SoylentNews is people
SoylentNews
The Freedom of the Press Foundation has called on professional camera makers to implement encryption in cameras to prevent governments from easily searching and seizing the contents:
An open letter written by the Freedom of the Press Foundation and signed by over 150 filmmakers and photojournalists calls on professional camera makers such as Nikon, Canon, Olympus, and Fuji to enable encryption to protect confidential videos from seizure by oppressive governments or criminals. The Freedom of the Press Foundation is a non-profit organization that has several noteworthy members, such as "Pentagon Papers" Daniel Ellsberg, Edward Snowden, and EFF's co-founder John Perry Barlow, on its board of directors.
[...] Filmmakers and photojournalists that film documentaries or shoot photos of abuses committed by governments or terrorists in dangerous parts of the world are constantly under threat of having their videos and photos seized and destroyed. The danger is even bigger when these bad actors can see what's on the cameras--it's not just the documentation of abuses that is exposed, but also the confidential sources that may have wanted to keep their identities hidden. Encryption would ensure those who seize their cameras couldn't see the contents of the cameras, nor the journalists' sources.
This won't necessarily ensure that the information collected by journalists is disseminated, since border agents and law enforcement officers can just destroy encrypted equipment. For that, cloud storage or live streaming features are needed, as well as reliable access to the Internet even during times of political crisis and network shutdowns.
Also at The Register, CNET, and TechCrunch (they also found a small cameramaker that is planning to ship on-camera encryption).
(Score: 2) by bradley13 on Friday December 16 2016, @06:00PM
Ok, I'm missing something here. Cameras don't generally have a keyboard, and I don't see photo-journalists typing in long passwords on a tiny touch screen every time they want to use their camera. Yet without access control, encryption isn't particularly useful. It isn't magic pixie dust.
A worried photographer could transfer the pics from their camera to a laptop or smart phone, and then erase them off the camera. Laptops and phones already have encrypted file systems and access controls. Better, of course, would be to transfer the pics to the cloud, but that may not always be possible.
Can anyone explain how encryption on the camera is supposed to help?
Everyone is somebody else's weirdo.
(Score: 4, Informative) by Nerdfest on Friday December 16 2016, @06:06PM
You push your public key to the camera. All pictures saved on the camera are encrypted with that key. You need the private key (stored elsewhere, like on your home laptop) plus a password to unencrypt the pictures. Most cameras don't even have secure erase, and you want the pictures encrypted the instant they are taken. Same for video.
(Score: 4, Interesting) by dyingtolive on Friday December 16 2016, @06:19PM
Seems like the easiest option would be to bake that to an sd card that just does that to every file saved on it with a name matching a regex. Media is much cheaper than a camera, so if the crypto becomes effectively useless in the future, you can just swap out the card for a better one, rather than replacing your camera or hoping for a firmware upgrade. Of course, I don't know if the sd specs support the power or space in the package needed for the overhead.
Don't blame me, I voted for moose wang!
(Score: 2) by JoeMerchant on Friday December 16 2016, @09:39PM
I was thinking that something like an EyeFi card could real-time transmit your images to a little pocket-pc that locks them up as tight as you care to, preferably on redundant microSDHC cards that can be hidden almost anywhere - even embedded in post-cards for a hail-mary trip through the physical mail system.
🌻🌻 [google.com]
(Score: 2) by dyingtolive on Friday December 16 2016, @09:46PM
Good idea. RPi in slim case with battery. Saves to some media and the Pi encrypts everything in that directory every 30 seconds via cronjob.
Bulky, but you could just leave it in your bag or what have you. I like it.
Don't blame me, I voted for moose wang!
(Score: 2) by bradley13 on Friday December 16 2016, @06:20PM
You push your public key to the camera. All pictures saved on the camera are encrypted with that key. You need the private key (stored elsewhere, like on your home laptop) plus a password to unencrypt the pictures.
I don't buy it. Photographers need to see the pics they take. If the pics are no good, they have to take more.
