Back in September, I took apart the original Amazon Dash, but now there’s a new version, so I took it apart as well. The new product number is
PL46MN; the old product number is
ORS3YV.1 The original wand was very similar to the first generation Dash Button, and the second wand bears more than a passing resemblance to the second generation Dash Button. As with the original wand, the new version is essentially a Dash Button with a barcode scanner and a larger, user replaceable battery.
Although there are plenty of tools that work well for stabilizing regular video, there aren’t any good ones for stabilizing 360 degree video. As I was unable to find any freely available software that worked, I used various command line tools from Hugin and FFmpeg. Although this worked, it was extremely slow and had some issues with the horizon drifting.1 I can’t really recommend the approach, but I figured I’d post the technique in case anyone finds it to be useful. Hopefully Facebook with open source their 360 video stabilization, since it seems much better.
With eight months elapsed since the release of Pannellum 2.2, it was time to release a new version of Pannellum. Actually, the release was well past due considering the plethora of bugfixes since the previous release, but there was a bug blocking the release, and it took me a while to find time to fix it. Now that I fixed the bug, I was able to release Pannellum 2.3 today. The major new feature in the release is support for the device orientation API such that panoramas can be explored on mobile devices by moving the device itself; this involved adding some quaternion-based calculations to determine where the device was pointing and extending viewer roll support to the cubemap and multi-resolution renderers.1 The other area that saw considerable improvement was the API, with an events framework and numerous new methods added. However, the bulk of the changes were small, consisting of a number of minor improvements and dozens of bugfixes. For a more complete list of improvements, see the changelog.
The Amazon Dash, not to be confused with the Amazon Dash Button, is a device for adding items to an AmazonFresh order, either through voice commands or via its barcode scanner. Recently, someone who had read my Dash Button teardown sent me one he had received for free and taken apart, to see if I could glean more information about it. The hardware can be summarized as a first generation Dash Button with a larger, user replaceable battery and a barcode scanner.
Ricoh provides a “Basic app” for Windows and Mac that will update the Theta S’ firmware and stitch the dual-fisheye video output into equirectangular video. The application UI and glue code,
SphericalViewer.swf, is built using Adobe Flex, while the video stitching portion, camera communications portion, and firmware updater are native code. The video stitcher is built using OpenCV and FFmpeg. Although reverse engineering native code is rather involved, reverse engineering Flash objects is much easier. Running
SphericalViewer.swf through the JPEXS flash decompiler produced fairly readable output.
The most interesting part was related to the configuration file,
CommonConfig.dat. After opening the file in a text editor, it was immediately obvious that it was Base64-encoded, but the decoded output was gobbledygook. However, I was able to decode it by analyzing the appropriate function in the decompiled Flash object. Indeed, the first step was to Base64-decode the file’s contents. The next step explains why the decoded output didn’t make sense—it was encrypted. After the Base64-decode, the result needs to be twice decrypted using an 256-bit AES key in Cipher Block Chaining (CBC) mode. This would normally prove to be extremely difficult, but the encryption key is defined as a variable in the same function, which makes it quite easy. This allowed me to write a configuration file decoder in Python. Once decoded, the configuration file is just an XML file. I’m not sure what the point of encrypting the configuration file is when the encryption key is easily accessible, and I’m really not sure what the point of encrypting it twice is, particularly with the same key.