I worked in retail many years, including doing store shelf tear downs and replacement and night shift stocking.
Back in the day we would get our planograms from HQ, then we’d print out all the labels on perforated paper, and walk the shelves moving product and updating the price tags, throwing out the old. The epaper tags are very clearly an improvement to that process in both time and waste. We would also check the prices using a Motorola price gun and do our fixes manually and then print out new tags or update the counts.
I’m surprised these tags are just IR blasted with no security. I would have expected they’d need some sort of code and you would simply save the code on your gun, pop a tag in front of a product, scan the product, then pair the tag all on your price gun in like 3 actions.
I also would have thought in these days we’d use Bluetooth beacons to triangulate the shelf slot too so that HQ could have a realtime map against their planos (it was not uncommon a product’s size would change and the layout would have holes or products that don’t fit on your real shelf).
Anyways, neat project! Triggered a walk down memory lane for me.
Previously, a criminal could just print their own shelf tags. They'd probably do this somewhere other than in the store to get the details right, but it was doable. (We've all seen probably rolls of blank shelf tags sitting around at the store, and thermal printers are inexpensive. So what if it's two crimes instead of one?)
And then, in the store, they could just switch out the shelf tag(s) and try to play their little scam.
Now with this new development, a criminal still needs to get the details right. Like a blank paper tag, the little screen is also a blank slate. It's just eraseable and rewritable in-situ.
The scam is the same. It's just shaped differently.
---
I do understand why the tags are simple to write. Maintaining some kind of revolving, PKI, or multi-factor auth would be harder than doing nothing, and probably slow. Fixed, basic auth would just get leaked (probably first by Home Assistant tinkerers who find some discarded electronic shelf tags somewhere and want a new display for their house).
One-way jnfrared is cheap and low-power compared to anything with RF. And resets would be a pain in the ass if things were forever associated with a certain product, or a certain place in the store.
The way it's implemented now, on reset (yay new planogram!): All the tags get pulled and put in a pile.
And then: One by one, they're removed from that pile, put on a shelf, and programmed.
That's fast and flexible, and therefore inexpensive. Inexpensive is good. If there's one thing that all retail establishments hate most, it is their labor expense.
It does fail to prevent obvious-scam from happening. But it'd probably cost more to do it "right" than to eat the losses when the scam actually works.
Just recently I was in a small shop where I was surprised to see epaper tags and ended up talking to the owner about them. She said they were super flaky and would reset at random. Agter that interaction I am not at all surprised a flipper could mess with them. But I also have not seen them widespread at the physical outlets I shop at.
I was in college when self checkout became a thing and it took us all of about 45 seconds to realize that you could just check everything out as bananas. Steak was weighed and priced at 4011 (banana code) as the stoned teenager cashier paid no attention. Everything on the receipt was literally Bananas
Are you me? I also did this at university in Britain circa 2010. I went for onions and carrots mostly. I'd go to the meat or fish counter and get lovely bits of fillet, then check them out weighed as onions.
That's crazy. But coming from someone who wrote a book on retail fraud and worked as a retail fraud analyst for several years... you could have just walked straight out with those items.
Transacting was your way of leaving a calling card for the investigators/analysts to find you... You stole regardless of how you did it.
The visual risk of walking out without paying is much greater than the risk that anyone actually investigates AND tries to track him down for it.
Back when I was a kid it was common to still just have simple price tag stickers on every single item. We’d pull off a cheap sticker and put it on an expensive item. If they noticed, we’d just shrug and say “oh Nevermind then” when they found the right price.
The only problem was most cashiers actually knew all the prices of stuff and paid attention, believe it or not they even knew how to make change back in those days /s. So you couldn’t always get super aggressive.
> The visual risk of walking out without paying is much greater than the risk that anyone actually investigates AND tries to track him down for it.
So scan everything, then put it in the cart and walk off without putting in the credit card. Again, both are stealing but paying some fake, reduced rate is leaving your calling card at the scene of a crime.
A year or two ago I had a cashier ring up my zucchini as cucumbers because he apparently couldn't tell the difference. Young guy, looked barely 18. I have no idea if he overcharged or undercharged me as a result, but I didn't care enough to point it out because he seemed like the type who would have needed 20 minutes to figure out how to change it (or would have needed to call down a manager for help) and I didn't want to waste any more of my time (or his).
> The only problem was most cashiers actually knew all the prices of stuff and paid attention,
Yup. I was in a local super market and saw Tomahawk steaks priced at $4-6 each. It had to be a mistake but I figured I would give it shot and see if they noticed. Cashier looked at the price, did a confused double take and immediately called over the manager. Turns out the decimal point was off by one so my $4.50 tomahawk was really $45. I bought it anyway and it came out great in the oven.
Did you pay the sticker price or the intended price?
Over here in Poland we have a law that the store must sell you the good for the price it advertised, so in that case they'd be forced to accept $4.50 because of their mistake. May sound too biased in favor of the customer, but before that, the "errors" in price tags were more common.
I know people who regularly stole this way. They would usually work in pairs and one would leave a full cart near the exit and the other would walk out confidently. Worst case they figured they would just act the fool and either leave the cart or pay. Irked me that they did this but not enough to rat. I bet these days doing that with any kind of regularity would have you starring on much higher quality film.
Seriously. Especially since self-checkout is almost always with a card tied to your identity, not cash.
Depending on the value, the police probably aren't going to show up at your address, but use that card again at the store in the future and you might find the security guard coming over. Or, like many stores, they wait for you to do it repeatedly until it adds up to enough for a felony instead of just a misdemeanor, and then they bring felony charges...
The stores have cameras. Likely someone is well aware those weren't all bananas, and has it on video.
> wait for you to do it repeatedly until it adds up to enough for a felony instead of just a misdemeanor
Isn't there a concept in the legal system where you have to mitigate damages even if you're the victim? I can't think of the example off the top of my head that Steve Lehto (consumer lawyer on YouTube gave).
I'm guessing people who steal from the stores aren't able to afford a decent lawyer, but I imagine a decent lawyer would ask the Target witness(es), why didn't you stop him after the first theft? Why did you keep letting him steal?
> why didn't you stop him after the first theft? Why did you keep letting him steal?
Enforcement goes to the police. Stores can't apprehend thieves. There is a lot of training for store employees to not try to engage the thieves because some can behave erratically and dangerously when they feel like they're caught.
You can tell someone they need to stop and pay for merchandise, but if they choose to keep walking there's nothing the store staff can do but document and report it.
The reason stores wait until it reaches felony level to report it is because police are too busy to try to pursue every small case that happens everywhere. There are fewer crimes that rise to the level of a felony, so they have to focus their efforts on the smaller number of more serious crimes instead of taking every report FIFO style
Stores can and do trespass people without police involvement.
The stores can also make a police report after the first theft, but the stores are choosing not to.
The stores are choosing not to mitigate their damages, something that the courts frown upon in my limited knowledge.
I understand that might be a civil aspect (mitigation) versus a criminal aspect, but perhaps someone who has been to law school and studied the law, might be able shed some light.
I used to work in a suburban supermarket during high school and college, first as a cashier and then as a frontend supervisor and payroll clerk. We had a security booth where you could watch security cameras, and it was literally never manned. Tapes were changed, but they were there mostly in case someone would try to rob the place. Cashiers routinely rang their own lunch up either as 99 cents or as bananas. No one cared.
Supermarkets actually factor breakage, theft, and spoilage into their books as "shrink", which averages between 2-3% of sales. There's no detective building a case, biding their time to bring down the banana bandit.
Although, modern self-checkouts have cameras on the scanner with ML-powered item detection, and they will alert the attendant if you incorrectly scan something that's sold by weight. (I've done this before on accident, fat-fingering the wrong PLU.)
I once got stopped at self checkout because I put two vegetables (peppers, IIRC) of different types in the same bag and weighed them together.
They were the same price so it's not like I was trying to pull a fast one one anyone, but "the system" noticed and flagged me for someone to come over.
This was pre-pandemic, and I'm sure they're not less capable now than before.
IKEA did this to me two years ago. Flagged me as not having paid the right amount. Turns out that they sell fake plants as one cost and the pot you put them in as another; even if they're put together.
It was a difference of like $5 at most on a $400 bill. I suppose 1.25% is enough to pay someone in another country to monitor everything.
This gives the ability to use the excuse "I didn't know how to use the machine, I thought I used it correctly, nobody ever trained me on this", where as just walking out does not
(Not a lawyer, I'd imagine you know better here than I do)
I think the point was that they COULDN'T have just walked out with them, BUT, by learning then going through the motions of a typical check out this A+++ hacker was able to bypass a normal security layer.
Systems like Everseen make that approach significantly riskier than it used to be. A live video of you checking out is run through image classification software, so if you scan a steak as 4011, it'll pause the checkout flow and call the SCO (self-checkout) attendant to watch the video of you scanning the item. They then have to approve the scan, at best leaving you publicly humiliated.
Yesterday I went to Walmart, and at the self-checkout the system quirked out and an attendant came by. She reviewed some sort of draconian overhead cam video of me trying to locate a tag out for a product to scan. Gave me "guilty until proven" innocent vibes. Are these systems actually effective?
Hey, something I'm somewhat qualified to answer! So, yes, these systems are actually effective. The systems and procedures are designed to look low key, but essentially perform PRISM-like mass surveillance behind the scene. These systems are managed by former US IC personnel.
What happens is that your identity is tied to these purchases and after a certain threshold you get flagged as a thief, essentially. At that point, you will get very increased attention (via checkout, purchases, and floor walkers), and after another threshold, will be trespassed and/or prosecuted.
But, you'll probably get away with a banana or few before you trigger the loss prevention threshold.
It flagged my for entering quantities of an item instead of scanning each individual item. It wouldn't let me pay until a human looked through my bags. There is a quantity key. I used the quantity key.
