Slashdot Mirror
Ritz Disposable Digital Camera Hacked
morgue-ann writes "The $10.99 Dakota reusable digital camera announced in July was usefully hacked on November 6. First attempts to extract picture data took 10 hours to read out 16MB, but new code for Linux and Mac and Windows lets you get pictures quickly over USB and view or print them without Ritz's help (and with fewer of your $$)."
Ritz will probably use the DMCA to stop it. There's a good story in today's Washington Post regarding the DMCA and how businesses are being ensnared even under "fair use". In Lexmark's case (detailed in the Wash Post story), Lexmark claimed that their copyright was violated.
As silly as the law is let's hope that it's repealed/reformed and soon.
I don't understand why this seems to happen every time.
Why can't they use something like RSA to encrypt the photos so that only the Ritz people can read them?
Do these people shy away from proven algorithms because they don't have the processor power, because they don't want to pay licensing fees, etc? Do they use proven algorithms and implement them badly? Or do they just figure that they can make up something on their own, and that it will stand up to attack?
Does their business model (the manufacturer, not the hacker) depend on remanufacturing these things? I don't know about DMACA (digital millenium anti-competition act) violations, but I'd think a simple deposit on sale system what fix any issues with consumers keeping the cameras. It works for car batteries, it can work for these cameras.
Fred
"A fool and his freedom are soon parted"
-RMS
Ritz did the same mistake that most companies do, they opt for the obscurity is security model. A smarter model is to instead follow the open source model that uses equipment that is prohibitive for the average user to purchase.
Example, rather than use, say, USB cabling, use some proprietory GPIO system that only Ritz controls. Heck, patent the heck out of it. Only needs a $5 CPLD to impliment a controller, but most casual hackers don't care to get into hardware-hacking on this scale. Sure, someone will break it, but then those capable will be a limited subset of the market, and damage is minimized.
Shoot, I should apply to be a corporate consultant!
Karma Whoring for Fun and Profit.
The DMCA prevents you from viewing the images on your DVD (you own the thing) that you just bought if you don't own a "preapproved" DVD player. A mere DVD-ROM + Linux can't do it legally.
Actually, it doesn't prevent you, but if you find a way to do it, it prevents you from publishing/sharing it.
So no, it is not funny.
Write boring code, not shiny code!
It is a wiki. Someone from Slashdot edited the page.
it's a fairly crappy camera; for 11 dollars.
you can get a logitech pocket digital for like 37 dollars; basically same specs, but looks a whole lot nicer and does exactly the same thing - except maybe actually storing more pictures on the internal memory.
With parts and time invested, I think it is more than worth the 26 dollars difference.
Yes i know there is the geek "i hacked my cheap-ass camera" factor, but come on... if you want to be a geek, there are more worthwhile projects on which to spend your time!
My life in the land of the rising sun.
Yeah! And Lexmark put together a business that relies on revenues of printer cartridge sales. Congratulations to those hackers/crackers who have likely now put those individuals out of work.
Wait...why is it my job to ensure that someone's business model succeeds? I bought the thing--let me tinker with it.
I have a feeling that the makers of these cameras will start to spin how the computer community is to blame for hacking every consumer product and making it do things that the manufacturer never intended. They can say stuff like "We can't make any good products because when we do, someone finds a way to hack and ruin it!" They then run behind the DMCA so that they can make money on a plan that is shown to be flawed. Do they make a better product? Nope. They just get behind their lawyers and try to cram bad products down the public's throat. I say we need need to spend less money fighting for flawed methodologies and products (do you hear me RIAA/MPAA?) and more time on R&D.
"Oh dear, she's stuck in an infinite loop and he's an idiot" -Prof. Farnsworth (Futurama)
The difference is, you own the copyright to the photos. Thus, Ritz has no right to prevent your access to them in whichever fashion you choose.
Let me be the first to call BULL**T on that.
