care about a CueCat.
Why? Because I'm an Ubergeek and I like barcodes, shiny red lights, and coming up with neat things to do with free hardware. Hell, I even like the thing when it's just sitting on my desk shining the LED light on my wall.
I have been using it on my Windows machine as it was designed, scanning things and bumping my profile value for them up a few pennies... but soon I plan to attach it to a little 486 computer on top my fridge.
Why? Because then I can scan things as I throw empty containers out. And then post that to my own private house 'intranet'. And then at the market, browse my shopping list from my WAP phone. Eventually, I might even automatically have certain things ordered via internet once I've built a buying profile on myself.
After that, I might even get bored and start cataloging my CD's & Books (several 1000 items in each collection) for insurance purposes. I figure that might work better than photographing everything.
See, that's what being a Geek is about. Have stuff. Open the hood. Hook stuff together and make it do stuff it probably shouldn't. For fun.
In the end, my advice to DC would be to embrace the hacking community. The value they 'lose' on hackers not providing profile data could be recouped in cultivating a community to help generate new ideas for their product. Hell, establish projects for bounty using the CueCat. Sell the CueCat for up to US$20 for hackers who aren't going to use it as designed for marketing money.
Spread good will in the hacking community, let me do my projects, hire me to polish them up and let you sell them... (I mean, I don't have the business sense or money to produce the hardware) and my mom will still use it to scan things and see the neat home pages. And eventually you (DC) might even be able to sell my fridge idea.
Indeed. I remember the little circuit project books they used to distribute ofr next to nothing. Nothing else was like it.
Speaking of unusual aching, you might want to read Christ that aches with Johnathan Frakes. For all you ST:TNG fans out there. Off topic, I know, but now that the Karma cap is in place, I'm a crazy man.
It's as if DC had set up a toll booth in the middle of an open field, then started screaming bloody murder when people simply walked around their toll booth.
Yes, they have a cloudy future.
Can we PLEASE move on? I'm sick of hearing about what an evil company this is because they're trying to make a buck off of some free hardware. ;-)
The issues at stake are deeper than you think. Companies like DC are using a nebulous law to threaten the "hackers'" freedom to innovate and experiment (and I don't mean this in the M$ sense).
Computers, Internet(TM), etc. are where they are today because kids all across this nation (and the world) dared to experiment and try new things. DC is just trying to kill that spirit to protect an inherently flawed business model.
And oh, BTW, "loss leaders" are welcomed with open arms (and open tool boxes
Because receiving the threat of a lawsuit from a company is a scary thing. J. Random Hacker does not have a legal budget, let a lone an entire legal department. We've already seen that corporations use litigation as a stalling tactic, and try to drag the case out until the defendant has to give up due to lack of resources. Aside from the massive amount of money you could lose (without even losing the trial, just on legal fees), this is something that will dominate your life for an indefinite amount of time - if you're spending all you time in court or preparing for court, how do you work?
Litigation, or threat of it, is unfortunately a very effective tactic from a corporate point of view. It's a rare kind of person that can push crappy laws like the DMCA to the limit and still have the time and desire to go to court to obtain their rights for the rest of the country.
Didn't these people do their homework?
:-)
This is not the first time that barcodes were put in magazines. They want people to leave them alone. I'm sure they'll be quite pleased.
As a Mac owner I don't even have a choice. First: no effin drivers. Second: the CluelessCat USB cabling sucks! Its a standard, DC. A standard! A simple connector. Stick your parallel and keyboard cable kludge where it'll hurt.]
I predict an overwhelming yawn from the public. The Linux hackers are probably the ONLY people who will have installed and played with this stupid looking piece of plastic.
This is about an idea as D.A.T. in an age of CD-ROM burners.
The DeCSS decision (under appeal) has zero effect on this. I have the DeCSS code on a t-shirt I bought here. I wear it with pride.
The RIAA, MPAA and other bullies of this world who try to restrict technology by force of will are sitting on beach chairs telling the tide to stop. I pity them, but not much.
