Comment by ssl-3
16 hours ago
It doesn't really change anything.
Previously, a criminal could just print their own shelf tags. They'd probably do this somewhere other than in the store to get the details right, but it was doable. (We've all probably seen rolls of blank shelf tags sitting around at the store, and thermal printers are inexpensive. So what if it's two crimes instead of one?)
And then, in the store, they could just switch out the shelf tag(s) and try to play their little scam.
Now with this new development, a criminal still needs to get the details right. Like a blank paper tag, the little screen is also a blank slate. It's just eraseable and rewritable in-situ.
The scam is the same. It's just shaped differently.
---
I do understand why the tags are simple to write. Maintaining some kind of revolving, PKI, or multi-factor auth would be harder than doing nothing, and probably slow. Fixed, basic auth would just get leaked (probably first by Home Assistant tinkerers who find some discarded electronic shelf tags somewhere and want a new display for their house).
One-way jnfrared is cheap and low-power compared to anything with RF. And resets would be a pain in the ass if things were forever associated with a certain product, or a certain place in the store.
The way it's implemented now, on reset (yay new planogram!): All the tags get pulled and put in a pile.
And then: One by one, they're removed from that pile, put on a shelf, and programmed.
That's fast and flexible, and therefore inexpensive. Inexpensive is good. If there's one thing that all retail establishments hate most, it is their labor expense.
It does fail to prevent obvious-scam from happening. But it'd probably cost more to do it "right" than to eat the losses when the scam actually works.
> Fixed, basic auth would just get leaked (probably first by Home Assistant tinkerers who find some discarded electronic shelf tags somewhere and want a new display for their house).
You know what, that is a great idea for a project of mine, where I want to display outside temp and weather forecast in the hallway next to the wardrobe. I have been musing about it for a while now: how to make it small and not stand out, how to handle power delivery, etc.
I was already leaning towards eink, and if I can get one of these price tags cheap plus hide an IR blaster in a corner that would be ideal. All controlled by Home Assistant of course. I'm going to search the usual Chinese online marketplaces tomorrow.
Thank you!
I had a look and knew they seemed to be about £15 here, I couldn’t easily find second hand ones in the uk (though they’re not uncommon at shops). For £40 I can get a 7.5 inch black and white screen setup (trmnl byod xaio https://www.aliexpress.com/item/1005009532501677.html)
Lots of the tags I see though do have Bluetooth or maybe WiFi for updating as well.
I do really like eink things, I want to setup a nice 13 inch one which is now more like £160 so becoming more realistic for my to buy for fun.
I’m going to have to look more into these tags because if there’s cheap second hand ones they’d be awesome.
Just look on eBay. It's full of used electronic shelf tags, sold in bulk -- usually, with prices still on them. :)
The sellers don't know anything about how they work so it will take some digging to find the right ones, but having to dig a bit is normal for eBay (or Aliexpress, for that matter).
*was full ;)
Maybe check out TRMNL, they've got a Home Assistant plugin.
You’re looking for this: https://openepaperlink.de/
>Previously, a criminal could just print their own shelf tags.
Yep. For the physical "hackers" among us, a price sticker gun (those little orange or white stickers with a number on them that mom and pop shops use) was one of our first tools to mess around with
>It doesn't really change anything.
Yes it does, unlike before, a shits-and-giggles attacker could change all the tags in an aisle into "you're gay" without showing anything on surveillance cameras.
He wouldn't gain anything but the store would lose.
That'd be hilarious. Now I want one.
But actually: It's not that broad. It's still mostly one at a time, ish. Changing a lot of them would stand out if anyone were paying attention.
Although it could certainly be broadened...but an IR emitter that's skookum enough to reliably hit all of the shelf tags in an aisle at once would probably show up as an intensely-bright purple floodlight on the cameras. That would stand out quite a lot. :)
Well it does need to read individual tag barcodes, so it is indeed one at a time, still you could make an automated camera+beam device, hide at chest level, walk through an aisle as if looking for something, then pick up something in the end of the aisle and go to checkout.
I don't think anyone is paying attention anywhere near enough to pick that up. Additionally, one could read some barcodes and make quite cheap battery-powered narrow beam emitters to be placed in store aimed at particular tags that would only power up once a day at a random time.
2 replies →
A very real use case I can see would be Palestine supporters defacing Israeli product labels here (don't shoot the messenger, please).
Or "I made this" with a politician of your choice.
Someone representing one brand could go around and upwardly adjust all competing brands so that no one wanted to buy them.
I’m sorry but this entire premise is dubious at best hilarious at worst.
I’ve worked retail on and off for a decade and been friends with AP in most places and no one has ever mentioned this happening. Never been told to watch for it, or heard a rumor about it from another store.
It’s just not something that happens.
> It doesn't really change anything.
> Previously, a criminal could just print their own shelf tags.
Between your 'previously' and now is a period of at least two or three decades, where shelf tags have only be for your information in the store, while the real price came from computerized POS-Terminals with attached barcode-readers. Which of the two has priority for the customer may depend on country, law, store policy & good will.
Furthermore stores are completely cam covered nowadays, so much luck with being seen fumbling with your gadget in front of that label, or being seen on 'tape' putting another one over it, or things like that :-)