MacroVision is not added to consumer-created tapes, just like CSS isn't used by consumer-created DVD Video. There is no copy protection that would prevent you from duping your own copyrighted material from VHS to VHS, or DVD-R to DVD-R.
The original message was dead-on - it'll be interesting to see Ritz use DMCA to prevent users access to their own copyrighted photos.
Ritz has an honest business model, and consumers shouldn't download their own pictures from the camera.
:)
Even if using the DMCA to combat this is morally wrong, so is downloading your own pictures, in this case.
Certainly you have to sign a contract to rent the camera?
Of course, you could place your own favorite pics on the camera, and send it in.
tasks(723) drafts(105) languages(484) examples(29106)
Hmm, anyone else remember the I-Opener?
A $99 computer with a proprietary (QNX-based) OS on a flash disk, that was sold at a loss because the company figured they'd make money from their dialup service... Until someone found the IDE connector on the motherboard and installed something else.
Well, after a short war between the hackers and the company (including state of the art protection mechanisms as epoxy glue on the bios, torx screws, clipped IDE pins etc) the company finally had to raise the price of the unit, resulting in the sales plumeting, and in the end bankrupcy.
Now, I'm not saying it's a bad thing to hack devices like this, heck I've got an iopener (running jailbait linux) standing next to my main computer. But there is a good chance that soon nobody will use the $11 developing deal, resulting in the cameras getting pulled from the stores.
Just as there were lots of people happily using iopeners as they were intended, I'm sure there are lots of people happy with the service that Ritz is providing, and if so it's a shame if we, the hacker community, proceed to destroy yet another service for other consumers.
What kinda battery does this thing have in it? It would be cool if you could recharge it, but the work is worthless to take 25 or so pictures and to have to go and hack another one.
ItWasFree.com - Take the mystery
How many people in society use disposable cameras? many hands raise How many of you know or care about taking a few hours to go to the lengths needed to get this hack done? few hands raised. To sum up for everyone crying doom for this business model:
Hacking value for fun: 8 out of 10 points.
Hacking value for ...um.... actual value: 1 out of 10 points.
In short, RTFA if you think Joe and Jane six-pack will care about this. If you still think this matters to the business plan after readinging TFA, keep refreshing untill you slashdot it again and get the I'm stupid page.
Hey, I know! Ritz can get the government to put a hidden levy on Palm m100/m105 hotsync cables! Because, you know, everyone who purchases hotsync cables must be intent on using them, at least some of the time, for ripping Ritz pictures.
Kinda like what they do with CDR for RIAA. It's such a good idea.
After they're done with that one, I think they'd better put in a levy on Craftsman tools, because home mechanics are cheating Midas Muffler out of revenue, and a levy on Tupperware containers, because we're all cheating Safeway out of grocery sales when we keep our leftovers.
--
Don't like it? Respond with words, not karma.
Well, go ahead and mod the parent up because it is a legit argument, but... if the business model falls apart because someone is "circumventing" an idiotic law that shouldn't exist to begin with, the business model is the problem, not the person who was savvy enough to figure out the work on their own.
Any company who's business relies on a shaky, ambiguous, morally (and quite probably legally) reprehensible law that a bunch of big business suits bought with some extra cash they had lying around isn't going to make it and doesn't deserve to.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
Then again ? When you pay rhe deposit if it gets stolen no one loses out. Since you bought the camera
Solosoft.org - Your Online Resource to Nothing
Moreover, if you "rent" something and don't stipulate a return-by date or charge a fee for extended possession, it most likely would fail to meet any legal condition for "rental". The idiocy of a company can rarely be mitigated by the idiocy of law.
We who were living are now dying
With a little patience
Do you sign a rental agreement? Is there any paperwork in evidence to suggest that the transaction is anything other than a normal retail sale?
No? Then it's not stealing. It using your lawfully purchased property in the manner you see fit.
Schwab
Editor, A1-AAA AmeriCaptions
"pictures that you have taken and hence own the copyright to."
