Ritz Disposable Digital Camera Hacked

morgue-ann writes "The $10.99 Dakota reusable digital camera announced in July was usefully hacked on November 6. First attempts to extract picture data took 10 hours to read out 16MB, but new code for Linux and Mac and Windows lets you get pictures quickly over USB and view or print them without Ritz's help (and with fewer of your $$)."

Funny

[msgmonkey]

That would truely be funny, using the DMCA to stop you from transfering pictures that you have taken and hence own the copyright to.

Re:Funny

[Binary+Boy]

Let me be the first to call BULL**T on that.

MacroVision is not added to consumer-created tapes, just like CSS isn't used by consumer-created DVD Video. There is no copy protection that would prevent you from duping your own copyrighted material from VHS to VHS, or DVD-R to DVD-R.

The original message was dead-on - it'll be interesting to see Ritz use DMCA to prevent users access to their own copyrighted photos.

Re:Funny

[ewhac]

No, the copyrighted work being "violated" here is the camera firmware.

Lawyers will argue that, in order to use the copyrighted firmware in the camera, you must be licensed to do so. (This is false, but that hasn't stopped them so far.) Thus, by cracking open the camera and pulling the data out, you have made use of the camera firmware in an unlicensed manner. This constitutes copyright infringement.

Also, since the protection racket... er, mechanism in place to keep you from yanking the photos out is probably also the same mechanism that protects the firmware itself. Thus, by circumventing the method that "protects" your photos, you have also circumvented the method that protects the firmware. This is illegal under the DMCA.

Note that it is in no way whatsoever immoral, unethical, harmful, or wrong. It's merely illegal.

Schwab

I don't understand...

[astrashe]

I don't understand why this seems to happen every time.

Why can't they use something like RSA to encrypt the photos so that only the Ritz people can read them?

Do these people shy away from proven algorithms because they don't have the processor power, because they don't want to pay licensing fees, etc? Do they use proven algorithms and implement them badly? Or do they just figure that they can make up something on their own, and that it will stand up to attack?

How... predictable

[downix]

Ritz did the same mistake that most companies do, they opt for the obscurity is security model. A smarter model is to instead follow the open source model that uses equipment that is prohibitive for the average user to purchase.

Example, rather than use, say, USB cabling, use some proprietory GPIO system that only Ritz controls. Heck, patent the heck out of it. Only needs a $5 CPLD to impliment a controller, but most casual hackers don't care to get into hardware-hacking on this scale. Sure, someone will break it, but then those capable will be a limited subset of the market, and damage is minimized.

Shoot, I should apply to be a corporate consultant!

why? why? why?

[lingqi]

it's a fairly crappy camera; for 11 dollars.

you can get a logitech pocket digital for like 37 dollars; basically same specs, but looks a whole lot nicer and does exactly the same thing - except maybe actually storing more pictures on the internal memory.
With parts and time invested, I think it is more than worth the 26 dollars difference.

Yes i know there is the geek "i hacked my cheap-ass camera" factor, but come on... if you want to be a geek, there are more worthwhile projects on which to spend your time!

Dumb Joke

[Anne_Nonymous]

That's not a Ritz hacker, that's a Ritz Cracker!

Can't ,,,re,,sist

[Libertarian_Geek]

That would make the hackers, Ritz Crackers.

Deja vu

[Blue+Master]

Hmm, anyone else remember the I-Opener?

A $99 computer with a proprietary (QNX-based) OS on a flash disk, that was sold at a loss because the company figured they'd make money from their dialup service... Until someone found the IDE connector on the motherboard and installed something else.

Well, after a short war between the hackers and the company (including state of the art protection mechanisms as epoxy glue on the bios, torx screws, clipped IDE pins etc) the company finally had to raise the price of the unit, resulting in the sales plumeting, and in the end bankrupcy.

Now, I'm not saying it's a bad thing to hack devices like this, heck I've got an iopener (running jailbait linux) standing next to my main computer. But there is a good chance that soon nobody will use the $11 developing deal, resulting in the cameras getting pulled from the stores.

Just as there were lots of people happily using iopeners as they were intended, I'm sure there are lots of people happy with the service that Ritz is providing, and if so it's a shame if we, the hacker community, proceed to destroy yet another service for other consumers.

Slashdot crowd not the swiftest

[iamatlas]

Now, of course I'm included in this, but for this article and accompanying comments, I can see the wheels not turning too quickly.

How many people in society use disposable cameras? many hands raise How many of you know or care about taking a few hours to go to the lengths needed to get this hack done? few hands raised. To sum up for everyone crying doom for this business model:

Hacking value for fun: 8 out of 10 points.

Hacking value for ...um.... actual value: 1 out of 10 points.

In short, RTFA if you think Joe and Jane six-pack will care about this. If you still think this matters to the business plan after readinging TFA, keep refreshing untill you slashdot it again and get the I'm stupid page.

For people who don't read articles

[BillX]

Actually, some of these points are not in the articles, and (not surprisingly) seem to be causing some confusion based on some of the comments I have seen above.

1) The cameras are purchased, just like any ordinary (non-digital) disposable camera. There is no rental agreement, nothing to sign, no deposit, etc. Some previous comments have asked about this. Also, the camera IS cheap; the hardware itself costs probably no more than $25-50 to manufacture, and likely pay for themselves in 1 or 2 processings. The big draw is that you can use them in potentially hazardous environments, and if it gets destroyed or stolen, this only sets you back $11 + a few minutes to solder a new connector into a new camera.

2) The batteries are changeable by the user - they are ordinary AA alkalines. They will last much longer than 1 25-picture cycle (I haven't yet managed to exhaust a set), but when they do run down, just open the battery cover and pop in fresh ones.

3) The sensor is actually 1.3 megapixels, not 2MP as claimed on the package.

4) The picture quality is mediocre - but not nearly as bad as these samples would have you believe (I don't know what happened to that guy's cam). Try the samples here and here (middle of page) for other samples. The biggest problem seems to be motion blurs from not holding the camera steady enough (the "shutter speed" is pretty slow). The other problem is that the lens is adjusted to be in-focus at some specific point probably between 4-12 feet from the camera. In practice, your subject will usually not be exactly at the in-focus distance. While you've got the camera open to solder in a little USB socket (or whatever), you can rotate the lens to adjust it for other distances, up to within an inch of the lens.

5) Concerns that this hack will be singlehandedly responsible for driving the cameras off the market, driving Ritz out of business, etc., seem largely unfounded. They will probably go off the market anyway - last time I was in Wolf Camera, the sales associates were actually warning people away from these cameras, saying that they would get slightly better image quality from the film disposables (for less $$, and 27 vs. 25 pictures - it's a no-brainer, come to think of it...)