They're not effective at reducing/preventing shrink. Unsure what the time situation is at scale for the stores. To be sure I'm faster and better at bagging but holy crap some people are not.
Interesting, I rarely go to Walmart if I can avoid it, but I've noticed the stores here seem to only have a couple staffed checkouts left. There's 14+ isles of self checkouts.
But what if you don't steal anything but the system is messed up. I had a case where I bought multiple things at a big hardware store, self checkout of course, and on my ticket was something I didn't notice. Because I bought a lot I didn't notice until a month later when I looked at the ticket and returned something else. Should I tell them or not, will I be some kind of weird situation?
I hate self checkout.
At my grocery store, it very often complains about something when I'm checking out. The person comes over, reviews the video and said you aren't doing anything wrong.
The answer is don't go to places where you self-checkout, and don't go to places with surveillance. There are still a couple of grocery stores in my town like that.
In the fraud/theft detection I had some experience with, everyone learns right away that mistakes happen all the time. Singular incidents are basically not worth investigating unless something about them is highly unusual, like an unusually large dollar amount or aligning with a scam that has become popular.
When I watched movies and TV shows I had this idea that thieves were all clever people who built smart systems to evade detection and steal right out from under big corporations. Some of those people might be out there operating undetected, but the average thief who gets caught is someone trying to abuse something as much as they can until they get caught. Some of them are so brazen (like the scan everything as bananas post above) that they must believe that nobody will ever check and if they do get caught nothing bad will happen.
The staff who watch these things have a good sense of what dollar thresholds the customer must cross before getting law enforcement involved.
I've had awkward interactions with the Walmart system. It's clearly using a neural net, and a good one at that. It's only ever flagged me when I did something odd (like put something bagged and paid for in my cart, then take it out, then put it back again). I dress/groom like a thief, so the conversations with the staff are always annoying.
If you dress like your HN username indicates, then yeah, you're probably noticed by humans before you get into the store.
Ironically, some of the store security look exactly like you. They come in all shapes, sizes, grooming standards, styles, and tattoo levels. I've seen some in full-on Juggalo outfits and neck/face tattoos.
One of the AP (asset protection) guys at my local store always wore an eyepatch and a t-shirt reading "A bullet a day keeps the terrorists away". He did NOT look like a typical grocery store employee, and I'm sure that was intentional.
"Clothes make the man", as the idiom says. Clothes don't impugn your character, but they define you in the eyes of others.
Having been a long-haired holey jeans-wearing guy in my past, I was naively surprised that when I finally cut my hair and noticed that people treating me very differently in business settings. When I started to wear nicer clothes on top of that, it was night and day - the kind of reception you get in banks, anything like that. It sucks that humans are built to judge and filter on appearances, but it's just the reality. You can use it to your advantage.
Honestly, I trust these systems more than humans to do the same work. While we're all talking anecdotes, this one time at Walmart (how all good stories start) many years ago I was in the music section and these two in-store security guys approached me, saying they had told me to never come back in the store, etc., making a big scene. I so rarely go to Walmart and found the situation kind of humorous and wanted to see where it would go (knowing I had not done anything wrong now or in the past). They had seen me on video evidently and thought I was somebody else - serial shoplifter or public urinator or who knows what. Anyway, I tell them I've never been told to leave prior to this visit, didn't know what they were talking about. They were adamant that I was in the wrong, asked me to come back to the office while they looked into things. I was like, "sure!", more entertained than upset. So there I am sitting in the office while some guy combs through video footage. A guy of authority comes in, tired demeanor, asks these guys - well, did you match his ID? "No", says he. Checks ID, realizes I'm not their guy. Many stressful apologies on their behalf. But that's humans for you.
Yep, same thing with Walmart. I don't know about Target's systems, but wouldn't be surprised they're on par. Walmart is one of the biggest leaders in loss prevention and customer surveillance.
14 years ago Target had nearly full coverage with digital cameras when I worked loss prevention. I have to imagine with the reduced cost it’s become even more of a panopticon. The biggest risk was employees, and yes, they’d wait until they committed felony levels of theft to apprehend them. Petty theft was hard to prevent since you rely on building up a case. Boosters (someone who fills up a shopping cart with the most expensive items and just pushes out) as well as employees doing things like stealing iPads was a huge source of shrinkage. We had pictures up of known boosters that had hit Targets in the past.
Of course, the smart thieves would just take whatever into a bathroom, open it up, then stuff it somewhere in a coat and walk out the door. Those were really tricky, since we couldn’t “prove” it since we didn’t have full video coverage (for obvious reasons) so we’d just trespass those people. We had a lot of off duty cops because our location was particularly bad, making $30 an hour to mostly sit around and play games on their phones and look intimidating standing at the front door and walking around the store.
The self checkout at my preferred grocery store (Hy-vee, an upper midwest chain) has started using these overhead cameras to confirm that you're purchasing everything you ostensibly have in your cart. Except it always flags us for the Starbucks drinks we're carrying (Hy-vees usually have a mini Starbucks shop inside them). More annoying though is that it flags us for the 5 gallon water jug refills that we manually punch into the self-checkout kiosk, because the surveillance system isn't satisfied unless the heavy ass jugs of water leave the cart, slide across the scanner and then get placed in the bagging area – anything else is possible theft.
All this has done is train us to keep the carts out of the camera's viewing angle. It doesn't care if you keep pulling handfuls of groceries out of hammer space, as long as there's no cart in the frame.
I don’t use self checkout systems that have weighing scales that require items to be moved from the cart to the bagging area. I either avoid self checkout at these stores or stop going to such stores altogether. I shop at my neighborhood Whole Foods and Home Depot; the self checkout systems don’t have this requirement.
Sam's club has 'the arch', and one time when I did self checkout I did miss an item (thought I scanned it and I didn't apparently) and so far that's the only time they've actually checked the cart, the rest I was just waved through.
So seems pretty good. Obviously erring on the side of having an employee double check makes sense when their profit margins are generally single digits. One missed tshirt means they lost money on your $300 cart.
Well, Sam’s Club and Costco are kind of their own things since they’re members only, you sign an explicit agreement with them saying it’s fine for them to look at your cart, and if you refuse they can just revoke your membership and refuse to do further business with you. You’re under no obligation at Walmart or Target to get your receipt checked, although most people are polite and fine with it.
Personally, I always just say “no thank you!” and walk past the receipt checker at non members stores. They know me at Walmart and know I’ll refuse the receipt check and stopped bothering me.
Please explain to me which part they are automating.
A person scans the goods. A person handles keying in codes when necessary. A person tells the system the scanning is done and to accept payment. A person bags the groceries.
I guess if you’re paying cash it automates taking the money slightly more than the standard cash register does.
Mine have lower wait times because people with lots of stuff can’t fit that shit on the tiny scale-tables, and likely don’t feel like doing all that work themselves, so they go to the regular checkout line (there is usually only one, maybe two if it’s busy), plus the five or six stations share a line so it feels faster.
The difference is that where I live stores that used to have, say, 10 counters out of which maybe 6 were open on average now have 4 human counters and 20 self-checkout counters.
So for me it is in effect automating the part where I need to wait in a queue. We should surely keep some human counters for accessibility reasons, but I as a person able to scan my groceries in the 3 minutes it takes I'm perfectly happy to do just that.
By the way there are also RFID counters where you just dump your goods in a bin and it scans everything automatically. Wouldn't solve the problem with items priced by weight, but makes the rest significantly easier.
Some places have more automated steps - Uniqlo has bins where you just toss in all your clothes and it detects it via RFID tags in the price tags and rings up a total.
I scan as I walk around the shop and only pay at the self-checkout, I'll happily volunteer that 'labour' of scanning a bar code as I drop items into my bag instead of a basket in exchange for not having to hang around at checkout while someone else takes care of all that hard work for me.
Nah, I like organizing and packing my own bags to unpack into my refrigerator and pantry. And I appreciate the reprieve from small talk to the cashier or feeling the person behind me being inconvenienced by my slowness putting bags in the cart. Plus it helps me get a secondary feedback on relative costs of items in my cart. I’m all for self checkout as an awkward dude that appreciates some quiet time when shopping.
I go to wholefoods (self checkout) and trader joes (cashier) and other local branded stores with cashiers. I feel the least amount of rushed at wholefoods and the most at trader joes.
Edit - I hate the self checkout at home depot in my area where they show the facial recognition bounding boxes on the screen. Like I know that’s happening behind the scenes but home depot makes the whole experience so blatantly loss-prevention and customer profiling motivated vs a good transparent customer experience that I’ve made a point to go to smaller branded hardware stores.
I cannot count the number of times I’ve explicitly said “don’t mix the raw meats with other products in the bags” only for the cashier to completely ignore me. This happened at a high end organic grocer the other day (after I had specifically and nicely asked) and I talked to the manager. He ran and got me replacements for my produce that was tucked into the grocery bag right next to my ground beef and raw chicken breast.
Isn’t this just basic food hygiene? Surely they teach this to the cashiers.
Do you mean the “we’ll take anyone with a pulse”, “pay them as little as possible”, “they’re a cost center” cashiers? Yes I’m sure the company invests extensive time and money into training.
At my grocery store, they are using image recognition for self checkout. Bananas show up as bananas automatically, and if you select otherwise, I imagine it flags the item or purchaser. Shouldn't be long before the store figures out who is regularly overriding the image recognition for the purposes of theft.
Either way, pretty stupid to incriminate yourself without plausible deniability on high definition cameras for stealing low price items.
Good thing I always shop with my andy worhol banana tote bag.
Anyway, i am not a professional checkout machine operator. Any errors i may have made are caused by the fact that you’ve forced an untrained uninvested party to do work i don’t want to do so you can save on labour costs.
The "too bad" is most people lacking the understanding that you don't steal from a store, you steal from honest shoppers who keep the store open for you to steal from.
