Police Bodycams Can Be Hacked To Doctor Footage, Install Malware

AmiMoJo shares a report from Boing Boing: Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible. All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. None of the devices use code-signing. Some of the devices can form ad-hoc Wi-Fi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.

Hack the Police, ch-ch-ch-ch--ch!

I hacked the sheriff, but I did not wipe his bodycam... ooo oooo

Early Warning System

[_Sharp'r_]

Need to know if there are any cops around for your illegal business? Don't worry, you can just setup a wifi scanner on your phone to alert you when a cop's camera comes within range! Effective at least a couple hundred meters and probably up to a km!

Government purchase contracts and decision-making has a poor reputation for a reason. This is just yet another example in a very long list.

Re:Early Warning System

[HornWumpus]

The police lawyers will now make all the video inadmissible, as they could have been altered.

Bet there was no contract provision for not idiotically easy to own. It sounds like they just lifted the video code from a _cheap_ drone.

Re: Early Warning System

[c6gunner]

Sounds like the cameras are working as intended, then.

That is to say, police behave better when the cameras are on, which is why the significant majority of cases are found to support police actions.

Homer: Not a bear in sight. The Bear Patrol must be working like a charm.
Lisa: Thatâ(TM)s specious reasoning, Dad.
Homer: Thank you, dear.
Lisa: By your logic I could claim that this rock keeps tigers away.
Homer: Oh, how does it work?
Lisa: It doesnâ(TM)t work.
Homer: Uh-huh.
Lisa: Itâ(TM)s just a stupid rock.
Homer: Uh-huh.
Lisa: But I donâ(TM)t see any tigers around, do you?
[Homer thinks of this, then pulls out some money]
Homer: Lisa, I want to buy your rock.

Re:Early Warning System

[Cederic]

Haven't studies shown that the people with whom the police are engaging also behave better when the cameras are on?

So bad it looks intentional

[kaptink]

I find it interesting that important, critical even, systems such as police bodycams and election voting machines in this age appear to have almost an intentional absence of any sort of integrity mechanisms. And can quite literally be manipulated in minutes with next to no effort. These flaws are not complex. They are things that should be picked up by even the technically absent as just looking at the system overviews - no encryption, no signing, ineffective and easily bypassible authentication (if any) as obvious caveats to a resilient system. I just don't buy this as simple and frighting negligence. And where are the pen tests? I call shenanigans!

Re:So bad it looks intentional

Niche companies seeking high profit margins on lowball government contracts by skipping features that customer does not understand?

I'm shocked!

Re:So bad it looks intentional

[Solandri]

It's just the pick two rule. You can have these things made good, fast, or cheap - pick two.

Invariably, the first adopters pick "fast" and "cheap". The incentive to pick "good" doesn't appear until after a few catastrophic failure cases result in large negative consequences (bad publicity, loss of your job, government regulation, jail time) for failing to pick "good".

Re: So bad it looks intentional

[nasch]

That works well unless it's fairly easy to tamper with the cameras without leaving a trail. I'm guessing it's easy. It's a lot harder to commit all those other crimes without leaving any evidence, and anyway there are security measures to prevent many of them besides. Laws and security are not mutually exclusive.

WiFi?

[YrWrstNtmr]

Why in the name of FSM are these things WiFi enabled? Why is that circuitry in there?

On, record, download later.

Re:WiFi?

[fyngyrz]

Why in the name of FSM are these things WiFi enabled? Why is that circuitry in there?

Supervisor / lawyer / etc.: We need the bodycam footage
Cop: Um, dropped it in the canal / off a cliff / lost it by accident, sorry, storage and camera lost
Judge: Case decided in favor of cop's verbal testimony

...that's why.

I am not a computer engineer...

[argStyopa]

...but seriously, what the ever-living fuck?

I mean, does anyone designing mission-critical shit ever think of this crap? It's not like wireless hacking was invented yesterday.

Maybe police body cams should be recording into an encrypted drive and simultaneously streaming to a drive sealed away in a black box in the cop car for error checking? And have NO ability to adjust the system in any way but with physical contact with some sort of unique dongle that registers infallibly when it's been used.

So what?

[Harlequin80]

Officer is on duty. Something royally hits the fan and is captured on bodycam. Within a very short space of time, while still on the scene, the body cam is shut down and stored in an evidence bag. The providence of that evidence is documented and recorded.

From this point onwards the camera is powered off in a sealed tamper proof bag. It is then returned to the station and signed for. The bag is opened and the video is transferred to the storage system. Most likely the camera storage card is then also put into an evidence bag and sealed.

So where does the ability to hack these camera matter? You aren't editing the footage in any way during this window.

Just because a hack is possible doesn't mean there is a usage case for it.

Lets say you upload malware. Who cares. You manage to take out a camera or 2 before they get cleaned. meh.

Re:So what?

[nasch]

Is that actually how the cameras are treated, or just how we wish they were?

Re:So what?

[Harlequin80]

I don't know about US rules but it is under the rules for body cameras in Queensland, Australia.

There are currently ~12k police officers in QLD and ~3k body cameras available. The rules in QLD are"Unless impractical, when an officer is carrying a BWC, the device is to be recording prior to and during the exercising of a police power under legislation; or applying a use of force."

The policy goes on to define that in more detail, but it boils down to "if you are interacting or likely to interact with the public in any way have it turned on"

The particular cameras they use are also running all the time. But they only begin storing once the officer presses record. What they do have is a 30 second buffer built in, so that it will store the 30s prior to the "start" click.

The cameras have seemed to work at calming everyone down. There has been less assaults on police, less complaints against police, and higher charge to guilty ratio.

One particularly interesting thing is that the body cams are not mandatory, but the officers are choosing to wear them. Especially when they are operating in the entertainment districts.

Re:So what?

[AmiMoJo]

Cops turn up for a bust, but their ad-hoc wifi networks give them away.

Cops are conducting an operation and their ad-hoc wifi gets hacked, destroying evidence and exposing their unpatched Windows machines at the station to malware. Ransomware encrypts all their evidence files.

Cop does something illegal, decides they need to erase the bodycam footage.

Criminal does something illegal, decides they need to erase the bodycam footage.

Criminal exploits the insecure firmware update mechanism to load malware that disables the camera when certain wifi SSIDs are detected.

Criminal creates fake footage framing cops/rivals and plants it on police bodycam.

Criminal decides to brick all police bodycams with a bad firmware update.

That's just off the top of my head.