Slashdot Mirror
150 Filmmakers and Photojournalists Call On Nikon, Sony, and Canon To Build in Encryption (zdnet.com)
Some of the world's leading photojournalists and filmmakers are calling on the manufacturers of the cameras they use to add encryption to their products, as the number of threats they face from having their devices seized is "literally too high to count." From a ZDNet report: Over 150 documentary makers and reporters signed an open letter by the Freedom of the Press Foundation, asking for camera makers -- including Nikon, Sony, and Canon -- to ensure that their work is protected while often "attempting to uncover wrongdoing in the interests of justice." "Documentary filmmakers and photojournalists work in some of the most dangerous parts of the world, often risking their lives to get footage of newsworthy events to the public," said Trevor Timm, the foundation's executive director. But, he said, "they face a variety of threats from border security guards, local police, intelligence agents, terrorists, and criminals when attempting to safely return their footage so that it can be edited and published." The filmmakers say that camera security has lagged behind the rest of the industry, leaving their work "dangerously vulnerable."
Customer firmware is available for many cameras. Seems to me this can be addressed (or maybe it has already?) by 3rd parties. It might not be universal to every brand and model camera, but it should be possible to achieve this on specific models, which the photographers would then select from for use in these kinds of situations.
Better known as 318230.
Blanket policy at the border... confiscate all cameras.
Duh.
In the free world the media isn't government run; the government is media run.
If you're a photojournalist and your memory card is encrypted, you're just never going to get it back intact. And if you really need the data to go straight to encrypted storage, well, there's a way to do that. Although I'm not sure if those Wi-Fi memory cards (you know what I mean, I forget what the brand is) use meaningful encryption anyway...
Are journalists actually not just having storage devices seized in those situations?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
It's not encryption. They need a sim card and a good antenna that can let them either stream data out live or immediately push data to DropBox or Google Drive.
*sigh*
https://xkcd.com/538/
Much better to have a camera that autoloads the pictures onto a website far, far away, so that even if they are forcefully erased by the authorities, there is a copy somewhere anyway.
Or a camera with a kill switch that would act like the digital equivalent of "opening the film tray" and blanking it in a second... Could fry the microSD card, or wipe it clean.
... works in all jurisdictions.
I don't get it. If a corrupt government official finds a SD card with encrypted images on it, the SD card would hit a shredder, or the $5 wrench from xkcd.com/538 will "decrypt" the photos with ease.
What is needed is a way to upload the photos off somewhere that the photographer nor the junta goons can reach, or something like PhonebookFS that allows some encrypted pictures to be shown, but even with that, there is always unreadable chaff thrown in that can never be decrypted, just for plausible deniability.
I really like my Nikon. It's only about two years old, and I made sure to get one with all the bells and whistles, so it still works delightfully for my needs. But if one of the major SLR manufacturers built in decent encryption, I do believe this would make me go out and buy a new one. And if it isn't Nikon, I'd still make the switch and get all new lenses for it.
There are these ultra-hi-tech devices that can do advanced processing in-camera with a computer, but they can't do what should have been a major selling point from day one when the very first digicams started appearing in the 1990s: protected images and video. The obvious method for authing would be your thumb's print, but sure, I could go for pressing its various buttons in a certain combination or something to unlock it.
And they are not even doing this today? Wow. I have to constantly remind myself that I live in the future tech-wise, because it all fucking sucks.
Since this may involve (corrupt) government, nothing prevents them from detaining you, drugging you, and hitting you with a $5 wrench until you give them your password.
I would say the level of encryption should be close to the plausible deniability that TrueCrypt had been touting about: one storage space that contains "meh" evidence, and one hidden space to store the condemning evidence.
Here's the link to the letter, if you don't want to read Whittaker's reporting: https://freedom.press/news/ove...