Changes in distribution and payment technologies will sweep away the useless and leave us all with more money in our pockets.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
I don't agree at all. You make it sound like iOpener built their equipment to be of any interest to geeks.
They built them to be of interest to people who basically wanted a better WebTV, i.e. something which came with a high resolution screen and would work with a wider variety of internet sites.
That segment of society isn't at all interested in making it run something else, they just want easy to use.
The reason why these became appealing to geeks was only because nobody else has been selling a reasonably priced small computer with a LCD display like this. It's the only one available, therefore people want to find out how to make it work for them.
Was it iOpener's fault that they hadn't realized the appeal to other people? Perhaps.
But I don't think that makes their business plan invalid. If this is true, then WebTV's business plan is bad as well despite 4 million+ users.
Now maybe they should have realized the opportunities they would have to sell this hardware outside the framework of their ISP service.
For instance, if they had formulated a contract, sort of like the internet appliance from Compaq whereby the cost of hardware is $500, but if you sign up for 3 years of their internet service you get a $400 rebate, they would have been in a better position and we'd likely have seen fewer complaints.
Maybe you should look into rechargable batteries, then. Or just plug stuff in to the wall sockets.
If you sign up for their Battery Club, the batteries are free. IIRC, you used to be able to get a free 9V or small blister pack of RS brand batteries every month. It's one way of getting people into the store and having them actually buy something else. Grocery stores do it all the time. They advertise products with prices that are below cost and hope that you buy something else once you are in the store. When I picked up a RS catalog + CueCat, I bought a few other things. Wal-Mart is a master at this. I don't know how many times I've gone into a WM to get a package of diapers or something else for the kids and end up buying $50 of other stuff. My wife say's it is due to a chemical they put in the Sam's brand drinks and food that makes one addicted to shopping at Wal-Mart. Along with floride, it's a standard additive in the tap water in Bentonville, Ark. =)
the good ground has been paved over by suicidal maniacs
DC have actually got a really, really good business plan. It goes like this: give people free barcode scanners, get them to scan their stuff in, then they go to our website (via our software) and we redirect them to the company that "owns" the barcode.
So Digital Convergence's real money-spinner is not the cuecat at all, it's SELLING SPACE TO ADVERTISERS. You think Coke aren't going to be paying to have CueCat link to their site from their barcode? You think Pepsi won't pay Cuecat more to have the Coke barcode take people to the Pepsi site?
All DC need is a huge database of barcodes and URLs, and a large market share - currently, they have the only market share. They want to be the VideoPlus of URLs.
Since that's their main asset, then, I simply DO NOT UNDERSTAND why they care about people reversing their hardware. It's a lousy design anyway - people need to use a keyboard to surf the web (esp. to "reorder pharmaceuticals" - an advertised use of CueCat - so they can enter their Visa/MC number). It should go in through COM2.
The only thing they should be worried about is if another company made a better database than them. But that's simple free-market competition. I guess they're trying to lock down the cuecat to make it harder for such competitors, but they're not going to succeed, so why don't they invest their time and money in making their product the best so that the competition can't out flank them?
Maybe because they know their actual service is a shoddy pile of crap? I don't know - I haven't used it. But since it's just a 1-table SQL database with an ASCII string as the primary key and an ASCII string as the only other column, how bad could it be?
I say that the OS movement should make a rival site - www.qcat.com - and write software to send people there from *every* OS. Everytime anyone sees a DC barcode they should scan it, note the URL, and put it onto the qcat database. It'd be like CDDB. Then we can offer the exact same service, but with privacy, and cheaper for businesses to subscribe to, and drive the fsckers out of business. We could use the proceeds to fund Open Source projects. Then DC would be a *good* memory - "Hey, remember that company that gave us all free barcode scanners before going out of business? They were cool." ;)
Any takers?
--
It's a
-- Danny Vermin
And then note that
If the DC folk fail to respond to the not unreasonable expectation that they actually indicate what "intellectual property" is being infringed on, then it seems to be, as you say, "totally fair game" to continue tinkering.
