Slashdot Mirror
Privacy Concerns and The CueCat
An anonymous reader sent us a story running over at
cnet about the
privacy issues with the CueCat. The article gives them a (somewhat undeserved) benefit of the doubt as it talks about various privacy groups being concerned about what DC is doing. Fortunately there are instructions online about how to modify the cat to disable its internal identification code (its not any more difficult then decrypting their split-invert-xor "Intellectual Property") by simply cutting one wire. Or you can just use one of the many free programs floating around. Oh, and since their server was cracked a few days ago, not only are they sniffing all this data, but crackers probably have a copy too. I would have been sick of this story weeks ago, but it just keeps getting funnier every time it pops up.
They've already got this scenario covered... ;)
:CueCat(TM) reader water-resistant?
:CueCat(TM) reader is not water-resistant.
From the FAQ at CRQ.com:
Q: Is my
A: No. Your
I have to wonder...what the hell are people trying to do with these things?!
--K
---
When you break it down, the cue cat was a good idea. For marketing guys in ties.... It was really just meant to be a way of promoting, advertising, targetting and tracking. No wonder it was free, right? I laugh in the face of DC... didn't they realize that this would be the kind of thing that just asks to be modified? Think of the many CONSTRUCTIVE uses you can get out of it.. Someone can write a program that lets you scan barcodes on food packages and it takes you to a site that has tons of recipe ideas or if you are diabetic it warns you that it might not be a good idea to eat. Or you can scan a book and it will transport you to a site that shows related books and topics. Not the publisher that tries to promote and sell more stuff.. Or you can put codes on fliers for parties/concerts and it will jump you to a site that has more information, tickets, maps, etc. You can scan CD's and get the name of the napster user which has the corresponding mp3s ;p
You can scan your electronic devices and have Kozmo deliver batteries ;p
You can scan clothing and get a site that shows what would look good with that!
You can scan a car part and get some detailed instructions on how to do it yourself
You can scan a video game and get tips/tricks/codes/other info
You can scan a porno ;o
I'm out of ideas
don't sweat the petty things and don't pet the sweaty things
Right.... and the best part is, you can check their database yourself to make sure that you've been removed...
I assert ownership of all trademarks and copyrights on this page.
Belo Corporation is one of the investors in CueCat. They own a number of TV stations such as WFAA channel 8 here in Dallas where I see CueCat promotions all the time now. They also own the Dallas Morning News. Their web sites, which run on NT, have many web bugs, which made it necessary for me to block the domain names they use to deliver those bugged images (which also took out most of the ads). The evil is not so much in DC as it is in companies like Belo that want to get that private and personal information about your, your family, your web travels, and your spending habits. They will do what it takes to get such information, including investing in startups like DC and CueCat.
now we need to go OSS in diesel cars
This one actually has an interesting side effect that could be a 'benefit' for D.C. -- if they consistently received an unissued activation code that was signed, but the server signature is not valid, they might use that as evidence that the code is coming from someone who has circumvented their program's activation code, violating the DMCA in the process.
ahem.
Violating what section of the DMCA?
The DMCA only covers systems that control access to copyrighted works, not anything with encryption in it.
I think you're way off here. Now, if in addition to having personal info on these guys I had the power to cancel the health insurance of the CEO with a genetic defect/addiction/bad eating habits/etc. or initiate an audit of the IRS officers that would be different. Then maybe they'd stop asking for so much info in the first place. As it stands, what you're suggesting is quite asymmetric. It reminds me of someone's sig here (I forget who the quote is from, and I'm probably mangling it):
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
prove it
if you can come up with proof that your interpretation as a metaphor, and what that metaphor stands for, is correct, i will lick your boots
and if you can't, how bout you lose the inferiority complex, neh?
True. I really don't like the spin Wired puts on a lot of stories. They're almost worse than the AP in terms of whoring to corps.
I assert ownership of all trademarks and copyrights on this page.
What surprises me is that people are getting so worked up over this. Yeah, sure, it would be nice if DC actually tried to protect people's privacy. But unless you're completely clueless, why would you expect them to? If you didn't want your information to be recorded, and possibly distributed (whether by DC or by people 'cracking' their security), then you'd better take matters into your own hands and either not use the thing, or not use it in any way that gives them your personal information.
If you want to cut the wires and use it yourself, that's great. It's your device, and you can do what you want. But if your buying habits have been spread all over the net, you have no one to blame but yourself.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
Is it just me or would hte ultimat eslashdot post be about a Redhat version of CueCat drivers in mp3 format violating the GPL using DeCSS?
----
ADVENTURERS! - ANTIHERO FOR HIRE - CARDMASTER CONFLICT
Whether or not the law actually applies is hardly necessary to bring charges up against someone. Look at the Wen Ho Lee (sp?) case. 59 counts of various crap (including espionage) were thrown at the guy. One count of "mishandling data" stuck. It's how the system works these days. The Justice Department is not interested in justice. They're interested in making sure that somebody who gets charged with something serves some time. Hackers are especially vulnerable these days (see Kevin Mitnik's or Bernie S.'s stories at 2600 magazine for more examples.)
I'm just saying that the details of the law are determined in a courtroom. And most of us can't afford to start out in that courtroom, much less see a case like that to completion. Color us "chilled".
John
The Church of the SubGenius -- because somebody had to put all that slack in there...
John
Vote Nader
Just the thing to have on your tag line after 2 paragraphs about a hypothetical silly party...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
NO !!!
You, the end-user, by DEFAULT should be OPTED OUT, and then you can offer politely to your users to OPT IN, explaining very clear and honestly what they can opt IN for.
It should not be the burden of the gullible end- user to find out, that he can OPT OUT of something, he never had deliberately OPTED IN in the first place.
It is just a matter of respecting your end-user's boundaries. It is the company's responsibility to step back. They should tell you HONESTLY what data they are interested in getting and why, and then ask you politely, if you might to WANT TO OPT IN on that? Anything else is misleading and abusing the technology.
I'll say it:
HAH-hah!
i was curious when it arrived (as a free gift from wired mag), so i plugged it up. it caused immediate hardware problems. so i unplugged it, and i'll now be putting it in the trash after all this glorious news. i enjoy my privacy too much to put it in the hands of ppl who can't understand good crypto and network security...
"Widget choice makes me horny." -
Except that then you need to know when you put the device together exactly where it's going to be shipped. If you change your mind about a shipment - "Oh, forget Radio Shack. They're assholes. Send these to Circuit City." - you're screwed. It also doesn't provide any kind of internal tracking for how many of the devices were sent to each vendor, while with their current system, all you need to do is count the unique IDs that were sent to them.
It's entirely reasonable that they'd want to track this kind of information. The problem is that if you know who has which device, and you know which devices made which requests, you basically have to take their word for it that they want cross-reference the data.
Or, as another example: it's your business if you want to click on a banner ad for Playboy. It's your business if you want to log in with a unique userID to a web site. It's in the site's best interest to be able to identify their ad click-through rate. They're on their honor, however, not to cross reference the information (unless you don't mind the site admins knowing that you're too chicken to go to a real porn site).
No they wouldn't make you scan the barcode on the CD as they'll stop supplying CD's with pre-ininstalled PCs.
It would be much simpler for them to encourage the OEMs to put the bar code on the PC itself. Therefore enforcing one windows per PC
However this does mean that
you would never be able to change the case...
Who wrote all that stuff?
We did. It wasn't some corporate bean counter. It wasn't some fourth line manager who never programmed a line in his life. It wasn't the CEO of a big company. It was ordinary subversive evil citiziens. Just like me.
Afraid yet?
What if there were a bunch of us? What if we were working together? What if we were using our collected information to manipulate your behavior in subtle little ways that only a qualified chaos engineer could predict? Would you start a conspiracy investigation? We wrote the software that runs on the police computers. Would you meet in closed rooms to try to fight us? We can track your movements from your cell phones. That programmer in the next cube could be one of us. We mgiht be working for the IRS, the FBI, your bank. We could be anywhere.
Or not.
We now return you to your regularly scheduled paranoia trip.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
No, the CueCat is a little different than a banner ad. The CutCat is a link to the physical world, whereas banner ads come from your internet feed. Now the company can possibly track anything you scan, ranging from your CD collection, your books, etc. And Digital Convergence isn't being exactly forthright about what they plan to do with the data. They call everything intellectual property, remember?
If all you want to track is whether a Cat came from Forbes/Wired/RadioShaft then you don't need a unique ID for each Cat. A simple (Forbes = 1 : Wired = 2 : RS = 3) ID is all that is necessary. All Forbes users would have an ID of 1, etc., and now there are no privacy concerns.
I don't think so. Yes, that would tell them which distributor that the user received theirs from, but nothing more. It doesn't tell them how many total users are using their CueCats. If 300k units were sent through Wired, how would they know who kept them, and who threw them away?
They would see, on their side, that 40k scans with Wired CueCats were made today. Is that 40k people, or one person scanning 40k items?
Go to http://oss.lineo.com/cuecat/ for this and other barcode/CueCat links. The detailed instructions for clipping the serial number are under "Declawing Your CueCat."
Detailed instructions are available from the Dissecting the CueCat page.
I'm not sure, but I think there is a way to just flash the eeprom so it no longer sends out the ID. At least I think that's what this does.