So instead of having their camera confiscated and examined, and the photos deleted, they could be risking being forced to reveal their password with some unsophisticated methods (having in mind that they work in some troubled places)
If companies that make cameras are like any other companies (and they are) there will be things like location tracking, secret watermarking, personal info and identity tracking, backdoors and a host of other "features" coming soon to cameras. Similar to a cellphone, those so-called features might be defaulted to turned on or constantly trying to trick the photographer to turn them on every time the photographer uses the camera (I'm looking at you, google).
Sure, built in encryption and/or uploading to a file locker/server that you control would be ideal... but what's stopping these photojournalists from ... encrypting the data themselves on a laptop or tablet? Why is this written as if once they take the photo, there's nothing they can do to protect it if there isn't an option in the firmware? C'mon guys, if you're fighting for great justice, maybe learn how to use a computer, get an aircard and upload that shit?
640k ought to be enough for anyone.
in the days before digital, security personel just ripped out your film - if you protested, they also "accidentially" dropped the camera and stepped on it "hard." no encryption is going to solve this - the best you can hope for is an uneducated security guard/policeman/border soldier and the ability of a camera to hide fotos from the normal browser.
Another feature restricts playback to a single folder, rather than all the folders in chronological order.
It became very handy when I was abusively threatened with arrest unless I deleted the pictures I took of an abusive train ticket inspector...
Afterwards, I climbed the few stories to the transit authority headquarters to lodge a complaint against that inspector, who eventually got fired...
Why not simply employ a Sat-phone-like device to upload the data on the fly (assuming they can get a signal)? The data can be transmitted before the SD is compromised. Then, it won't matter if the SD is compromised.
In a similar fashion, have an SD card reader for a cellphone for instances where a cell signal can be received (i.e. domestic use).
Alternatively, simply build cell / encryption capability into the camera itself.
-- RD
It doesn't solve the $5 wrench problem.
How many xkcd links is there going to be in this thread? There's already three without this post.
This is absolutely stupid op-sec.
Do you want to be held in custody until you release the keys? What if you don't have the keys?
You'll end up in prison, in a country where you have no rights.
Click the "Security Button" to "feel" secure. Because that's what you're asking for.
This is something that struck me as well. As it is, we get pretty detailed photos from our phones, if there is a necessity to immediately encrypt them or back them on the cloud, or do anything w/ them that needs to be online.
But if someone is using an actual SLR camera, then why not just let the camera do the basic stuff - taking photos or videos? Once they are back at the office/hotel, they can take out the laptop, transfer all the files, encrypt it, upload it to the crowd and do whatever. If they have to do the encryption and data transfers right at the spot, then just use the phone. But having 2 completely different classes of products just increases the risk that one of them will go the way of the dodo.
If there is the fear that corrupt or tyrannical authorities would confiscate them, that's a risk they run every moment. Such an authority would probably already have control over all ISPs in that country, making it impossible to do a mobile cloud back-up. Best solution would be copy the stuff to the laptop and encrypt it there, rather than make 3 camera companies make something that adds hundreds of $$$ to the price of a camera
For all of you quoting XKCD or talking about rubber hose cryptography, I have three words: Public Key Cryptography
There is no reason why a keypair can't be generated on a safe computer in a safe country and only the public key gets loaded into the camera, while the private key remains safe. The border people could still eat the memory card, and they could add new encrypted photos/videos to it using the public key, but they couldn't view old stuff.
You could even set the system up so that the encryption key gets encrypted twice, once with the NV public key, and once with a volatile key that gets erased after a few minutes, or at the press of a button. That way the photographer would have time to make sure they got the shot they wanted.
See that "Preview" button?
While this request has DRM implications I really don't like (lense to screen encryption) and is no doubt an MPAA wet-dream, I unfortunately have to support this, as the clear and present danger to journalists, and the potential for regimes like the Trump Administration, Putin, et. al. to distort or destroy evidence of wrongdoing, demand something like this. At least with encryption journalists can keep their data safe, and if done properly, we can detect changes to the raw video/audio data. Both of which will be critical if we don't permanently want to live in a so-called "post-truth" reality (which really means "nothing but lies, lies, and more lies" reality).
