Kodak Wireless Picture Frames Open To Public 185
Jaxoreth writes "The Kodak Easyshare Wireless Digital Picture Frame displays images via a per-frame RSS feed hosted by FrameChannel. Each frame's URL is identical except for a parameter matching its particular MAC address, enabling public browsing of users' feeds. And worse, if you reach the feed of a not-yet-activated frame, it gives you the code to activate it, allowing you to preload it with whatever content you choose."
Luckily... (Score:4, Interesting)
Sarcasm aside, how could they possibly have thought that this was a good idea? Nobody expects Joe Consumer to remember something as hostile as a MAC address, so there isn't a "user convenience" argument to be made, and anything with enough processor power and mass storage to run these sorts of web functions could have gotten away with cramming in an onboard GUID or some certs or something. WTF?
Well... (Score:3, Interesting)
It seems you get an RSS feed with an activation code no matter what you enter for the frameid (it doesn't even seem to have to be a valid MAC address) so it seems they're not filtering on the server for addresses that actually belong to frames
Re:Mac address anatomy (Score:1, Interesting)
Another one [framechannel.com], actually preloaded with pictures. Of course the real vulnerability is the ability of others to activate and pre-load pictures. This should really be fixed soon.
Re:Not cool... (Score:2, Interesting)
Re:Well... (Score:5, Interesting)
Even more interesting, using an id of "'" (an apstrophe) gets you some sort of default channel with some rather nice pictures. They even change them after some time.
http://rss.framechannel.com//productId=KD9371/frameId=' [framechannel.com]
I wonder what's happening behind curtains.
Not difficult to track down actual users (Score:3, Interesting)
1. Play with the MAC address to find a live frame. It took me 4 tries.
2. Scroll down and see if one of their images is the weather forecast, complete with the city and state for the forecast.
3. Now look at the userid. It likely contains a first initial and a last name.
4. City, state, last name, first initial -- that may very well be enough to get a street address.
5. Most people have pics of their family, including their kids. You've got a name, address, and photos of the fam.
It seems to me that goatse/tubgirl -ing these things is the only responsible thing to do. Sure, a few dozen (hundred?) people will have to gouge their eyes out, but it's a small sacrifice necessary to generate consumer push back on this kind of nonsense.
Doesn't surprise me (Score:3, Interesting)
Given how rudimentary and just plain awful Kodak's interface was for their WiFi picture frames from 2 years ago when I bought a few for the family to share the same albums with each other across the nation, this story doesn't surprise me in the least.
I mean, who lets the frame go on the internet and builds in a timer for when to turn the frame off and on at night...but then when it comes back on it ONLY goes to its own internal memory and NOT the last gallery you were viewing via the WiFi?? Every morning you have to reconnect it to the internet galleries...and its ability to cache the pics from the internet is so poor that it will often claim it has an "error" and...REVERT BACK TO INTERNAL MEMORY! It's next to impossible to use it to view galleries on the internet...that can ONLY be on their website...AND that they're now CHARGING you to keep "active"!
So, no, it doesn't surprise me at all that they could screw even this basic security up.
Looks like you can also reset accounts..... (Score:5, Interesting)
I was checking some of the links and noticed a few interesting parameters
http://www.framechannel.com/feeds/pair/index.php/r=1/frameModelCode=KD9372/frameModelId=1/frameId=PAPAPA/reset=0/language=en/7072.jpg [framechannel.com]
See that parameter named reset? I activated an account and verified it as activating. Then I triggered that reset parameter to 1 and it went back to the pre-activation state!
Re:Mac address anatomy (Score:3, Interesting)
Try KD9372.
Also go to the registration page and you'll see a few models. Dunno about the model codes, though.
Re:Looks like you can also reset accounts..... (Score:4, Interesting)
Ok, now it's nasty - until now you could randomly initialise an inactive (possibly never real in the first place) account. Now it seems to can find the real accounts, and reset them into nastyness.
Massive product recall ahoy
Re:Mac address anatomy (Score:4, Interesting)
I just sent them an email with a link to this story and urged them to act quickly. This is funny and all, but will someone please think of the grandmas?
Family Photos abound (Score:2, Interesting)
Someone recently graduated, and really likes hot air balloons [framechannel.com]
many random -- changed twice while posting this [framechannel.com]
Nice travel photography [framechannel.com]
Meh. [framechannel.com]
VERY NSFW - I'd hate to be the one who got this frame for grandma! [framechannel.com]
Stunning photography, too good to be theirs... damned image pirates [framechannel.com]
Cute kid; mom needs to wear sunblock [framechannel.com]
Cute baby pics [framechannel.com]
Wow. it's amazing what I'll do when bored, while WoW servers are down for patching.
Other things to think about (Score:1, Interesting)
remember that framechannel also has plugins for ROKU boxes and many many other devices other than frames.
"Flight to Vegas Delayed" (Score:4, Interesting)
Me, I take this as an object lesson for what happens when you dump your product on woot, and when you don't bother to make even the slightest effort at security.
This truly is a PR nightmare, but will make a good plot mechanic in next season's procedural dramas.
Re:zero day vulnerability? (Score:3, Interesting)
redirect... (Score:1, Interesting)
It seems they now redirect everything to there default National Geographic feed.. Did they already implement Bretski's idea and starting filtering on useragent ? Anybody got this model that can validate if its still working on the device and if so sniff and see what useragent it is using..