After all, if they can't or won't document the nature of the infringement, is it infringing?
I'm not surprised that:
It appears that they think that simply using the :Cue:Cat represents their "intellectual property," which seems pretty nonsensical.
If you're not part of the solution, you're part of the precipitate.
Okay... I'm sorry but this is getting rediculous. They are treating this damn bar code scanner like it's the holy grail of cool things. It's not... It's a cheap little barcode scanner that doesn't even really do that good of a job.
They do have some work and some intersting things in their C.R.Q. software. I never used it (I'm really glad now), but what it does actually probably took 5 years to develop.
In case no one looked at it. You hook up and audio source (T.V. or Radio) to your sound card. There are specially encoded audio codes that the C.R.Q. software will recognize and open a browser to the appropriate page. Basically barcodes over tv/radio audio.
That's kinda cool. It would be cooler if it wasn't mainly used for advertising (although I hear PBS is going to use it). I am also fairly certain that there is quite a bit of skill, talent and hard work in that.... there is however NOT in a cheap little barcode reader.
DC sells software and a service, they make their money from companies being able to use their barcode and audio codes. I wish that they would realise this... let the crap with the cue cat drop and focus on making their real products useful.
I would love to be watching a Discovery channel show about say, penguins, and be linked to a site that has more in depth information about penguins.
1. It's a dumb idea to scan barcodes just to go to a web page.
2. The thing is really really hard to get to install.
3. It doesn't even work right when installed.
Yep, mine is still in the box and staying there.
"sweet dreams are made of this..."
Because it adds a certain amount of uncertainty to their future. Businesses fail all the time due to blunders and unforseen events, especially on the internet. The RIAA thought that CD copying was difficult enough that it would be kept to a dull roar, but they were wrong and they wish they could go back and do things differently. The internet gives consumers the power to use a little crack in the door to open it all the way. DigitalConvergence doesn't want to be pried open unexpectdly by an organized revolt or consumer greed or anything else.
--
It'd be infringement if it was doing anything particularly unique. I worked with bar code scanners years ago that would scan pretty much any bar code format and give you output in an open format. The only real uniqueness of the CueCat is that it's nonergonomically feline shaped.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Standard IANAL disclaimer.
You own the hardware AND the software copy that was mailed to you, per laws that apply to the US Postal Service.
Besides, I have yet to see one case in the US where a judge found that click-through licenses are legally binding. Just to be on the safe side, get your 12 year-old sister to fill in the form: contracts signed by minors are invalid.
Here in Quebec, about 90% of these agreements are against consumer protection laws, unenforcable and illegal. Furthermore, a judge clearly found that since you had no way of proving you were really the one pressing the "I agree" button, there is no way it could be considered legally binding. Besides, contracts signed under pressure are also invalid, and in most cases the software you bought is not refundable (since most stores won't take back an open CD, you could have made a copy of it..), in which case, to get something for your money, you are forced to accept the terms without possible negociation.
Basic point: There are MANY legal problems with click-through agreements, which most companies would rather you not know about and they surely don't want them tested in court when they can avoid it.
"I remember Y1K, every abacus had to get another bead"
> Gave 4 aliases and paid cash.
Paid cash for what?
Anyways, the first store didn't even ask my name. He still had to ring it up ($0.00), but didn't bother with the name. I guess he didn't wanna type it in. Others asked, but generally conceded when I refused. One guy was a bit insistent, but said that I could give a business address or anything, but that they just needed *something*. I said Bill Clinton, 1600 Pennslyvania Ave. He sighed, but acquiesced.
I wonder how many catalogs Bill gets...
-- Don't Tase me, bro!
Or is this merely something that the "spammeisters" are claiming to be true?
I can imagine such a situation occurring, but wouldn't expect it to persist.
Remember that as soon as such a scheme would start to appear viable, "your company" would be a nice, fat target for a class action suit by whatever class of folk the scheme has been ravaging.