Work for Change & GET PAID!
I stopped using my card and started paying cash - the discount just isn't worth it. From the store's perspective, there is no connection between me and what I buy. Some people may wonder, "What's the big deal?" Well, people need to realize that they're PEOPLE, and not just revenue feeds for the commerce machine.
So people can show that they're not "revenue feeds for a commerce machine" by ... paying the commerce machine more money for their groceries?
The horror, my grocer knows what groceries I buy! If I don't do something quick, they might base local advertising on our aggregate purchase patterns, or even offer targeted discounts to cardholders! Why can't we go back to the good old days before these large corporations, when you bought your groceries from small town independent stores, where the proprietor knew you personally and rang up your purchase himself, but you had your privacy because ... um ... if you wanted to make unusual purchases you could buy them from another town to avoid gossip?
Damn... Been watching too much X-Files...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
OUR RIGHT TO KEEP INFORMATION COLLECTED IN OUR DATABASES MAY BE CHALLENGED IN THE FUTURE. We intend to use our :C.R.Q. and :Cue:C.A.T. technology to develop and
maintain a substantial database of consumer demographic information that our
customers can use with our permission to conduct advertising campaigns. In
particular, we intend to require each user of our technology to provide basic
individual information in order to register and activate our :C.R.Q. software
application. Under our privacy policy, individual user information will not be
made available to outside parties and will be used internally by us only if a
user gives express permission for such use. Some summary demographic data,
however, may be made available to outside parties. Privacy concerns may cause
users to resist providing the personal data necessary to support this profiling
capability. More importantly, even the perception of security and privacy
concerns, whether or not valid, may inhibit Internet user acceptance of our
technology and products. Furthermore, users may bring lawsuits against us
seeking to prohibit us from collecting this data. Even if without merit,
lawsuits could impair Internet user acceptance of our technology and products.
In addition, legal requirements may heighten these concerns if businesses must
notify Internet users that the data captured after visiting certain websites may
be used by marketing entities to direct product promotion and advertising to
that user. We are not aware of any such laws currently in effect in the United
States. Other countries and political entities, such as the European Economic
Community, have adopted these types of laws. We cannot predict how the
international roll-out of our technology will be affected by these types of
laws.
I'm not justifing anything. I know that I get many good product ideas come into my In box every day. There are thousands of products out there you haven't the slightest clue exist, unless all you do is read the net and magazines 24 hours straight. Without advertising, you wouldn't even know it exists.
Apparently you missed my point, because my point was advertising of the future will tell you about things you don't know anything about yet. All this "data gathering" is just the larval stage of it. Give it a few years to mature.
Just because a product is good doesn't mean anything. Promotion is 1/4 of the marketing equation, and without inventive ways of promotion it will probably slip by unnoticed.
I do marketing for a living, plus I am a geek too. I know both sides of the equation, and I know the happy middle. Without advertising there would be no economy because no one would know anything about anything. True, it does often go overboard. When it does, the public reacts by not buying it.
The main idea I was trying to say is that it doesn't matter really. The information IS going to be gathered on the majority of the public. The important part is to make sure through laws, boycotts, picketing, or what have you that it isn't misused by any one entity. The information WILL be gathered, IS being gathered, and there is NOTHING you can do about it. It's too late for that, that battle was over six months after the invention of browser cookies. The battle that should be fought is the use of that data. Focus your attention on that, or your going to loose that one too.
Maybe we DID take the blue pill. You wouldn't remember anyway.
I'm missing something.
A new cat-shaped scanner being given away to millions of consumers
Why would someone give away scanners to consumers? Why would someone make a scanner shaped like a cat? I use a flatbed scanner which is shaped like a sheet of paper and that's far more convenient.
Privacy advocates are investigating the device, known as the CueCat, and its ability to snoop on consumers while swiping bar codes printed in catalogs and magazines
Why would I scan barcodes in magazines? If you don't scan anything you won't get snooped. Simple as that. And why is a scanner connected to the Internet?
So somebody! Please tell me what the hell this article is about. Have I missed some vital part of American culture or something? Does everyone except me scan their barcodes and I'm missing out on something?
--
-- SIGFPE
Yeah, bit of an odd comparison, but that's where it's headed. Open your copy of TV Guide or your local paper's channel listings, and you'll probably see those inane VCR+plus codes attached to every listing. Right?
But do you actually know anyone who owns (or ever owned) a VRC+plus? Me either.
Those codes are there because the VCR+plus people made a big stink (and probably paid a bit) to have support for their product included in your TV listings. The CueCat's going down the same road. Five years from now, everyone will be printing barcodes in magazines to let CueCat users visit their site. But you won't know anyone who actually uses a CueCat.
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
It should not be the burden of the gullible end- user to find out, that he can OPT OUT of something, he never had deliberately OPTED IN in the first place.
Ummmm...
In the case of the Radio Shack scanner, you are opting in by supplying info (and I expect signing something) to get the scanner in the first place.
In the case of the Forbes and Wired scanners, I expect there is an EULA that you click to accept when you install the software.
Now, if you were going to use one of the Forbes/Wired scanners with the hacked drivers/software, then maybe you have an argument, but the courts will have to decide this given that as it currently stands you likely violated the DMCA (which unfortunately is still "the law of the land" at least until Suprems Court gets ahold of it.)
Work for Change & GET PAID!
>are helped to burn capital by /.'ers
>with 5+ Cuecats,
5+... that's it?!?!?!?
Hell, back over labor day weekend, just after DC started cease-and-desisting anyone who looked at a cuecat funny, some friends of mine and I went Radio Shack hopping throughout the SF penninsula.
We got better than 100+.
The next weekend we threw (or (baseball) batted, or drove(golfed)) most of them into the bay.
We have tape. Once we get it edited down to a reasonable presentation, we'll compress it to a Quicktime movie, and DC and RS will get some intresting email!
Did you ever wonder how Microsoft fits into this?
Can you imagine a bar code scanner driver built into the next Windows, and being unable to log into Windows unless you scan the barcode printed on the CD? Lost your CD? You must be a pirate.
Is there any reason this couldn't happen?
It would probably just be simpler to tattoo a barcode on each of us at birth.
You know, like for a library? We could really do with a few barcode scanners for our library and our filing system. Is there any software to just scan a code then have it entered at the current insertion point?
Comment removed based on user account deletion
>Radio Shack also called a portion of their screen (a single character, iirc) used for the speach synthesizer a window.
It was more than one character, of that I'm certain. I think it was more like 15.
Comment removed based on user account deletion
tee hee...522666
--
Wooden armaments to battle your imaginary foes!
Yes, but Mr. Matthews didn't say that they needed unique ID's to track distinct numbers of users. He said "There is a unique ID within the CueCat so that we can see that some Cats came from Forbes and some came from Wired," said Dave Mathews, vice president of new product development at DigitalConvergence."
I mean, surely people would expect their name, address, and demographic stuff to be collected in exchange for what is intentionally a device to take consumers to their commerce?
The bit I like is that we can now use them unfettered, and there's nothing particularly illegal in it until UCITA is passed, yet we can still get them for free. I bet the majority of people who get these with their magazines (maybe not the Radio Shack people) will be psuedo-savvy, and will just use them as DC intended.
DC do seem to have shown a misunderstanding of human nature, but overall I think their plan will work out. A small minority of people would actually buy these for the fun of scanning codes, but most people would like the free gimmick of scanning advertising codes. Heck, they could even be taken immediately to personalised commerce sites if DC start trading user info directly with the sites. Rather than a breach of privacy, it's an enhancement of the shopping experience, where you have to openly sell your soul anyway.
Does my bum look big in this?
Don't forget the referrer tags. C|Net: "hey look, Slashdot posted another privacy story!" ;^)
--
Wooden armaments to battle your imaginary foes!
Salon ran an unflattering review on our beloved CueCat - stopping just short of using terms like "hare-brained" or "cockamamie". It does touch on privacy issues, but mostly it just blasts it for being such a dumb concept and not even functioning correctly.
http://www.xenote.com/Home.jsp
I don't care how much info your post contains, if it ain't pretty, why bother?
Of course, to be able to do this they need to get broadcasters to insert their audio bug in their programming. And short of DC actually paying them to do so, that's not likely to happen.
The audio bug is loud, obvious, and extremely annoying. It has to be loud and obvious so the monitoring software can be absolutely sure of what it is. So the signal can't go through any limiters that would lower the level too much, and automatic gains throw coniption fits when they encounter the bug. The upshot being to piss off engineers in as many ways possible.
And anyway, it's not like you can't unplug your microphone. (Or, Goddess forbid, not install the software.)
Any sufficiently advanced civilization is indistinguishable from Gods.
It would sure be nice to have a convenient database of my target's purchases, and maybe even more importantly, purchase times and locations. It would save me hundreds of hours of surveillance time.
But if you throw their software away, and just use the cuecat as a plain old barcode scanner, you won't ever go to their servers, and won't see any of these theoretical copyrighted pages.
Or if you write your own software to go directly to amazon.com for books, imdb for DVDs, etc.
Being a marketing student, I have realized that this is the next form of marketing. Now that the means are there to track individuals directly and such, you no longer have to go off any demographics. You can just tell the computer "find me the people that like this and this and this" and it can give you an exact list.
