From an attacker’s perspective, the PTP layer looks like a great target:If you have a camera with WiFi, you should keep an eye on the manufacturer's website for firmware updates. Unfortunately, unless your camera is fairly new, you are probably out of luck.
In this blog, we focus on the PTP as our attack vector, describing two potential avenues for attackers:
- PTP is an unauthenticated protocol that supports dozens of different complex commands.
- Vulnerability in PTP can be equally exploited over USB and over WiFi.
- The WiFi support makes our cameras more accessible to nearby attackers.
In both cases, the attackers are going after your camera. If they’re successful, the chances are you’ll have to pay ransom to free up your beloved camera and picture files.
- USB – For an attacker that took over your PC, and now wants to propagate into your camera.
- WiFi – An attacker can place a rogue WiFi access point at a tourist attraction, to infect your camera.
(I guess I should set up another category for items like this: Why We Can't Have Nice Things. )
No comments:
Post a Comment