So much win:
- If you know or guess the MAC address of any Kodak wireless digital picture frame, you can extract the images that are displaying on it.
You can also remotely reset the frame, meaning you can 0wnz0r it and change its image sources.
So Kodak has built an appliance for letting complete strangers (a) browse your family photos, and (b) beam shock porn directly into your living room! GOD BLESS AMERICA!
This all works because the appliances won't connect to (e.g.) Flickr directly, they only phone home to Kodak's server, which then proxies all of the requests. But at least they're using OAuth instead of making you type your Flickr password into Kodak's server. This is a little surprising, actually, given the tip-top job their security engineers did of designing the rest of the infrastructure of this product line.
I guess I ought to add a WebCollage source to generate random Kodak MAC addresses for use as an image source!
I see the Committee To Elect Rick Astley President continue their good work.
Too late. Many (all) feeds now show up as "Forbidden"
Although... Since they're not asking for a password, it's probably just checking the user agent.
thought the same, downloaded the firmware update from Kodak for the frame, searched for framechannel, and in the vincinity of the url I found "AVOS/1.1".
wget -U "AVOS/1.1 lib" -O test.rss http://rss.framechannel.com//productId=KD9371/frameId=00:23:4D:B8:07:6D
seems to work. =)
the lib-part would usually be libhttp something, just in case they change their detection again...
Interestingly, changing the product ID (I changed the last digit from 1 to 0) allows you to view a feed of pics, called "fmdefaultfeed". And changing it to a 2 gets you a 5-letter activation code (for the site?).
On the registration page they have a lot of manufacturers. Presumably whose CDMs (Chief Decision Monkeys) all thought the security is good enough.
So I guess they realized they're frakked and are doing a temporary block, but only for this product id.
Hee hee hee... I wonder how they'll be able to fix this. Remote/SD-card based firmware upgrade possibilities? Product recall?
Are there any digital picture frames that can simply read images from a Windows share on my network? No stupid subscription services, no "we'll scrape it off Flickr's public feed via our own proxy" or other crap that really means "in two years time your device will be useless as we'll turn off our servers due to lack of users".
I just want a little screen that shows images from a share on my network, without having to dismantle a laptop and put it in a picture frame.
I was sort of wondering this myself. I received a digital photo frame as a gift, and I actually kind of like it, but it requires me to load the photos onto an SD card, which means that I never remember to update it with new photos. If it could just read from a share, it'd be a lot easier for me to keep it updated with new photos. I suppose if someone took something like the Eye-Fi as a base, it'd be feasible to retrofit that into an existing frame that uses SD, but that seems like a lot of work.
I suppose what I really want is a Chumby, but with a 14 inch screen.
...someone, at one point, actually made a SD card that embedded WiFi and an entire smbd into it (more targeting users who had to go rapidly from camera to laptop).
That would've been back in the 802.11b era, though.
Eye-Fi? FAT, not SMB; and at least one of the cards claims to be doing 802.11n.
Hah, yes, Eye-Fi just stumbled on the name by accident and was coming back here to post it now that nobody would ever look again.
Looks like there is protocol documentation here, and it's HTTP, not SMB:
http://returnbooleantrue.blogspot.com/2009/01/eye-fi-standalone-server.html
That's somewhat impressive, because I guess it's constantly trying to ping and push at the host instead of letting the host poll for cameras in range. But that comes naturally from the push-everything-through-their-proxy-so-you-can-sync-from-a-coffeshop-without-a-laptop requirement, I guess.
ThinkGeek have a Linux-based frame that will work with any random RSS feed you enter into it.
(What I want is one that will power save unless there's someone in front of it, using some kind of passive IR detector.)
...since I live in a country with harsh data caps and massive charges for exceeding them from ISPs. Mobile data is 20 meg a buck. Cable is not that astronomical, but it's in the ranges of dollars a gigabyte. Devices that assume cheap, flat-rate data, especially from offshore sources, are basically useless.
Ouch. Still, I suppose it does mean there is now a reason not to want to move there.
New Zealand does have the odd drawback; relatively shite Internet access is one of them, the cost of books another, and being miles away from anywhere is a mixed blessing.
(Still, as a Tom Scott put it when referring to Wellington's weather, "It's just as well it's shit, or every bastard would want to live here.")