Yes, you may hate it, but it does have it's usefullness. This way you can receive information on products you have proven to be interested in, and might actually want. Eventually it will come down to you won't receive and advertisments except for the things you express interest in, even though you might not have realized it.
It is not dangerous for any one company to have a small bit of information on you. What is dangerous is for any one entity to have all avalible information on you. If some company knows you went to their website, so be it. If some company knows what you do all day, then that's a different story. As long as the information is divided up between competing parties then there isn't really a need to freak out so much.
Maybe we DID take the blue pill. You wouldn't remember anyway.
My cuecat sticker (on the bottom) is '06A00'.
Thanks for the pin 4 confirmation bit.
Adults are obsolete children. - Dr. Seuss
Being a marketing student, I have realized that this is the next form of marketing. Now that the means are there to track individuals directly and such, you no longer have to go off any demographics. You can just tell the computer "find me the people that like this and this and this" and it can give you an exact list.
Yes, you may hate it, but it does have it's usefullness. This way you can receive information on products you have proven to be interested in, and might actually want. Eventually it will come down to you won't receive and advertisments except for the things you express interest in, even though you might not have realized it.
It is not dangerous for any one company to have a small bit of information on you. What is dangerous is for any one entity to have all avalible information on you. If some company knows you went to their website, so be it. If some company knows what you do all day, then that's a different story. As long as the information is divided up between competing parties then there isn't really a need to freak out so much.
Maybe we DID take the blue pill. You wouldn't remember anyway.
Head on down to the Social Affairs office. Stand in a 2 hour queue to fill out the necessary requisition forms. Once the forms have been accepted, expect to recieve confirmation forms in 6-8 weeks. Return these forms in person and you will recieve your cue:cat in about 4-5 months depending on need and supply.
> "plugged into the the keyboard porn" Oh, man, I can't believe I missed out on this fetish! (Click, click, "Oh GOD, Yes!", Click...) Virg
One of the other things in my CueCat box that came from Forbes was a "Convergence Cable". This little insidious piece of hardware hasn't gotten as much notice as the wonderfully hackable barcode reader and has just as much potential to wreak privacy havoc. If you're not familiar with this, the Convergence Cable is essentially an audio cable you're supposed to run from your TV's audio source into your line input jack on your PC. Their CueCat software will then pick up audio cues associated with TV shows and commercials and automatically drive your browser to an associated Web site. Now, not only do they know what magazines you're reading (and scanning), they know what TV shows you're watching. The utter lack of concern for and shameless exploitation of the technology illiterate in our society shown by this company is inexcusable. I sleep better at night knowing that since their cheesy little scheme has been unmasked, we won't have to wait long before they're out of business.
Shut up and eat your vegetables!!!
>>barcode on each of us at birth.
>I refuse to take the mark of the beast!!!
Now, it's been a LONG time since I've attended mass, but even *I* remember the important basics!
It's only the mark of the beast if it's on a specific body location. IIRC, the forehead and/or the right hand are the parts specified.
So the solution is simple. We'll simply require everyone to be barcoded on their LEFT hands, or the back of their neck, or the lower right buttock; or somewhere similarly non-biblical. Simple enough way to keep the fundies happy, eh?
In any event, barcoding at birth wouldn't work anyway. The body does a LOT of growing in its early years, and a barcode done that early would just streach and become distorted and unreadable.
Barcoding should be done when the body's finished most of its growth. Perhaps at age 18, as a prerequisite to being considered a legal adult, able to vote, go to college, buy alcohol, enter the workforce, buy/rent a car, get married, etc.
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
I'm frustrated by Wired on-line's unwillingness to cover this story. Not a peep out of them. They're supposed to be disconnected in all ways from the print version, so why won't they do a story on this?
I've e-mailed them twice about this, but I'm yet to receive a response. I assume that they really are tied to the print version still, and they're simply not allowed to write about it. Still, I guess I've come to expect more of Wired. I never thought I'd see the day when C|Net was proved to be a more useful news resource than Wired.
-Waldo
Well, that's what he says :) For now at least, but I think that they do have an alterior motive. But you are right, they should be pushed underwater for crap like this.
DC made one of the biggest mistakes that any hardware designer can make: using the beta stage prototype as the final product. If they had used their brains, they would've used ALL the wires to transmit the ID code. And they would've used a MUCH more complex algorithm for encrypting the protocol. Obviously, these brainless capitalists only thought of one thing: profit. Go to any business college and you'll see the greek letter pi numerous times, but it won't stand for 3.1415926535897932384626433...; it will stand for profit.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
I found a link to a page called "Getting your CueCat declawed" ( http://matrixpm.com/~haveblue/cuecat/ ) at the Lineo CueCat site ( http://oss.lineo.com/cuecat/ ).
:CueCat has been neutered.
It's pretty simple, really:
Step one: Take out the four screws on the bottom of the scanner and pull the cover off, leaving the insides exposed.
Step two: Take off the four screws fastening the board to the plastic case and separate the board from the case.
Step three: Locate the S93C46 EEPROM on the bottom of the board. It's small, it has eight pins, and it should say "S93C4 6DV03 2704" (it's three lines, spaces indicate the line breaks). That's the chip that stores your serial number-- innocent-looking little bugger, isn't it?
Step four: Using whatever method you like, cut the connection right underneath the "4" in "2704". That is, if the "U5" on the circuit board is upside-down by the top-left corner of the chip, you want to cut the lower-left pin. I found that a small pair of wire clippers was actually sufficient to sever the connection-- use whatever you feel comfortable with.
Step five: put the damn thing back together again, and scan something. The serial number should come back as a repeating "BM5U". Congratulations, your
Elapsed time: 10 minutes if you're clumsy like me and lose one of the screws. Less if you're good at this sort of stuff.
Have fun!
Given the CueCat logo's resemblance to an unhappy smilie :(, perhaps they foresaw disappointment regarding privacy.
I commit to pursue my CueHawk business plan/dream despite the apparent failure of DC's CueCat. I plan to send out free web cams to Maxim subscribers. My customers would hook them up to their computers and I'd be able to track their every move. I'd know what cereal they eat. Their sleeping patterns. If they have a dog or not. Imagine the possibilities! I could use this customer data to create my own television shows! People loved that Ed TV idea! Yeah!
Hmmm. I'll need one employee for every CueHawk in operation to better track my customer's needs. And I'll need some sort of feedback device. Got it! A shocker welded to the right hand of each CueHawk user. This way if the CueHawk user doesn't wake up in time to eat their (my) favorite cereal, I can remotely motivate them.
Ah, DC - I know you wish you came up with this plan, but it's mine. Let this post prove that CueHawk is my idea. And I'll sue you for royalties, I will.
Galvin the Great United Worker for Better Understanding of Why We Work
Children, remember, there are no stupid questions - only stupid people.
The article mentions "The serial number issue has been raised before, most famously in early 1999 in a clash with Intel over its Pentium II computer chip. ", however, this whole fiasco was over the Pentium III chip as illustrated by this wired article.
Having been in the business, I can tell you that demographics are only as good as the data behind them, and that the profitability of such is based strictly upon accuracy. Nobody wants to pollute their marketing prediction models with bullshit data.
Since DC is asking us (the computer user) for information, maybe we should give them some.
Hypothetically speaking, what would happen if a script were written that emulates a CueCat? Suppose somebody took the list of valid UPCs (or genned up the entire space) and ran a script against it that picked random items, set up a query string, dropped it on DC's server, and sent any return output to /dev/null? Suppose they make it work slow, and on a random time basis. perhaps they weight the UPC list pick so that things with cuecat barcodes in magazines and catalogs are picked in preference. Lord knows they will probably spoof those return addresses.
How long do you think this would have to go on before DC's CUSTOMERS would have a fit? About the first time some large firm makes a bogus million dollar advertising investment based on DC's numbers, that will be all she wrote.
*whup* "Get along, little electrons. Heeyah!"
If you're paying in cash, you have no reason at all to give out any information. Period. My favorite responses:
Phone number? You don't need that for a cash purchase.
Name? You don't need that for a cash purchase.
Address? You don't need that for a cash purchase.
Zip code? You don't need that for a cash purchase.
It's rare that I even get so much as a "We need it for our records." or "I have to have something to put in!" which a second refusal almost invariably kills. Only once have I had to go to "You can leave it blank, make something up, or I can buy it somewhere else." This is preferable to making something up yourself because not only does it protect your data, it also sends the message that you don't want to be profiled. Some companies I use have stopped asking. I'd like to believe this is because some not-insignificant number were refusing to provide data, and they realized if 5% outright refuse, probably still more provide false data. It's your money and your data. Take an active role in protecting it.
ObExcessiveProfiling: Buying contact lenses and being asked for my SSN.
"My what?"
"Your social security number."
"What could you possibly need that for."
"So we can file insurance."
"Did I give you any insurance information?"
"Uhhhh, no."
*smile* "Well, then, I guess you don't need it after all."
It's nice to make the people who mindlessly ask for this stuff completely out of habit, because they were told to, or "for our records" think now and again.
Yeah, I suppose so :) It was $1 for the software in jewelcases, and $2 for those with a box :)
I grabbed one of everything that looked even vaguely interesting . . .