This is key.
Being able to capture, retain, and download pictures is my own DRM system. An encryption scheme that forces me to take my pictures to Ritz is a circumvention of my DRM.
Therefore Ritz is in violation of the DMCA for forcing a circumvention of my DRM, extorting money from the rightful and noble copyright holder.
What, you say Ritz never agreed to my EULA? Sure they did, when it was the first photo I took with the camera. And let's not even think about the violations if they keep a copy of the file.
Kevin Fox
Ritz put together a business that relies on revenues that it will no longer have. Congratulations to those hackers/crackers who have likely now put those individuals out of work.
And shame on those who put together the business model. Honestly the stupidest business plan in the world has to be to sell hardware for less than it costs to make it. Do you honestly think people are going to feel bad at trying to maximize their utility from products they purchased? I use things as they were not intended by the manufacturer all the time. Do they have a legitimate complaint? No, they happily sold it to me and I have no obligation to help them succeed at what is undeniably a poorly thought out business model.
Do you feel bad every time you don't purchase something you see on TV? A lot of people worked hard to put together that business. That is why it is called "risk" Sometimes you do something stupid and lose. The customers are looking out for number 1, they are not on the company's side (as companies are not on the customer's side) and if one slips up, the other takes advantage. Every time.
Finkployd
Lawyers will argue that, in order to use the copyrighted firmware in the camera, you must be licensed to do so.
Just like you need a license to read a copyrighted book. How they can use the above argument is beyond me.
Nobody signs an "EULA" before buying one of these cameras, so any argument about its usage is just a bunch of babies whining because their business model had a flaw it - one that the market has found and used to its advantage. And I think it's important to keep in mind is that people are buying a camera - not licensing any software. If this "unauthorised use" bollocks is deemed enforcable, how long before GM can sue you if you fix your car yourself?
Note also that it's their customers doing this - not their competitors, who I would expect would have a much more profitable use for it.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
I hate ditto posts, but EX-FRICKING-ACTLY! I am getting so tired of companies these days coming up with "business plans" that wouldn't survive a week in the real world, just because they can hide within the labyrinth of laws and smash anyone who acosts them. If they are "selling" those cameras at a loss, then that is *profoundly* stupid and they deserve to take a beating on it. (and they will since, now that the crack is out, it's never going to go away no matter how many people they sue)
Bush: He's Liberal in all the wrong ways.
Yeah, it was a sincere comment.
I buy a DVD with the expectation that I will be able to enjoy the contents on that DVD. I have equipment which is sufficient to allow me to do so (to wit: A computer equipped with a DVD-ROM drive), and so this would seem to be a reasonable expectation. I bring it home, pop it in, and find out that, for no better reason than I choose to use Linux (instead of Windows), I am unable to play the contents of this media.
Obviously, your expectation was false. You should have some research before buying the media. If a business can't expect its business model to be honored, then why should a customer expect his expectations to be honored? That, IMHO, is the other side of the coin.
Under the DMCA, it is very possible for me to find myself out the money for a DVD which I might actually enjoy. Somebody has stolen some time from me, and I have no recourse. Now, before you tell me to use Windows, keep in mind that I must buy Windows, somehow, some way. Which means that I am out even more time. Or a stand-alone DVD player, which has the same issue.
You bought a DVD on the assumption that it would play on your system. Nobody forced you to buy that DVD. Your assumption turned out to be false. I don't see how anybody has stolen anything from you.
The DMCA steals from me the ability to help others make use of the items which they have rightfully purchased with their time.
The key word here is "rightfully". You cannot play DVDs "rightfully" without the appropriate licenses. Its like complaining that somebody stole from you because you can't go into a movie theater without a ticket. After all, you spent some time going to the theatre. And the ticket is not a strict requirement for watching the movie: a pair of eyeballs and buttocks will do, and you have those.
So from your point of view, there is no reason why you shouldn't be able to watch the movie. But the bouncer disagrees. Do you call him a thief?