Stores just pass on the losses from theft into the price of everything else. You're not robbing a rounding error amount from a faceless billionaire, you're robbing a rounding error amount from the "sucker" paying full price next to you.
None of the other automating technologies like this in the past ended up causing job loss. We used to employ hundreds of people 24/7 to connect phone calls...
if a store does not want to hire capable staff to perform an essential function, they should not expect laypeople to perform that action for free (or at higher cost, as we've seen with grocery prices in the US as human cashiers are reduced) at the same level as a trained staff member.
we do not have to accept this decision to reduce staff and raise prices as a matter of course. plus, if you see somebody stealing food, no, you didn't.
If GuinasEyebrows does not want to drive an appropriately security-hardened armored vehicle, then they should not expect that I will not jimmy the lock and hotwire it. If you see me drive it away, no you didn't.
People are responsible for their own actions. If you think shoplifting is morally acceptable, don't try to tell me that I didn't see it.
With about a month of practice you could learn to pick 95% of residential locks.
So free everything because homeowners didn't bother to secure their stuff!/s
Growing up our house physically did not have a lock. Keys never left vehicle ignitions. A frequent experience was buying a farm machinery part and picking it up after hours out of the back of somebody's truck.
Living in low trust societies sucks.
I've had friends bring people over to my house who just randomly stole things. I've dated women who stole money out of my wallet or if it'd leave $10 on the table they'd just take it.
Casual theft is just gross as is the need to constantly feel like you need to defend yourself from everyone you meet, but moreso the casual attitude people have towards it.
It does, but that trust is established top down. If businesses in this country act lawlessly with impunity, why would you expect people, especially if they are suffering because of some company's greed, to be the chump who acts nobly while seeing a society that rewards theft?
That is not a normative moral defense of this behavior, just a descriptive one. Why would anyone expect a normal person to see a company receiving a tariff refund for a tariff that person paid and then view stealing from them as a continuation of the theft that the company itself engaged in by not paying them back?
There's a disconnect because all of the accused corruption are big picture things people barely understand happening with shady political influence, corporate structure to avoid taxes, defrauding investors and those kinds of things.
When do these people that glorify their stealing interact with actual low-trust-society events from corporates? Almost never. They just hear about it on the news and social media influencers sharing stories.
These are people who have no idea what being shaken down for a bribe is like, have always benefitted from strong consumer protection laws, generous refund policies, and all around honesty in most every corporate interaction and the complaints they have are minor compared to their proud theft.
How often are you short changed at the store? Lied to about the weight of something you were sold? Received an adulterated or diluted product?
> plus, if you see somebody stealing food, no, you didn't
Don't tell me, in your view the cost of shoplifting is begrudgingly covered by those evil rich people who own everything, right? It's not passed down to customers, and therefore affects those who obey rules, and especially those who are in a precarious financial situation to begin with, right?
I've heard this argument, and I just don't get it. I've never heard anyone complain about having to push their own shopping carts. No one pays you to push the cart. Should they? If you want the cart pushed, you push the cart. If you want to check out, you check out. If either one of those is a hardship for you, go elsewhere.
This was an actual thing (complaining about this) when super-markets started to take over from general stores and butcher shops et c. Having to go get your bag of sugar off the warehouse shelf yourself rather than a clerk fetching it for you is unpaid labor on the part of the shopper (and is also not automation).
Oregon recently eliminated their mandatory gas station pump attendants. It seems most people considered that a good thing. For those that prefer the premium experience of having a human cashier, it seems that for now, they're still easy to find. For establishments that regularly expect to have large orders with dozens of items, they'll probably continue. It seems there's less to gain for large complicated orders.
Or perhaps it will go the way of smoking in restaurants. Some people definitely preferred it, but in the US anyway, it's pretty hard to find, if it's even legal anywhere.
Two thousand years ago, most authors didn't know how to read or write. The erudite author would dictate their words verbally to a scribe, who had learned these specialized skills. Then other scribes and copyists could copy out the manuscript. When Gutenberg made the printing press, more specialized skills emerged: that of typesetting and publishing and printing and all that.
These separations endured well into the 1960s, as secretaries were trained women who could type and take dictation, and their bosses would generally shout into their ears and/or a tape recording device to get their work done. "Diane, take a letter!" was a common trope in the office of yesterday.
When home computing, personal word-processing, and desktop publishing came on the scene, suddenly we had to learn how to type. Suddenly every high school student who needed to write a paper, we all needed to know how to type in order to produce research papers. This was unprecedented. Then with word processing and WYSIWYG, we needed to know fonts, and bold/underline/italic conventions, and this was also unprecdented, because previously this was done for us, behind the scenes, by professionals.
Ultimately all that page layout, and design and visual aesthetics, even finding clipart and adding it appropriately and tastefully, all of that skilled knowledge and labor fell upon the shoulders of the one who was writing a newsletter for a non-profit, or writing technical documentation, or designing an album/CD cover or something.
Eventually those specializations and skills became so democratized that everyone knew them but we all knew them badly. We could do a half-assed job of desktop publishing, whereas a Gutenberg publication in the 18th century could have been a true work of art that was replicated many times.
Now even the em-dash is vilified as a signifier of low-skill slop, when some of us actually took the time to read manuals of style and understand when/how to properly use hyphens, en-dash, and em-dash. But never mind that; elegant grammar and perfect spelling are now the hallmarks of a shitty LLM prompt and HN commenters can just tear down any article by falsely claiming it was AI-written, and you can sic your fake "AI-writing detectors" on anything and 99% tear it down because of your stupid faulty em-dash hueristics.
I’m not sure whether this is a bit of a joke about the broader thrust of my post, but I actually do think tons of the “automation” computers have given us is fake, for many of the reasons you suggest. I think it’s part of why the benefits of all this alleged automation have been more muted than one might expect (though not trivial, to be clear) and that it’s imposed costs in a bunch of ways that aren’t tracked on a P&L sheet but do make life less pleasant.
If people are needing to steal food to survive we need to radically work on changing society so that doesn't happen, not just then a blind eye and ignore it.
But no, most people in the US aren't stealing from grocery stores to feed their kids, they're stealing from stores to resell on black markets.
IANAL and this depends on the jurisdiction, but in many places, the penalties for shenanigans like these are far steeper than for outright theft, as it's considered to be financial fraud.
Some retail chains, of which Dollar General is the poster child, have one price displayed on the shelf and a different, much higher price at the checkout register.
Links:
> Missouri Attorney General Andrew Bailey has filed suit against Dollar General, claiming deceptive and unfair pricing at its more than 600 retail stores throughout the state. The lawsuit alleges that Dollar General violated Missouri’s consumer protection laws by advertising one price at the shelf and charging a higher price at the register upon checkout.
> The joint investigation revealed that “92 of the 147 locations where investigations were conducted failed inspection. Price discrepancies ranged up to as much as $6.50 per item, with an average overcharge of $2.71 for the over 5,000 items price-checked by investigators.”
> All told, 69 of the 300 items came up higher at the register: a 23% error rate that exceeded the state’s limit by more than tenfold. Some of the price tags were months out of date.
> The January 2023 inspection produced the store’s fourth consecutive failure, and Coffield’s agency, the state department of agriculture & consumer services, had fined Family Dollar after two previous visits. But North Carolina law caps penalties at $5,000 per inspection, offering retailers little incentive to fix the problem. “Sometimes it is cheaper to pay the fines,” said Chad Parker, who runs the agency’s weights-and-measures program.
In Norway, if you notice that the price at checkout is higher than what it said on the shelf, you can in most cases demand to pay the shelf price and the store has to honour it unless it is an obvious error such as some expensive electronics being tagged as costing an impossibly low amount.
It goes without saying however, that the customer himself is of course not allowed to alter the price on the shelf (like the Flipper Zero program in the featured link facilitates) and then pay the altered amount :P
>> [...] the state department of agriculture & consumer services, had fined Family Dollar after two previous visits. But North Carolina law caps penalties at $5,000 per inspection, offering retailers little incentive [...]
So - if the state didn't have any blabbermouths on staff, and spent some time training, how many "inspections" could they speedrun in an hour?
It sucks that we have to do extra labor and expose ourselves to this kind of legal risk all because a grocery store doesn't want to staff workers. It's not even like they pass these savings onto us...
That's true, grocery stores made record profits during covid.
I've sometimes toyed with the idea of an "open sourced" grocery store that's extremely transparent about every detail. Think electronic price tags that give you a complete breakdown of the cost of an item, cost of labor, cost to account for "loss", over/under-supply, etc.
I feel like there's a niche out there for hyperinformed consumers
That is actually quite nice. I’ve been toying with the idea of mandating this 10% maximum margin for products and services on every for-profit company.
Trouble is, how do you prevent them making stacks of companies compounding the 10% profits. And is 10% sufficient to build up a buffer for when hard times hit?
This thinking has been triggered by fuel producers and sellers making sky rocket profits because of the increased oil prices. The same as the overheated graphics cards.
You hit on what, in my opinion, is the actual core issue with this type of thinking -- it doesn't compose.
To make a poor analogy to physics: if you measure something which changes when you change unit/frame of reference -- it's not a well-defined thing.
The best policies have the same effect regardless of the legal structure (within the policy) superimposed on the actual action.
Medium policies can be optimized/gamed (perspective) -- but are designed to be adversarial, in that the gamed outcome is at least OK but potentially in fact the desired one (for example -- if you tax land, then not paying the tax means not using up land, which may be a desired policy goal).
These can cause issues, though -- common law is an adversarial system, and "justice" can usually be translated to "access to lawyers," imo.
The connection with the above is that while the solution used is probably not universal -- sometimes, the optimal solution is, so the adversarial policy is just an approximation of "good policy".
