Wi-Fi Enabled Digital Cameras Easily Exploitable

An anonymous reader writes with some news that might make you think twice before getting a network-enabled camera. From the article: "Users' desire to share things online has influenced many markets, including the digital camera one. Newer cameras increasingly sport built-in Wi-Fi capabilities or allow users to add SD cards to achieve them in order to be able to upload and share photos and videos as soon as they take them. But, as proven by Daniel Mende and Pascal Turbing, security researchers with ERNW, these capabilities also have security flaws that can be easily exploited for turning these cameras into spying devices. The researchers chose to compromise Canon's EOS-1D X DSLR camera and exploit each of the four ways it can communicate with a network. Not only have they been able to hijack the information sent from the camera, but have also managed to gain complete control of it."

Excellent!

[ColdWetDog]

Now it should be simple to make a smartphone app to control the camera. Before, you had to get the API from the manufacturer, sign an NDA, often pay money and then pour through the poorly documented mess.

Progress!

Toxic content

Hijacking thousands of vacation pictures may prove fatal to the pirates who steal them, contracting terminal boredom. Meanwhile, spies and celebrities should avoid using cameras with remote access vulnerabilities

Re:Toxic content

[geekmux]

Hijacking thousands of vacation pictures may prove fatal to the pirates who steal them, contracting terminal boredom. Meanwhile, spies and celebrities should avoid using cameras with remote access vulnerabilities

Uh, are you sure about celebrities? I heard Kim Kardashian is coming out with her own signature series camera. Apparently it's got some pretty cool features, including a free exclusive contract with a top director in the adult film industry...

Security never was a concern

[Nyder]

The makers of the camera's want to produce the cheapest camera for the highest amount of profit possible. Spending money on securing the add features that consumers want (ie. wifi) cuts into the bottom line.

Will it stop consumers from buying the models? My guess is no.

What will the camera makers do? Make a new model, same as the old model, but with added security features. Of course, you will pay 50% more for the new "model".

Re:Security never was a concern

The build COST on a 1D-X is nearly $4000USD. Cutting corners in software was not high on the list.

Re:Security never was a concern

[citizenr]

Of course it was. $4000 camera, and it still cant manage flash filesystem properly and will corrupt saved files if you insert a card with non continuous space (plug card into computer, delete few random pictures, insert into camera, happy recovery).
Canon, Nikon, Sony and other mayor manufacturers ALL recommend you to
-format card in the camera, not in computer
-never edit/delete files in the camera itself

Re:Security never was a concern

[citizenr]

Yes, delete button is right there, and will happily help you corrupt all of your data on the card, in $4000 camera. Thats the point. Software in those cameras is GARBAGE. Wifi link being open to all kinds of exploits is not really surprising.

btw new ExFAT filesystem brings even more garbage 'someone wrote it and it kinda works, lets not touch this" code to new hi-end cameras.

Re:Security never was a concern

[Ford+Prefect]

Yes, delete button is right there, and will happily help you corrupt all of your data on the card, in $4000 camera. Thats the point.

What on Earth are you doing with your cameras? I've been deleting unnecessary photos from cameras for years, as well as using the memory cards for general file storage (somehow I still have no USB memory whatsits) - and I've yet to suffer from any file corruption. I do tend to reformat cards that need emptying rather than mass-deleting files, but that's mainly 'cause it's much quicker that way. I've frequently had full cards that I've pruned photos from so I can take some more. (Experience mainly with Canon dSLRs, but also with Fujifilm, Minolta, Panasonic etc.)

I suspect my habit of only buying decent memory cards has caught up with me yet again. :-(

Re:Security never was a concern

[m.dillon]

I do sometimes delete photos in-camera, usually three or four out of every 100 or so I take, but generally I recommend (and also for myself) NOT to delete photos in-camera because it's easy to miss things you might want to keep when you try to review pictures on such a small display.

But I've never had an issue with any of my Canon's corrupting the SD card.

-Matt

Re:Security never was a concern

[m.dillon]

EYE-FI SD cards are cool, but storage capacities trail what you can get with a straight storage card. So for example you can get a 16G EYE-FI card, but a SanDisk Extreme SDXC card comes in capacities up to 128G.

EYE-FI has other problems, including fairly slow WIFI transfer speeds. WIFI tends to drop out unless you are transferring to a storage device on your belt, and a 4G hotspot setup doesn't work very well when you are taking RAWs. I would not rate EYE-FI as a professional-level product, frankly.

Sometimes quality and dependability trump convenience. My preference is to stick to normal storage cards and not have to worry about some WIFI snafu messing up my ability to take pictures. EYE-FI has its benefits, but it also has a lot of moving parts (software-wise).

-Matt

Re:Security never was a concern

[dgatwood]

The makers of the camera's want to produce the cheapest camera for the highest amount of profit possible.