FWIW, I got this spam too, but at an account Slashdot knows nothing about. The account Slashdot does know about, a disposable I'll use until it begins accumulating spam, hasn't seen it.
These dumb-ass ideas are usually tested in the USA and only if they work do they get their way to Europe. The business assumption is your average American will by anything, if they don't then it isn't going to work any where else. This not being anti-American, its just they way business work - especially when you consider the buying power you have in the USA compared to Europe.
Jumpstart the tartan drive.
Of course they track the users. That's the WHOLE idea here. This is a new form of marketing that is VERY big and is going to get much bigger. There are a number of companies playing in this arena and DC is only one.
The thing that will seperate the companies is how their privacy policy is done, and if they follow it. But, anyone that is surprised by this must be really naive.
Yeah right, after they have sold the data to Spamlord Wallace and a whole bunch of other similar a**holes... How can you be so naive...
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
> I wonder when Microsoft is going to sue over X's use of the word "Windows."
I'm not managing to get all the cobwebs out of the way, but it seems to me that in the late 80's, ms made a big deal about "windows" itself *not* being a trademark, but I forget why.
The Apple II recognized windows on its screen--you poked upper, lower, left, and right boundaries into page 0 (was it addresses 12-15???) to redefine the printing window. Radio Shack also called a portion of their screen (a single character, iirc) used for the speach synthesizer a window.
There were otheres, too; mMicrosoft *couldn't* have made a claim of orininality in the use of "windows" . . .
>Isn't this just a return to the old days of copy protection via
>manual keyword lookup?
Argh. My copy of master of orion works that way, even *with* the cd in the drive (it was never meant for cd; the cd just has a
Fortunately, you can give a three-fingered salute when it pops up the thrid one, and take up a few turns back . . .
hawk, who would be seriously annoyed andnever buy another of their games over this if it weren't for the fact that he only paid $2 for it at the dollar store . . .
In other words, the id not only helps them trakck you, but also tells them which magazine they sent it from . . .
hawk
This privacy attack should be named the "Trojan Cat" -- send people a "free" toy in the mail that is so cute, so non-threatening people can't resist plugging it in to their computer. It's "purrr-fect".
The old saying applies: Beware geeks bearing gifts...
And Radio Shack has your real name, address and phone number on record.. (They have been asking for this information
sence the 1980s.. to give them credit this data lasts only a month.. they clear out old records they only want data on frequent
shoppers)
How did Radio Shack get my real name, address and phone numnber? I have 2 CueCats. Picked up one at Pentagon City Mall, Arlington VA during a 2600 meeting. Gave them this handle and a fabricated address.
The second one I picked up at a Radio Shack in Tennessee. Gave them a different fake name, address, phone.
Now, please tell me how they now have my real name, address and phone number? This sounds like something out of a Will Smith movie or something!
Even when the CueCat that they will be sending because I subscribe to Wired arrives, it will be declawed. When I use it on a BSD system, they will still not know who I am, as far as I know anyway.
So, please share with us how they are getting the real names of people when they do not even ask for ID of any form, nor do they verify if the address or phone number is valid at the time they enter the data.
Visit DC2600
Eve Fairbanks says I drive a hybrid!LOL
Digital Convergence actually made two very different mistakes:
- They used an external EEPROM, instead of one on the same chip as their microcontroller.
- They used a meaningless obfuscation algorithm instead of a block cypher to "protect" the results.
Had they done something as simple as DES-encrypting the scanned output with a serial number key that couldn't be scanned by watching an external EEPROM's lines with a storage 'scope, their "IP" would be secure today. However, Digital Convergence either cannot find people who know what a security model is, or management doesn't listen to them. Either way, their tough luck. Dumb business model; I hope they go broke.--
Build a man a fire, and he's warm for a day.
Time is Nature's way of keeping everything from happening at once... the bitch.
Everytime I'm at the grocery store watching people gleefully fork over their discount card, I wonder if they have any idea about what they're doing. I stopped using my card and started paying cash - the discount just isn't worth it. From the store's perspective, there is no connection between me and what I buy. Some people may wonder, "What's the big deal?" Well, people need to realize that they're PEOPLE, and not just revenue feeds for the commerce machine. I get the feeling that this new approach to marketing wants to turn our society into a mass of pavlovian droids - we advertise, you salivate, and then give us your money.
$50 a pop? That's the biggest peice of bullshit I've ever seen.
Look at what's in it:
Microcontroller - $1.00 max
PROM - $.50 max
op-amp - $.50 max
crystal - $1 to $2
other small parts-$1 to $2 total
electro-optics - $2.00 max
cord - $2.00 WAG
plastic case - no clue
Now all this is just conjecture since I don't have a OEM parts catalog sitting in front of me. I would be very suprised if the cost on these exceeds $10 (you can get radios for less than that fer chrissakes!), and I think it's more around (or even less than) $5.
--
"I have also mastered pomposity, even if I do say so myself." -Kryten
--
"I have also mastered pomposity, even if I do say so myself." -Kryten
Try each one yourself until you get it. After all, they are free!
If only DC played upon how interesting this would be to techies instead of saying "NO! NO TECHIES ALLOWED!"
Maybe if the software came with an SDK and had major customizability, but was advertisment-supported... that would be cool. Instead they throw away large sums of money in the pursuit of a dollar.
----
ADVENTURERS! - ANTIHERO FOR HIRE - CARDMASTER CONFLICT
http://www.digitaldemographi cs.com/services/index.html
.C3nZC3nZC3nXE3b7DxjZCNnX.fHmc.C3DZC3nZC3f6ChjY.
N zc3Nxe3B7dXJzcnNx.FhMC.c3dzc3Nzc3F6cHJy. 0
r ations.txt
A IL=ppage@txisroads.com&ZIP=38834&GENDER= A&AGE=D&OPTIN=1&UID=Y0ZVY1QCZ7SGx2qHCoSf9g
& EMAIL=fkasica@optonline.net&ZIP=08610-63 02&GENDER=A&AGE=F&OPTIN=1&UID=zRAzCaynOVkBS3XLZDyi NQ
& EMAIL=claude@telapex.com&ZIP=39601&GENDE R=A&AGE=H&OPTIN=1&UID=4Hacci4hfCygvJaWOCA7-A
... the last field ("UID") is presumably the activation code. This means it is trivial to match the weblogs on their servers with your profile data.
The output of the device looks like this (after processing by the keyboard handler):
The device sends an ALT-F10 first, which is apparently a signal that a scan follows. The next field is the serial number. The third is the barcode type, and the fourth is the barcode data. Fields are separated by periods.
Here is what the above scan looks like decoded:
000000002838610102 UPA 040000029311
This scan was of a UPC symbol on a bag of M&Ms. The output of the cuecat is scrambled using a modified base64 encoding. My software simply applies the inverse of the encoding. The Windows CRQ software does not itself process the scan data like this. It simply inverts the case of the scan and builds a URL using it. The basic form of the URL is as follows:
http://[SERVER].dcnv.com/CRQ/1..[ACTIVATION CODE].X.[SCANDATA].0
With the [SCANDATA] field broken out, it looks like this:
http://[SERVER].dcnv.com/CRQ/1..[ACTIVATION CODE].[X].[SERIAL NUMBER].[TYPE].[DATA].0
Here is an example, using the scan data from the M&Ms (try it):
http://t.dcnv.com/CRQ/1..ACTIVATIONCODE.04.c3Nzc3
My software perserves the serial number, but does not transmit an activation code; it actually substitutes the letters "ACTIVATIONCODE" where they should go. This is enough to prevent the tracking of scans, I think. In fact, their servers do not even check for the validity of the activation code.
Their Windows software asks a large number of demographic-defining questions before it actually installs the software. The answers are keyed to your "activation code," without which the Windows software will not work. But because they never do data validation server-side, you can still use their web servers without sending tracking data.
In a separate issue, their "registration database" was not a database (a plain text file, actually), and was stored at a publically accessible URL; they have since disallowed access to it from the internet:
http://net.c-me-register.com/Registrations/regist
This is what the data looked like:
TS=09132000082913&FIRSTNAME=PETE&LASTNAME=PAGE&EM
TS=09132000082926&FIRSTNAME=frank&LASTNAME=kasica
TS=09132000082936&FIRSTNAME=claude&LASTNAME=perry
---- ----
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I agree. What they say doesn't jibe with what they are doing. But it's what they are not saying is what people need to worry about.
I'll find out by next week, as some kind slashdotters offered to send me theirs when I begged for one yesterday.
Does my bum look big in this?
Which leads me to believe that they can, like Amazon, change the terms at a whim to something more beneficial to them.
If you trust them to have your best interests in mind, go ahead. They are a company. Their responsibility is to their investors, which generally is to maximize their investment. Preserving your rights is not necessarily part of their buisness plan, and if it is included in there, it can just as easily be removed.
Europe also has various data protection laws. Some of these marketing schemes are pretty much illegal in europe. The degrees of strictness vary with Germany being the most paranoid and UK being the most relaxed. But overall the DC idea is illegal outside the US.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
\{monotone}
you are getting sleepy . . . . you will do as I say . . . you will turn on your computer . . . you will --oh, damn, you idiot, you're using windows, you will reboot . . .
