Slashdot Mirror
150 Filmmakers and Photojournalists Call On Nikon, Sony, and Canon To Build in Encryption (zdnet.com)
Some of the world's leading photojournalists and filmmakers are calling on the manufacturers of the cameras they use to add encryption to their products, as the number of threats they face from having their devices seized is "literally too high to count." From a ZDNet report: Over 150 documentary makers and reporters signed an open letter by the Freedom of the Press Foundation, asking for camera makers -- including Nikon, Sony, and Canon -- to ensure that their work is protected while often "attempting to uncover wrongdoing in the interests of justice." "Documentary filmmakers and photojournalists work in some of the most dangerous parts of the world, often risking their lives to get footage of newsworthy events to the public," said Trevor Timm, the foundation's executive director. But, he said, "they face a variety of threats from border security guards, local police, intelligence agents, terrorists, and criminals when attempting to safely return their footage so that it can be edited and published." The filmmakers say that camera security has lagged behind the rest of the industry, leaving their work "dangerously vulnerable."
Customer firmware is available for many cameras. Seems to me this can be addressed (or maybe it has already?) by 3rd parties. It might not be universal to every brand and model camera, but it should be possible to achieve this on specific models, which the photographers would then select from for use in these kinds of situations.
Better known as 318230.
It's not encryption. They need a sim card and a good antenna that can let them either stream data out live or immediately push data to DropBox or Google Drive.
*sigh*
https://xkcd.com/538/
Much better to have a camera that autoloads the pictures onto a website far, far away, so that even if they are forcefully erased by the authorities, there is a copy somewhere anyway.
Or a camera with a kill switch that would act like the digital equivalent of "opening the film tray" and blanking it in a second... Could fry the microSD card, or wipe it clean.
Imagine you interview someone and they say something that might incriminate themselves. On the way back to the office the corrupt police take your camera. If the video is encrypted at least they don't have video of your source incriminating themselves.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
I think anyone with half a brain sees the benefit of having something encrypted vs. no encryption. With encryption your opponents may know you have something they don't want to see but they don't know what that something is. If you don't think it is worth that much you can give it up to them - no harm no foul. If it is something you might be murdered for having then I think you would want that hidden, even if it means eventually losing it or being subject to enhanced interrogation.
It also reduces the risk of "smuggling". Its exactly why Clinton ran her own e-mail server.
1) There is a chance you just get away with it
2) If you do get "caught" you have options; without encryption, if you get caught, for instance, exposing massive corruption, the outcome is entirely up to the corrupt.
3) The options are a) reveal what you have if it is not that bad b) deny you have anything but offer to delete or destroy the data or the camera c) you try to keep the data or they don't accept a or b and then you are in the same situation as no encryption but they still don't have the data.
Encryption is a tactical WIN WIN WIN.
And if you really need the data to go straight to encrypted storage, well, there's a way to do that.
Are you thinking of Eye-Fi? It doesn't work that way(*). It's a regular 32GB SD card with the wireless-copy-off agent read-only spying on the filesystem, so the photos are still written unencrypted to the card.
Once you write something unencrypted to blackbox flash like an sdcard, you can never really delete it because blocks are just "marked free". A very simple form of encryption would be:
- put a USB port on the camera that acts like an SD card reader
- put a TPM in the camera that is "effaceable"
- when formatting the sd card, rotate the effaceable key.
This would give a way to really wipe the SD card and do nothing else. Unfortunately it also means destroying the camera destroys all SD cards written by it, including ones hidden away.
A more complex form with similar limitations would be per-photo keys, so individual photos could be deleted by rotating the TPM master key and re-wrapping the keys of all the photos you don't want to delete.
The best form IMHO would be ecryptfs. With a little work Chromebooks could just mount the sdcard.
With a lot of work you could "pair" the camera with a user account on a laptop, wrap keys twice per photo, once symmetrically to the camera's TPM key and a second time with RSA to the laptop's key, and after an hour or two efface the symmetric keys so that the camera can only read photos its written recently.
A step further from that would be to pair the camera with your desktop on the other side of the border instead of your laptop so that nothing discoverable passes the border.
They need a sim card and a good antenna that can let them either stream data out live
First, you still have to store the data before you stream it, so you still need encryption. The "very simple form" would be enough, while without streaming the other forms make sense.
But second, cel service isn't reliable everywhere because infrastructure. For video it's a pretty high bar in cheapness and performance. Where it is, it gets shut off by the government during protests and may increasingly be so if your proposal becomes standard. Using a cel radio means your movements can be tracked which may be more useful to the adversary than the photos. Many people think "five eyes" has exploits for many cel radios which, depending on how the radio is wired up inside the camera, could allow debug access to main memory and bypassing dropbox TLS.
And third, there's a push to close the loop and deliver practical tools that get used instead of abstractly-ideal tools that end up having fatal flaws or no adoption, so I don't think this imagined tool should block the tool they're asking for.
(*) I don't have one. just reading pre-sales docs at eyefi.com.
Photo journalists do already have their devices seized. All the time. And they are often stripped of their memory card before before having it given back to them (if it is given back). The problem encryption is meant to solve is not to prevent the device from being seized, it's to prevent the seizing agency from having access to what you've been photographing. Photo journalists going behind enemy lines, taking pictures of rebels groups or doing interviews with people who want their faces blurred later. Losing the photographs altogether is not as bad as having the photographs fall into the hands of an adversary. They are already going to lose them if the device is seized. They just want the photographs to be safe if that happens.
Unfortunately, seeing encryption applied to new classes of devices is a controversial topic now. Not for the end user, who would support that. But governments across the world - across the (ironically named) "free" world - are aiming at encryption and labeling it as evil and helping the cause of terrorists and child molesters. The first time a camera comes out with encryption and is involved in child pornography will be huge. It will be splashed by law enforcement across every newspaper as showing how encryption is evil, how it's enabling criminals and terrorists, and how it's good that government should legislate back doors into every piece of encryption on the market. For that reason, until we settle the fight that is brewing about encryption and openly legislated (as opposed to the private ones the NSA strong arms into products already) encryption back doors are firmly rejected, I would like to see cameras remain free of encryption. I don't want to see another class of device used as propaganda and leveraged as a way of taking away more of our rights and privacy.
Do it on your own! You want to secure the photos on the memory card (which most camera makers DO NOT include), then it should be up to the end user, to secure those files, not the camera maker. What I fear, is they will bow down and do it, and even in RAW mode, it could somehow have an impact on the file, and could corrupt it and then where will you be?