Turnabout is quite fair play :-).
If you're not part of the solution, you're part of the precipitate.
Sheesh. Some idiot actually bid $9.99 for a Cue:Cat on ebay...
Nice product?
For what? This is a remarkably useless product. Really lame too. They probably thing they can slap that bad-boy onto a WinCE "GameBoy" and
The IR port on my Handsprint Visor can be hacked to do the same thing. Big Deal. I cant' think of a single application where this would be worth doing.
Its been tried before for scanning in software and the magazines that tried it have disappeared.
This is NOT a good idea. Its just some idiocy spouted by some fast-talker who has managed to talk some dentists into investing their surplus disposable income into his "vision."
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
That's why I look up a book's web page.
--------
The funny thing to me about this (and other similar cases) is that in the software and hardware world we are just seeing the exact same thing as in the rest of the 'corporate world'.
I watched a story on the news this morning (on CNN) that the games in Sydney are suffering from a bit of controversy. Why? Well, Coke is one of the sponsors, and if you are caught drinking a Pepsi, you are 'banned' from entering until you get rid of it. McDonald's is another sponsor. There is a restaraunt near the Olympic stadium that serves breakfast sandwiches similar to an egg McMuffin. If one of the game officials (or a cop) sees you eating one of these sandwiches, they will take it from you, throw it away, and tell you to purchase from McDonald's next time. If you are wearing a Pepsi tee-shirt, you are not allowed in until you change into something else. If you wear or use anything produced by a company in direct competition to one of the sponsors, you are banned from entering any of the competitions (banned from watching I should say).
Of course, CNN (with all its corporate sponsors) was really willing to see both sides of this story. They interviewed three 'regular people' that all said, "These companies have invested a lot of money in the games and deserve to have some recognition for it." I would like to have seen them interview one of the people that had their breakfast ripped out of their hands and thrown away, or someone that had their Pepsi taken away from them, or someone that got told, "You can't wear that shirt here."
Frankly, the corporate controlled world is becoming the norm. And anybody that doesn't like it will soon be 'banned' from participating in anything in society. You say that wouldn't happen if the games were in America? Take a look at some of the ridiculous crap that goes on (and is covered on Slashdot) and think again. Also consider that most of the companies that are promoting the Olympics are American companies, and you'll start to see that it is just as much an American problem (probably moreso an American problem as we are the country with the stupidest IP laws in the world) than any other country.
Sorry for the slightly off-topic rant, but that news story just pissed me off and made me feel like boycotting Coke, and McDonalds for life. That won't be so hard, I'm not a big fan of either. But I wanted others to know, and felt it applied to the 'companies protecting their (supposed) intellectual property' conversation.
Bite my yammer.
It seems that the UK chain was sold recently, and the less profitable stores became "Carphone Warehouse", who oddly set hand-held mobile phones. Two of the local ones have now changed, the other two are still called Tandy.
The remaining stores seem to have become more mass-market shops, selling games consoles, video recorders, cheap hi-fi. the components appear to be stock left-over from before the sale of the chain, and the number of components appears to be slowly decreasing.
Maplins is a lot better. The local store in Leeds is the size of a furniture shop, also sells lego Mindstorm and R/C gear (The advertise in the awful Robot Wars magazine). It's also open until 8pm some evenings
Given the talent available, they should have floated the idea here FIRST. Then they'd have got a much better implementation.
:-)
However, its still a lame-ass product. It won't fly any better than it has before (and it has been tried before...
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Frankly I could care less about a bar code scanner myself, I don't have much use for it.
However, I don't like the idea of any peice of hardware being released (free or not) which tries to pretend it has the protection of the law preventing you from using it any damn way you please. The only protection this has is the ability of the company to file frivolous lawsuits against you to take your time and money (for a lawyer) to make it a pain to do something they don't approve of.