I suppose this is a decent geek accomplishment, but I cringe every time I see it . . I'd love a decent disposible digital camera and I'm afraid stuff like this will make other companies afraid to enter the market.
Any company who's business relies on a shaky, ambiguous, morally (and quite probably legally) reprehensible law that a bunch of big business suits bought with some extra cash they had lying around isn't going to make it and doesn't deserve to.
It seems shortsighted to dismiss the service this company provides just because the camera can be hacked. Hackable==bad business model, end of story? The world isn't black and white like that.
Well, go ahead and mod the parent up because it is a legit argument, but... if the business model falls apart because someone is "circumventing" an idiotic law that shouldn't exist to begin with, the business model is the problem, not the person who was savvy enough to figure out the work on their own.
Every law is "idiotic" to those who don't like what it means.
Using the DCMA to protect digital cameras of this type isn't an injustice. Many people cannot afford to buy expensive digital cameras or have only a limited use for them - there is definitely a market for this sort of thing. By striking against the company that sells this service, you are really attacking the people who would want to use this service by making it economically impossible for the company to provide "rental" cameras.
The technically "savvy" means of circumventing the system here isn't morally different from putting one quarter into the newspaper box and taking all of the copies for yourself. Your argument is that if newspapers want to protect themselves they shouldn't rely on laws prohibiting theft but should instead invest in expensive newspaper vending technology that will prevent customers from taking more newspapers than they pay for. Fair enough, I suppose, but that doesn't excuse the actions of people circumventing the system that's in place. The DCMA isn't such a bad thing, and it's not as if Ritz is ripping people off with their system.
How will Ritz react? They'll probably have to create rental agreements with customers, under which the customers agree to return the camera to Ritz within a specified period of time and also agree not to use any other means of accessing the photos stored in the camera. Then they'll have to sue people who won't return their cameras or obviously use an alternate means of getting the photographs out. The net result of this isn't a victory for freedom of information. It will be a matter of a few jerks ruining it for the rest of us.
144l. ph34r my 133t l3g4l 5k1lz!
There could still be ethical concerns. Ethics can require things the law does not (and vice versa). If you hack the camera, you're getting more than you paid for, more than the seller intended to give you, for less than it cost him to provide it.
It is logically coherent to think this is wrong even if legal. For instance, medieval philosophers like Thomas Aquinas had a "fair price" doctrine on which it is unethical to charge more for something than it is honestly worth. Moreover, it did not matter for the doctrine whether the buyer knew this. (Think of a case where a starving person is sold a loaf of bread, from the only food producer in town, for $100. He knows he's being cheated, but he's still being cheated.) There is something inherently plausible to the fair price doctrine, though it is not something that we would really want to enshrine in law except maybe in extreme cases (not everything unethical should be illegal!), e.g., because the law is just too crude an instrument for such cases.
The fair price doctrine has some interesting consequences. For instance, it might mean that Lexmark's and Ritz's business plans are unethical, because they are charging more for something (cartridges or processing) than is fair.
However, one might reasonably think that there is a converse to the doctrine. If it is wrong to sell something for more than it is worth, it is wrong to buy something for less than it is worth--unless of course the discount is a GIFT of the seller. (There is nothing wrong with buying a loaf of bread for $1 and giving a voluntary gift of $99 to the baker.) So it might be wrong to hack the camera.
Of course the fair price doctrine is highly controversial. However, it seems to be logically coherent at least. And if it or something like it is true, it might be that such hacking is wrong even if legal.
(Note, too, that one does not have a moral right to exploit someone's honest mistake. Suppose that a video store instead of making you sign a rental agreement by mistake hands you a sale agreement--which you don't bother reading. You come home with your $3 DVD, look at the agreement and discover that it seems you are legally the owner (assume this is so--IANAL). You still have a moral right to return the DVD. Of course in the case of Ritz, the mistake is of a different order, but still similar considerations might apply.)