Rapid Fill Mug Program Fails (at more ways than you might think)

ford91exploder

Resident Curmudgeon
Well first for the Magic Band it DOES INDEED use Bluetooth LE specifically a Nordic Semiconductor nRF24LE1, 4x4 mm, 24 pin QFN chip.

Disney's drink system's RFID chip is actually reprogrammable so with some effort it's possible to hack the RFID once internal data representation is determined. This is very similar to a miFare Oyster stored value card commonly used on transit systems

These types of chip are available from AliBaba.com for .04 to .50 each depending on supplier.

That being said I probably will not say any more about the RapidFill chip because it's not in anyone's interest to provide attack vectors for drink systems.

The reprogrammabiliy of the RFID explains the short range of the chip because instead of the RFID tag modulating a RF Field as a passive tag does. This type of RFID uses the RF Field as a power source for the microcontroller and transmitter and the available energy from any RF source is subject to the inverse square law. ie available power decreases in proportion to the square of the distance.

Once again a overcomplicated system where a simple passive tag linked to to a back end database would have been sufficient. The only advantage this system provides is that it's not dependent upon any external resource except power to control drink dispensing.
 
Last edited:

JenniferS

When you're the leader, you don't have to follow.
You are missing the point. It's not about having 3 refills. I can easily get by on that. I just simply don't want to and shouldn't have to feel restricted and feel like I have to plan out my refills so that I don't use them too quickly or else i'll end up screwed. (NOTE: That is just an EXAMPLE.)
I would think the 3-refill limit is to discourage a family of four sharing one cup, and just keep refilling it.
I've seen it happen. Every trip.

I've already been flamed for this, but I'll say it again - 4 x 20 oz fills should be enough to satisfy most folks during one quick service meal. And yes, I know ice will displace 2 or 3 ounces of soda/lemonade/iced tea.
 

GoofGoof

Premium Member
I would think the 3-refill limit is to discourage a family of four sharing one cup, and just keep refilling it.
I've seen it happen. Every trip.

I've already been flamed for this, but I'll say it again - 4 x 20 oz fills should be enough to satisfy most folks during one quick service meal. And yes, I know ice will displace 2 or 3 ounces of soda/lemonade/iced tea.
Other than a family trying to share 1 cup I doubt very many people will ever realize there is a limit. It is an academic debate that has little real world impact. We scrutinize every little, minute detail of everything around here as if it's an amendment to the constitution but for the average visitor the 3 refill limit won't come into play. So far I think most of the people who are upset by the limit are upset by the principle of being limited not upset because they are worried they will leave thirsty...there may have been 1 or 2 guys who said he drinks more than 60ozs in a sitting, but they are most likely the exception not the rule.
 

Mouse_Trap

Well-Known Member
I can see what the problem is over limiting the amounts of refills permitted.
Does Disney advertise a cup as coming with unlimited refills? Not to my recollection.

A 2/3 minute delay between refills, I can't really see what the issue is either. If you are glugging soda that quickly then you are probably so dehydrated that water would be a better option at least to begin with. At drinking it that quickly won't hydrate you very well - too much down too quickly.

Here in the UK, refills are pretty much non-existent. Sure a couple of places offer a 'bottom-less' glass i.e. unlimited refills, but they charge more for this than a standard soda.
 

flynnibus

Premium Member
Well first for the Magic Band it DOES INDEED use Bluetooth LE specifically a Nordic Semiconductor nRF24LE1, 4x4 mm, 24 pin QFN chip.

Ok, now we are getting somewhere...

Why do you say it's bluetooth tho? All the reference design and SDK for the nRF24LE1 use Nordic's Gazell protocol stack.. which is proprietary 2.4GHz. They have other product lines that specifically advertise bluetooth and the reference designs based on nRF24LE1 do not support Bluetooth.. the next gen after added bluetooth.

Once again a overcomplicated system where a simple passive tag linked to to a back end database would have been sufficient. The only advantage this system provides is that it's not dependent upon any external resource except power to control drink dispensing.