However this now seems to be becoming a trend in the consumer electronics market (iOpenr, Tivo) and I think its a trend that needs to be stopped. Hardware makers seem to have started thinking they should have the same type of lame licenses that software companies have on their products (ie. we'll sell you this but no you don't own it and can only use it how we want you to).
Thus I'm only interested in it because I don't like the idea of EULA's for hardware I buy or receive for free.
-------- This space intentionally left blank --------
> I'm wondering why people have stopped hacking the ::CueCat::
/usr/bin/perl -n
/\.([^.]+)/g;
You believe what DC said? Go to freshmeat and search for cuecat. As far as I can see, the *only* one who doesn't still have their code up is flyingbuttmonkeys. Online decoders like http://www.jounce.net/~maarken/decode.html are still up (never went down, as far as I know).
I wonder if DC really believes the hacking has stopped or if they see this as the only face-saving stance that they could take.
The only other reason I can think that there is any "less" hacking is that the decoding is 100% solved in 7 lines of perl:
#!
printf "%s %s %s\n",
map {
tr/a-zA-Z0-9+-/ -_/;
$_ = unpack 'u', chr(32 + length()*3/4) . $_;
s/\0+$//;
$_ ^= "C" x length;
}
-- Don't Tase me, bro!
those Cease and Desist letters completely stopped the hacker community from hacking the CueCat scanners.
:)
I'm still considering trying to round up about 10-15 of em, daisy chain them, if possible, and have a bright colorful window decor for Xmas.
Who needs twinkle lights when you've got Cuecats?
She subscribes to Forbes, and gets a
How does this look any different to DC than the "evil linux hackers"?!!!
Not a sausage.
Joe hacker gets a
See, to DC, both scenarios look the same. They pay to send out a scanner, but get no consumer tracking information back. And I really don't see them busting down aunt Martha's door just because she didn't use their gizmo.
There are two situation a not insane person would try to avoid:
- One target influences other targets (who would normally use the device) to not use the device as intended
:Cue:Cat.
- Instead it taking one device to service one target, one target consumes many devices (and maybe uses none of them).
:Cue:Cats in the drawer. :Cue:Cat. :Cue:Cats, 2) Make RS either a) instate a "one per customer" policy or b) RS pays for the HW and it's RS's loss.
Having people laugh at you and mock you as an idiot isn't good business and should generally be avoided. (unless you're making a ton of money for it).ok, so this kinda gives them a reason to fear the spread of info on hacking the
For the same reason they could fear a bunch of luddites boycotting them.
So aunt Martha subscribes to Forbes and Wired. She tosses two
Joe hacker gets greedy and goes to every RS in town for a free
I could see how DC might want to avoid this situation too. So they could : 1) cross reference the subscriber lists before mailing out
DC's also alienating a potential market... while I'd agree that a good amount of their business would be from AOL'ers, there are a surprising number of hackers that shop Radio Shack. (Geez... how many times do I go there for batteries and walk out having spent $200?!!)
/., Freshmeat or an alternate Linux/open source community site as a thank you, extend the functionality, and re-release them back to the community (under GPL, of course). Make them simple to install, include some goodies, whatever. In otherwords, make a superior open source product.
Amateur radio hobbyists, especially those from the Linux community, end up sending part of their paychecks to places like RShack. I'm there at least once a week buying stuff. But how can I use the CueCat when the DC PHB's forgot to develop a Linux driver for it? Sorry boys, but the five boxes down in my shack don't have a single Microsoft product on them!
Instead of firing up the attorneys, why not pull the Microsoft "embrace and extend" trick. Grab those drivers, thank the community, contribute $10,000 to
Instead of boycotts, hacking and general disasterous public relations that is a serious abuse of their investor's bucks, you might find a bunch of new customers (who are usually the bigger spenders at RShack) who'd cost you only an occasional un-intercepted barcoding scan of their books in the home library.
*scoove*
"Poor sportsmanship: They just can't stand to see the other man win."
