Facedetection: Clones in Aldi’s ads (Photoshop Desaster)

I saw Aldi’s (german grocery chain) ad on the last Süddeutsche Jetzt magazine and wondered if they’ve got the approval of all the people / employees on the image. Then i recognized that they are not that many. Because it’s just some people photoshopped all over the seats. Picasa and Processing helped me to analyze the image and find duplicate images.


(Image Aldi Süd, Süddeutsche Jetzt)
Link to the Brochure


Some people are up to 9 times on the image. And could only recognize the first 9 rows.

Misfit Shine Adventures


Here’s the answer from Misfit support:
“I am terribly sorry about the misunderstanding we might of had. Only bluetooth is required to sync your data to the app, however, an internet connection is needed to link your Shine to your email address. The data your Shine will provide to us will lead to improving our algorithm and increase accuracy of data. I ensure you that your privacy information will not be shared with any third party companies.”

Remember. The first information was:

“Therefore after that you wouldn’t need the internet anymore of syncing data and viewing your progress.”


I sold my Fitbit Flex because the activity tracker’s data was encrypted and i was forced to upload my data to Fitbit’s cloud in order so see it. My next try was Misfit Shine.

My question to Misfit’s support was:

“Do i need an online account to use the app? Do i need to upload the data to your server? Can i use the app offline?”

Misfit’s support told me that

“You would need an email address to sign in to the app/link the Shine to an email account. The data is sync via Bluetooth. Therefore after that you wouldn’t need the internet anymore of syncing data and viewing your progress. Hope that helps, thanks for your support.”

So i ordered one. But unfortunately that information was not true. Misfit’s Android App does not work at all without internet access. Either when there’s no internet connection or it’s blocked by Privacy Guard or Android Firewall. It does not even sync the tracker via Bluetooth without going online (see the Android Wifi icon).


mitmdump shows that it’s connecting to Misfit’s server to store the data. It doesn’t even calculate the graph on the phone but gets it from the cloud. That’s the output when touching the sync icon:

192.168.xxx.xx PUT https://shine.api.misfitwearables.com/shine/v7/pedometer
<< 210 nginx/1.2.6 413B
192.168.xxx.xx POST https://shine.api.misfitwearables.com/shine/v7/sync_logs
<< 200 OK 2B
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/goals?endTime=1397339999
<< 200 OK 836B
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/timeline_items?startTime=1397167200&endTime=1397339999
<< 200 OK 2.83kB
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/goal_progresses?type=2&startTime=1397253600&endTime=1397339999
<< 200 OK 264B
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/graph_items?startTime=1397253600&endTime=1397339999
<< 200 OK 4.66kB
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/timeline_items?startTime=1397080800&endTime=1397253599
<< 200 OK 266B
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/goal_progresses?type=2&startTime=1397167200&endTime=1397253599
<< 200 OK 264B
192.168.xxx.xx GET https://shine.api.misfitwearables.com/shine/v7/graph_items?startTime=1397167200&endTime=1397253599
<< 200 OK 274B


That’s my motion data! I payed 120 € for the device. I don’t get it why you can’t simply add steps in the app as you told me.

What about my privacy?
Privacy is very important to us here at Misfit. We do not share any of your personal information with anyone without your approval.

I asked the support guy what he thinks about it. I’ll keep you updated.