The Future of Human Evolution: Autonomy
The sickening sound your camera makes as you photograph the cop beating a man on the street.
Mandated by law.
Ya know why it will never really happen , THINK SNOWDEN
Take pictures/movies, download to laptop, encrypt, store in tiny USB drive, hide it somewhere, delete original content from camera.
There are tool out there that can store content in USB drive areas which are not visible (store data in unused USB drive space).
All this, assuming you have no internet connection, otherwise it's just too trivial.
Because Big Brother's answer will simply be to automatically treat all cameras as devices to be seized instead of cursorily examined. What you need is a device that can be hooked up to the camera's USB port emulating a printer. Choose the pictures you want, transfer, the device can write them to a microsd card with any encryption you want. Then delete the stuff you don't want seen. All you have to do is hide the microsd.
YOUR HIRED...by TRUMP
Wifi upload is the best. But failing that, steganography is second best. Take lots of photo of parades and landscape. There should be ample extra bits to save the photo/video that you wish to hide amongst the bland photos.
... why are we talking about professionals?
LEO wants to ban encryption period
It little behooves the best of us to comment on the rest of us.
If Nikon, Sony, and Canon (for example) handled it like the MPAA, we'd end up with: the encryption can only legally be unlocked on licensed products (in certain countries) and don't allow making copies of the files. Instead, you'll need to buy a license per-format to export it to the file you want, such as an iPhone or an HD TV. Ensure that the file can only be exported in the country the license was purchased in and may not be moved to another country. Make some kind of claim of "you're not really buying our camera's - you're buying a license to use them" - then sue for 10x the actual damages for any studio/reporter/etc that makes copies, backups, or anything else related to making a film that infringes on the license.
I doubt there's a good way to encrypt and write RAW to an SD card in real-time and maintain the rapid capture rates everyone wants. You'd need a relatively large processor and cache, which would then become the new point of attack.
Cameras lack a secure erase.
Cameras lack a decent secure upload if they have wifi at all. Secure wifi drivers are probably a problem.
Cameras lack encrypted storage (which should be done in a way that does not indicate the user trashed the key.)
Cameras give off forensic information identifying the brand and possibly the model camera (I'm not talking about metadata but analysis of the CCD noise at full resolution, which I read exists even after jpeg compression; plus dead pixels could be a fingerprint.)
Cameras lack the option to strip out metadata.
Cameras will 1st probably get a censorship recognition feature: using special visual codes during a movie or a government location disabling the camera or notifications sent.... features which will be abused.
Democracy Now! - uncensored, anti-establishment news
A rubber hose and a few other things will make short work of whatever is done.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Do it on your own! You want to secure the photos on the memory card (which most camera makers DO NOT include), then it should be up to the end user, to secure those files, not the camera maker. What I fear, is they will bow down and do it, and even in RAW mode, it could somehow have an impact on the file, and could corrupt it and then where will you be?
Seems to me this would be better|easier solved via a custom SD-card, as opposed to the camera itself.
I'm sure Sandisk, Samsung and co could come up with a Compact-Flash or SD-Card that was more akin to a SSD (with TPM-like chip).
Sounds more like the technically-challenged thinking something is a good idea. Like how so many people are replacing all their old audio-gear to get something with bluetooth... when you could just add a $20 bluetooth dongle to your existing kit.
You actually think that excuse will play in the Ayatollah's Iran?
You really think they won't look for this? This is juvenile level shenanigans.
I can count pretty damn high, since I know basic math, my ability to count only stops when I get tired.
So, "literally too high to count" (from the summary) is BS.
So rise up, all ye lost ones, as one, we'll claw the clouds.
It only leaves the public key on the phone, and the private key on your computer (which presumably is in a safe environment), and encrypts the files one-way. You can't even review them on the phone itself. Needless to say, nobody understood what the app was for... so I pulled it.