The number of hackers expressed as a percent of the computer-using population is maybe 5%-10%. Sure, the number who "shop the Shack" is certainly much higher, but they're still barely statistically significant. It's the AOLers of the world that will make them ALL of their money, regardless of hackers.
Hackers tend to understand cookies and privacy issues better than the general population, too. Most privacy-informed people wouldn't ever fire up the software that came with it, once they understood the tracking mechanisms beneath it. These people are already lost to Digital Convergence, whose stated goal is to build up a marketable database of info on their users.
So, given that hackers and privacy wonks will never use their software the way it was intended, D.C. should drop that market segment and focus on making sure that every AOLer gets to see Pepsi ads at $.025/eyeball. As Willie Sutton said about robbing banks "that's where they keep the money!"
The Church of the SubGenius -- because somebody had to put all that slack in there...
John
Come on guys.....nowhere in that article did it say that CueCat has a 'Cloudy Future'. It said, "'If people take over our cat and start using their own databases, the world becomes cloudy,' says Mathews." TOTALLY different meaning. Talk about taking something out of context...jeez.
Admit nothing, deny everything and make counter-accusations.
You realize wrongly. This is whoring for (+1, Funny). See the sig.
--
Ever since the cease-and-desist letters came out, I've been working on aspects of the CueCat. That effort spawned a section of my Web site that worked to expose all aspects of the red-nosed pussy. On my pages, you will find the anatomy of the proprietary cue, a complete description of the output of the CueCat and how one would discover the base-64+XOR algorithm without disassembling or decompiling a single instruction of executable code. I've also put together a capabilities list of what the 'Cat can do (and that list is expanding as people report additional capabilities). I even publish a rationale for why I did all that work.
The only reason I'm slowing down is that I've done about all I can do. That included publishing source code to an interpreter that runs as a console app in both Linux and Windows.
Now, where do I draw the line? I draw the line at providing code without license that would infringe patents 5,933,829, 5,978,773, and 6,108,656...held by NeoMedia Technologies Inc. I stop at interpreting the barcode on stdout in order to bring the CueCat to the same level of functionality as other barcode readers.
Now, I'm looking at PaperClick...
The only way "lawsuit-oriented" business works is if you plan to sue people that have millions of dollars that could actually pay you something.
Insurance companies are good targets; TI makes lots of its dollars charging companies for access to its patents; IBM's patent portfolio is useful against companies.
None of this is good for dealing with consumers.
If you're not part of the solution, you're part of the precipitate.
The truth about this is that the only devices that have been exploited have been loss-leader type electronics, and built on useful hardware, which often makes the best loss-leader (ie, it's a good product).
Things that haven't done so well, and haven't been hacked have been *extremely* proprietary devices like the Mailsite personal email box (man that'd make a sweet portable bash terminal).
So... useful things tend to get reused if they're given to us. The only way companies can avoid a situation like this is to make something damn near worthless if hacked (funky hardware, no ram, no hd, odd processors, etc)... The problem of course is that those types of things don't always make good products.
----
Just because they call it encryption and it looks like nonsense characters at first glance doesn't make it so. I could call the guy from DC a circus clown, but although he and a circus clown both wear funny suits, the circus clown's suit is supposed to look funny, and therefore is a circus clown. Mr DC exec, on the other hand, although looking pretty silly (in theory anyway), is not a circus clown, despite what i say.
Hey, that sounds like the cable that feeds audio/video into the 1/8" VIDEO IN jack on my handheld TV. Maybe that's "another use" for the cable.
"Our revenue model is being the gate keeper between codes and their destinations online."
In other words, they want to protect their bottom line. The truth is, they should have thought of this sort of thing happening, and taken steps to protect their interests before releasing their product. It's their own damn fault, and I have no sympathy.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
Have the people in the CueCat database which was stolen sent the CueCat manufacturer a cease & desist letter?
When I first heard about the Cue Cat on Slashdot, I thought that Digital Convergence seem to have created an excellent product, but are a little short on the old grey matter.