Now, take out your cuecat . . . scan *all* your cd's [*chrotle*] . . . put it in the fishtank and scan your fish . . .
*ZZT*
\begin{plastic phony voice with excessive plastic surgery and stiff hair}
We interrupt this program to bring you a special report of idiots, believed to belong to a cult, who committed suicide tonight by putting electric devices in fishtanks. In related news, there is a special on exotic sushi at . . .
:)
What you need is the Proxomitron
... and it's free. Well not quite - it's 'ShonenWare'. If you like it, the author asks you to go out and buy a Shonen Knife album (his favourite band) !
It's a little web-proxy which allows you to place filters on all incoming HTML - so you can remove frames and block banners and counters etc.
This is a good thing in itself and helps to speed up your web access - but it also allows you to put filters on outgoing HTML too.
So you can set it to lie about who you are, what you're using and where you came from (no referral information).
Something the c|net article does not mention, and I wish more attention would be paid to it, is the use of the CC software to track user viewing habits in addition to barcodes.
The program sits there and listens to the audio feed of your TV. When it hears the CC sound, it takes you to the website, just like scanning a barcode does.
Now, take a look at the software - there thing uses user profiles (if you have them set up). Each person who uses the computer is encouraged to have thier own profile. So, when Mom sits down and scans stuff out of Family Circle, or watches LifetimeTV, or scans a bag of Gold Medal Flour - bingo! DC now knows this stuff. Dad watches ESPN, drinks Budweiser, and eats Guy's Potato Chips. Little Billy watches Nick Jr., drinks Hi-C, and enjoys Little Debbie sacky cakes. Now all those ads you see in print or on TV can be even MORE targeted. You simply change part of the CC-TV code to reflect the channel that is broadcasting it and you can watch the audience reaction to putting a commercial right at the highlight of the show - do they turn the channel? Do they just sit there and watch the commercials?
This is so orwellian in it's nature that I am happier now than ever that I don't run Windows and am not fooled into running CC's software.
Better yet, let's do this hypothetical situation: Pretend that I am a political candidate for the Silly Party. We put on our national convention. At the start of the broadcast, Joe Commentator comes on and says, "Turn on your Cue Cat software folks! The Silly Party will be sending you to various parts of the Silly Party platform during the presentation tonight."
Instantly, my minions at Silly Party HQ can start watching the audience reaction of the home viewers. Since I am using a teleprompter to give my lecture to the masses, it can be instantly changed and edited. The minions see me getting too many of the "angry white male" audience tuning away and returning to Monday Night Nitro? Simply insert political rhetoric aimed at them. Whoops! Now the latino population is tuning out! Better say something to keep them listening. And this can go on and on and on for the rest of the convention.
This just scares the crap out of me.
Vote Nader
"Cat" scanning device may track users online reminded me of this famous Python Sketch:
Work for Change & GET PAID!
Seems pretty simple.
__________________________________________________ ___
rooooar
So I got this wand/cat/reader thing from Wired Mag. I haven't used it, but reading the posts and whatnot, I see that it has a unique serial number. Since I have not and will not use it, that's not that big of a deal - except the whole part about how they want to know who is using theirs from Wired, or Radio Shack etc. Since Wired ALREADY HAS private info about me, I want to know if any of that info was already tied to my Unique serial number on the CueCat servers (and now in the hands of the EVIL HACKERS) without my consent. Does anyone know? (or anyone at Wired who reads this care to comment?)
e x p e c t d e l a y . c o m
All I could say to the title at news.com was a big sarcasm-dripping "Nooooooooooooooooooooo!".
The first thing that the reverse engineering discovered, as even reported at Slashdot, was a unique ID at the start of every scan, same sequence of characters for each scan but different for each cat device.
And that was about a month ago. Only *now* are people discovering this?
What's amazing is that the trackign they are doing is really no different from what the industry 'accepts' as standard for banner ads, web bugs, and javascript, with the same amount of control (read: none) the user has on deciding what information to share. Hypocrits.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Let it die they already are getting to much free press as it is. I don't even use my cue-cat anymore.... too much big brother involved.
I may be wrong, but I was understanding from their privacy policy that registering the 'cat opted you in to their database (and having your info sold all over the globe), and opting out opted out of using the 'cat with their web site. In short, you have privacy if you aren't using their service. Which is quite an innovative twist to privacy policies. How their PR people and web content writers keep a straight face, I'll never know.
What line do you clip to disable the serial number output?
That way your sig is not read as part of the message.
Thank you.
CR = Enter
1000 SlashDot sigs
Calm down. Who ever said that those people gave factual information when they signed up for discount cards? I get a discount on my groceries, and the grocery store chain collects information about a person who doesn't exist.
This does help them push certain products more than others with their special discount club savings, but there's nothing wrong with that. They been doing the same thing with coupons for a long time.
I think DC hired jp to be their PR manager.. There's no other reason I can see how they could manage to make so many enemies in such a small amount of time...
Reduce, reuse, recycle, and all that green stuff, y'know.
John
The Church of the SubGenius -- because somebody had to put all that slack in there...
John
I always laugh when I see people paying more just to avoid some little demographics.
I mean, honestly, what do I care that when I buy some groceries they can link that to Herman Munster at 1313 Mockingbird lane, etc?
Just apply for many discount cards and pick a random one. When you've used one almost enough to allow them to come up with a shopper-profile, even if for a fake identity, throw it away and make another.
They *may* stop sending you offers, but what if they still log your requests? Then as they burn their venture capital, or are helped to burn capital by
I would think that disabling the id would be the most effective way to insure that your Cuecat usage data remains private.
dmp
Stop talking about who's to blame when all that counts is how to change --"Born of Frustration" - James
Which leads me to believe that they can, like Amazon, change the terms at a whim to something more beneficial to them.
If they do in fact delete you from the database before you have ever scanned ANYTHING, then they have no data to sell and no way to collect the data. If they don't, you sue them for big bucks, or the FCC fines them for big bucks.
Just have yourself deleted BEFORE they change their policy. Otherwise, even if you have cut the wire, they may still have some data about you in their database, such as your IP address.
Work for Change & GET PAID!
Hmm, big whoop some companies collecting private information...damn my life is over...Guess what, DC will prbly last a while, it's a really stupid idea, the entire barcode thing, but most people don't give a flying fuck about linux drivers and privacy, they just think the thing with red lights is cool
Oops....you'll know what I'm talkin about in a bit.
...placing the offending domains on my /etc/hosts file (actually, my E:\WINNT\System32\drivers\etc\hosts file) as 127.0.0.1. That way, all the DoubleClick banner ads are replaced with "Cannot Find Server."
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
...SueCat ?
--
--
On scale from -14 to 56 this post is '-15, Nonexistent'
Please. We have all known for a long time that the idea of privacy on the internet was only an illusion at best. There are still hordes of people out there that think the internet is too large a place for them to be singled out, or too dumb to care.
All of my email addresses are filled with fake information, except the one my ISP provides that I never use (I had to give an address). I will happily fill out on-line forms all day, but I'l never give real information out. You want my email address, ok - root@127.0.0.1
Yes, I have a CueCat. Yes, I gave them a phone number (the fax line for a radio station). My "address" was one I made up on the spot. They can track me, but they have no clue whatsoever who I am.
And now that I think about it, why the hell did I get it? I took it out of the wrapper, looked at it, and literally threw it in my closet. It's really gay looking, the whole idea is completely rediculous, and I really don't want to scan a book so my browser will open up mozilla. Seriously, what good is it?
Just my view on it all
Ok I am just wondering about this. I have tried some of the program that sample the data from the cue cat on mine. What I have noticed is that nothing seems to be properly scanning twice the same way. The scan code appears to be slightly different each time. Now this may be related to the fact that the security code is messing it up or that have it plugged into the the keyboard porn with a keyboard AT converter. Has anyone else noticed this?
Respond to s
Initally it's "They are tracking me"...
But... That happends anyway.. ZenToe.cgi logs you in. It would be a small effort to add a simple logger to the core and track everyone around my website.
But the web server dose that anyway..
Browser cookies.. etc etc etc It's allready here.. so whats so bad about having a scanner do it?
But this isn't like a web cookie.. it's built in hardware.. you change computers the id code stays.. Your computer is hit with a virus your cookies are gone... the ID code stays..
Your computer is distoryed by lightening... assuming the Cue Cat survived.. the ID stays... If the Cue Cat dies then you get a new Cue Cat...
And Radio Shack has your real name, address and phone number on record.. (They have been asking for this information sence the 1980s.. to give them credit this data lasts only a month.. they clear out old records they only want data on frequent shoppers)
Unless Radio Shack has a privacy policy (and I doupt they do as nobody really pushed the issue for such policys in the real world only on websites) it would be quite easy for that Cue Cat ID code to have your real name etc attached...
Not so easy normally...
Even if your computer had an ID imbeded into the CPU it would not be so easy to track this back to a real person (not imposable).
But there it is.. a quick and simple record... allready supplyed to DC.
To your name, number, address, credit card.
And as this is about buying stuff on-line.. an easly organised databank of your buying habbits.
Theres a product right there... a compleate databank of your buying habbits... with your real name, phone number, e-mail address, web url, partical cordinates of your soul, what you had for breakfast etc.
