"Nannycams" and other insecure forms of video surveillance

Thousands of people who have installed a popular wireless video camera, intending to increase the security of their homes and offices, have instead unknowingly opened a window on their activities to anyone equipped with a cheap receiver. The wireless video camera, which is heavily advertised on the Internet, is intended to send its video signal to a nearby base station, allowing it to be viewed on a computer or a television. But its signal can be intercepted from more than a quarter-mile away by off-the-shelf electronic equipment costing less than $250.

A recent drive around the New Jersey suburbs with two security experts underscored the ease with which a digital eavesdropper can peek into homes where the cameras are put to use as video baby monitors and inexpensive security cameras. The rangy young driver pulled his truck around a corner in the well-to-do suburban town of Chatham and stopped in front of an unpretentious house. A window on his laptop's screen that had been flickering suddenly showed a crisp black-and-white video image: a living room, seen from somewhere near the floor. Baby toys were strewn across the floor, and a woman sat on a couch.

After showing the nanny-cam images, the man, a privacy advocate who asked that his name not be used, drove on, scanning other houses and finding a view from above a back door and of an empty crib [...]

The vulnerability of wireless products has been well understood for decades. The radio spectrum is crowded, and broadcast is an inherently leaky medium; baby monitors would sometimes receive signals from early cordless phones (most are scrambled today to prevent monitoring). A subculture of enthusiasts grew up around inexpensive scanning equipment that could pick up signals from cordless and cellular phones, as former Speaker Newt Gingrich discovered when recordings of a 1996 conference call strategy session were released by Democrats [...]

In the case of the XCam2, the cameras transmit an unscrambled analog radio signal that can be picked up by receivers sold with the cameras. Replacing the receiver's small antenna with a more powerful one and adding a signal amplifier to pick up transmissions over greater distances is a trivial task for anyone who knows his way around a RadioShack and can use a soldering iron.

Products intended for the consumer market rarely include strong security, said Gary McGraw, the chief technology officer of Cigital, a software risk-management company. That is because security costs money, and even pennies of added expense eat into profits. "When you're talking about a cheap thing that's consumer grade that you're supposed to sell lots and lots of copies of, that really matters," he said.

Refitting an X10 camera with encryption technology would be beyond the skills of most consumers. It is best for manufacturers to design security features into products from the start, because adding them afterward is far more difficult, Mr. McGraw said. The cameras are only the latest example of systems that are too insecure in their first versions, he said, and cited other examples, including Microsoft's Windows operating system. "It's going to take a long time for consumer goods to have any security wedged into them at all," he said [...]

As a security expert, Mr. Rubin said he was concerned about the kinds of mischief that a criminal could carry out by substituting one video image for another. In one scenario, a robber or kidnapper wanting to get past a security camera at the front door could secretly record the video image of a trusted neighbor knocking. Later, the robber could force that image into the victim's receiver with a more powerful signal. "I have my computer retransmit these images while I come by," he said, explaining the view of a would-be robber. Far-fetched, perhaps. That is the way security experts think. But those who use the cameras and find out about the security hole seem to grasp the implications quickly [...]

(From "Nanny-Cam May Leave a Home Exposed," by John Schwartz, The New York Times, 14 April 14 2002.)

(Note from the Surveillance Camera Players: What are the implications of this story for police departments that use wireless video cameras? And what about the US military?)

Contact the New York Surveillance Camera Players

By e-mail SCP@notbored.org

By snail mail: SCP c/o NOT BORED! POB 1115, Stuyvesant Station, New York City 10009-9998