Religion is what happens when nature strikes and groupthink goes wrong.
When the man with the gun, in the law-less corner of the world, asks you to un-encrypt your footage?
Encryption takes time. When you're shooting photos or video you need something that works now. You need to capture the moment, not 5 seconds later,
You say things that offend me and I can deal with it. Can you?
Documentary makers often do not have permission from God to film the environment yet now they want end-to-end encryption so they can maybe restrict who sees the film. That reeks of hypocrisy and is colloquially the pot calling the kettle black, and therefore should not be allowed.
Like in the UK.
That should teach tech-obsessed journos who is boss.
Any questions ?
Do you know how much time encryption would add to the photo process ?
Right now we have to buy the blistering fast cards in order to utilize extended shooting with fast frame rates.
Even THEN, the cameras will eventually fill their buffers because we can't write to the cards fast enough.
Imagine how long it would take to write a dozen 30MP+ shots to the card if we encrypted them first.
Besides, your Smartphone is likely protected by a password and they have no issues with beating it out of you, using a hack to get in or just jailing you for not providing the key upon demand.
I don't see any positives from adding encryption to a camera platform.
For some Canon EOS cameras, there is the free Magic Lantern alternate firmware, which supports optional encryption :
https://www.magiclantern.fm/forum/index.php?topic=9963.0
Well for one they are ridiculously expensive unless you already have one. Even if you do, the "plans" are exorbitantly expensive. They make the worst cell phone plans look like [insert some cheap analog here]. Particularly when dealing with video and large image files it just isn't feasible.
Places like China already have strict policies on what people with cameras can take pictures of and you must hand over those pictures to government officials and they will decide which ones you can take out of the country. All that will happen is if a border guard encounters encrypted photographs it will become standard policy to seize the camera, delete the pictures, then hold the photographer in prison until he decrypt's those (now nonexistent) pictures.
I'm not sure these guys understand what'll happen if there's in-camera encryption. I can see at least two possible outcomes:
1. The device is encrypted, so the authorities just take and destroy it
2. The device is encrypted, so the authorities just take and destroy it, and kill the jouro when they refuse to unlock it.
I'm not sure either of these are really want the person in question wants. I can think of other issues (and you can too), but encrypting the device is probably not the right answer.
... the autism-hating, custom EpiPen-hating, Musk-hating Slashdot troll!
Beyond the encryption issue addressed in this article, the inclusion of cryptographic features in cameras could offer an authentication feature. Hash the image in its RAW format, sign the hash and store it in the meta data. Do the same thing for the "thumbnail" JPGs that some cameras offer. Now you could tie a given image to a given camera and know that it had not been modified. Of course each camera would need to have its own key pair, and the manufacturer would have to warehouse the private keys and provide the validation service that verified an image was signed by a particular camera ...
And there are lots of situations that tying an image to a given camera might not be beneficial.
Probably too much work ...
Shooting film might be a smart move in these situations I doubt many of these border guards have a dark room handy.
Don't these fools know that US emforces an embargo on encryption?
So if these camera manufacturers build in encryption, their camera cannot be shipped to countries such as China since US will stop the shipment!
Comment removed based on user account deletion
How's life in the hypocrite lane?
Meanwhile it is already possible if you have a Samsung NX series camera (which runs Linux) https://sites.google.com/site/nxcryptophotography/
I don't think "simply" means what you think it means.
Why not simply employ a Sat-phone-like device to upload the data on the fly (assuming they can get a signal)? The data can be transmitted before the SD is compromised. Then, it won't matter if the SD is compromised.
Which part of that is "simply" to you ? the expensive equipment that weighs almost as much as the camera, the expensive data plans or the very low bandwidth that makes uploading even single pictures a mini-vacation in itself ?
Alternatively, simply build cell / encryption capability into the camera itself.
Ah. To you "simply" means just that you can write it in few words.