This is a really effective tool for gathering larg amounts of data about people and selling it
I don't actually exist.
Write a CueCat barcode generator (or use a UPC or ISBN generator, which I'm sure isn't too hard to find). Pick a project that could use a barcode scanner. Hack away. (I've already got my project picked out -- got my 'Cat yesterday...)
/Brian
Could have some fun with that one -- I can just imagine all the slashdot trolls entering in http://goatse.cx/ as the URL for god knows what (something to do with Natalie Portman or course).
[Man, I can't believe I actually remembered that URL -- I think I need a break....]
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
Ahh... I love what free technology can provide us. :)
From the CNet article:
"There is a unique ID within the CueCat so that we can see that some Cats came from Forbes and some came from Wired," said Dave Mathews, vice president of new product development at DigitalConvergence. "(But) individualized serial numbers are not designed to track individual behavior."
If all you want to track is whether a Cat came from Forbes/Wired/RadioShaft then you don't need a unique ID for each Cat. A simple (Forbes = 1 : Wired = 2 : RS = 3) ID is all that is necessary. All Forbes users would have an ID of 1, etc., and now there are no privacy concerns. I'm sorry, but these guys are inept from top to bottom: business model, data security, and PR. Everyone jump on FuckedCompany.com for this one, because DC probably won't last the year.
Also, by using the Free drivers the ID is effectively disabled. I assume that DC was much more pissed about their data collection scheme being circumvented by the Linux software than by their 'Intellectual Property' being stolen.
Unfortunatly, a lot of companies collect such data (IE, blockbuster card, stop+shop discount card). Whenever you let someone identify you with a number for your own convenience your privacy is at risk.
isomerica.net | Foonetic IRC
They aren't the first to use this idea but they did have a creative way of doing it. There is a company that gives away free computers, but thier tracking is a little more obvios. Since we consumers are attracted to stuff that we don't have to pay for, we sometimes forget to look for the strings that are attached.
In America we are imprisoned by our fear of them.
okie, so lets just take an inventory about what corporations track now and poeple accept as normal:
- grocery store buying habits(shopper cards)
- web page demographics
- TV viewing habits(for ratings)
- email being scanned by the company you work for
- Web pages filtered at work and soon to come, libraries
so this is all considered normal and okay by most poeple. CueCat and things like it are just the next step. Poeple in general like being counted, if you give them a good reason to use it, they don't care what ramifications there are. I still use a shoppers card because it supposedly saves me money, I let web sites save cookies on my computer because I like reading the info on the site.
So if you give poeple a reason to use the CueCat(for example we will only show you comercials and news stories based on what you are interested in) then they wont care how much info they take from them.
We are fighting a losing battle here. Yes DC approached it stupidly, but this will happen sooner than later because the mass public doesn't care.
Customization of the world = loss of privacy
This is the comment that scares me. Not because they can track what I do and don't do on the internet...but rather what it does to my mailbox. "Demographic" and "Conglomerate Form" are buzzwords used by companies that give them a loophole to sell this "information" to marketing research firms. This is big business and people are paying top dollar for all this "information". What this means to you and I is a flood of unsolicited emails, and whatnot for crap that is similar in interest to the stuff we already choose. I wonder if the guy that had the bright idea to give them away still has a job.
Nothing is "hack" proof...we have the advantage of numbers and spare time. It's back to the monkeys/typwriter adage....if enough people tinker with it...they will figure it out...and share.
This is probably pretty useless, but a company wrote some software for Windows and Linux to make :Cues. It's open source, BTW. They're saying that it "implements a variation of Code 128 read by various free or low-cost bar codes scanners recently introduced into the market." It'll be interesting to see if they get a letter from DC.
Who cares what these people are doing with CueCat data? No one I know is inclined in the least to install the CueCat, much less use it to scan magazine bar codes. I think the idea comes from some marketing drone's graduate thesis, and s/he was lucky enough to find a company dumb enough to implement it. The .001% who actually use it deserve to have whatever passes for their personal lives invaded.</GRUMPINESS>
Hm. Put this into your crontab:
30 * * * * echo "Please remove me from your database" | mail -s "Opt Out" admin@digitalconvergence.com
Oh, and I really wish domain name registration started at $10 and increased exponentially with every additional domain-name... they have an awful lot of 'em.
Pick One: http://www-rohan.sdsu.edu/~stremler/sigs/sigs.html (Note - disable Javascript first!)
DC will be bought out by Tandy before the year is out. Their business plan looks like a piece of Alpine Lace swiss at the moment, their Intellectual Property (tm), such as it is, has been pretty much thrown to the wolves^h^h^h^h^h^hpublic domain, and they're still giving away a pretty cool toy that would probably normally cost about $50/pop. Their primary product is a loss leader that's too useful to stay in the lines.
On the other hand, Tandy has a zillion Radio Shacks out there and can afford said $50/pop loss leader. They buy DC, and since they can live with eating the loss because they make much more off of store sales, they keep building 'Cats (maybe charging a small fee, $10 a unit or so) and everyone goes home happy.
/Brian
opting out opted out of using the 'cat with their web site.
And the problem with opting out of using the 'cat with their website was what again?????
If you picked up the scanner for some other purpose besides scanning Radio Shack catalogs or Wired/Forbes magazines, then why not opt out of the database?
Even if you registered at Radio Shack under some other name, they still would be able to link your IP address (and therefor your ISP) to your particular scanner.
All I'm saying is that disabling the scanner mechanically isn't a fool proof solution since DC would still have your data. Even if you threw them in SF Bay as was mentioned, they still would have your data (albeit likely falsified) in their database, so why NOT take them up on their offer to delete it?
Work for Change & GET PAID!
Wait a second. Now, I haven't done extensive research on this one, but I don't think that the FCC fines companies for violating their privacy policies. It's all pretty much self-policed as far as I know. (See TrustE). At any rate, I think it's better not to give them any info in the first place. Personal info is a very hard genie to put back into a bottle.
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
Yes, I was thinking the same thing. I'm working on a routine that will let me use the CC to scan barcodes on parts in our parts room, so we can keep a live inventory (everything is done on paper now, ick). I dunno which will be funnier, though, when I ask everyone here to go to ratshack to get a free CC, or when everyone shows up at the same store at the same time (after work).
funny munging
1) When ever anyone (website, user, or anyone in life, say a business) asks you for any personal information (anything at all!), ask yourself whether this information should be necessary to complete the transcaction, and act accordginly.
$ $$$$$$
$ $$$$$$
- 55,5550
When Radio Shack asks for your name, say 'Sorry, you don't need to know it.'. If they have a problem with that, leave the store immediately.
Same with any other store. Use discretion of course...
When a website asks you for anything, even your email address, ask yourself why they need it. If it's to mail you a 'password' to the site, perhaps they do need it. Perhaps not.
Also, you can set up (though for most this won't help) a mail server in several ways so that you can receive mail on multiple accounts, so you can tell what's what.
For instance, this morning, I got this. now I KNOW the asshole snagged the address form slashdot...
Received: from senda2.ari.es (senda2.ari.es [194.224.88.143])
by martini.rgaindustries.com (8.9.3/8.9.3/Debian/GNU) with ESMTP id BAA31476
for ; Thu, 21 Sep 2000 01:05:09 -0700
From: nile333@kadet.co.uk
Received: from gnr.net (unknown [194.224.88.69])
by senda2.ari.es (Postfix) with SMTP
id 3AD17290C4; Thu, 21 Sep 2000 05:22:37 +0200 (CEST)
To: nile333@kadet.co.uk
Subject: So, How in the heck have you been?
Message-Id:
Date: Thu, 21 Sep 2000 05:22:37 +0200 (CEST)
So, How in the heck have you been?
Do you remember holding previous conversations regarding business and
money making opportunities? I did not send this to you in error!
You Said:
If only I could find an easier way to make a higher income!
and
If I had more money, I could spend more time with my Family, and less
time at work and I sure could use more money so I could pay off my
bills once and for all!
And
I would love to get involved in a business in which will generate money
while I am not at work (like a Gas Pump)!
Dear Friend,
There is a possibility that we haven't met, but you were chosen by
someone to receive this E-Mail. Please, please, print this off and
read thoroughly. Be sure that you don't miss any of the points
outlined. Then put it down, and then read it again. I am sending
you a whole lot of information in which you might not understand
the first time you read it. If you don't believe this program
will work for you, send it to 10-20 of your closest friends
(in which you trust deeply), and ask them what they think?
This really works! Have faith, don't miss this opportunity,
get involved also, and it will work for you as it does for us!!!!
Due to the popularity of this letter on the Internet, A Major Nightly
News Program recently dedicated an entire show to the investigation of
the
program described below to see if it really can make people money.
The show also investigated whether or not the program was legal. Their
findings proved that there are absolutely no laws prohibiting the
participation in the program. This has helped to show people that this
is a simple, harmless and fun way to make extra money at home. The
results have been truly remarkable. So many people are participating
that those involved are doing much better than ever before. Since
everyone makes more as more people try it out, its been very exciting.
You will understand only if you get involved!