At best, you could implement two levels of storage: open and encrypted. In the open state, you can look at the pics you just took. When you're happy with the pics, you push them into encrypted memory.
Maybe. But how many non-technical people do you know, who successfully deal with public/private keys? Techies use them all the time, for SSH and such. Non-techies? I don't know any, not one.
Everyone is somebody else's weirdo.
(Score: 2) by Nerdfest on Friday December 16 2016, @06:24PM
As with so many things, you choose convenience or security.
(Score: 2) by bob_super on Friday December 16 2016, @06:47PM
So, you don't encrypt the picture before the viewing buffer, but you encrypt it when you write it to the card.
You may just keep the last one unencrytped for review, leaving the phtotographer the choice of turning off the camera or taking a random pic just before handing the camera in, to clear it.
Modern cameras have pretty deep buffers, because Flash only goes so fast. You'll have to declare a timeout on that.
It's technically doable. Doesn't solve the $5 wrench, as someone already pointed out, unless you also add an unencrypted folder to which you write by pushing a different control: "See officer, I didn't see nothing anyone did, cuz I was fascinated by them seagulls back there. Look at the timestamps, that's all I took in the last 30 minutes, guv!"
(Score: 2) by dyingtolive on Friday December 16 2016, @06:55PM
As an amateur (read: clown who bought a mid-range DSLR) photographer, I sometimes read articles from actual photographers offering tips. Most of them say to not spend too much time looking at the pictures on the screen, and to spend more time taking more pictures, from different angles and lighting, and look at the pictures later. Maybe that's crap advice. I can't say.
Perhaps a compromise is that after a period of time, say, 5 minutes, the photos become encrypted? Cameras have a pretty decent battery in them usually. Maybe leave pictures unencrypted, but have an "oh shit" button that triggers an encryption of all the photos taken that aren't yet encrypted? As the aforementioned clown who doesn't know what he's doing, I do know that pictures are generally very, very large, especially if you're taking pictures worth looking at later. Encryption after the fact would probably take a long time unless you had some processing power behind the effort.
I'm still kinda thinking that the best way to go is to pull the pictures off on your laptop, encrypt, and then put them on a sd card you toss into your shoe or something if you're that worried about it.
Don't blame me, I voted for moose wang!
(Score: 2) by Scruffy Beard 2 on Friday December 16 2016, @09:03PM
To frustrate bad actors and authorities, the files should be encrypted before you run into trouble. Encrypting a 64GB card would just take too long.
An "oh shit button" can me useful for deleting symmetric encryption keys from memory. As has been pointed out, with Public Key cryptography, the decryption key may be on another continent.
(Score: 2) by dyingtolive on Friday December 16 2016, @10:12PM
Actually, it's kind of a moot point, at least for the preview function on my T5i. I just popped the sd card out and gave it a few clicks. It will display the preview even with no storage, so it's pulling that from buffer, not the card. Surprised it will even try to snap the picture without a card, but it at least warns you on-screen (assuming you have the screen flipped out).
Of course, displaying AFTER that second or so initial preview might be tricky. I do agree that encrypting an entire card as whatever villain this scenario is worried about is walking toward you would probably be a bit too late though.
Don't blame me, I voted for moose wang!
(Score: 4, Insightful) by zocalo on Friday December 16 2016, @07:01PM
Well, you *could* has a system that let you review the image before you commit it to encryption and storage, or take some test shots that are not encrypted to review, but that premise is flawed. Believe it or not, photo-journalists didn't typically cart around a processing lab so they could check their images in the field before digital came along; they checked their settings, took some pictures and hoped that when they got back to the office with the film and got it developed they hadn't screwed up. Most competent photographers don't actually *need* to chimp with digital either; it's just an additional safety net to confirm the camera settings are good, especially in challenging conditions, or to pass a bit of time when there's a gap in the action.
