Your Wi-Fi-Enabled DSLR Could Be Used by Others to Spy On You

canonwifisecurity

If you’re the proud owner of a Wi-Fi-connected digital camera, there’s something you need to be aware of: your camera could be used to spy on you.

At the hacker conference Shmoocon 2013 last month, German security researchers Daniel Mende and Pascal Turbing reported on findings that Internet-connected cameras can easily be exploited and turned into spy cams.

Vulnerable cameras could be accessed and controlled by others through a web browser
Vulnerable cameras could be accessed and controlled by others through a web browser

The researchers were able to take advantage of a security flaw in the Canon 1D X DSLR, stealing information sent to a network from the camera and taking complete control over the camera itself.

Unlike computer servers, cameras do not contain logs that would allow unauthorized accesses to be detected and/or discovered after the fact.

Here’s a presentation (it’s nearly an hour long) in which the duo reports on their findings, detail how the attack is carried out, and share tips on how to keep your cameras and network connections secure:

YouTube user BobHousedorf2 summarizes the findings this way:

Basically, it comes down to: use WEP. If you buy a new Canon 6D, use WEP, or, if the 6D doesn’t support WEP, don’t buy it. (Or if it doesn’t support some form of advanced network connection encryption, like WPA).

The problem isn’t just with cameras that come with Internet connectivity, but also memory cards that add that type of connectivity to non-connected cameras.

(via Help Net Security via Boing Boing)

Discussion