********** THE ENTIRE PLAN IS HERE BELOW **********
**** Print This Now For Future Reference ****
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
If you would like to make AT LEAST $50,000 in less than 90 days! If not,
forward this to someone who would like to make this kind of money.
It works (like designed) but only for those who follow it to the letter!
Please read this program THEN READ IT AGAIN!!
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
THIS IS A LEGITIMATE. LEGAL, MONEY MAKING OPPORTUNITY!! It does NOT
require you to come into contact with people or make or take any
telephone
calls. Just follow the instructions, and you will make money. This
simplified e-mail marketing program works perfectly 100% EVERY TIME!
E-mail is the sales tool of the future. Take advantage of this virtually
free method of advertising NOW!!! The longer you wait, the more people
will
be doing business using e-mail. Get your piece of this action!!!
Hello, My name is Johnathon Rourke, I'm from Rhode Island. The enclosed
information is something I almost let slip through my fingers.
Fortunately, sometime later I re-read everything and gave some thought
and study to it. Two years ago, the corporation I worked for the past
twelve yearsdown-sized and my position was eliminated. After
unproductive
job interviews, I decided to open my own business. Over the past year,I
incurred many unforeseen financial problems. I owed my family, friends
and
creditors over$35,000. The economy was taking a toll on my business and
I
just could not seem to make ends meet. I had to refinance and borrow
against
my home to support my family and struggling business.
AT THAT MOMENT something significant happened in my life. I am writing
to share the experience I hopes that this could change your life
FOREVER.
FINANCIALLY$$$!!!
In mid December, I received this program in my e-mail. Six months prior
to
receiving this program I had been sending away for information on
various
business opportunities. All of the programs I received, in my
opinion,were
not cost effective. They were either toodifficult for me to comprehend
or
the initial investment was too muchfor me to risk to see if they would
work.
But as I was saying, in December of 1997 I received this program.I
didn't
send for it, or ask for it, they just got my name off a mailing list.
THANK GOODNESS FOR THAT!!!
After reading it several times, to make sure I was reading it correctly.
I
couldn't believe my eyes! Here was a MONEY MAKING MACHINE I could start
immediately without any debt. Like most of you I was still a little
skeptical and a little worried about the legalaspects of it all. So I
checked it out with the U.S. Post Office (1-800-725-2161 24-hrs) and
they
confirmed that it is indeed legal ! After determining the program was
LEGAL
I decided WHY NOT!?!??
Initially I sent out 10,000 e-mails. It cost me about $15 for my time
on-line. The great thing about e-mail is that I don't need any paper for
printing to send out the program, and because I also send the product
(reports) by e-mail, my only expense is my time. In less than one week,I
was
starting to receive orders for REPORT #1.
By January 13, I had received 26 orders for REPORT #1. Your goal is to
RECEIVE at least 20 ORDERS FOR REPORT #1 WITHIN 2 WEEKS. IF YOU DON'T
SEND OUT MORE PROGRAMS UNTIL YOU DO. My first step in making $50,000 in
90
days was done. By January 30, I had received 196 orders for REPORT #2.
Your
goal is to RECEIVE AT LEAST 100+ ORDERS FOR REPORT #2 WITHIN
2 WEEKS. IF NOT SEND OUT MORE PROGRAMS UNTIL YOU! DO. ONCE YOU HAVE
100 ORDERS, THE REST IS EASY, RELAX, YOU WILL MAKE YOUR $50,000 GOAL.
Well, I had 196 orders for REPORT #2. 96 more than I needed. So I
sat back and relaxed.
By March 1, of my e-mailing of 10,000, received $58,000 with more coming
in
every day. I paid off ALL my debts and bought a much need new car!
Please
take your time to read this plan, IT WILL CHANGE YOUR LIFE FOREVER$!!!
Remember, it won't work if you don't try it. This program does work, But
you
must follow it EXACTLY! Especially the rules of not trying to place your
name in a different place. It won't work and you'll lose out on a lot of
money! In order for this program to work, you must meet your goal of 20+
orders for REPORT #1, and 100+ orders for REPORT #2 and you will make
$50,000 or more in 90 days.
I AM LIVING PROOF THAT IT WORKS!!!
If you choose not to participate in this program, I am sorry. It really
is a great opportunity with little cost or risk to you. If you choose
toparticipate, follow the program and you will be on your way to
financial security. If you are a fellow business owner and
are financial trouble like I was, or you want to start your own
business, consider this a sign. I DID! $$
Sincerely,
Johnathon Rourke
A PERSONAL NOTE FROM THE ORIGINATOR OF THIS PROGRAM: By the time you
have read the enclosed program and reports, you should have concluded
that
such a program, and one that is legal, cpuld not have been created by an
amateur. Let me tell you a little about myself. I had a profitable
business
for 10 years. Then in 1979 my business began falling off. I was doing
the
same things that were previously successful for me, but it wasn't
working.
Finally, I figured it out. It wasn't me, it was the economy. Inflation
and
recession had replaced the stable economy that had been with us since
1945.
I don't have to tell you what happened to the unemployment rate because
many
of you know from first hand experience. There were more failures and
bankruptcies than ever before. The middle class was vanishing. Those who
knew what they were doing invested wisely and moved up. Those who did
not,
including those who never had anything to save or invest, were moving
down into the ranks of the poor. As the saying goes, THE RICH GET RICHER
ANDTHE POOR GET POORER. The traditional methods of making money will
never
allow you to move up or get rich, inflation will see to that You have
just
received the rest of your life, with NO RISK and JUST A LITTLE BIT OF
EFFORT. You can make more money in the next few months than you have
everimagined.I should also point out that I will not see a penny of this
money, nor anyone else who has provided a testimonial for this program.
I
retired from the program after sending thousands and thousands of
programs.
Follow the program EXACTLY AS INSTRUCTED. Do not change it in any way.
It
works exceedingly well as it is now. Remember to e-mail a copyof this
exciting report to everyone you can think of. One of the people you send
this to may send out 50,000 and your name will be on everyone of them!
REMEMBER though, ------ the MORE YOU SEND OUT, the more potential
customers
you will reach. So my friend, I have given you the ideas, information,
materials and opportunity to become financially independent.
IT IS UP TO YOU!! NOW DO IT!!
BEFORE YOU delete this program from your in box, as I almost did, take a
little time to read it and REALLY THINK ABOUT IT. Get a pencil and
figure out what could happen when YOU participate. Figure out the worst
possible response and no matter how you calculate it, you will still
make a
lot of money! You will definitely get back what you invested. Any doubts
you
have will vanish when your first orders come in. $$$ IT WORKS!!! $$$
Jody Jacobs Richmond, VA.
HERE'S HOW THIS AMAZING PROGRAM WILL MAKE YOU THOUSANDS OF
DOLLARS$$$$!!!!
This method of raising capital REALLY WORKS 100% EVERY TIME. I am sure
that you could use up to $50,000 or more in the next 90 days. Before you
say
BULL, please read this program carefully. This is not a chain letter,but
a
perfectly legal money making business. As with all multi-level
businesses,
we build our business by recruiting new partners and selling our
products.
Every state in the USA allows you to recruit new multi-level business
partners, and we sell and deliver a product for EVERY dollar received.
YOUR ORDERS COME BY MAIL AND ARE FILLED BY E-MAIL, so you are not
involved in personal selling. You do it privately in your own home,
store or
office. This is the EASIEST marketing plan anywhere! It is simply order
filling by e-mail! The product is informational and instructional
material,
keys to the secrets for everyone on how to open the doors to the magic
world
of E-COMMERCE, the information highway, the wave of the future !
PLAN SUMMARY:
(1) You order the 4 reports listed below ($5 each) They come to you by
e-mail.
(2) Save a copy of this entire letter and put your name after Report #1
and
move the other names down.
(3) Via the internet, access Yahoo.com or any of the other major search
engines to locate hundreds of bulk e-mail service companies (search for
bulk
email) and have them send 25,000 50,000 emails for you about $49+.
(4) Orders will come to you by postal mail simply e-mail them the
Report they ordered. Let me ask you isn't this about as easy as it
gets?
By the way there are over 50 MILLION e-mail address with millions more
joining the internet each year so don't worry about running out or
saturation. People are used to seeing and hearing the same
advertisements every day on radio/TV. How many times have you received
the same pizza flyers on your door? Then one day you are hungry for
pizza
and order one. Same thing with this letter. I received this letter many
times then one day I decided it was time to try it.
YOU CAN START TODAY UST DO THESE EASY STEPS: STEP #1 ORDER THE FOUR
REPORTS
Order the four reports shown on the list below (you can't sell them if
you don't order them). For each report, send $5.00 CASH, the NAME &
NUMBER
OF THE REPORT YOU ARE ORDERING, YOUR E-MAIL ADDRESS, and YOUR NAME &
RETURN
ADDRESS (in case of a problem) to the person whose name appears on the
list
next to the report.MAKE SURE YOUR RETURN ADDRESS IS ON YOUR ENVELOPE IN
CASE OF ANY MAIL PROBLEMS! Within a few days you will receive, by e-mail
each of the four reports.Save them on your computer so you can send them
to
the 1,000's of people who will order them from you.
