Slashdot Mirror
Wi-Fi Enabled Digital Cameras Easily Exploitable
An anonymous reader writes with some news that might make you think twice before getting a network-enabled camera. From the article: "Users' desire to share things online has influenced many markets, including the digital camera one. Newer cameras increasingly sport built-in Wi-Fi capabilities or allow users to add SD cards to achieve them in order to be able to upload and share photos and videos as soon as they take them. But, as proven by Daniel Mende and Pascal Turbing, security researchers with ERNW, these capabilities also have security flaws that can be easily exploited for turning these cameras into spying devices. The researchers chose to compromise Canon's EOS-1D X DSLR camera and exploit each of the four ways it can communicate with a network. Not only have they been able to hijack the information sent from the camera, but have also managed to gain complete control of it."
Now it should be simple to make a smartphone app to control the camera. Before, you had to get the API from the manufacturer, sign an NDA, often pay money and then pour through the poorly documented mess.
Progress!
Faster! Faster! Faster would be better!
Hijacking thousands of vacation pictures may prove fatal to the pirates who steal them, contracting terminal boredom. Meanwhile, spies and celebrities should avoid using cameras with remote access vulnerabilities
We can achieve cameras by adding SD cards? What?
The makers of the camera's want to produce the cheapest camera for the highest amount of profit possible. Spending money on securing the add features that consumers want (ie. wifi) cuts into the bottom line.
Will it stop consumers from buying the models? My guess is no.
What will the camera makers do? Make a new model, same as the old model, but with added security features. Of course, you will pay 50% more for the new "model".
Be seeing you...
Seriously, this is one of them. I love the idea of sharing and all, but we can wait to see your vacation or ...other... pics more than 15 minutes after you take it. A camera does not need to be directly connected to the internet, and all it does is open up potential security flaws. Find a good way to remotely exploit this and next thing you know, you can just take a vacation vicariously, through someone's (unsuspecting) lens. With the way tablets, smartphones etc are going, they can be great and (more) secure gateways to posting things, plus it gives you the chance to *filter* your photos...
This trend of making all things that exist wireless can have pretty bad consequences if companies aren't held accountable for what they produce. I'm sorry, it's not hard. It just takes code correctness and some discipline to not take a route only cause it's easy. I'm not naive; I understand being first out of the gate matters, but making that a priority at the cost of some basic security is unacceptable.
If the programmers aren't delivering on time or creating insecure code, then part of the problem may be management. As Scott Adams wrote today, Management exists to minimize the problems created by its own hiring mistakes. It's some kind of endmic disease that technical people are expected to push through a product quickly first, securely second.
If computers were people, I'd be a misanthrope.
Interesting, but the article itself mentions a camera body that's meant for professionals who are handed contracts to deliver photos within a time frame following events. (most MAJOR sporting events the photos need to be uploaded from the camera back to a central repo within 4 hours of the event, so they can go to print for the following morning. )
Saving a few minutes here and there is KEY to getting ahead in that industry.
Undefeated.
On the contrary. When recording the police, it's best to upload live, so when they steal your camera, they don't get the footage.
“He’s not deformed, he’s just drunk!”
they have wifi built in to the card, you can connect to it from a browser to upload/download files
There are a couple other brands as well
The cost for web cams and 100' USB cables is like 20$. So give a home 5 security cameras for $100. Hook em up on their computer and have code that records a buffered state so far back. Or if you're concerned about disk space, attach motion sensors to the recording states. Write some software that allows them to check out their house on their smart phone. Installation shouldn't take more than a a few hours.
So if you wanted to start your own security system, you'd be back 100$ for 5 cameras/cables. You'd need to write some code, or have someone write it for you, but this is only a one time cost. And you can charge people 45$/month or a one time fee of 500-700$, and that is way cheaper that what is on the market, and what is on the market doesn't let you check your security cameras from your smart phone.
Home security looks like a cash cow at first glance, what am I missing besides lawyer stuff?
God spoke to me
Does anyone have a link to the actual presntation or paper? the linked article is just a sensationalist summary.
While I know it's trivial to secure my camera by just turning off wifi when I'm not using it, I am intersted in what they were able to do.
Eye-fi.