Bad policies not only don't compose -- but then bureaucrats go on and insert discretion to try to make them compose. On the surface, this often looks like common sense -- but the result is insiders can keep doing the Bad Thing, but you can't do anything which isn't the Way Things Are Done -- because you need approval, and it Looks Bad.
Yeah food co-ops are awesome but they don't expose that kind of information to the casual shopper. Even most members. Even if you're very actively involved you'd have to strap together multiple spreadsheets and receipts to come up with something like I'm describing
I guess I'm thinking of something like dynamic pricing, except instead of it being used to manipulate consumers into paying the most they can possibly pay, it's used to give you really transparent, real-time information about what goes into that final pricetag
I think with this openness the problem is there’s so many fluctuations and estimates that average consumer would think you’re being dishonest even if you weren’t. They’d see that you acquired an item for $20 and could never quite understand why they have to pay you $50. They’d see the plethora of line item costs as nickel and diming even if many are absolute hard costs. They’d see the estimated numbers as inflated.
There are coop grocery stores where members get to see the financials at a high level and make price changes that make the market sustainable. This is usually some form of shared ownership but I think this is a better way to achieve similar goals.
Yeah I was imagining this would be more of a co-op situation so the rift between "consumer" and "manager" is lessened. Maybe I just want a more nuanced version of the co-op model or a technologically-enabled model that allows a more intelligent exposure of the subcosts
The reason I used the word "open sourced" is because I think a good goal to shoot for would be to allow anyone else to learn and copy the structure/data/model. It'd be more of an experiment than anything else. Like a "let's teach everyone how a grocery store actually works" thing. Maybe even a non-profit
I saw a video where someone took banana bar code stickers wrapped around a bunch of bananas and put them on the TVs in their shopping cart and then checked out via self checkout.
I predict that self checkout will only remain in the more trustworthy areas…
That video was staged, at Target electronics need to be paid for in the electronics department where there is no self-check out. In addition Target has the best Loss Prevention in the business, including let shoplifters continue until they accumulate enough goods that their crime is a felony.
Yeah Target is notorious for its surveillance technology.
Before the rightwing boycotted Target for it's lgbtq+ merch and before the liberals boycotted Target for its rollback of DEI initiatives, many of us had been boyoctting Target for decades because its advancement of surveillance technology and cooperation with companies like Palantir
> Yeah Target is notorious for its surveillance technology.
Can confirm - my wife called in a complaint about some graffiti / vandalism or something that was obscene in a target, and when she got a call back from a rep they were able to pinpoint everywhere she went in the store to determine which sign she was talking about...
Every self checkout around here has an employee staffing ~6 terminals. They're supposed to be watching for things like that. Usually theyre just staring vacantly into space, which I get, that job pays nothing and provides 0 mental stimulation.
When you see a TV being purchased, though, it wouldn't be hard to just watch that it in fact got checked in as such.
That's far from my experience. Usually they're overworked with a backlog of customers having some kind of issue needing attention. It usually takes a few minutes to flag one down when I need them to take a coupon or check and ID, because they're already busy doing something for another customer.
Same experience here. The one "monitor" employee is busy nearly full time helping out with some issue some customer is having, such that they simply can't be monitoring that everyone's items are ringing up as the actual item instead of "bananas".
But every terminal also has a spycam hanging above it to either "give the appearance" of a big-brother overlord watching to encourage honesty, or is recording everything so that someone can review footage later if some issue is discovered.
Depending on the store those cameras are definitely processing the feed locally to flag shady stuff. I've had a few times I've done something "odd" (not stealing anything but definitely not the normal flow of scan a single item and put in a bag) and have had those systems freak out on me, and the only part of it being weird it would have known was the camera feed.
At least here, there are randomly triggered checks by shop staff where they have to manually rescan anything before they let you leave. And possibly, those checks are more easily triggered if you do certain very strange things like buying nothing but many separate instances of "bananas' with widely varying weights. Wouldn't be too hard to program a set of rules for the most obvious red flags.
And of course, the area is wide open and well covered by cameras, and usually self-checkout means paying by card or google pay or something, which will tie your identity to the purchase.
There is a grocery store about 2 miles from my house that will freak out if you look at it funny. I gave up one day, the helper person came back for the 3rd or 4th time to unstuck the "self"-checkout in my ~20 item shop. I told them they can just cancel the transaction and walked out. I now go to the grocery store 8 miles away, that always has at least 1 human cashier open in addition to their self-checkout lanes. I rarely use the self-checkout because they are the ones that are only useful for a handful of items, but I've never had it give me a problem.
The walmart near me apparently doesn't even use the scale at all, I had a full cart once and asked the attendant what to do, and they said just put the bag back in the cart.
The grocery store down the street though is exactly like this, gotta stack everything up on the scale to make it happy.
Agreed, but there's nobody looking if you're putting the items in the bagging area or not. You could simply leave an item last, pay, put it in the bag, and go. They do have (prominent) cameras over the tills I've seen, though, not sure if that's just "we see you" or if they're doing some item recognition with that.
That is something you can do in cahoots with a regular cashier and the reason places like Costco check your receipt. The cashier just has to fake scan an item, and nobody would notice. Receipt checking makes it possible to get caught.
There's a tiktok literally floating around right now where somebody sticks a banana band on a cyberpower PC at Walmart and checks out at the self-checkout.
Then the receipt checker at the door checks his receipt and waves him on through.
trust goes both ways. you can be cynical about people who take things without paying, i guess. i prefer to be cynical about the corporations who run and stock these grocery stores with substandard products at artificially inflated prices that benefit shareholders and disadvantage people who need to eat food to live.
Think about blaming the grocery store replacing workers with no one in particular before you blame some college pranksters.
Grocery stores in general consolidating, laying off workers, leaving them without pay/benefits, taking advantage of greedflation, etc., is a bigger drain on society.
I mean, it isn’t really a prank, it is just small scale stealing. It’s fine to not care about that sort of thing, or think it is morally defensible for people who can’t afford food to steal it. But there’s no punchline to make it a prank.
Is it possible that grocery stores are reducing positions to save money? Is it not possible that it is a feedback loop? Why are we blaming the grocery store for replacing labor with machines? Why don't we decry the grocery that hires only 2 people instead of 3?
It's entirely possible that both can be wrong. Shoplifting is bad, but "big corporations pocketing the saved money after understaffing and passing their labor off to the customer" is also bad. We should decry the grocery that hires 2 people instead of 3 just to profit more.
Shadowy? Kroger's and Albertsons weren't allowed to merge due to anticompetitive practices, price hikes, etc. This was only a couple years ago & is out in the open. You can point all your fingers and toes at the boards of these companies if you need to.
All grocery stores are introducing self-checkout as a way to reduce staffing. It's not a shadowy conspiracy, it's a legitimate fact. Many customers would much rather check out with a person.
> Many customers would much rather check out with a person.
I'm like 50/50 on that. If I've got a lot of stuff it's nice having the space of a full lane for bagging along with another set of hands helping (even more if they still have dedicated baggers!). But if I'm just getting a handful of items a self checkout is faster than waiting in a queue for a full service lane. But if there's a long queue for the self checkout then forget it. If I have to wait I'll wait for service.
I still just prefer the scan and go stuff the most though. Scan with my phone as I shop, check out with a confirmation on the phone, roll on through to the car. I wish all my shopping was that smooth.
Careful, the law is lenient if you steal from other normal people, but as soon as you steal from the wealthy, try to fraud them, you will see all sort of laws to make sure you are an example to others so they never think about doing the same, but a normal person? Oh well, you should have paid for insurance, or suck it up.
On the other hand, the wealthy can lobby, inflate the prices overnight just because, while also reducing the good weight aka double increase, and you can’t say anything because it’s legal!! It’s a one way “justice” system.
This was I think effective early on but now there are many systems to detect this "fraud". I say "fraud" because I honestly have zero sympathy for these companies who are doing anything but paying people a living wage to do a job and that goes for Walmart in particular.
I've had opportunity to hear many stories from people who have had largely unintended encounters with law enforcement. Many of these are for "shoplifting". That can be something as simple as forgetting something on the bottom of the cart. Walmart are super aggressive about this and rather than saying "sir, did you forget that thing or not want it anymore?" they prosecute.
Walmart is one of those publicly subsidized companies in the country. They don't pay employees enough so the government gives them food stamps. Those food stamps are largely spent at Walmart so Walmart is profiting on both ends. And then they displace checkout workers with self-checkout and pay for fraud detection systems and when people either intentionally or unintentionally didn't scan something correctly (or at all), they offload the costs of loss prevention onto the state by prosecuting. Walmart doesn't pay for that prosecution. TAxpayers do.
Walmart is a trillion dollar company. The stock has almost 3x'ed in less than 4 years. How long did it take to 3x to that level? About 23 years.
Usually the advertised price must be honored, because it may have brought the customer to your store.
For prices displayed on the shelf-label inside the store the law is usually not that strict (YMMV), as a shop-owner can refuse sale on check-out (otherwise I could put a pricetag on e.g. a shopping-basket and the shop-owner would be legally required to sell me the basket...).
Besides, most shops I've seen (in Europe) already moved from Infrared communication to RF (NFC or proprietary), for centralized shelf-label management without handheld devices. So all this study (and the underlying reverse engineering of the IR-protocol) might do is probably accelerate the transition from IR to RF-based ESL...
> Usually the advertised price must be honored, because it may have brought the customer to your store.
