Police Bodycams Can Be Hacked To Doctor Footage, Install Malware

AmiMoJo shares a report from Boing Boing: Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible. All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. None of the devices use code-signing. Some of the devices can form ad-hoc Wi-Fi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.

Hack the Police, ch-ch-ch-ch--ch!

I hacked the sheriff, but I did not wipe his bodycam... ooo oooo

Early Warning System

[_Sharp'r_]

Need to know if there are any cops around for your illegal business? Don't worry, you can just setup a wifi scanner on your phone to alert you when a cop's camera comes within range! Effective at least a couple hundred meters and probably up to a km!

Government purchase contracts and decision-making has a poor reputation for a reason. This is just yet another example in a very long list.

Re:WiFi?

[fyngyrz]

Why in the name of FSM are these things WiFi enabled? Why is that circuitry in there?

Supervisor / lawyer / etc.: We need the bodycam footage
Cop: Um, dropped it in the canal / off a cliff / lost it by accident, sorry, storage and camera lost
Judge: Case decided in favor of cop's verbal testimony

...that's why.