It only talks to networks you have told it about. Ad-hoc to a laptop, or to a wifi router. Via WPA. It does not talk directly to 'the internet', unless you tell it to. It can upload directly to flickr/facebook/etc....if you tell it to. I don't.
I do a lot of macro photography at home , and not having to swap the card between camera and PC is a godsend.
Is it exploitable? Don't know. Maybe.
Now...if I were going to attend an 'event' where my camera might get confiscated, I might have a nearby compatriot with a netbook in his backpack, and the camera continuously talking to it. Not that I'd put myself in that position, though.
I have a 1Dx, and it doesn't come by default with wireless (just gigabit ethernet). Or GPS. You can buy the super expensive Canon adaptors or eyefi adaptors for way cheaper, but the article is pretty light to determine risk. As noted above - mostly concerned will be sports and events photographers who have a workflow involving wireless transmission / post processing, who actually have added the hardware and turned it on.
There are always problems with installation. Not all modern computers can handle 5 USB webcams, even cheap ones. You'll run into problems like a few of the cameras not being recognized or they'll all run really slowly. The consumers won't want to have their computer on 24x7 and they aren't going to want cables running along their walls. As soon as you start drilling into the walls, at least some will complain about damage. Others won't have the libraries to run your software. You said installation would take a few hours, which sounds like you'll have someone on site doing installation. Meaning you'll have to contract out installation with multiple companies or you'll never be able to scale to anything size worth doing.
Software is not a one time cost. You'll have people asking questions, complaining about bugs (fix them or you'll be killed in reviews. No one buys from no name companies with poor reviews), updates might break your software, everyone has different drivers, etc... Anything with a subscription requires additional software to track all the customers and their payments. You'll need support lines to handle hardware, software, account management, billing, stupid customers, etc...
That's all I'm going to cover. Everything looks good at first glance. You're only looking at the good stuff, most people don't fantasize about the bad things.
Is that the marginal cost of production, the amortized cost of production (i.e. sunk costs spread out over the entire production run), or the amortized costs of production, marketing/sales, support (warranties aren't free, folks), etc.?
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Home security looks like a cash cow at first glance, what am I missing besides lawyer stuff?
The plethora of cheap, standalone, multicam systems by Lorex, Zmodo, etc that already do this.
Ahem. The real value in home security is the monitoring service, not the cameras.
Cameras only let you see what it looked like when the guys in black masks spent hours carting off everything you own (or until they got tired of wearing masks and decided to smash the cameras, and of course I'm assuming that you're also streaming the video somewhere off-site or at least to a very well hidden external drive, because they'd probably also steal your camera computer).
Monitoring services call the police if you don't answer their call and say the password, so the bad guys have to get in and out in a few minutes if they want to avoid being caught red handed.
Reliability, maintainability, installation, liability, insurance, service... pretty much everything in fact.
Enabled Wi-Fi _______ easily exploited.
I've seen people showing off footage pulled, in real time, from wifi camera systems IN BANKS up to ten years ago!
All these guys did was turn it into a presentation at Shmoocon.
Nothing new here.
Please show me these 20 dollar cameras, other than shitty MJPEG stuff. Not horrible CCTV cameras are closer to 100$ (unless they need to be outdoors or vandal resistant). Once we priced everything out the realistic installed cost is more like $1500 to $2000. And lots of stuff, including ours, lets you view video from your smart phone.
(most MAJOR sporting events the photos need to be uploaded from the camera back to a central repo within 4 hours of the event, so they can go to print for the following morning. )
Saving a few minutes here and there is KEY to getting ahead in that industry.
It takes about 10 seconds to remove the memory card and plug it into a tablet/laptop/whatever. Unless you need photos uploaded essentially as you shoot them (which I suspect woudn't work very well at the same time you were taking new pictures), there is no reason to have the camera able to connect to a network.
In addition, it's likely the file transfer software on the tablet/laptop/whatever is far more robust than anything on the camera. This might give you features such as automatic retry, resuming in the middle of a file, etc.
