Hackers can now encrypt your DSLR

Killerbob

Guys,

I just found this article - please have a read: https://mashable.com/article/dslr-canon-camera-ransomware-hackers-def-con/?europe=true

Ton14

Yep @Killerbob , this is the WiFi connection. Vulnerabilities everywhere, this will not be the last one. Phones with the Qualcomm 835 and 845 can be hacked via WiFi also, August Android security patch is on the way now, they know this one already for a year.

This is the reason why I never use the WiFi on my phone, only the data connection. Waiting for the moment that hackers can switch my WiFi on .... pffffff .....

Disclosure Timeline

31 March 2019 – Vulnerabilities were reported to Canon.
14 May 2019 – Canon confirmed all of our vulnerabilities.
From this point onward, both parties worked together to patch the vulnerabilities.
08 July 2019 – We verified and approved Canon’s patch.
06 August 2019 – Canon published the patch as part of an official security advisory.

The relevant Common Vulnerabilities and Exposures (CVE) information is now also known;

- CVE-2019-5994
- CVE-2019-5995
etc.

The original article provides an interesting insight into how each CPU contributes to successfully infecting the EOS 80d. Canon send e-mails to there customers with a firmware update.

PB_PM

Solution is simple, leave the WIFI turned off.

PB_PM

Ton14 said:

This is the reason why I never use the WiFi on my phone, only the data connection. Waiting for the moment that hackers can switch my WiFi on .... pffffff .....

That’s no safer, do some research, data connections are easily intercepted between the phone and the tower. Hackers can even take over towers and filter data as they see fit.

Ton14

@PB_PM Yes I did some research, Not public WiFi, not Data, so the only total secure solution is not to buy or use a mobile phone, or is there another possibility?

Pistnbroke

If you turn off the wifi and don't connect to the computer by cable I think you are OK.#Canon have put out an advisory on this today.

PB_PM

Ton14 said:

@PB_PM Yes I did some research, Not public WiFi, not Data, so the only total secure solution is not to buy or use a mobile phone, or is there another possibility?

If it is on the internet it can be hacked, no way around it. If humans can build it, they can take it down. Even if someone doesn’t get you directly, they could still get your information from companies you deal with online. A wired connection is safer than wireless, until it leaves your home anyway. Nothing is 100%, but you can minimize your footprint with VPNs, and such. Basically the best defence is to be as obscure as possible.

In the modern world, at least in the west, it would be tough to not use the internet, because even if you don’t the businesses you use do. I mean you could live in a hut in the woods, but that wouldn’t be much fun long term.

NSXTypeR

Whew, thank god I shoot with a D7000 that's too old for this sort of shenanigans. And no, I'm not buying the WiFi dongle for it.

To be truly safe, you'd have to use a VPN for mobile data.

tc88

And you trust the VPN companies? Have you looked into who own those companies?

PB_PM

No more than I trust my ISP, which doesn't say much...

NSXTypeR

tc88 said:

And you trust the VPN companies? Have you looked into who own those companies?

You really don't have a choice. You're only truly safe is if you disconnect from the internet completely.

Ironically, my cousin just bought a new LG refrigerator that connects to wifi and can tell you how often people are opening the doors and the current temperature of the inside. For me that's totally unnecessary. Besides, I'd never want ransomware to hold my ice cream hostage.

Pistnbroke

hello

mhedges

I wonder if this is related to how Canon cameras have always been less “secure” than Nikon, meaning that there have been mods to Canon firmware out for ages but nothing similar on Nikons.

Anyway to me this is something they should fix, but I wouldn’t lose any sleep over it. It’s such a specific exploit that I can’t see it being worth anyone’s time to make use of it.

NSXTypeR

mhedges said:

I wonder if this is related to how Canon cameras have always been less “secure” than Nikon, meaning that there have been mods to Canon firmware out for ages but nothing similar on Nikons.

Anyway to me this is something they should fix, but I wouldn’t lose any sleep over it. It’s such a specific exploit that I can’t see it being worth anyone’s time to make use of it.

Agreed. You'd have to know that the photographer happens to have WiFi on and is using a Canon camera and has images worth paying up for. The average consumer might just toss the camera out. It's a lot of work and coincidences and stars to line up to maybe get a payout on. Unless you happen to hack Vincent Laforet's camera and he happened to just wrap up a shoot, I don't think anyone is going to have images worth paying up for. Plus, he might honestly already have backups of the images made.

PB_PM

To make matters even worse on Friday it was discovered that all Bluetooth devices (regardless of version) have a vulnerability that allows hackers to intercept any information transferred between Bluetooth devices. It's a vulnerability in the Bluetooth standard, so the device manufacturer doesn't matter.

What does this mean to Nikon camera users? Any Nikon devices equipped with Bluetooth (any Snapbridge enabled camera) are vulnerable unless Nikon provides a firmware update, which at this point would only mitigate, not completely fix the problem. Right now the only solution is not to use Bluetooth. Hackers could use the bluetooth on the camera to intercept the WIFI password for your camera, since Nikon uses bluetooth to enable faster WIFI connection and more.

mhedges

Do they use Bluetooth for image transfer? I thought it only used WiFi for that.

PB_PM

I doubt they use it for image transfer, bluetooth would be extremely slow for that purpose.

mhedges

I'm not clear what they use bluetooth for, exactly. AFAIK I have only used the Wifi functionality. Maybe bluetooth is used for the GPS/geotagging feature?

Capt_Spaulding

I've had a quote from an anonymous IBM engineer on my office door(s) for 25 years. "If you want a secure system, disconnect all the users." True in 2005, truer still now.

PB_PM

mhedges, Bluetooth is used to aid the WIFI connection, something like NFC I believe. It’s possible that it uses it for GPS data from a phone or tablet.

I’ve never looked at Nikon’s patents to see if it’s something unique or just something they purchased from another company. That is why I mentioned that it is possible that the camera sends the WIFI password over Bluetooth as part of that process, which would of course expose the password (I sure hope nobody still has it set to the default).

NSXTypeR

Or you can be me and just shoot with a 10 year old camera and not have to worry about 21st century problems.

PB_PM

Haha, you could even shoot with a 40 year old camera, and not even have to worry about batteries. I don't use the WIFI/Bluetooth myself, so it's always off anyway, since Sanpbridge is only about as useful as the $10 wireless remote anyway.