Couple of issues with that. Firstly, the idea is presumably that the camera would do the bulk of the work - even entry level DSLRs let you load settings via files loaded via memory card/USB or to configure up some basic IPTC data to be applied to each image already, so it's not that much of a stretch in complexity to enable loading encryption keys to higher end models. Secondly your premise is again flawed; a modern photo-journalist working in the field typically *is* very technical and highly IT literate, as they often need to be be capable of troubleshooting and resolving non-terminal issues with cameras, laptops, phones, and getting connectivity in some extremely challenging environments and situations. They typically tend to be well versed in the use of data encryption tools, VPNs, getting around government Internet filtering systems, and so on, so this wouldn't be a new concept in the slightest - they are definitely not "non-technies".
UNIX? They're not even circumcised! Savages!
(Score: 2) by edIII on Friday December 16 2016, @09:53PM
It's not that hard. For the people who aren't technical you have an app that generates the keys and provisions the SD card or camera itself. Once there, you already got the idea for a delay. Allow 5 minutes, or some programmable duration, for review of images. If not deleted, they get encrypted and the cache is ready for the next pictures. When you get back home and transfer all of the images back to your computer, you run the app and it will decrypt all the images for you.
It could be a module for Photoshop, GIMP, etc. Nearly every SSH program that I know is capable of generating keys and managing them. I'm pretty sure that the convenience can be maintained with a little bit of programming.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by maxwell demon on Saturday December 17 2016, @01:23AM
Indeed, for employed professional programmers, their employer's IT department could generate the keys and load then onto the cameras. Indeed, that way the photographers can truthfully claim that they have never possessed or seen the private key.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Friday December 16 2016, @06:21PM
Wouldn't that make it impossible to view the photos on the camera to see what you just took?
(Score: 2) by darnkitten on Friday December 16 2016, @07:28PM
I was wondering that myself.
I also thought that encryption might result in many more broken cameras, both from photographer frustration and from other parties smashing cards and phones/cameras because they don't want to take chances with what might be on them...
-
Maybe the manufacturers could rig an unobtrusive switch between a public, visible folder on a camera, and a hidden, encrypted card?
That way a photographer could take some "innocent" public photos as cover, flip the switch and send the subsequent shots to the card. The first time accessing the card after switching would require a password (or a set sequence of actions with the camera controls functioning as the password) and then as long as the switch was "on," the card could be accessed as normal.
There might even be a control whereby the photographer could send dummy shots to the public folder whilst remaining in the encrypted mode.
If the switch was flipped "off," say, in handing the camera over to a cop or soldier, the camera would only show the public folder with the "innocent" photos, and would require flipping the switch and entering the password before even showing the existence of the hidden card...
(Score: 2) by tangomargarine on Friday December 16 2016, @09:11PM
You may be better off with just a setup that uploads all pictures/video taken to a (sufficiently trusted) cloud account. Dropbox is set up to do that on my phone.
On the plus side, destroying the camera wouldn't help that situation at all. Not that the piggies might not decide to do it anyway just out of spite/ignorance.
On the downside, you need to have good connectivity and bandwidth and hope the pic/video gets uploaded quickly enough to make it to the server before camera smashage ensues.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2) by rts008 on Friday December 16 2016, @09:40PM
Oh, for Demon Murphy's sakes!
You kids...instant gratification is not fast enough for you anymore...sheesh!
(Score: 2) by Username on Friday December 16 2016, @11:41PM
I’d have an optional 1 to 16 button combination that you enter when powering on the camera. Then an option to encrypt the card with the button code. IE: Turn on camera, camera asks for code, Press ISO, ISO, BKT, WB, MENU, WB, MODE, AF-L, AF-ON.
(Score: 1, Interesting) by Anonymous Coward on Friday December 16 2016, @07:18PM
In this case there would probably be a button to encrypt the latest set of photos, they would be clear data until the encryption is run. It could also run the encryption before fully powering. That would solve the usability problems.
(Score: 0) by Anonymous Coward on Friday December 16 2016, @11:30PM
Apple/Android figured it out a while back. Why would't that work with cameras?