It seems pretty obvious that here's a company who have read "New Economy 101" and decided that their tangible product should be free so they can create money on the spin-off merchandise (the software). Shame they didn't think one step further.
Now they seem to be *proving* their ignorance of the real world. I mean, how naive can these people be? Does their whole business plan smack of "pointy haired boss" or what? "Our revenue model is being the gate keeper between codes and their destinations online!
Sorry DC, but I think you'll find that your (Cue) Cat is out of the bag and no amount of bullsh*t is going to put it back again. Better rethink that business plan.
"Give the anarchist a cigarette"
A little planning goes a long way...
http://s1066194.umsl.edu/cuecrap there you wil find all the software you need
When mindstorms came out, some lego executives were worried about people hacking the bricks, and wondered if they should stop it. However they decided if people have bought it they can do what they like with it! and this would only increase demand for it. They were correct and now lego mindstorms I believe is more than 50% of their revenue stream. GO LEGO! Shame DC did not have the forsight of looking at things that have already happen!
James
When you're creating an algorithm from scratch to translate a sequence of bits to something resembling the known input (the barcode), you have no way of knowing that there definitely is an encryption present. The public CueCat programs use XOR to produce barcode values, but we don't know that the CueCat is using XOR in its logic. The CueCat is a black box, and we can't see if there is a "no trespassing" component.
For that matter, we don't know that the public CueCat algorithm always works. There may be barcodes for which it fails. The correct algorithm has not been disclosed by the manufacturer, so we can only use what seems to work without knowing that it works.
For that matter, what seems to be a serial number at the beginning might actually be some interesting and useful data. We just don't know how to use it. Maybe if there were an authorized CueCat public driver with interesting uses, we would have more confidence in the device and have more uses for it.
Unfortunately, no. See ProCD. And it's a circuit court decision reversing a district court, too.
If they had any sense, they would focus on the other side of the transaction. That is, getting the Cue barcodes into everyone's catalog and advertisement for a fee. It wouldn't matter that the Linux people were using it for other things, they too might want product information, and only Cue's database would be able to resolve the link.
Of course, they would have to stop ripping off the valuable intellectual property of all those AOLers who don't know any better first.
Seems that DC have a real issue with things. Like coherent thought.
Now, if someone were to pull apart a cat, and build one and market it to emulate the original, yes, that'd be infringement.
However, their encryption isn't of their own devising, so, no real reverse engineering there. Just application of existing algorithms.
Data generated from the cat isn't Intellectual Property at all.. Merely generated statistics.
Ok, I understand their stance that it'll affect their revenue stream by hijacking the cat, and using it for things it was never intended.
Still, what percentage of their market will persue this track? If they've done their marketing correctly, an absolutely minimal amount. And some of those may still use it for it's intended purpose.
Basically, if someone doesn't want their device pulled apart, and reverse engineered, don't throw it mainly at the tinkerers market segment.
It's like putting your hand in a tank of hungry pirhanas, and expecting them to ignore it.
In just about every venture, there's the concept of 'acceptible losses'.
As DC don't seem to be tying the whole thing down, and chasing it carefully, I think they just hit the kneejerk 'Call in the legal vultures, and the world will conform', and ignored it.
Not the kind of behaviour of a company really worried about the release of this info.
Malk.
I think they're really barking up the wrong tree trying to shut down the hobbyists and the LINUX driver writers. Their true revenue stream lies with the AOLers of the world, and not with the bitheads that read Slashdot.
They should recognize that 5% of the people are going to hack their cats NO MATTER WHAT THEY WANT, and that the other 95% will be firing up AOL so they can quick scan the barcode on the front of the Radio Shack catalog.
Even if a Windoze version comes along (AOL compatible), over 75% of the users will still not circumvent their device. Mr. Matthews should chalk these up to "acceptable losses" and make sure that the content he provides to his "real" subscribers is good enough that the hacker substitutes don't compete in features.
When did "Cease and Desist" become an acceptable substitute for "Common Sense"?
John
The Church of the SubGenius -- because somebody had to put all that slack in there...
