[ Home ] [ CueCat ] [ Videos ] [ Pics ] [
Lock Picking ] [ OSCAR ]
The Infamous CueCat
What is this 'CueCat' thing?
A CueCat is a free barcode scanner given out by Radio
Shack (You've got questions, we've got blank stares™) that plugs into the
PS/2 keyboard port on your computer. When you scan a barcode their software that comes bundled
with the scanner will take you to a website partaining to the product you just scanned. The
company that makes these cats, Digital
Convergence, wanted to make sure you could only use these things with their software and
nothing else so they made the cat 'encrypt' the output. Naturally the hacker community started
taking interest in these new toys and it didn't take long to break the weak encryption
scheme. (For more info on the scheme, see this document).
Privacy
advocates have also taken an interest in the CueCat. Each CueCat prepends a unique serial
number to the output of the code you scanned. When used in conjunction with their software,
they are able to keep a database of everything you've scanned and are able to feed you targeted
advertisements.
The purpose of this page is to educate the public on the CueCat and related issues, as well as
to provide resources that will help you understand and make full use of your CueCat. If you
have any comments or suggestions, please email me!
News
Wednesday, Oct. 11
Thanks to J. Seth Henry, I now have the plain ASCII hack for the CueCat model 68-1965! You
can find the email here. I should have some pictures of the completed hack up soon.
Friday, Oct. 6
I was browsing slashdot today and found some
information on a hadware hack that will disable all encryption! With ecnryption disabled
on the hardware level you don't need any special software to make your scanner useful. If you
have a little bit of technical savvy and a soldering iron, you should definitely check it
out. The hardware hack page is here.
On another note... I found this page that affirms what people have been worried about, that
Digital Convergence is compiling user profiles in order to send you targetted
advertising. Check it
out.
I also added a document on the encryption scheme used by the
CueCat
Monday, Sep. 25 10:25pm
The Privacy Foundation has issued an advisory demanding Digital Convergence, maker of :CueCat, alter their
tracking methods. The advisory warns that the device has the ability to track every bar
code a user scans, leaving the potential for future development of individual user
profiles wide open. Also check out the Privacy Foundation Press
Release
Programs and Scripts
Catnip 0.9a - A windows based program that makes the CueCat useful
via decryption and a keyboard hook. (25k)
cat.pl A Perl decoder script (925b)
cuecat.tcl TCL decoder script (6.4K)
catkit32.exe - Windows based decoding/KB hook software (3.03MB)
foocat-barcode-0.1.2.tgz Linux decoder (16K)
BeClueCat.zip Perl/BeOS software (12K)
Links
base64.html - An excellent document on the base64 encoding of the
CueCat. Definitely worth a read if you want to better understand the encryption scheme.
Hardware Hacks - Instructions for various hardware hacks along
with detailed pictures.
http://opensource.lineo.com/cuecat/ -
Lots of good info on the cuecats (Shutdown by Digital Convegence once again)
http://air-soldier.com/~cuecat/ -
Lots of technical info and pictures on the CueCat hardware.
ActiveBarcode.com - Good
info and descriptions of the different types of barcodes.
CueCrap - A nice site with good
resources. Many Linux and Windows drivers/programs/decoders. Highly
reccomended.
I hear that CueCats are only available in the US. If you live outside the US and want
one to play around with, email me and perhaps
we can work something out.
Mail the webmaster