Lots of news sites currently making a big deal of these German security researchers "cracking&q ...
Posted on 2013-04-10, 17 comments, 76 +1's, imported from Google+/Chainfire

NOTICE: This content was originally posted to Google+, then imported here. Some formatting may be lost, links may be dead, and images may be missing.

... uot; Canon EOS Wi-Fi protocol. Give me a break. This stuff has been known for quite some time now, it's been documented around the net if you search well. It has also been known to the people who make tools like I do for quite some time.

Yeah, the development version of DSLR Controller ( http://dslrcontroller.com/ ) indeed does support connecting to WFT's as well (6D is in testing, unfortunately I do not have one myself). Yeah, if you manage to make that connection, you can control the camera. Guess what? That's what it's meant to do.

Not to mention that this "exploit" requires you to sniff the connection of somebody who is actually using EOS Utility (or DSLR Controller, or whatever) wirelessly with the camera. This while the camera only accepts one connection at a time, and if you're not using it, with default settings, it'll time out and turn itself off, because this stuff eats batteries like no tomorrow. Well, to be honest you don't even need to sniff an EOS Utility connection, because you can deduce the GUIDs needed without anybody using EOS Utility, as long as both devices are doing something on the network; but that GUID still has to be pre-authenticated with the camera. The one connection thing is also beatable - you can boot the main user - but as somebody is actually using the camera at that time, you can't do this without anybody noticing.

So your window of exploiting is rather tiny. Not to mention that engaging liveview or taking pictures makes a lot of noise on these devices. So stealing pictures - yes. Surveillance? Mwah.

Did I mention that you actually need to have a connection to the Wi-Fi network they're using? Which is probably secure? And a smart camera user will use their own hotspot for this (setup by the camera, the WFT, or the computer/laptop/tablet, all of which can do this) instead, because the transfer speed is many times higher than using a router near you. This is not just something that is more secure - people who have this equipment might not care that much about secure - but what they do care about is that it works fast and smooth, and it's very hard to do that without creating your own private hotspot shared only between the two devices communicating. This can make a 2-3x performance difference, even if the non-private Wi-Fi network has no other users and a good signal. Imagine the difference with a crappy free public Wi-Fi network!

And for surveillance there's also the factor that most people with these cameras think they are sort-of precious, and while not using them, will have lens caps on the lens, the camera turned off, and stowed away somewhere.

Much ado about very little, IMHO. Yes, it can be abused. But it's not nearly as spectacular (or likely) as some news sites make it out to be. 

There's more risk in using the other means of sharing the images over Wi-Fi (FTP, DLNA, etc) on a "public" network, but those methods won't create a surveillance device. And with the massive sizes of the images these camera produce, you're much more likely to use your card or USB to transfer those than Wi-Fi in the first place.

If you're a high profile journalist doing a story in China, by all means, take extra measures to secure yourself and think about what you're doing and how. Or if you're at a photographer's conference. But if you're just a random professional doing your job, the chances this is going to touch you are rather low.

Just to clarify: I'm not saying this isn't bad, shouldn't be fixed, or that you shouldn't watch out. it's just not as spectacular as some tech news sites make it out to be.


DSLR Controller :: Home

+176
Chris Beveridge commented on 2013-04-10 at 19:50:

As always, +Chainfire , there will never be an end to people jumping on "Fear Trends" .. it's unfortunate just how easy it is to share misinformation these days. Thanks for the logic.

robert guda commented on 2013-04-10 at 20:01:

Very clear explanation...thanks for clearing this up.

Jan Hübner commented on 2013-04-10 at 20:38:

I'd love to help getting DSLR Controller to work with the 6D. But I cannot buy you one.. I'm waiting patiently instead. Keep up the good work.

Chainfire commented on 2013-04-10 at 20:41:

+Jan Hübner It should already be working with the 6D over USB, but over Wi-Fi is still being worked out. Feel free to contact me through the contact form on DSLR Controller website if you want to test the dev version - assuming you are already a DSLR Controller user :)

Jan Hübner commented on 2013-04-10 at 20:44:

It does work over USB, I can confirm that. But I want to free the USB port of the phone to connect to an external battery pack. And yes, I'm a paying customer :)

Jan Hübner commented on 2013-04-10 at 20:45:

I'll fill out the form then.

Sinan Çetinkaya commented on 2013-04-10 at 22:30:

Thankfully I don't have a Canon EOS :)

Donnie Tech commented on 2013-04-11 at 00:03:

Are they still making things that are just cameras? ;)

نواف . .الرشيدي commented on 2013-04-11 at 00:52:

اوك

Joe Philipps commented on 2013-04-11 at 03:15:

huh....not unlike the recent Spamhaus DDOS report. To listen to a lot of the reports, even in such large pubs as the NYT, you'd think the entire European region of the Internet was slowed down. But a day after the story broke, subsequent reports were sort of asking what all the fuss was about. (Actually it was quite telling to me that the NYT tried, quite incorrectly, to make the analogy of DNS to a switchboard; at least that was good for a LOL.)

Mário Fujikawa commented on 2013-04-11 at 11:23:

+Chainfire Great write out dispelling yet another piece from rumor mill.

Terry Hutchinson commented on 2013-04-11 at 11:52:

This sort of story is all too common. It is the net result of the short sighted management attempt to save payroll expense by replacing trained journalists and subject matter knowledge with an unpaid intern and an aggregator of Google search terms.

Chainfire commented on 2013-04-12 at 11:47:

+Jan Hübner I sent you a test version a few days ago but never heard back ? Perhaps it ended up in your spam box ?

Jan Hübner commented on 2013-04-12 at 12:23:

+Chainfire I received the test version during the night and had a chance to test it yesterday evening. I got it to work in infrastructure mode (using an existing accesspoint), but did not find a way to connect the devices directly.

The camera was able to connect to a mobile hotspot the phone created but DSLRController did not find it afterwards. 

I did not find a way to create a hotspot on the camera side and connect the phone to that.

Please consider that I'm living in CET+1.

Chainfire commented on 2013-04-12 at 12:49:

+Jan Hübner Sorry I didn't mean to be pushy, I was just curious! (I'm in the Netherlands by the way)

After the version I have sent you, there have been several improvement/fixes to the Wi-Fi connectivity, it's quite likely you've hit a bug with the phone in hotspot mode. I'll send you a new version soon, see if you can get that one to work with the phone as hotspot.

Jan Hübner commented on 2013-04-12 at 13:03:

Ok, I'm ready to test. I have a Galaxy Nexus and a Transformer Pad Infinity at my disposal. Both with almost stock firmwares.

Chainfire commented on 2013-04-13 at 15:03:

+Chris Gasken If you don't have it yet, just wait for the update, it's likely to be released this week.

This post is over a month old, commenting has been disabled.