John
The only reason for giving away the hardware is because you've made something that you don't understand.
They could have come here FIRST, got all the drivers they could ever need, come up with a whole lots more reasons to use this thing and sold them at 300% mark-up. They'd be making money now.
Instead, they though they'd slip this in as a Trojan horse between consumers and their vendors. This business plan was cobbled together by someone with zero imagination and a sneaky, theiving heart.
Their CluelessCat was already in the trash compactor (I own Macs.) After the stupid handling of the entire debacle, I'll do without a spy in my midst thank you. Don't bother sending me another one. Not even if it has a REAL USB connection.
NEXT!
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
I think you managed to completely, totally, miss the point. We're not asking for their support. We're not buying their products or services. We just want to not be harassed when we use hardware that we own for whatever purposes we see fit.
I don't care if they understand my "convictions." I don't care if they give a "flying fuck" about us. We never gave them our "hard earned money." We're not asking for "customer support."
We're not asking for anything except to be left alone, essentially.
---- ----
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Other than that, it's free, why not get one just in case you find an application for it someday in the future.
I do not deploy Linux. Ever.
The guy in the article says they executed a very swift, quick shutdown. That's odd, since there've been two freshmeat updates this week.
I think you hit the nail on the head right there. DC's statements read like a PHB trying to convince other PHB's that their business situation is stable, everything's okay, and would you please go back to sleep and feed us more venture capital. Sure, it seems stupid to us, but it's probably plausible to the class of people who can listen to DC's business plan without snickering.
--
Proud member of the Weirdo-American community.
Designed for
Maximum
Control of
America
They send the info to a central repository in Ft. Worth at One Tandy Center. But, there's no mojo in the system that I know of that knows that they're getting duplicates (Nor, do I think they care they care- they're getting their money no matter what; they MADE the silly readers for DC!) as the system there doesn't care and the locally collected info isn't replicated to the other stores (think about that for a moment; they don't want that much data and couldn't manage that much locally!)
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
After seeing the perl script that does ISBN autolookups on amazon.com, I plan to use one to catalog all my books. I planned to do this eventually anyway, but I can see this saving me shitloads of time.
If I get REALLY bored I might see if I can hack something similar for my CD collection.
That, and what self-respecting geek wouldn't be interested in ANY toy like a barcode scanner to play with? Especially if the price is right?
Re: the SecurityFocus article. Does this guy have his head way up his arse or what? He really thinks the cease-and-desist had any real impact? Doesn't he realize all those sw bits are still out there, just hidden a little better? This guy appears a textbook example of a clueless suit in charge of a tech company. No fscking idea of what is going on in the real world.
-'fester
Despises? We love loss leaders, especially when then can be converted over to something useful. We don't like companies that tell use we can't play with the hardware we bought (or picked up a Radio Shack) because they want us to buy the expensive components as well. If you're selling hardware at reduced prices that can be used for something interesting, don't act all surprised when it is used for something interesting (running Linux, playing MP3s, etc...)
I read the internet for the articles.
still remember my ECO101 from UofT, talking about utility functions, indifference curves, perfect competition, monopolies, monopsonies etc.
The CueCat case is a problematic one. On one hand you can not deny obvious user benefits from the product, everybody seems to want one, so in a way the company has created a market for the product. On the other hand the company failed to realize that the consumers tend to minimize their costs, just like the eco classes teach them. Nobody wishes to pay more than is required by the law, and the law does not require making any payments to the CueCat, since CueCat did not bother to protect themselves. So what is CueCat to do in order to stay in business? I imagine the costs are already high for the CueCat. To save the situation they should think of some kind of user benefit they can offer to the customer to buy CueCat software, maybe they should offer an UPGRADE and SUPPORT for the CueCat hardware only to the customers that buy their software.
But, what would I know, I only took the first level of economics...
You can't handle the truth.
Chief Wiggum (to Ralph): "What IS your fascination with my forbidden closet of mystery?"
----