Doesn't it also enable encryption and anti-cloning capabilities beyond what a static ID tag would?
 

ford91exploder

Resident Curmudgeon
Ok, now we are getting somewhere...

Why do you say it's bluetooth tho? All the reference design and SDK for the nRF24LE1 use Nordic's Gazell protocol stack.. which is proprietary 2.4GHz. They have other product lines that specifically advertise bluetooth and the reference designs based on nRF24LE1 do not support Bluetooth.. the next gen after added bluetooth.



Doesn't it also enable encryption and anti-cloning capabilities beyond what a static ID tag would?

First please understand this research is to satisfy own curiosity so I play with this stuff when I have a chance, Unlike WDW these days customer service is my top priority and customer stuff comes first.

On it being BT looking at a FFT of the signal it looks like bluetooth but I agree the docs state it's a proprietary protocol so until I get to decoding the signal we will need to assume its the Gazelle protocol.

On the cups I HOPE they have implemented anti-cloning but other than figuring out how to stimulate it I have not done any protocol analysis as of yet.
 

flynnibus

Premium Member
First please understand this research is to satisfy own curiosity so I play with this stuff when I have a chance, Unlike WDW these days customer service is my top priority and customer stuff comes first.

On it being BT looking at a FFT of the signal it looks like bluetooth but I agree the docs state it's a proprietary protocol so until I get to decoding the signal we will need to assume its the Gazelle protocol.

Yet.. you made your post in an assertive way claiming it as a certainty. See.. this is why I have trouble taking you at face value. You consistently leap ahead and make no distinction between what you know.. vs what you believe.

Same things with the cups.. you abscond them for using programmable while glossing over it might have been intentional to combat exactly what you propose as the risk.

I get you are conditioned to think 'the worst..' but you shouldn't let that cloud your credibility by running around claiming the sky is falling all of the time. Balance feasibility with probability.
 

ford91exploder

Resident Curmudgeon
Yet.. you made your post in an assertive way claiming it as a certainty. See.. this is why I have trouble taking you at face value. You consistently leap ahead and make no distinction between what you know.. vs what you believe.

Same things with the cups.. you abscond them for using programmable while glossing over it might have been intentional to combat exactly what you propose as the risk.

I get you are conditioned to think 'the worst..' but you shouldn't let that cloud your credibility by running around claiming the sky is falling all of the time. Balance feasibility with probability.


Good point I do tend to the extremes and I will temper that somewhat here,

In real-life I am constantly figuratively trying to beat clue into thick skulls and nuance does not work. So it's if things were working I would not be HERE you will do them MY way and we will get through this, If we keep doing it the old way the pain will continue.

I'm the guy who gets called when everyone else has failed and as such I've developed more than a few sharp edges in the process

I really do enjoy debating with you Flynn because you make me think. If you and I are ever in the Valley at the same time I'll treat you to lunch/dinner at Birk's I preferred Nicollino's but they are closed.
 

flynnibus

Premium Member
In real-life I am constantly figuratively trying to beat clue into thick skulls and nuance does not work. So it's if things were working I would not be HERE you will do them MY way and we will get through this, If we keep doing it the old way the pain will continue.

Same way here.. but working with Scandinavians.. everything is based on trust. So you do NOT want to be the guy that just is eager to have the answer first. No points for first.. everyone scores based on effective results. They value honesty and direct... not fluffy and wasteful. The guy who comes in trying to name drop, tell us how great he is, and boast about his title... yeah, those tend to be outside the circle of trust.

I have a coworker who is the type that will always offer an answer even if he doesn't know. He loves having the answer first... yet he's wrong like 40% of the time. So he only gets the courtesy nods from the real players as they ignore what he has to say :)

There is NOTHING wrong with "I don't know" (unless it's your sole job to know... hehehe). Always better to be clear on what is known or not... strive for accurate... rather than guessing and risk being wrong in our field.

