These days e-paper (eInk) displays are everywhere, with stores being one of the largest users of smaller, monochrome versions of these persistent displays. This has also made them a solid target of hackers who seek to not only reverse-engineer and reuse discarded ones, but also ones sold to consumers, with [Aaron Christophel] recently reverse-engineering and flashing custom firmware (GitHub source) to a Waveshare 2.13″ NFC-Powered E-Paper display.
What’s perhaps most notable is how locked-down and devoid of documentation these devices are. The board [Aaron] looked at did not have any markings on the main IC, and Waveshare did not provide more information other than the Android and iOS apps. This led to some matching of various NFC-enabled MCUs with the pinout, with the Chivotech TN2115S2 rolling out as the most likely candidate. This is an 8 MHz Cortex-M0 MCU with not only NFC, but also an energy harvesting feature (up to 300 mW), which is why this e-paper tag can update the display without external power or a battery.
With the Chivotech datasheet being rather sparse, more reverse-engineering needed to be done, which included dumping the firmware and exploring it with Ghidra. During this, the secret key was discovered to make the Flash writeable along with how to control the peripherals and display. With this knowledge it’s now possible to make this tag display update without being limited by manufacturer-supplied tools and software, making it infinitely more useful.
So how long until the crackdown when stores are forced to hack-proof these things when people demand them to honour ridiculous mark-downs, because “that was the displayed price” 😆
If your security depends entirely on people not knowing how to talk to it, it’s not secure.
It’s a physical access attack, not a wireless jailbreak. The “security” is the guard laughing his a$$ off watching you break the case open and trying to connect to the pins on aisle 2. You’ll be wishing for your own jailbreak shortly.
It doesn’t work like that. The price is what is in the database that is accessed at the checkout (which also calculates discounts). Changing the tag won’t change the price. They will just correct the price on the tag.
I think that this greatly depends on where you are but mostly on how reasonable the store manager is. But also on how serious the value on the tag could be taken. A color TV worth $800,- suddenly tagged for $25,- is questionable. But when the tag mentions $600,- then how is the customer supposed to know that the value on the tag is incorrect?
However… misleading customers is a serious thing. Therefore if the tag states a different value than being charged by the cash register then the customer has all rights to complain because the information on the tag is simply misleading when it does not reflect the actual cost being charged by the cash register.
In my country the price is what you can see.
If it’s different in the system, then you can demand to pay the price that was on the shelf.
In australia, the consumer has a right to pay what is on the price tag, regardless of what the database says.
没有这回事,并没有人真的用在在商店里,这些硬件在中国二手平台有很多,并不会用来结账,只是用来显示,
There’s no such thing, and no one really uses it in in stores, these hardware are plentiful in China on second hand platforms, and aren’t going to be used for checkout, they’re just going to be used to display that
There’s no such thing, and no one really uses it in in stores, these hardware are plentiful in China on second hand platforms, and aren’t going to be used for checkout, they’re just going to be used to display that
Are people just stealing these from stores, or what? Why are these displays so “plentiful?”
Because in stores like Lowes, they break easily and you can just ask for some(or go rooting through the dumpster YMMV).
In the UK, either Aldi or Lidl (Both discount supermarkets) use red/black/white eInk price tags. Possibly both Aldi and Lidl. They put aside a reasonable sized section of the supermarket where they have different deals every week – printing out price tickets will soon add up and the eInk solution’ll be cheaper in the long run. There are *some* bits and pieces they print out to go along with them.
In Finland stores have to sell goods with the price informed to the customer. If price tag is wrong, it is considered to be customers benefit. Naturally exceptionally low prices (ie. selling brand new car 1.99 €) is not allowed.
Waveshare are usually very good with documentation – I wonder why that’s lacking in this instance?
The Waveshare website doesn’t detail the protocol exactly – but they do provide an Android app and the source for an application to run on an NFC development board they have.