Forgot your password?
typodupeerror
Privacy Security IT Your Rights Online

Wi-Fi Enabled Digital Cameras Easily Exploitable 96

Posted by Unknown Lamer
from the say-cheese dept.
An anonymous reader writes with some news that might make you think twice before getting a network-enabled camera. From the article: "Users' desire to share things online has influenced many markets, including the digital camera one. Newer cameras increasingly sport built-in Wi-Fi capabilities or allow users to add SD cards to achieve them in order to be able to upload and share photos and videos as soon as they take them. But, as proven by Daniel Mende and Pascal Turbing, security researchers with ERNW, these capabilities also have security flaws that can be easily exploited for turning these cameras into spying devices. The researchers chose to compromise Canon's EOS-1D X DSLR camera and exploit each of the four ways it can communicate with a network. Not only have they been able to hijack the information sent from the camera, but have also managed to gain complete control of it."
This discussion has been archived. No new comments can be posted.

Wi-Fi Enabled Digital Cameras Easily Exploitable

Comments Filter:
  • by YrWrstNtmr (564987) on Monday March 25, 2013 @10:37PM (#43278175)
    We can achieve cameras by adding SD cards? What?

    We can achieve adding Wi-Fi capabilities to cameras by adding an SD card, yes.
    Eye-fi [www.eye.fi]. And yes, mine works quite well.
  • by Ford Prefect (8777) on Tuesday March 26, 2013 @12:46AM (#43278711) Homepage

    It takes about 10 seconds to remove the memory card and plug it into a tablet/laptop/whatever. Unless you need photos uploaded essentially as you shoot them (which I suspect woudn't work very well at the same time you were taking new pictures), there is no reason to have the camera able to connect to a network.

    You're kind of assuming the photographer is right next to the cameras - professional wireless whatsits (e.g. Nikon [bhphotovideo.com] and Canon [bhphotovideo.com]) are intended for full remote control of multiple cameras. So at a sports event, a photographer might have one down behind the goal with a wide-angle lens, another pointing at the other goal, etc. etc. etc. - all uploading to the photo agency for up-to-the-moment imagery. Newspapers needed things soon, the internet needs it now.

    Still decidedly embarrassing if they are so easily compromised, of course.

  • by m.dillon (147925) on Tuesday March 26, 2013 @12:49AM (#43278723) Homepage

    I do sometimes delete photos in-camera, usually three or four out of every 100 or so I take, but generally I recommend (and also for myself) NOT to delete photos in-camera because it's easy to miss things you might want to keep when you try to review pictures on such a small display.

    But I've never had an issue with any of my Canon's corrupting the SD card.

    -Matt

  • by m.dillon (147925) on Tuesday March 26, 2013 @12:56AM (#43278739) Homepage

    Not unexpected, but its kinda hard to take candid photos from a hijacked camera when the lens cap is on. And those WIFI systems are not generally left on anyhow.

    I don't understand why they used a 1Dx though, which would require an external WIFI adapter to even have a WIFI capability. I would be more interested in penetration testing something like the Canon 6D which has the WIFI built-in. I fully expect there to be holes, Canon's WIFI software has always been quite primitive and even the new stuff is still quite primitive.

    But if we make enough noise and Canon will fix it in a software update.

    Currently I only use the 6D's built-in WIFI to be able to review pictures in-camera from an android tablet... quite a useful feature. I'm not particularly worried about hijacking there since the Camera's WIFI transmitter has rather limited range. And most of the time the WIFI is turned off anyway since it eats the battery otherwise.

    -Matt

  • by m.dillon (147925) on Tuesday March 26, 2013 @01:22AM (#43278815) Homepage

    EYE-FI SD cards are cool, but storage capacities trail what you can get with a straight storage card. So for example you can get a 16G EYE-FI card, but a SanDisk Extreme SDXC card comes in capacities up to 128G.

    EYE-FI has other problems, including fairly slow WIFI transfer speeds. WIFI tends to drop out unless you are transferring to a storage device on your belt, and a 4G hotspot setup doesn't work very well when you are taking RAWs. I would not rate EYE-FI as a professional-level product, frankly.

    Sometimes quality and dependability trump convenience. My preference is to stick to normal storage cards and not have to worry about some WIFI snafu messing up my ability to take pictures. EYE-FI has its benefits, but it also has a lot of moving parts (software-wise).

    -Matt

  • by kwbauer (1677400) on Tuesday March 26, 2013 @03:03AM (#43279065)

    I don't know how many times i've had to try to recover photos because somebody used the delete button....WTF?

    Yeah. WTF are you talking about. I've deleted individual photos on camera and on the computer with both Nikon's and Canons. I've even added folders and stored photoshop and word docs on them and put them back in the camera and they work just fine. They simply ignore those files (and folders) and remove the space they use from the available space.

    I suggest that the reason you have to recover so many photos is because people, you know, used the delete button and it, you know, performed exactly as advertised: It removed the chosen file from the list of files and added its space back to the free space. Just be glad they didn't implement secure delete functionality.

The clearest way into the Universe is through a forest wilderness. -- John Muir

Working...