I wonder if this exploit is the reason why Canon didn't release a Wi-Fi/GPS-capable EF-S camera body last week (70D, rumored) like just about everybody expected (and like a sizable percentage of Canon DSLR users are holding out for).

It just seems bizarre that such largely consumer-centric features are unavailable except in their pro DSLRs, which won't work with any of their consumer-priced lenses. Only a company with Canon's decades of experience can create a product line so completely upside-down for so many years without getting completely laughed out of the market.

Re:Security never was a concern

[kwbauer]

I don't know how many times i've had to try to recover photos because somebody used the delete button....WTF?

Yeah. WTF are you talking about. I've deleted individual photos on camera and on the computer with both Nikon's and Canons. I've even added folders and stored photoshop and word docs on them and put them back in the camera and they work just fine. They simply ignore those files (and folders) and remove the space they use from the available space.

I suggest that the reason you have to recover so many photos is because people, you know, used the delete button and it, you know, performed exactly as advertised: It removed the chosen file from the list of files and added its space back to the free space. Just be glad they didn't implement secure delete functionality.

Re:Security never was a concern

[hairyfeet]

Right me and that other guy just made it up for...why exactly? Or maybe, just maybe, you got lucky or chose a really good model? The Olympus cameras don't seem to have this problem but a LOT of the cameras sold in your B&M stores DO have this problem. Looking at the forums its just as the other guy described it in that their software doesn't know what to make of free blocks in the middle of non free blocks and freaks the hell out.

But just because you haven't seen it, especially when you don't actually work in retail, don't mean squat. Hell I can introduce you to a guy that swears WinME is a great OS because hey! Works for him. Don't mean its a great OS though, just means it works for him. Working computer retail I tend to see things that the average Joe may not run into, like how Win 8 seems to shit itself quite often on low to mid tier laptops. If you never buy low or mid tier? Hell you'd never know it, doesn't seem to happen on the high end systems, just the way it works.

Re:Security never was a concern

[Ford+Prefect]

Right me and that other guy just made it up for...why exactly? Or maybe, just maybe, you got lucky or chose a really good model? The Olympus cameras don't seem to have this problem but a LOT of the cameras sold in your B&M stores DO have this problem.

Which manufacturer and camera models suffer from this problem? I'd be interested to know, so I can recommend against them.

(I've helped out with a fair amount of digital camera stuff for friends and relatives, and I've never actually seen a corrupted memory card. Plenty of accidentally deleted photos, one accidentally formatted card, one memory card that was flat-out dead, but no corrupted filesystems.)

Re:Security never was a concern

[Deep+Esophagus]

I have about the cheapest camera you can get, a Kodak® EasyShare® I got at Walmart® three or four years ago for maybe $40 (it was their Black Friday special). Sometimes the lens won't go in and out all the way because it got sand in it. And yet... there has never been any problem with the software. Delete random photos out of a bunch directly on the camera, no problem.

So... if a couple of folks on here say that deleting files has caused file system corruption and a couple of other folks have stated they never saw such problems, who's to say which viewpoint is more common? We'd need a slightly bigger sample size than 5 or 10 self-selected nerds before we could draw any larger scope conclusions from the bit of anecdotal evidence presented here from both sides.

Things that don't need to be connected to the inte

[jazzdude00021]

Seriously, this is one of them. I love the idea of sharing and all, but we can wait to see your vacation or ...other... pics more than 15 minutes after you take it. A camera does not need to be directly connected to the internet, and all it does is open up potential security flaws. Find a good way to remotely exploit this and next thing you know, you can just take a vacation vicariously, through someone's (unsuspecting) lens. With the way tablets, smartphones etc are going, they can be great and (more) secure gateways to posting things, plus it gives you the chance to *filter* your photos...

Been paranoid since the printers got wifi

[eksith]

This trend of making all things that exist wireless can have pretty bad consequences if companies aren't held accountable for what they produce. I'm sorry, it's not hard. It just takes code correctness and some discipline to not take a route only cause it's easy. I'm not naive; I understand being first out of the gate matters, but making that a priority at the cost of some basic security is unacceptable.

If the programmers aren't delivering on time or creating insecure code, then part of the problem may be management. As Scott Adams wrote today, Management exists to minimize the problems created by its own hiring mistakes. It's some kind of endmic disease that technical people are expected to push through a product quickly first, securely second.

Re:Been paranoid since the printers got wifi

[darkfeline]

not hard
code correctness
discipline

I would like to move to your country.

Re:Things that don't need to be connected to the i

Interesting, but the article itself mentions a camera body that's meant for professionals who are handed contracts to deliver photos within a time frame following events. (most MAJOR sporting events the photos need to be uploaded from the camera back to a central repo within 4 hours of the event, so they can go to print for the following morning. )

Saving a few minutes here and there is KEY to getting ahead in that industry.