This is not the case for groceries in Massachusetts at least. If there’s a discrepancy between the tag’s price and the scanned price the store must charge the customer the lowest of the two: https://www.mass.gov/price-accuracy-information
(i) ...if there is a discrepancy between the advertised price, the sticker price, the scanner price or the display price and the checkout price on any grocery item, a food store or a food department shall charge a consumer the lowest price. If the checkout price or scanner price is not the lowest price or does not reflect any qualifying discount, the seller: (i) shall not charge the consumer for 1 unit of the grocery item, if the lowest price is $10 or less; (ii) shall charge the consumer the lowest price less $10 for 1 unit of the grocery item, if the lowest price is more than $10; and (iii) shall charge the consumer the lowest price for any additional units of the grocery item. For the purposes of this subsection and unless the deputy director determines otherwise, individual items that differ only by color, flavor or scent shall be counted as the same item if they are identical in all other aspects, including price, brand, and may only vary in random weight. This subsection shall not apply if: (1) there is evidence of willful tampering; or (2) the discrepancy is a gross error, in that the lowest price is less than half of the checkout price and the seller, in the previous 30 days, did not intend to sell the grocery item at the lowest price.
I dunno, having worked in retail I think it is just not that hard to steal in general (I wasn’t going to get killed over some bananas). Most people are honest most of the time.
The law probably doesn’t apply to fraud, but then the cashier only notices the really obvious cases.
They are talking about the price on the shelf vs the price at the register. The price tag on the shelf has information identifying the product. The price at the register is obviously associated to the bar code on the product. So there's no way for a consumer to swap price tags from one product to another.
Source - worked at a grocery store in Massachusetts as a teen
I recently learned that in some cases fines of mispriced goods were very low, leading to companies repeatedly failing tests - and over/undercharging their customers.
That seems shocking to me, but I guess I live in a country where the prices on the shelves are "final" (with no need to add taxes) and I think it would be immediately obvious if I'd been charged the wrong price for goods.
Very much depends where. In QC, if it rings higher than tagged in the store you get the first one for free and the next ones at the lower price. They take it VERY seriously as a result and will take the tag down while they make a new one to ensure nobody else gets a freebie.
Stores hate giving the product away and pricing errors are much lower in my experience.
It definitely varies by jurisdiction, but the register price always loses to any printed price in the US states I’ve lived in. This is a protection since retailers have used pricing mistakes to unfairly profit. Watch your receipt like a hawk at the dollar store[0]
To me this is about having protocols that are suitable so not anybody can write to these labels without knowing a store secret or using replay attacks.
it's mostly about efficiency. IR based, an employee needs to physically walk around. RF based, place a transmitter or two in the building and the system now works fully automated.
The RF system doesn't use the same protocol, it's a new protocol (to potentially hack and reverse-engineer).
The early shelf-label systems were IR-based, sold in bulk and were programmed manually using handheld devices held against them.
Most shelf-label solutions of today are part of a service-model, where gateways are mounted in the store to wirelessly update any label on price-change, often orchestrated remotely so store-chains can update all shops simultaneously.
That law probably wouldn't apply if someone brought their own label printer into the store and put their own price tags on to the merchandise, which is essentially what this is.
Probably mostly dangerous for the user, or are people routinely writing their own price signs in the store and then "buying" it for less? Walking up to the lot at the car store and crossing out some zeros? Don't see how this would be any different.
Back in the day people used to swap/edit price tags a lot. Also making fake coupons with the same knowledge. It was a pretty common and easy form of shoplifting since all barcodes used to do was just encode the pricing/discount information.
This is a big reason why retail product barcode stickers (not barcodes printed directly on a package as it comes from the manufacturer) are now commonly printed on frangible stock with built in slices in it which breaks apart in 3, 4 or more pieces if you try to peel it off.
Look into openepaperlink. It’s an open source project that integrates with home assistant, and lets you control multiple tags over WiFi with just one device. you can create custom display setups in yaml to show anything you want.
my favorite that I have set up is a tag in my bathroom that shows me today’s weather and chance of rain when im brushing my teeth - I haven’t been caught by surprise in the rain since :)
I wonder if since IR is invisible you could theoretically, in an intellectual exercise, blast IR light in a room and mass change them surreptitiously if that was your goal.
> Can I change the display of all ESLs in a store at once ?
No. For two reasons:
Unlike radio waves, optical communication must be line-of-sight. Even from wall and ceiling reflections, an unique transmitter has no chance of reaching all of the hundreds or thousands of ESLs in a store.
Each ESL has an unique address which must be specified in update commands. There's no known way to broadcast display updates.
It's always funny when people publish source code and have a disclaimer saying "You CANNOT use it for bad!". When is the last time a criminal read such a disclaimer and thought "Oh right, guess this isn't for me"?
Sure, at least the developer can say they did say so, but it doesn't matter. To me it seems more like avoiding responsibility. You published the tool, and by doing so you changed the world, even minutely, and in ways you cannot predict.
As hackers we bear the responsibility of tools we publish. Even if you believe knowledge is the most important and that everything _should_ be published, we should at least be well aware of the consequences. Great power, great responsibility.
I think it’s trying to demonstrate intent. “This is cool and hacking is fun” vs “Here is a tool to do bad things”. I don’t think it would much protect you from consequences, but it can change perception of the intent of the project.
Hardware stores sell chainsaws. There might be a disclaimer about proper usage or safety guidelines or some such, but you're right... someone who intends to use something to commit a crime, will do so regardless of the text asking them not to.
Who do you think feels the effect of fraud/theft at retail stores? The "rich" owners feel a little of it, sure, but they have a proven strategy for keeping their profits up by reducing costs: fire employees and make those who remain do more work for the same pay. So you think this is "not actually a bad thing" because you're screwing over <insert big company here> but really you're just screwing over the workers.
Presumably they want nobody to ever publish or even explore "bad" things.
Because as we all know, if something "bad" is possible, but no one has published a GitHub about it, no one will ever be able to do the bad thing! Society is saved at last!
I'm sorry, but I'm so sick of seeing "omg hacker man" mystique surrounding flipper, which is exactly what they want because it drives sales. Ofc you can muck about with open and unsecured stuff...like duh.
But it annoys me to no end when I have reasonably intelligent friends parrot claims like "flipper can clone the nfc in your credit card and you can steal people's money wow much hack!"
kind of a circular argument though? the reasonable definition of "unsecured" is "stuff you can't muck about with". That might change over time as attacks/exploits are developed though.
I still don't think I've seen an actually useful application for a Flipper Zero. It's all just "use this to change store price tags" or "here's how to disconnect all bluetooth devices", but also "don't actually use this, because it would be illegal, this is just for educational purposes"
Beside of how the media often tries to present it, the value of Flipper Zero is not for everyone to "become a hacker with this simple app".
Its value is to provide a standardized hardware platform for (white hat) hackers for probing, prototyping, refining and sharing of security research in the fields its hardware supports (Sub-GHz RF, NFC, IR, and custom external boards via simple Input/Output pins).
Prior to that, everyone who wanted to research e.g. RF security had to either build/assemble something custom or buy much more expensive equipment. This created a barrier to collaborate on research, as everyone had to buy/build the same setup.
On top of that, Person A researching some RF topic selected an RF-transceiver from Company X, Person B used a component and a proprietary SDK of Company Y, so consolidating both work streams for a better foundation for all RF-related research required alot of time and effort from someone, breaking workflows of at least one group of researchers, etc.
In contrast, security research which utilizes Flipper Zero can be reproduced and built upon by everyone. All the work is harmonized on the same Hardware architecture, so it's easy for someone familiar with the platform to dive straight into a new idea without having to build a new breadboard, select a chipset, buy additional probing equipment etc.
There is much better hardware available to security researchers (chameleons, hackrf, and actually research-grade (much more expensive) equipment).
The flipper is basically an Arduino pre built with a bunch of static antennas. It's fine and in a decent form factor, but I really haven't found it useful.
Do you have any links to actual research (not children playing "researcher") done with flipper hardware?
Flipper zero themselves try to present the flipper zero as a device that "hacks things with a button press".
And they love the free advertising they get along the same lines by youtubers desperate for clicks.
Ultimately it just sells more devices. The flipper zero can't "hack" anything. It can only be used as a tool to perform hacking, by a skilled individual who is doing all the work/discovering an exploit.
I'm tired of the "security research" angle when it's all just kids playing with ESP32 deauther attacks presented to them on a silver platter.
I should not have to put up with children going "JUST SECURE YOUR NETWORKS BRO" because they spent $30 on some eBay "maurauder" dongle to be a pissant.
It's probably good to have kids with no big plans messing with your security now and then. Keeps you on your toes, and you can't really pass it off as an act of god if a teenager pwns you.
And a minority of those kids will get curious about the How and Why. Those are the security nerds of the future securing the networks against both the kids they were themselves and actual malicious actors.
Source: Early interest in wifi security, including in other people's networks, lead me down an education and career in security
I sure wish I was wealthy and had a fistful of RSUs. You wanna send me some? I make 5% over my area's 80% median income and I can't even get housing because I "make too much money" despite being $3000 too rich.
I'm pretty tired of being the network guy in the field playing remote hands having to be on the front lines of all of this bullshit having to explain to decision makers that a bunch of shitty kids are running around and there's no real solution that we can just "fix" this with.
I'm tired. If they're not deauthing our networks they're breaking into rooms with the goddamn card copying and fuzzing functionality and stealing shit.
I apologize. My response was a flippant attempt at humor and I didn't mean to personalize that at you. I have had those days where I had to clean up the mess left behind by a merry prankster. They aren't fun days.
Sometimes the deviant act will get a nod of appreciation from me, but not if an AI did all the heavy lifting. I keep a labor-of-love website up and am increasingly swatting away scrapers in an attempt not to get slammed with a bankruptcy-tier cloud bill.
I use mine for all sorts. I volunteer at a second-hand shop so use it to set up remotes for donated media devices, I've used it to run scripts to apply the same changes to many computers that aren't on a group policy via BadUSB, I've used it for toys-to-life games, and very much more. There are plenty of genuine uses if you're cluey.
This one provides the source and asks you to build it yourself so at least it has some credibility for the "education use only" claim.
