Feeds

What the Hell is… CueCat?

A New-Economy marketing gimmick gone horribly wrong ;-)

  • alert
  • submit to reddit

Internet Security Threat Report 2014

It's the size of a computer mouse, shaped vaguely like a cat, and plugs into your PC. It reads bar codes on printed pages and even on products, and immediately directs your browser to selected Web sites for a sales pitch. Hobbyists have cracked the firmware, cracked the software, and someone has even cracked its creator's customer database. And now privacy freaks have risen to arms over its diabolical serial number.

More than a million have been given away, and at least nine million are soon to be en route to eager hobbyists scheming to turn it into an all-purpose, and free, bar-code scanner running on open-source software. A Web site has already been run up for developers, and an OSDN forum has been dominated by cracks and code and tricks related to it. It comes to you courtesy of Radio Shack, and Forbes and Wired magazines. In its cracked incarnations, has considerable potential for mischief.

What is it? It's CueCat, brainchild of New-Economy 'technology' outfit DigitalConvergence. At first thoughts, it would seem a clever gimmick - the digital alternative to those irritating product-info cards in the backs of magazines (to which the mag inevitably, and annoyingly, opens). Too clever by half, it turns out. The company immediately lost control of its new toy.

One OSDN forum visitor named OmniGeek explains it thus: "I have obtained two CueCat scanners... and have never opened or used the CD-ROMs, and hence don't fall under the silly shrink-wrap license 'opening this software constitutes...' Bring on the lawyers. No way can they tell me how I can or cannot use the hardware gadget..."

That's right, just toss out the pre-licensed software unopened, and run the thing off your own code. What's left is a piece of hardware that anyone is at liberty to tinker with. The company can't possibly make a legal argument equivalent to, 'it's illegal to over-clock your own CPU; it's illegal to modify a car engine for extra performance; it's illegal to plug decent speakers into your el-cheapo audio system....'

So how did DigitalConvergence shoot itself in the foot with such a dramatically large-bore weapon? A bit of history tells a tale of what can only be described as an idea-mill going live with a high-tech gimmick in the absence of anything resembling high-tech savvy.

Need proof? According to a company press release, DigitalConvergence last week "experienced a security breach that may have exposed certain members' names and email addresses. The company was alerted... by Peter Thomas at Securitywatch."

The breach, it turns out, compromised the privacy of about 140,000 customers. Not good... not at all good, for an "Internet technology company".

The company's management team "includes a roster of industry veterans from Time Warner, AT&T, GE, ING Barings and Disney," the press release chirps. This could account for a good deal of its apparent technical incompetence. They likely have too many 'concept guys' in control with too little practical, nuts-and-bolts foresight and imagination. To compete in this market, the Big Swinging Dicks need an ability to 'think outside the box', sure, but they especially need to think outside the box with the dollar signs.

Then there is the CueCat's serial number, which privacy alarmists see as a potential user-profiling weapon. The company lamely explains that it only meant to track which of the several outlets (Forbes, Radio Shack, etc.) a given CueCat had come from, not user behaviour. And that may well be true, but... a serial number? You'd think these guys never heard of Intel, and it's Mark-of-the-Beast CPU debacle and hastily-issued 'security patch'.

Then of course there is the growing open-source CueCat project with which we opened our tale of spectacular failure. Shades here of NetPliance and its $99 i-Opener, cheaply and easily cracked into fully-functioning PCs. NetPliance soon found that an absurd number of buyers were cancelling their Net access contracts, on which the company's profits depended, after snapping up four or five of the handy gizmos. NetPliance may be forgiven for pioneering the blunder, but DigitalConvergence's determination to imitate it is rather difficult to overlook.

In all, a disastrous start to a marketing concept clearly executed by greedy fools. Now for a quick fix in keeping with the company's rig-it-and-roll mentality: we look for 'CueCat2' to come stuffed with a tiny squib, detonated by opening the plastic housing. They can worry about children's prying fingers after the fact, as they have done with every other potential pitfall. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.