You're kind of assuming the photographer is right next to the cameras - professional wireless whatsits (e.g. Nikon and Canon) are intended for full remote control of multiple cameras. So at a sports event, a photographer might have one down behind the goal with a wide-angle lens, another pointing at the other goal, etc. etc. etc. - all uploading to the photo agency for up-to-the-moment imagery. Newspapers needed things soon, the internet needs it now.
Still decidedly embarrassing if they are so easily compromised, of course.
Tedious Bloggy Stuff - hooray?
Not unexpected, but its kinda hard to take candid photos from a hijacked camera when the lens cap is on. And those WIFI systems are not generally left on anyhow.
I don't understand why they used a 1Dx though, which would require an external WIFI adapter to even have a WIFI capability. I would be more interested in penetration testing something like the Canon 6D which has the WIFI built-in. I fully expect there to be holes, Canon's WIFI software has always been quite primitive and even the new stuff is still quite primitive.
But if we make enough noise and Canon will fix it in a software update.
Currently I only use the 6D's built-in WIFI to be able to review pictures in-camera from an android tablet... quite a useful feature. I'm not particularly worried about hijacking there since the Camera's WIFI transmitter has rather limited range. And most of the time the WIFI is turned off anyway since it eats the battery otherwise.
-Matt
Well, you can buy a damn nice DVR from Lorex that has it all including hard drive recorder, 4-6 cameras, night lights, and cabling for around $600 all together, or much less. Including PC software to access it over a network, and with the first firewall configuration, using apps on iOS and Android.
And they're nicer higher-definition color cameras at that. Hell, our company replaced an old camera system using Panasonic NTSC cameras and a Windows 98 PC being a DVR (total cost - tens of thousands back in the day) with a $500 Lorex you can get at Costco. Which gives better picture quality, easier access, is more maintainable (that Win98 system was stuck on 98 because it's all that was supported, and couldn't be remotely accessed, etc)., and remotely accessible on the network.
They're dirty cheap.
Oh, and USB has a max cable length of 5m or around 15'. This limit is not signal integrity, but bit timing. The only way around it is active repeaters (i.e., single-port hubs). Even then it's pretty nasty as it's increasing your isochronous latency (cameras are typically isochronous devices that demand fixed bandwidth), so don't be utterly surprised if it completely fails and is touchy and finicky and plugging in another one causes it to go one and come up in pieces.
Since you gotta install the damn thing anyways, getting one from Costco or other retailer saves a lot of time and money.
Besides the fact that you'll need special hardware to extend USB past 5 meters (about 16 feet), and the fact that the extenders alone will eat that $20?
Check out my sci-fi/humor trilogy at PatriotsBooks.
You'd be able to steal nudie pics taken in private from outside the studio/house.
Do you like live videos of bands? Then please don't do this at your local venues. I've seen all kinds of nonsense infra red signals taking over band equipment, shutting off cameras, this happens a lot more than people think. So let the band play their song in peace, and don't slam the crap out of the camera people or there won't be many more free live videos that you love. I know you all are going to do what you are going to do, but at least you now know the other side of the coin here. If all someone is doing is a video +2 , 3 camera shot, on their own dime(gas, time, camera's, editing), making it available on their own websites, and submitting to broadcast it on their own public access show, do you really want to fuck that up by being a prick?
If you want to hack the web and peoples laptop camera's, I really don't give a shit. But if you want free music, listen up, and don't become the cause of a problem, reaction, solution. The solution will be no more video pass, and lots of programmers who just say fuck it.
managed to gain complete control of it
Aiming the camera under remote control via software is a pretty good trick. Ordinarily, you need to mount it on a pan-tilt device.
Removing the lens cap from software is another good trick. Powering the thing on remotely with batteries removed is amazing.
Yes, this is pedantic, but I'm guessing they don't have complete control of the camera. They may have control of the camera software.
So a devious photographer may create an automated wifi entry and corruption script and fire it up on a critical event, walking away with the only usable money shot.
Defining Statistics and Social Research
Home security looks like a cash cow at first glance, what am I missing besides lawyer stuff?
So you're saying you're 5 years from release?
Let's see... professional DSLR's to be used for spying
That's going to be hard with the camera in the camera bag, where most SLR's are when not in use. But let's assume this one's not.
That's going to be hard with the lens cap on the lens, which is the case with most SLR's that are not in use but not in the bag. But let's assume this one's not.