I've seen similar things posted on here before that had a binary build only and zero technical documentation. It was really hard to see any kind of research or education value in those.
This right here would be useful once these price tag things start being thrown away. Times change and systems get updated and if you keep your eye out you’ll likely be able to get a handful cheap.
It’s been very useful to me in so many ways, from fob management, to one IR, to rf scanner and other stuff, it’s useful if it fits your needs, just like anything else out there.
I worked in retail many years, including doing store shelf tear downs and replacement and night shift stocking.
Back in the day we would get our planograms from HQ, then we’d print out all the labels on perforated paper, and walk the shelves moving product and updating the price tags, throwing out the old. The epaper tags are very clearly an improvement to that process in both time and waste. We would also check the prices using a Motorola price gun and do our fixes manually and then print out new tags or update the counts.
I’m surprised these tags are just IR blasted with no security. I would have expected they’d need some sort of code and you would simply save the code on your gun, pop a tag in front of a product, scan the product, then pair the tag all on your price gun in like 3 actions.
I also would have thought in these days we’d use Bluetooth beacons to triangulate the shelf slot too so that HQ could have a realtime map against their planos (it was not uncommon a product’s size would change and the layout would have holes or products that don’t fit on your real shelf).
Anyways, neat project! Triggered a walk down memory lane for me.
Previously, a criminal could just print their own shelf tags. They'd probably do this somewhere other than in the store to get the details right, but it was doable. (We've all seen probably rolls of blank shelf tags sitting around at the store, and thermal printers are inexpensive. So what if it's two crimes instead of one?)
And then, in the store, they could just switch out the shelf tag(s) and try to play their little scam.
Now with this new development, a criminal still needs to get the details right. Like a blank paper tag, the little screen is also a blank slate. It's just eraseable and rewritable in-situ.
The scam is the same. It's just shaped differently.
---
I do understand why the tags are simple to write. Maintaining some kind of revolving, PKI, or multi-factor auth would be harder than doing nothing, and probably slow. Fixed, basic auth would just get leaked (probably first by Home Assistant tinkerers who find some discarded electronic shelf tags somewhere and want a new display for their house).
One-way jnfrared is cheap and low-power compared to anything with RF. And resets would be a pain in the ass if things were forever associated with a certain product, or a certain place in the store.
The way it's implemented now, on reset (yay new planogram!): All the tags get pulled and put in a pile.
And then: One by one, they're removed from that pile, put on a shelf, and programmed.
That's fast and flexible, and therefore inexpensive. Inexpensive is good. If there's one thing that all retail establishments hate most, it is their labor expense.
It does fail to prevent obvious-scam from happening. But it'd probably cost more to do it "right" than to eat the losses when the scam actually works.
Transacting was your way of leaving a calling card for the investigators/analysts to find you... You stole regardless of how you did it.
Back when I was a kid it was common to still just have simple price tag stickers on every single item. We’d pull off a cheap sticker and put it on an expensive item. If they noticed, we’d just shrug and say “oh Nevermind then” when they found the right price.
The only problem was most cashiers actually knew all the prices of stuff and paid attention, believe it or not they even knew how to make change back in those days /s. So you couldn’t always get super aggressive.
So scan everything, then put it in the cart and walk off without putting in the credit card. Again, both are stealing but paying some fake, reduced rate is leaving your calling card at the scene of a crime.
I actually saw someone do this a couple weeks ago.
Yup. I was in a local super market and saw Tomahawk steaks priced at $4-6 each. It had to be a mistake but I figured I would give it shot and see if they noticed. Cashier looked at the price, did a confused double take and immediately called over the manager. Turns out the decimal point was off by one so my $4.50 tomahawk was really $45. I bought it anyway and it came out great in the oven.
Over here in Poland we have a law that the store must sell you the good for the price it advertised, so in that case they'd be forced to accept $4.50 because of their mistake. May sound too biased in favor of the customer, but before that, the "errors" in price tags were more common.
Depending on the value, the police probably aren't going to show up at your address, but use that card again at the store in the future and you might find the security guard coming over. Or, like many stores, they wait for you to do it repeatedly until it adds up to enough for a felony instead of just a misdemeanor, and then they bring felony charges...
The stores have cameras. Likely someone is well aware those weren't all bananas, and has it on video.
Play stupid games, win stupid prizes.
> wait for you to do it repeatedly until it adds up to enough for a felony instead of just a misdemeanor
Isn't there a concept in the legal system where you have to mitigate damages even if you're the victim? I can't think of the example off the top of my head that Steve Lehto (consumer lawyer on YouTube gave).
I'm guessing people who steal from the stores aren't able to afford a decent lawyer, but I imagine a decent lawyer would ask the Target witness(es), why didn't you stop him after the first theft? Why did you keep letting him steal?
Enforcement goes to the police. Stores can't apprehend thieves. There is a lot of training for store employees to not try to engage the thieves because some can behave erratically and dangerously when they feel like they're caught.
You can tell someone they need to stop and pay for merchandise, but if they choose to keep walking there's nothing the store staff can do but document and report it.
The reason stores wait until it reaches felony level to report it is because police are too busy to try to pursue every small case that happens everywhere. There are fewer crimes that rise to the level of a felony, so they have to focus their efforts on the smaller number of more serious crimes instead of taking every report FIFO style
The stores can also make a police report after the first theft, but the stores are choosing not to.
The stores are choosing not to mitigate their damages, something that the courts frown upon in my limited knowledge.
I understand that might be a civil aspect (mitigation) versus a criminal aspect, but perhaps someone who has been to law school and studied the law, might be able shed some light.
Pre-paid gift cards would fall into the part where almost always doesn't cover. There's a reason scammers love gift cards
Supermarkets actually factor breakage, theft, and spoilage into their books as "shrink", which averages between 2-3% of sales. There's no detective building a case, biding their time to bring down the banana bandit.
Although, modern self-checkouts have cameras on the scanner with ML-powered item detection, and they will alert the attendant if you incorrectly scan something that's sold by weight. (I've done this before on accident, fat-fingering the wrong PLU.)
I once got stopped at self checkout because I put two vegetables (peppers, IIRC) of different types in the same bag and weighed them together.
They were the same price so it's not like I was trying to pull a fast one one anyone, but "the system" noticed and flagged me for someone to come over.
This was pre-pandemic, and I'm sure they're not less capable now than before.
It was a difference of like $5 at most on a $400 bill. I suppose 1.25% is enough to pay someone in another country to monitor everything.
(Not a lawyer, I'd imagine you know better here than I do)
What happens is that your identity is tied to these purchases and after a certain threshold you get flagged as a thief, essentially. At that point, you will get very increased attention (via checkout, purchases, and floor walkers), and after another threshold, will be trespassed and/or prosecuted.
But, you'll probably get away with a banana or few before you trigger the loss prevention threshold.
I'm not sure it's the super system it's sold as.
I hate self checkout.
At my grocery store, it very often complains about something when I'm checking out. The person comes over, reviews the video and said you aren't doing anything wrong.
The answer is don't go to places where you self-checkout, and don't go to places with surveillance. There are still a couple of grocery stores in my town like that.
When I watched movies and TV shows I had this idea that thieves were all clever people who built smart systems to evade detection and steal right out from under big corporations. Some of those people might be out there operating undetected, but the average thief who gets caught is someone trying to abuse something as much as they can until they get caught. Some of them are so brazen (like the scan everything as bananas post above) that they must believe that nobody will ever check and if they do get caught nothing bad will happen.
The staff who watch these things have a good sense of what dollar thresholds the customer must cross before getting law enforcement involved.
Ironically, some of the store security look exactly like you. They come in all shapes, sizes, grooming standards, styles, and tattoo levels. I've seen some in full-on Juggalo outfits and neck/face tattoos.
Having been a long-haired holey jeans-wearing guy in my past, I was naively surprised that when I finally cut my hair and noticed that people treating me very differently in business settings. When I started to wear nicer clothes on top of that, it was night and day - the kind of reception you get in banks, anything like that. It sucks that humans are built to judge and filter on appearances, but it's just the reality. You can use it to your advantage.
Of course, the smart thieves would just take whatever into a bathroom, open it up, then stuff it somewhere in a coat and walk out the door. Those were really tricky, since we couldn’t “prove” it since we didn’t have full video coverage (for obvious reasons) so we’d just trespass those people. We had a lot of off duty cops because our location was particularly bad, making $30 an hour to mostly sit around and play games on their phones and look intimidating standing at the front door and walking around the store.
All this has done is train us to keep the carts out of the camera's viewing angle. It doesn't care if you keep pulling handfuls of groceries out of hammer space, as long as there's no cart in the frame.
So seems pretty good. Obviously erring on the side of having an employee double check makes sense when their profit margins are generally single digits. One missed tshirt means they lost money on your $300 cart.
Personally, I always just say “no thank you!” and walk past the receipt checker at non members stores. They know me at Walmart and know I’ll refuse the receipt check and stopped bothering me.
I hope they’re losing money over it.
A person scans the goods. A person handles keying in codes when necessary. A person tells the system the scanning is done and to accept payment. A person bags the groceries.
I guess if you’re paying cash it automates taking the money slightly more than the standard cash register does.
Mine have lower wait times because people with lots of stuff can’t fit that shit on the tiny scale-tables, and likely don’t feel like doing all that work themselves, so they go to the regular checkout line (there is usually only one, maybe two if it’s busy), plus the five or six stations share a line so it feels faster.
So for me it is in effect automating the part where I need to wait in a queue. We should surely keep some human counters for accessibility reasons, but I as a person able to scan my groceries in the 3 minutes it takes I'm perfectly happy to do just that.
By the way there are also RFID counters where you just dump your goods in a bin and it scans everything automatically. Wouldn't solve the problem with items priced by weight, but makes the rest significantly easier.
Look what happened recently in new york. $30/hour to shovel snow got them a lineup out the door of people wanting to work.
