Hackers turn a Canon EOS-1D X camera into a remote surveillance tool
The high-end Canon EOS-1D X camera can be hacked for use as a remote surveillance tool, with images remotely downloaded, erased and uploaded, a researcher said during the Hack in the Box security conference in Amsterdam on Wednesday.
The digital SLR camera has a Ethernet port and also supports wireless connection via a WLAN adapter. That connectivity is particularly useful for photojournalists who can quickly upload the photos to a FTP server or a tablet, according to German security researcher Daniel Mende of ERNW.
However, the camera's connectivity was not designed with security in mind, said Mende. "If a photographer uses an insecure network like a hotel Wi-Fi network or a Starbucks network, than almost anybody with a little bit of knowledge is able to download images from the camera," he said. The camera can be accessed by attackers in a number of ways, Mende said. Because FTP upload mode sends information in clear text, credentials and the complete data transmission can be sniffed, so uploaded pictures can be extracted from the network traffic, Mende said.