That's going to be hard with the camera pointing in the right direction, which is pretty hard given the form factor (vertical grip) of a "casual laying around" SLR. But let's assume for some godforsaken reason I tend to store my SLR, without a lens cap, in my living room, mounted on a tripod.
That's going to be pretty hard, unless I have *exactly* the right lens mounted on my camera. Ok, so let's assume that I randomly leave my SLR in my living room, mounted on a tripod, with wide angle lens mounted on it, pointing in the right direction.
That's going to be pretty hard, unless I happen to have it focused on whatever I want to see. Ok, granted, hyperfocal distance on WA lenses is pretty short. But still.
That's going to be pretty hard. Because even though my professional SLR, mounted casually on a tripod in my living room, capturing most of that room, set to hyperfocal distance, without a lens cap, is ready to go, keeping it on "live view" is going to run the battery down pretty seriously, even with the serious batteries those flagship cameras have. You're not going to take pictures in regular SLR mode, right? Because you will hear the shutter on a camera like that. So battery sucking, sensor overheating live view it is.
Mmmh. I guess it's a risk. I always have my SLR with the lens cap off, wide angle lens, covering the entire room, hyperfocal distance, camera on, tethered into a power plug. Wait. If I have my camera tethered in, then why wouldn't I also be tethering it to my PC. Why is it that wireless is a risk? If we're going to make all these half-ass assumptions about using an SLR for spying, why not assume it's hooked up to a computer with a cable? We might as well.
I don't think *wireless* is going to be that much of a security risk.
Not for professionals. At the winter Olympics in Vancouver, the Olympic Organizing Committee wired most of the venues for WiFi for use by accredited press. Photographers were able to upload photos from the venues to their bureaus almost instantly, from their cameras, at the venue. Sometimes the photos were available online before the athlete finished the event.
I'm waiting for them to create networked 3d printed guns... You can get the plan off the network, print them remotely, and then have them setup and fired - all from your smart phone. I hear that there will soon be a Flash app for that, so, unfortunately iPhone users, you won't be able to take advantage of the latest, greatest upcoming trend.
One would think that the moment you mentioned 'wi-fi' and any other tech, that, hacking and therefore protection from hacking would be a priority .. you know.. ensuring your product's integrity? Nah..
Seriously, this is one of them. I love the idea of sharing and all, but we can wait to see your vacation or ...other... pics more than 15 minutes after you take it. A camera does not need to be directly connected to the internet, and all it does is open up potential security flaws. Find a good way to remotely exploit this and next thing you know, you can just take a vacation vicariously, through someone's (unsuspecting) lens. With the way tablets, smartphones etc are going, they can be great and (more) secure gateways to posting things, plus it gives you the chance to *filter* your photos...
As I mentioned above, the real point of the wifi link is NOT for sharing the photos. It's to remote control the camera so that you can either control it without touching it (say when doing astro-photography, where simply touching the camera will throw your whole system out of whack), doing tasks that you can't do hands on (Focus micro-adjustments, highly useful when doing product photography), or controlling the camera when it is placed in an otherwise inaccessible location.
The other main use for the wireless dump capability is in the studio... Mom and dad are getting pictures taken of the kids & dog, and this capability allows the photog to dump the photos in real-time to a neighbouring computer, so they can see exactly what's coming out. In either case, the camera itself isn't typically "on the internet"
The (wrong) assumption by Canon is that the camera will only be used on private networks, since in professional situations, that's normally what you would have anyhow.
...si hoc legere nimium eruditionis habes...
So at a sports event, a photographer might have one down behind the goal with a wide-angle lens, another pointing at the other goal, etc. etc. etc. - all uploading to the photo agency for up-to-the-moment imagery. Newspapers needed things soon, the internet needs it now.
Still decidedly embarrassing if they are so easily compromised, of course.
And now all I have to do is put myself somewhere in range of the remote controlled cameras, find an exploit, publish their photograph first and take credit for it. Much faster and easier than actually doing all the work.
I see where this technology is potentially very useful, but just like compromised "smart meters" and other "smart" appliances, cameras don't need to be a part of the "internet of things" unless you're cool with someone potentially watching everything you do with it.