I'll describe the reverse-engineering process of an embedded system in detail, using the Pure Digital Disposable cameras as specific examples. We'll start with finding out what you can learn from just looking at the hardware. After extracting the firmware from the memory chip, I'll show some simple tools I built to help understand the code. We'll get clues from the embedded operating system, and eventually find the security routines. I'll show some specific flaws found in the cameras, and then give an overview of Pure Digital's security overall framework: what worked, what didn't, and how to improve it.