Re:Things that don't need to be connected to the i

[fustakrakich]

On the contrary. When recording the police, it's best to upload live, so when they steal your camera, they don't get the footage.

Re:Editors are people who EDIT!

[YrWrstNtmr]

We can achieve cameras by adding SD cards? What?

We can achieve adding Wi-Fi capabilities to cameras by adding an SD card, yes.
Eye-fi. And yes, mine works quite well.

At first glance,homesecurity looks like a cash cow

[GoodNewsJimDotCom]

The cost for web cams and 100' USB cables is like 20$. So give a home 5 security cameras for $100. Hook em up on their computer and have code that records a buffered state so far back. Or if you're concerned about disk space, attach motion sensors to the recording states. Write some software that allows them to check out their house on their smart phone. Installation shouldn't take more than a a few hours.

So if you wanted to start your own security system, you'd be back 100$ for 5 cameras/cables. You'd need to write some code, or have someone write it for you, but this is only a one time cost. And you can charge people 45$/month or a one time fee of 500-700$, and that is way cheaper that what is on the market, and what is on the market doesn't let you check your security cameras from your smart phone.

Home security looks like a cash cow at first glance, what am I missing besides lawyer stuff?

Re:Things that don't need to be connected to the i

[YrWrstNtmr]

Eye-fi.
It only talks to networks you have told it about. Ad-hoc to a laptop, or to a wifi router. Via WPA. It does not talk directly to 'the internet', unless you tell it to. It can upload directly to flickr/facebook/etc....if you tell it to. I don't.

I do a lot of macro photography at home , and not having to swap the card between camera and PC is a godsend.

Is it exploitable? Don't know. Maybe.

Now...if I were going to attend an 'event' where my camera might get confiscated, I might have a nearby compatriot with a netbook in his backpack, and the camera continuously talking to it. Not that I'd put myself in that position, though.

$4000 production cost?

[davidwr]

Is that the marginal cost of production, the amortized cost of production (i.e. sunk costs spread out over the entire production run), or the amortized costs of production, marketing/sales, support (warranties aren't free, folks), etc.?

Re:At first glance,homesecurity looks like a cash

[YrWrstNtmr]

Home security looks like a cash cow at first glance, what am I missing besides lawyer stuff?

The plethora of cheap, standalone, multicam systems by Lorex, Zmodo, etc that already do this.

Re:Things that don't need to be connected to the i

[Ford+Prefect]

It takes about 10 seconds to remove the memory card and plug it into a tablet/laptop/whatever. Unless you need photos uploaded essentially as you shoot them (which I suspect woudn't work very well at the same time you were taking new pictures), there is no reason to have the camera able to connect to a network.

You're kind of assuming the photographer is right next to the cameras - professional wireless whatsits (e.g. Nikon and Canon) are intended for full remote control of multiple cameras. So at a sports event, a photographer might have one down behind the goal with a wide-angle lens, another pointing at the other goal, etc. etc. etc. - all uploading to the photo agency for up-to-the-moment imagery. Newspapers needed things soon, the internet needs it now.

Still decidedly embarrassing if they are so easily compromised, of course.

Not unexpected but...

[m.dillon]

Not unexpected, but its kinda hard to take candid photos from a hijacked camera when the lens cap is on. And those WIFI systems are not generally left on anyhow.

I don't understand why they used a 1Dx though, which would require an external WIFI adapter to even have a WIFI capability. I would be more interested in penetration testing something like the Canon 6D which has the WIFI built-in. I fully expect there to be holes, Canon's WIFI software has always been quite primitive and even the new stuff is still quite primitive.

But if we make enough noise and Canon will fix it in a software update.

Currently I only use the 6D's built-in WIFI to be able to review pictures in-camera from an android tablet... quite a useful feature. I'm not particularly worried about hijacking there since the Camera's WIFI transmitter has rather limited range. And most of the time the WIFI is turned off anyway since it eats the battery otherwise.

-Matt

Re:Not unexpected but...

[djmurdoch]

Lots of cameras have microphones. Those work with the lens cap on. For example, the Canon EOS M has a stereo mic and WiFi. Since it doesn't have a hideaway lens, it would be easy to forget to turn it off when you put it away -- I do that a lot with my DSLR.

Good trick

[egcagrac0]

managed to gain complete control of it

Aiming the camera under remote control via software is a pretty good trick. Ordinarily, you need to mount it on a pan-tilt device.

Removing the lens cap from software is another good trick. Powering the thing on remotely with batteries removed is amazing.

Yes, this is pedantic, but I'm guessing they don't have complete control of the camera. They may have control of the camera software.

Re:Things that don't need to be connected to the i

[Sigg3.net]

So a devious photographer may create an automated wifi entry and corruption script and fire it up on a critical event, walking away with the only usable money shot.