STEP #2. ADD YOUR MAILING ADDRESS TO THIS LETTER
a. Look below for the listing of the four reports.
b. After you've ordered the four reports, delete the name and address
under REPORT #4. This person has made it through the cycle.
c. Move the name and address under REPORT #3 down to REPORT #4.
d. Move the name and address under REPORT #2 down to REPORT #3.
e. Move the name and address under REPORT #1 down to REPORT #2.
f. Insert your name/address in the REPORT #1 position. Please make sure
you
COPY ALL INFORMATION, every name and address, ACCURATELY!
STEP #3. Take this entire letter, including the modified list of names,
and save it to your computer. Make NO changes to these instructions. Now
you
are ready to use this entire e-mail to send by e-mail to prospects.
Report #1 will tell you how to download bulk email software and email
address so you can send it out to thousands of people while you sleep!
Remember that 50,000+ new people are joining the internet every month!
Your cost to participate in this is practically nothing ( surely you can
afford $20 and initial bulk mailing cost). You obviously already have a
computer and an Internet connection and e-mail is FREE! There are two
primary methods of building your downline: METHOD #1: SENDING BULK
E-MAIL
let's say that you decide to start small, just to see how it goes, and
we'll
assume you and all those involved email out only 2,000 programs each.
Let's
also assume that the mailing receives a 0.5% response. The response
could be
much better. Also, many people will email out thousands of thousands of
programs instead of 2,000 (Why stop at 2000?) But continuing with this
example, you send out only 2,000 programs. With a 0.5% response, that is
only 10 orders for REPORT #1. Those 10 people respond by sending out
2,000
programs each for a total of 20,000. Out of those 0.5%, 100 people
respond
and order REPORT #2.Those 100 mail out 2,000 programs each for a total
of
200,000. The 0.5% response to that is 1,000 orders for REPORT #3. Those
1,000 send out 2,000 programs each for a 2,000,000 total. The 0.5%
response
to that is 10,000 orders for REPORT #4. That's 10,000 $5 bills for you.
CASH!!! Your total income in this example is $50 + $500 + $5000 +
$50,000
for a total of $55,550!!!
REMEMBER FRIEND, THIS IS ASSUMING 1,990 OUT OF THE 2,000 PEOPLE YOU MAIL
TO
WILL DO ABSOLUTELY NOTHING AND TRASH THIS PROGRAM! DARE TO THINK FOR A
MOMENT WHAT WOULD HAPPEN IF EVERYONE, OR HALF SENT OUT 100,000 PROGRAMS
INSTEAD OF 2,000. Believe me, many people will do just that, and more!
METHOD #2 PLACING FREE ADS ON THE INTERNET Advertising on the internet
is very, very inexpensive, and there are HUNDREDS of FREE places to
advertise. Let's say you decide to start small to see how well it works.
Assume your goal is to get ONLY 10 people to participate on your first
level. (Placing a lot of FREE ads on the Internet will EASILY get a
larger
response). Also assume that everyone else in YOUR ORGANIZATION gets only
10
downline members. Look how this small number accumulates to achieve the
STAGGERING results below:
1St level your first 10 send you $5........................$50
2nd level 10 members from those 10 ($5 x 100)............$500
3rd level 10 members from those 100 ($5 x 1,000)......$5,000
4th level 10 members from those 1,000 ($5 x 10,000)..$50,000
$$$$$$ THIS TOTALS
-----------------------------------------------
$$$$$
AMAZING ISN'T IT Remember friends, this assumes that the people who
participate only recruit 10 people each. Think for a moment what would
happen if they got 20 people to participate! Most people get 100's of
participants and many will continue to work this program, sending out
programs WITH YOUR NAME ON THEM for years! THINK ABOUT IT!
People are going to get emails about this plan from you or somebody else
and
many will work this plan the question is Don't you want your name to be
on
the emails they will send out?
*** DON'T MISS OUT !!!***
***JUST TRY IT ONCE !!!***
***SEE WHAT HAPPENS !!!***
***YOU'LL BE AMAZED !!!***
ALWAYS PROVIDE SAME DAY SERVICE ON ALL ORDERS! This will guarantee that
the e-mail THEY send out with YOUR name and address on it will be prompt
because they can't advertise until they receive the report!
GET STARTED TODAY: PLACE YOUR ORDER FOR THE FOUR REPORTS NOW. Note:--
ALWAYS SEND $5 CASH (U.S. CURRENCY) FOR EACH REPORT. CHECKS NOT
ACCEPTED.
Make sure the cash is concealed by wrapping it in two sheets of paper.
On
one of those sheets write:
(a) the number & name of the report you are ordering
(b) your e-mail address, and
(c) your name & postal address.
REPORT #1b The Insider's Guide to Advertising for Free on the Internet
ORDER REPORT #1 FROM:
NICK NICHOLAS
473 MICHIGAN ST
ST.PAUL, MN 55102
NOTE: I and every member below are dedicated at helping you with this
program so it will work for you also. TRY US!
REPORT #2 The Insider's Guide to Sending Bulk E-Mail on the Internet
ORDER REPORT #2 FROM:
DIANE COLON
1811 TAMARIND AVE # 206
LOS ANGELES, CA. 90028
REPORT #3 The Secrets to Multilevel Marketing on the Internet
ORDER REPORT #3 FROM:
MELISSA HOGENMILLER
3709 MONHEIM ROAD
CONOVER, WI 54519
REPORT #4 How to become a Millionaire utilizing the Power of Multilevel
Marketing and the Internet
ORDER REPORT #4 FROM:
CATHY BARROW
10 SYCAMORE STREET
CONWAY, SC 29527
*************TIPS FOR SUCCESS***************
TREAT THIS AS YOUR BUSINESS! Be prompt, professional, and follow the
directions accurately. Send for the four reports IMMEDIATELY so you
will have them when the orders start coming in because: When you
receive a $5 order you MUST send out the requested product/report.
It is required for this to be a legal business and they need the
reports to send out their letter (with your name on them).
--ALWAYS PROVIDE SAME-DAY SERVICE ON THE ORDERS YOU RECEIVE. Be
patient and persistent with this program- If you follow the
instructions exactly results WILL FOLLOW. $$$$
************ YOUR SUCCESS GUIDELINES ***************
Follow these guidelines to guarantee your success: If you don't receive
20 orders for REPORT #1 within two weeks, continue advertising or
sending
e-mail until you do. Then a couple of weeks later you should receive at
least 100 orders for REPORT #2. If you don't continue advertising or
sending
e-mail until you do. Once you have received 100 or more orders for
REPORT
#2, YOU CAN RELAX, because the system is already working for you, and
the
cash will continue to roll in! THIS IS IMPORTANT TO REMEMBER: Every
time
your name is moved down on the list, you are placed in front of a
DIFFERENT
report. You can KEEP TRACK of your PROGRESS by watching which report
people
are ordering from you. To generate more income, simply send another
batch of
e-mails or continue placing ads and start the whole process again! There
is
no limit to the income you will generate from this business! Before you
make
your decision as to whether or not you participate in this program.
Please
answer one question:
ARE YOU HAPPY WITH YOUR PRESENT INCOME OR JOB?
1. If the answer is no, then please look at the following facts about
this super simple MLM program: NO face to face selling, NO meetings, NO
inventory! NO Telephone calls, NO big cost to start! Nothing to learn,
No skills needed! (Surely you know how to send email?)
2. No equipment to buy you already have a computer and internet
connection so you have everything you need to fill orders!
3. You are selling a product which does NOT COST ANYTHING TO PRODUCE OR
SHIP! (Email copies of the reports are FREE!)
4. All of your customers pay you in CASH! This program will change your
LIFE FOREEVER!! Look at the potential for you to be able to quit your
job and live a life of luxury you could only dream about! Imagine
getting out of debt and buying the car and home of your dreams and
being able to work a super-high paying leisurely easy business from
home!
$$$ FINALLY MAKE SOME DREAMS COME TRUE! $$$ ACT NOW!
Take your first step toward achieving financial independence. Order
the reports and follow the program outlined above __ SUCCESS will be
your reward.
Thank you for your time and consideration. PLEASE NOT: If you need
help with starting a business, registering a business name, learning
now income tax is handled, etc., contact your local office of the
Small Business Administration (A Federal Agency) 1-800-827-5722
for free help and answers to questions. Also the Internal Revenue
Service offers free help via telephone and free seminars about
business tax requirements. Your earnings are highly dependent on
your activities and advertising. The information contained on this
site and in the report constitutes no guarantees stated nor implied.
In the event that it is determined that this site or report
constitutes a guarantee of any kind, that guarantee is now void. The
earnings amounts listed on this site and in the report are estimates
only. If you have any questions of the legality of this program,
contact the Office of Associate Director for Marketing Practices,
Federal Trade Commission, Bureau of Consumer Protection in
Washington DC.
Under Bill s.1618 TITLE III passed by the 105th US Congress this
letter cannot be considered spam as long as the sender includes
contact information and a method of removal. This is a one time
e-mail transmission. No request for removal is necessary.
here's the link
--
"Science will win because it works." - Stephen Hawking
Wouldn't this be easier than hacking the hardware? The FTC has been pretty good about holding websites to their privacy policies, so assuming DC provides a way it can be independently verified, this sounds like a simple option.
Work for Change & GET PAID!
Just goes to show how corruptly curious companies are getting this day in age.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer