Security experts show how WiFi-enabled cameras can be hacked to spy on people
posted Tuesday, March 26, 2013 at 4:33 PM EDT
Sure, you may love your brand new digital SLR but what if you found out it was spying on you? That's the question posed by two German security experts who were able to exploit the weaknesses in a WiFi-enabled Canon EOS-1D X to turn it into a surveillance drone.
The researchers, Daniel Mende and Pascal Turbing with the German-based IT consulting firm ERNW, presented their findings in a long but fascinating (and frightening!) presentation at the SchmooCon 2013 hacker convention last month. Watch the hour-long video below.
According to Help Net Security, which first reported on the presentation by Mende and Turbing, the pair were able to exploit four ways in which the 1D X communicated with a wireless network. (While the 1D X has no built-in WiFi, it's compatible with Canon's Wireless Transmitter WFT-E6A dongle, which attaches to a side port on the DSLR.)
Along with wirelessly stealing photos from the camera, the WiFi infiltration would let hackers upload their own images into the camera or, most disconcertingly, allow someone to gain control of the 1D X and use it as a spy camera via its Live View mode.
Of course, this type of WiFi hijacking isn't limited to the 1D X. It could, ostensibly, be applied to any WiFi-enabled digital camera or smart phone.
Mende and Turbing presented their findings as a way to help prevent against such attacks from occurring in the future. To make a long story short: be sure your WiFi camera supports some form of network security encryption, such as the common WEP protocol, or it's at risk of infiltration.