Slashdot Mirror
Ritz Disposable Digital Camera Hacked
morgue-ann writes "The $10.99 Dakota reusable digital camera announced in July was usefully hacked on November 6. First attempts to extract picture data took 10 hours to read out 16MB, but new code for Linux and Mac and Windows lets you get pictures quickly over USB and view or print them without Ritz's help (and with fewer of your $$)."
I don't understand why this seems to happen every time.
Why can't they use something like RSA to encrypt the photos so that only the Ritz people can read them?
Do these people shy away from proven algorithms because they don't have the processor power, because they don't want to pay licensing fees, etc? Do they use proven algorithms and implement them badly? Or do they just figure that they can make up something on their own, and that it will stand up to attack?
Does their business model (the manufacturer, not the hacker) depend on remanufacturing these things? I don't know about DMACA (digital millenium anti-competition act) violations, but I'd think a simple deposit on sale system what fix any issues with consumers keeping the cameras. It works for car batteries, it can work for these cameras.
Fred
"A fool and his freedom are soon parted"
-RMS
Ritz did the same mistake that most companies do, they opt for the obscurity is security model. A smarter model is to instead follow the open source model that uses equipment that is prohibitive for the average user to purchase.
Example, rather than use, say, USB cabling, use some proprietory GPIO system that only Ritz controls. Heck, patent the heck out of it. Only needs a $5 CPLD to impliment a controller, but most casual hackers don't care to get into hardware-hacking on this scale. Sure, someone will break it, but then those capable will be a limited subset of the market, and damage is minimized.
Shoot, I should apply to be a corporate consultant!
Karma Whoring for Fun and Profit.
The DMCA prevents you from viewing the images on your DVD (you own the thing) that you just bought if you don't own a "preapproved" DVD player. A mere DVD-ROM + Linux can't do it legally.
Actually, it doesn't prevent you, but if you find a way to do it, it prevents you from publishing/sharing it.
So no, it is not funny.
Write boring code, not shiny code!
it's a fairly crappy camera; for 11 dollars.
you can get a logitech pocket digital for like 37 dollars; basically same specs, but looks a whole lot nicer and does exactly the same thing - except maybe actually storing more pictures on the internal memory.
With parts and time invested, I think it is more than worth the 26 dollars difference.
Yes i know there is the geek "i hacked my cheap-ass camera" factor, but come on... if you want to be a geek, there are more worthwhile projects on which to spend your time!
My life in the land of the rising sun.
Was it provided on a rent and return basis, though? If it was presented as a sale and the customer exchanged money for it rather than having to agree to any leasing T&Cs then it's hardly the customer's fault the company are idiots.
Let me be the first to call BULL**T on that.
MacroVision is not added to consumer-created tapes, just like CSS isn't used by consumer-created DVD Video. There is no copy protection that would prevent you from duping your own copyrighted material from VHS to VHS, or DVD-R to DVD-R.
The original message was dead-on - it'll be interesting to see Ritz use DMCA to prevent users access to their own copyrighted photos.
Hmm, anyone else remember the I-Opener?
A $99 computer with a proprietary (QNX-based) OS on a flash disk, that was sold at a loss because the company figured they'd make money from their dialup service... Until someone found the IDE connector on the motherboard and installed something else.
Well, after a short war between the hackers and the company (including state of the art protection mechanisms as epoxy glue on the bios, torx screws, clipped IDE pins etc) the company finally had to raise the price of the unit, resulting in the sales plumeting, and in the end bankrupcy.
Now, I'm not saying it's a bad thing to hack devices like this, heck I've got an iopener (running jailbait linux) standing next to my main computer. But there is a good chance that soon nobody will use the $11 developing deal, resulting in the cameras getting pulled from the stores.
Just as there were lots of people happily using iopeners as they were intended, I'm sure there are lots of people happy with the service that Ritz is providing, and if so it's a shame if we, the hacker community, proceed to destroy yet another service for other consumers.
How many people in society use disposable cameras? many hands raise How many of you know or care about taking a few hours to go to the lengths needed to get this hack done? few hands raised. To sum up for everyone crying doom for this business model:
Hacking value for fun: 8 out of 10 points.
Hacking value for ...um.... actual value: 1 out of 10 points.
In short, RTFA if you think Joe and Jane six-pack will care about this. If you still think this matters to the business plan after readinging TFA, keep refreshing untill you slashdot it again and get the I'm stupid page.
Do you sign a rental agreement? Is there any paperwork in evidence to suggest that the transaction is anything other than a normal retail sale?
No? Then it's not stealing. It using your lawfully purchased property in the manner you see fit.
Schwab
Editor, A1-AAA AmeriCaptions
"pictures that you have taken and hence own the copyright to."
This is key.
Being able to capture, retain, and download pictures is my own DRM system. An encryption scheme that forces me to take my pictures to Ritz is a circumvention of my DRM.
Therefore Ritz is in violation of the DMCA for forcing a circumvention of my DRM, extorting money from the rightful and noble copyright holder.
What, you say Ritz never agreed to my EULA? Sure they did, when it was the first photo I took with the camera. And let's not even think about the violations if they keep a copy of the file.
Kevin Fox