Those companies made the choice to prioritize profit margins above staffing.
I go to wholefoods (self checkout) and trader joes (cashier) and other local branded stores with cashiers. I feel the least amount of rushed at wholefoods and the most at trader joes.
Edit - I hate the self checkout at home depot in my area where they show the facial recognition bounding boxes on the screen. Like I know that’s happening behind the scenes but home depot makes the whole experience so blatantly loss-prevention and customer profiling motivated vs a good transparent customer experience that I’ve made a point to go to smaller branded hardware stores.
Isn’t this just basic food hygiene? Surely they teach this to the cashiers.
Do you mean the “we’ll take anyone with a pulse”, “pay them as little as possible”, “they’re a cost center” cashiers? Yes I’m sure the company invests extensive time and money into training.
Either way, pretty stupid to incriminate yourself without plausible deniability on high definition cameras for stealing low price items.
Anyway, i am not a professional checkout machine operator. Any errors i may have made are caused by the fact that you’ve forced an untrained uninvested party to do work i don’t want to do so you can save on labour costs.
Stores just pass on the losses from theft into the price of everything else. You're not robbing a rounding error amount from a faceless billionaire, you're robbing a rounding error amount from the "sucker" paying full price next to you.
we do not have to accept this decision to reduce staff and raise prices as a matter of course. plus, if you see somebody stealing food, no, you didn't.
People are responsible for their own actions. If you think shoplifting is morally acceptable, don't try to tell me that I didn't see it.
So free everything because homeowners didn't bother to secure their stuff!/s
Growing up our house physically did not have a lock. Keys never left vehicle ignitions. A frequent experience was buying a farm machinery part and picking it up after hours out of the back of somebody's truck.
Living in low trust societies sucks.
I've had friends bring people over to my house who just randomly stole things. I've dated women who stole money out of my wallet or if it'd leave $10 on the table they'd just take it.
Casual theft is just gross as is the need to constantly feel like you need to defend yourself from everyone you meet, but moreso the casual attitude people have towards it.
It does, but that trust is established top down. If businesses in this country act lawlessly with impunity, why would you expect people, especially if they are suffering because of some company's greed, to be the chump who acts nobly while seeing a society that rewards theft?
That is not a normative moral defense of this behavior, just a descriptive one. Why would anyone expect a normal person to see a company receiving a tariff refund for a tariff that person paid and then view stealing from them as a continuation of the theft that the company itself engaged in by not paying them back?
When do these people that glorify their stealing interact with actual low-trust-society events from corporates? Almost never. They just hear about it on the news and social media influencers sharing stories.
These are people who have no idea what being shaken down for a bribe is like, have always benefitted from strong consumer protection laws, generous refund policies, and all around honesty in most every corporate interaction and the complaints they have are minor compared to their proud theft.
How often are you short changed at the store? Lied to about the weight of something you were sold? Received an adulterated or diluted product?
Don't tell me, in your view the cost of shoplifting is begrudgingly covered by those evil rich people who own everything, right? It's not passed down to customers, and therefore affects those who obey rules, and especially those who are in a precarious financial situation to begin with, right?
That makes it okay?
"It is not considered wrong"
By WHOM? I go out of my way to avoid self-checkout when I can, because I consider it 'wrong.'
Or perhaps it will go the way of smoking in restaurants. Some people definitely preferred it, but in the US anyway, it's pretty hard to find, if it's even legal anywhere.
These separations endured well into the 1960s, as secretaries were trained women who could type and take dictation, and their bosses would generally shout into their ears and/or a tape recording device to get their work done. "Diane, take a letter!" was a common trope in the office of yesterday.
When home computing, personal word-processing, and desktop publishing came on the scene, suddenly we had to learn how to type. Suddenly every high school student who needed to write a paper, we all needed to know how to type in order to produce research papers. This was unprecedented. Then with word processing and WYSIWYG, we needed to know fonts, and bold/underline/italic conventions, and this was also unprecdented, because previously this was done for us, behind the scenes, by professionals.
Ultimately all that page layout, and design and visual aesthetics, even finding clipart and adding it appropriately and tastefully, all of that skilled knowledge and labor fell upon the shoulders of the one who was writing a newsletter for a non-profit, or writing technical documentation, or designing an album/CD cover or something.
Eventually those specializations and skills became so democratized that everyone knew them but we all knew them badly. We could do a half-assed job of desktop publishing, whereas a Gutenberg publication in the 18th century could have been a true work of art that was replicated many times.
Now even the em-dash is vilified as a signifier of low-skill slop, when some of us actually took the time to read manuals of style and understand when/how to properly use hyphens, en-dash, and em-dash. But never mind that; elegant grammar and perfect spelling are now the hallmarks of a shitty LLM prompt and HN commenters can just tear down any article by falsely claiming it was AI-written, and you can sic your fake "AI-writing detectors" on anything and 99% tear it down because of your stupid faulty em-dash hueristics.
They just cut worker hours and raise prices. The owners don't see a difference.
The richest person they're hurting is the store manager earning $200k missing some of their bonus.
If I see someone stealing food, yes, I did. It's immoral for you to do otherwise.
But no, most people in the US aren't stealing from grocery stores to feed their kids, they're stealing from stores to resell on black markets.
These are not the people bragging about scamming the self checkouts.
Links:
> Missouri Attorney General Andrew Bailey has filed suit against Dollar General, claiming deceptive and unfair pricing at its more than 600 retail stores throughout the state. The lawsuit alleges that Dollar General violated Missouri’s consumer protection laws by advertising one price at the shelf and charging a higher price at the register upon checkout.
> The joint investigation revealed that “92 of the 147 locations where investigations were conducted failed inspection. Price discrepancies ranged up to as much as $6.50 per item, with an average overcharge of $2.71 for the over 5,000 items price-checked by investigators.”
https://progressivegrocer.com/dollar-general-accused-decepti...
> All told, 69 of the 300 items came up higher at the register: a 23% error rate that exceeded the state’s limit by more than tenfold. Some of the price tags were months out of date.
> The January 2023 inspection produced the store’s fourth consecutive failure, and Coffield’s agency, the state department of agriculture & consumer services, had fined Family Dollar after two previous visits. But North Carolina law caps penalties at $5,000 per inspection, offering retailers little incentive to fix the problem. “Sometimes it is cheaper to pay the fines,” said Chad Parker, who runs the agency’s weights-and-measures program.
https://www.theguardian.com/us-news/2025/dec/03/customers-pa...
It goes without saying however, that the customer himself is of course not allowed to alter the price on the shelf (like the Flipper Zero program in the featured link facilitates) and then pay the altered amount :P
So - if the state didn't have any blabbermouths on staff, and spent some time training, how many "inspections" could they speedrun in an hour?
I've sometimes toyed with the idea of an "open sourced" grocery store that's extremely transparent about every detail. Think electronic price tags that give you a complete breakdown of the cost of an item, cost of labor, cost to account for "loss", over/under-supply, etc.
I feel like there's a niche out there for hyperinformed consumers
One of the reasons I like costco actually 10% or so is a fine margin to pay.
Trouble is, how do you prevent them making stacks of companies compounding the 10% profits. And is 10% sufficient to build up a buffer for when hard times hit?
This thinking has been triggered by fuel producers and sellers making sky rocket profits because of the increased oil prices. The same as the overheated graphics cards.
To make a poor analogy to physics: if you measure something which changes when you change unit/frame of reference -- it's not a well-defined thing.
The best policies have the same effect regardless of the legal structure (within the policy) superimposed on the actual action.
Medium policies can be optimized/gamed (perspective) -- but are designed to be adversarial, in that the gamed outcome is at least OK but potentially in fact the desired one (for example -- if you tax land, then not paying the tax means not using up land, which may be a desired policy goal). These can cause issues, though -- common law is an adversarial system, and "justice" can usually be translated to "access to lawyers," imo.
The connection with the above is that while the solution used is probably not universal -- sometimes, the optimal solution is, so the adversarial policy is just an approximation of "good policy".
Bad policies not only don't compose -- but then bureaucrats go on and insert discretion to try to make them compose. On the surface, this often looks like common sense -- but the result is insiders can keep doing the Bad Thing, but you can't do anything which isn't the Way Things Are Done -- because you need approval, and it Looks Bad.
/rant
I guess I'm thinking of something like dynamic pricing, except instead of it being used to manipulate consumers into paying the most they can possibly pay, it's used to give you really transparent, real-time information about what goes into that final pricetag
There are coop grocery stores where members get to see the financials at a high level and make price changes that make the market sustainable. This is usually some form of shared ownership but I think this is a better way to achieve similar goals.
The reason I used the word "open sourced" is because I think a good goal to shoot for would be to allow anyone else to learn and copy the structure/data/model. It'd be more of an experiment than anything else. Like a "let's teach everyone how a grocery store actually works" thing. Maybe even a non-profit
I predict that self checkout will only remain in the more trustworthy areas…
Their Loss Prevention is so advanced that FBI has collaborated with them for case help
https://thehorizonsun.com/features/2024/04/11/the-target-for...
I also worked there briefly in my teens, they are a great employer.
Before the rightwing boycotted Target for it's lgbtq+ merch and before the liberals boycotted Target for its rollback of DEI initiatives, many of us had been boyoctting Target for decades because its advancement of surveillance technology and cooperation with companies like Palantir
https://www.eff.org/deeplinks/2025/09/san-francisco-gets-inv...
https://www.bloomberg.com/news/features/2021-08-25/how-targe...
Can confirm - my wife called in a complaint about some graffiti / vandalism or something that was obscene in a target, and when she got a call back from a rep they were able to pinpoint everywhere she went in the store to determine which sign she was talking about...
of course, without any real data, how would anyone know?
When you see a TV being purchased, though, it wouldn't be hard to just watch that it in fact got checked in as such.
