I recently completed a project wherein I built a proof-of-concept encrypting camera that included no changes to the essential hardware or user interface of the device, yet provided strong, on-the-fly encryption of digital photos. I want to discuss more about why I created that project.
I have been aware of the targeting of journalists for decades. This is certainly not new — leaders of all kinds of organizations have known that keeping information out of the public view is how power is amassed and retained. Stories of journalists detained, and even killed, existed in my childhood. The Committee to Protect Journalists counts 1237 journalists killed since 1992.
Throughout this time, the raw information collected by journalists has also been a target. The seizing of cameras and notebooks is not a new phenomenon. The difference today is in the magnitude of information that is captured by journalists and the difficulty in securing it against seizure. Not only that, but the very equipment that journalists have come to rely upon can betray them in ways that notebooks and film cameras never could. We no longer expect journalists to return from the field with a couple of notebooks and a few rolls of film, but rather with hours of video and audio recordings, detailed location information, and thousands of high-resolution photos of their sources. To capture and store this information, journalists rely on a lot of technological equipment.
Yet the industries that provide this equipment are stubbornly behind in providing what should be considered routine and minimal capabilities to protect users, including journalists.
I was fortunate enough to attend MIT Media Lab’s Forbidden Research conference last year during which Andrew “bunnie” Huang and Edward Snowden released their initial research into better tools for monitoring cell phone transmissions. (It is possible for some phones, even in an “off” state, to transmit wireless signals.) One of the inspirations for this work was the tragic story of Marie Colvin.
Marie was a journalist in Syria preparing to report about attacks on civilian targets near the city of Homs. She and photographer Remi Ochlik were killed when radio emissions from their electronic devices, including cell phones, were used to find and target their camp with artillery. This deliberate, state-directed act against a journalist really made clear how the vast amounts of technology that have become mainstays of the journalist have also substantially increased the risk they take.
While I may not be able to do much about rogue wireless transmissions (other than to remind everyone to carry a good faraday bag), I do think I can shed a little light on how direct the path to better encryption on cameras is. As a letter, published by the Freedom of the Press Foundation and signed by 150 documentary filmmakers and photojournalists says, many manufacturers of electronic equipment have begun to implement strong, useful encryption on devices, putting the notes and other content gathered by journalists beyond the reach of those who may want to use it nefariously. However, in the area of high-quality, professional cameras, no on-the-fly encryption is currently available.
This is, simply, not an excusable state. There are no good excuses for Canon, Nikon, Sony, Fuji, Olympus and others not to have added real-time encryption by now. The professional cameras offered by these companies contain very fast processing chips, and while the pursuit of faster frame rates and quicker focus is to be lauded, to not give users the choice to trade some of that performance for basic safety is pernicious.
The driving factor behind why I created my proof of concept encrypting camera is to show that it is possible to retrofit current camera models — even those on the market for years — with strong, easy-to-use encryption without hardware or user interface updates required. I want to show that it is not technical limitations preventing camera vendors from producing these devices but rather an unwillingness to provide the technology that keeps our journalists (and others) in unnecessary danger.
Cameras are seized all the time throughout the world, and with every seizure both the journalist and their sources are endangered. The Committee to Protect Journalists tells Freedom of the Press Foundation:
“Confiscating the cameras of photojournalists is a blatant attempt to silence and intimidate them, yet such attacks are so common that we could not realistically track all these incidents. The unfortunate truth is that photojournalists are regularly targeted and threatened as they seek to document and bear witness, but there is little they can do to protect their equipment and their photos.”
I am tired of waiting for companies to decide adding encryption is a commercially viable feature. I’m tired of companies actively endangering the lives of journalists when this problem that is as old as photojournalism itself can finally be solved. While the best user experience may, indeed require hardware updates, camera vendors can fix this problem now, with a software update alone, so don’t believe any of them that claim there is a major technological hurdle to jump. Don’t believe them when they say you must buy a pricey new model to get these features when they eventually do show up. These cameras can offer encryption today, and vendors should be racing to provide it.
Note: Look, cryptography can be complex and getting it right requires time and care, I fully understand this. Additionally, retrofitting a custom processor for new tasks can be problematic and may not result in the best possible performance. However, my research indicates that the custom processors in digital cameras may be well-suited to encryption tasks, even though there will certainly be a substantial performance penalty to pay initially. This is not an excuse for not offering the security and safety of a software update enabling real-time encryption for, at a minimum, still photos to those who are willing to make the trade-off.
Originally published on Wordpress