Credibility is everything.. and it's my Achilles heel at times because I do not like to pass on other people's work with my name attached if I haven't been deeply involved. I trust people.. but I call it their work, not mine :)

It's also why we are the heavy hitters when people have been floundering and just getting no where.

When we were first acquired people didn't like us because we said 'no' to things. Where as the old guard said yes to everything.. and would never deliver.. where we would always deliver on time. Now we are the credible ones because they know we won't just blow smoke up their rears :)
 

ford91exploder

Resident Curmudgeon
accost was probably what I was thinking :) I type blindly... and quickly. Unfortunately that hurts my accuracy when my fingers 'think' of the word on their own :eek: Usually leading to the phonetic swap of words/close words/etc. I try to correct it but I'm not flawless here :)

Happens all the time it's why I prefer email as I can make sure my fingers have not gotten ahead of brain.
 

Soarin' Over Pgh

Well-Known Member
accost was probably what I was thinking :) I type blindly... and quickly. Unfortunately that hurts my accuracy when my fingers 'think' of the word on their own :eek: Usually leading to the phonetic swap of words/close words/etc. I try to correct it but I'm not flawless here :)


My iPad loves to switch words on me and "correct" my spelling. But if I switch it off, it looks worse. It's all good Flynn. :)
 

Goofyernmost

Well-Known Member
I find my posts worse on average when I type on my iphone... I'm old fashioned.. give me my mouse and keyboard :D
Sorry, old fashioned in my world is typewriter and telephone. I was trained to type on a Royal Manual Typewriter (think the beginning of Murder She Wrote) with a strip of white out paper to strike over errors and then you had to correct it. The telephone was a dial. Actually I go back further then that, but, I'm talking more about my teen years and up.
 

flynnibus

Premium Member
Sorry, old fashioned in my world is typewriter and telephone. I was trained to type on a Royal Manual Typewriter (think the beginning of Murder She Wrote) with a strip of white out paper to strike over errors and then you had to correct it. .

When I saw what post you quoted I figured this was coming... :)

We at least got to use IBM electronic typewriters in school. Now they call it 'keyboarding' and teach it in elementary school.

I never asked if they are allowed to backspace in their speed tests :)
 

Soarin' Over Pgh

Well-Known Member
I find my posts worse on average when I type on my iphone... I'm old fashioned.. give me my mouse and keyboard :D

I haven't used my home computer in a long time. Got the iPad last march, haven't looked back :) I do transfer music from home comp to this one but it takes like, four minutes.

If I just go with my phone's auto-spell I'll end up posting something like "Rabid Foul Meg Program." But maybe that's not so inaccurate...

Lucky. <3 you crack me up.
 

Nubs70

Well-Known Member
Well first for the Magic Band it DOES INDEED use Bluetooth LE specifically a Nordic Semiconductor nRF24LE1, 4x4 mm, 24 pin QFN chip.

Disney's drink system's RFID chip is actually reprogrammable so with some effort it's possible to hack the RFID once internal data representation is determined. This is very similar to a miFare Oyster stored value card commonly used on transit systems

These types of chip are available from AliBaba.com for .04 to .50 each depending on supplier.

That being said I probably will not say any more about the RapidFill chip because it's not in anyone's interest to provide attack vectors for drink systems.

The reprogrammabiliy of the RFID explains the short range of the chip because instead of the RFID tag modulating a RF Field as a passive tag does. This type of RFID uses the RF Field as a power source for the microcontroller and transmitter and the available energy from any RF source is subject to the inverse square law. ie available power decreases in proportion to the square of the distance.

Once again a overcomplicated system where a simple passive tag linked to to a back end database would have been sufficient. The only advantage this system provides is that it's not dependent upon any external resource except power to control drink dispensing.
Why would anyone design a drink metering system with reprogrammable disposable cups??
 

Register on WDWMAGIC. This sidebar will go away, and you'll see fewer ads.

Back
Top Bottom