That's far from my experience. Usually they're overworked with a backlog of customers having some kind of issue needing attention. It usually takes a few minutes to flag one down when I need them to take a coupon or check and ID, because they're already busy doing something for another customer.
But every terminal also has a spycam hanging above it to either "give the appearance" of a big-brother overlord watching to encourage honesty, or is recording everything so that someone can review footage later if some issue is discovered.
And of course, the area is wide open and well covered by cameras, and usually self-checkout means paying by card or google pay or something, which will tie your identity to the purchase.
Categorising things as "bananas" tricks the checkout into accepting the weight of an item, and you pay the appropriate price per bananagram.
Some places will detect a fly farting on the damn scale, others can take three or four kids climbing on it before it complains.
The grocery store down the street though is exactly like this, gotta stack everything up on the scale to make it happy.
Then the receipt checker at the door checks his receipt and waves him on through.
Reminds me a bit of the shopping cart theory.
Grocery stores in general consolidating, laying off workers, leaving them without pay/benefits, taking advantage of greedflation, etc., is a bigger drain on society.
That is your thought process?
And since when is stealing a prank?
I'm like 50/50 on that. If I've got a lot of stuff it's nice having the space of a full lane for bagging along with another set of hands helping (even more if they still have dedicated baggers!). But if I'm just getting a handful of items a self checkout is faster than waiting in a queue for a full service lane. But if there's a long queue for the self checkout then forget it. If I have to wait I'll wait for service.
I still just prefer the scan and go stuff the most though. Scan with my phone as I shop, check out with a confirmation on the phone, roll on through to the car. I wish all my shopping was that smooth.
On the other hand, the wealthy can lobby, inflate the prices overnight just because, while also reducing the good weight aka double increase, and you can’t say anything because it’s legal!! It’s a one way “justice” system.
I've had opportunity to hear many stories from people who have had largely unintended encounters with law enforcement. Many of these are for "shoplifting". That can be something as simple as forgetting something on the bottom of the cart. Walmart are super aggressive about this and rather than saying "sir, did you forget that thing or not want it anymore?" they prosecute.
Walmart is one of those publicly subsidized companies in the country. They don't pay employees enough so the government gives them food stamps. Those food stamps are largely spent at Walmart so Walmart is profiting on both ends. And then they displace checkout workers with self-checkout and pay for fraud detection systems and when people either intentionally or unintentionally didn't scan something correctly (or at all), they offload the costs of loss prevention onto the state by prosecuting. Walmart doesn't pay for that prosecution. TAxpayers do.
Walmart is a trillion dollar company. The stock has almost 3x'ed in less than 4 years. How long did it take to 3x to that level? About 23 years.
For prices displayed on the shelf-label inside the store the law is usually not that strict (YMMV), as a shop-owner can refuse sale on check-out (otherwise I could put a pricetag on e.g. a shopping-basket and the shop-owner would be legally required to sell me the basket...).
Besides, most shops I've seen (in Europe) already moved from Infrared communication to RF (NFC or proprietary), for centralized shelf-label management without handheld devices. So all this study (and the underlying reverse engineering of the IR-protocol) might do is probably accelerate the transition from IR to RF-based ESL...
This is not the case for groceries in Massachusetts at least. If there’s a discrepancy between the tag’s price and the scanned price the store must charge the customer the lowest of the two: https://www.mass.gov/price-accuracy-information
https://malegislature.gov/Laws/GeneralLaws/PartI/TitleXV/Cha...
(i) ...if there is a discrepancy between the advertised price, the sticker price, the scanner price or the display price and the checkout price on any grocery item, a food store or a food department shall charge a consumer the lowest price. If the checkout price or scanner price is not the lowest price or does not reflect any qualifying discount, the seller: (i) shall not charge the consumer for 1 unit of the grocery item, if the lowest price is $10 or less; (ii) shall charge the consumer the lowest price less $10 for 1 unit of the grocery item, if the lowest price is more than $10; and (iii) shall charge the consumer the lowest price for any additional units of the grocery item. For the purposes of this subsection and unless the deputy director determines otherwise, individual items that differ only by color, flavor or scent shall be counted as the same item if they are identical in all other aspects, including price, brand, and may only vary in random weight. This subsection shall not apply if: (1) there is evidence of willful tampering; or (2) the discrepancy is a gross error, in that the lowest price is less than half of the checkout price and the seller, in the previous 30 days, did not intend to sell the grocery item at the lowest price.
The law probably doesn’t apply to fraud, but then the cashier only notices the really obvious cases.
Source - worked at a grocery store in Massachusetts as a teen
https://www.theguardian.com/us-news/2025/dec/03/customers-pa...
That seems shocking to me, but I guess I live in a country where the prices on the shelves are "final" (with no need to add taxes) and I think it would be immediately obvious if I'd been charged the wrong price for goods.
Stores hate giving the product away and pricing errors are much lower in my experience.
[0] https://www.theguardian.com/us-news/2025/dec/03/customers-pa...
To me this is about having protocols that are suitable so not anybody can write to these labels without knowing a store secret or using replay attacks.
it's mostly about efficiency. IR based, an employee needs to physically walk around. RF based, place a transmitter or two in the building and the system now works fully automated.
With the same vulnerable protocol the RF system is as easy to attack with bigger consequences then it seems....
The early shelf-label systems were IR-based, sold in bulk and were programmed manually using handheld devices held against them.
Most shelf-label solutions of today are part of a service-model, where gateways are mounted in the store to wirelessly update any label on price-change, often orchestrated remotely so store-chains can update all shops simultaneously.
We've been able to take a price sticker off one object and put it onto another for a very, very long time.
It's not really a new issue and current law should already cater for it.
In some places walking out with a MacBook Neo is a misdemeanor-but putting a barcode for bananas on it and checking out would be one or two felonies.
I mean, you need to prepare having that printer on you, but it's not all that difficult to print on demand while in the store.
my favorite that I have set up is a tag in my bathroom that shows me today’s weather and chance of rain when im brushing my teeth - I haven’t been caught by surprise in the rain since :)
> Can I change the display of all ESLs in a store at once ?
No. For two reasons:
Unlike radio waves, optical communication must be line-of-sight. Even from wall and ceiling reflections, an unique transmitter has no chance of reaching all of the hundreds or thousands of ESLs in a store.
Each ESL has an unique address which must be specified in update commands. There's no known way to broadcast display updates.
Sure, at least the developer can say they did say so, but it doesn't matter. To me it seems more like avoiding responsibility. You published the tool, and by doing so you changed the world, even minutely, and in ways you cannot predict.
As hackers we bear the responsibility of tools we publish. Even if you believe knowledge is the most important and that everything _should_ be published, we should at least be well aware of the consequences. Great power, great responsibility.
Because as we all know, if something "bad" is possible, but no one has published a GitHub about it, no one will ever be able to do the bad thing! Society is saved at last!
I'm sorry, but I'm so sick of seeing "omg hacker man" mystique surrounding flipper, which is exactly what they want because it drives sales. Ofc you can muck about with open and unsecured stuff...like duh.
But it annoys me to no end when I have reasonably intelligent friends parrot claims like "flipper can clone the nfc in your credit card and you can steal people's money wow much hack!"
Its value is to provide a standardized hardware platform for (white hat) hackers for probing, prototyping, refining and sharing of security research in the fields its hardware supports (Sub-GHz RF, NFC, IR, and custom external boards via simple Input/Output pins).
Prior to that, everyone who wanted to research e.g. RF security had to either build/assemble something custom or buy much more expensive equipment. This created a barrier to collaborate on research, as everyone had to buy/build the same setup.
On top of that, Person A researching some RF topic selected an RF-transceiver from Company X, Person B used a component and a proprietary SDK of Company Y, so consolidating both work streams for a better foundation for all RF-related research required alot of time and effort from someone, breaking workflows of at least one group of researchers, etc.
In contrast, security research which utilizes Flipper Zero can be reproduced and built upon by everyone. All the work is harmonized on the same Hardware architecture, so it's easy for someone familiar with the platform to dive straight into a new idea without having to build a new breadboard, select a chipset, buy additional probing equipment etc.
The flipper is basically an Arduino pre built with a bunch of static antennas. It's fine and in a decent form factor, but I really haven't found it useful.
Do you have any links to actual research (not children playing "researcher") done with flipper hardware?
And they love the free advertising they get along the same lines by youtubers desperate for clicks.
Ultimately it just sells more devices. The flipper zero can't "hack" anything. It can only be used as a tool to perform hacking, by a skilled individual who is doing all the work/discovering an exploit.
I should not have to put up with children going "JUST SECURE YOUR NETWORKS BRO" because they spent $30 on some eBay "maurauder" dongle to be a pissant.
Source: Early interest in wifi security, including in other people's networks, lead me down an education and career in security
I'm pretty tired of being the network guy in the field playing remote hands having to be on the front lines of all of this bullshit having to explain to decision makers that a bunch of shitty kids are running around and there's no real solution that we can just "fix" this with.
I'm tired. If they're not deauthing our networks they're breaking into rooms with the goddamn card copying and fuzzing functionality and stealing shit.
Sometimes the deviant act will get a nod of appreciation from me, but not if an AI did all the heavy lifting. I keep a labor-of-love website up and am increasingly swatting away scrapers in an attempt not to get slammed with a bankruptcy-tier cloud bill.
1. TOTP generator
2. As an extra garage door opener to let guests in from my desk
3. To avoid typing my long WiFi password in while setting stuff up (ducky or qr code)
4. Wrote a custom app that suggests meals/ restaurants so when the wife asks what we should eat this week I can just rattle off the random suggestions
Not to mention other random things on a less often basis
I've seen similar things posted on here before that had a binary build only and zero technical documentation. It was really hard to see any kind of research or education value in those.
I smell prejudice