mtol Posted September 27, 2020 Share Posted September 27, 2020 In the feature race, there's something that's always missing from the spec sheets of 'professional' cameras and camcorders. Professional journalists and filmmakers urgently need in-camera encryption to protect the materials we record and to be able to work ethically and safely. I'm not alone, as a freelance filmmaker who frequently documents police conduct (and associated protests), in recognizing the real risk to myself and my subjects if police seize my gear. In 2016, a group of 150 filmmakers and reporters wrote to Canon, Olympus, Sony, Fuji, and Olympus (but not Panasonic or Black Magic!), and outlined the urgent need for encryption: https://freedom.press/news/over-150-filmmakers-and-photojournalists-call-major-camera-manufacturers-build-encryption-their-cameras/ They wrote: Quote "Without encryption capabilities, photographs and footage that we take can be examined and searched by the police, military, and border agents in countries where we operate and travel, and the consequences can be dire. We work in some of the most dangerous parts of the world, often attempting to uncover wrongdoing in the interests of justice. On countless occasions, filmmakers and photojournalists have seen their footage seized by authoritarian governments or criminals all over the world. Because the contents of their cameras are not and cannot be encrypted, there is no way to protect any of the footage once it has been taken. This puts ourselves, our sources, and our work at risk." It's a pitiful reflection of the camera industry that we have 8K Raw cameras within reach, but a $100 cell phone with a password lock and built in encryption is actually more capable of documenting events and keeping materials secure. I would argue that encryption would help with commercial camera applications and in feature filmmaking too, and is just good practice anywhere privacy is concerned. Security camera systems rely on encryption. Every operating system offers a form of hard drive encryption. Why not cameras, if they are truly aimed at photojournalists or other professionals? I know a lot of camera industry representatives read this forum, and ambassadors / reviewers with the eyes and ears of manufacturers. I urge you to take this seriously, and to look at how to implement these features. It would be profitable and it would help sell cameras. It could be implemented via firmware to existing cameras in order to buff up the current spec sheets and help stand out in a crowded marketplace. I know a large number of reporters who are ready to switch systems in order to access in-camera encryption. So why isn't this a thing? Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 28, 2020 Share Posted September 28, 2020 15 hours ago, mtol said: In the feature race, there's something that's always missing from the spec sheets of 'professional' cameras and camcorders. Professional journalists and filmmakers urgently need in-camera encryption to protect the materials we record and to be able to work ethically and safely. I'm not alone, as a freelance filmmaker who frequently documents police conduct (and associated protests), in recognizing the real risk to myself and my subjects if police seize my gear. In 2016, a group of 150 filmmakers and reporters wrote to Canon, Olympus, Sony, Fuji, and Olympus (but not Panasonic or Black Magic!), and outlined the urgent need for encryption: https://freedom.press/news/over-150-filmmakers-and-photojournalists-call-major-camera-manufacturers-build-encryption-their-cameras/ They wrote: It's a pitiful reflection of the camera industry that we have 8K Raw cameras within reach, but a $100 cell phone with a password lock and built in encryption is actually more capable of documenting events and keeping materials secure. I would argue that encryption would help with commercial camera applications and in feature filmmaking too, and is just good practice anywhere privacy is concerned. Security camera systems rely on encryption. Every operating system offers a form of hard drive encryption. Why not cameras, if they are truly aimed at photojournalists or other professionals? I know a lot of camera industry representatives read this forum, and ambassadors / reviewers with the eyes and ears of manufacturers. I urge you to take this seriously, and to look at how to implement these features. It would be profitable and it would help sell cameras. It could be implemented via firmware to existing cameras in order to buff up the current spec sheets and help stand out in a crowded marketplace. I know a large number of reporters who are ready to switch systems in order to access in-camera encryption. So why isn't this a thing? I think it is a great idea, but the reality is the market that is requesting it isn't large enough for the manufacturers to listen. Also, I disagree that this could be added to existing cameras via firmware. To create a reliable encryption / decryption process for the massive video and photography files that cameras create you would need a dedicated hardware chip to do so, even iPhones and Androids have dedicated hardware for encryption; Apple spent millions developing their encrypted data at rest and fingerprint unlock solution, and so has Google, Microsoft, Linux, and Unix. This would also incur the headache that current security providers encounter which is constant patching and updating as hacks and workarounds are found. So in a nutshell, you are asking for what would be considered a niche feature requested by a small group of customers, yet that feature would require a team of hardware and software security engineers to maintain, integration into the rest of the camera's processes, a new testing regimen that would have to be added to the test matrix, possibly millions spent on the new hardware and software testing, entrance into the security whackamole world of hacks, reverse engineering, patches, etc. etc. all for a feature that despite your opinion; probably would not sell more cameras. If the general population truly cared about security, Facebook, Instagram, Google, (name your social media network here), wouldn't exist. Lets not forget that cameras are built for speed, from the minute you turn them on to the minute you press the shutter button to the minute the image/video is written to the media; how many customers do you really think are going to want to try to enter a password into the screen before taking a picture or recording a video, lets not forget for a complex password you will need a complex keyboard which is another challenge on a tiny MILC/DSLR screen and another feature no current camera has that would have to be developed. It is easy to say something is easy to do until you try to do it. Your best bet would be a camera that recorded to an external USB drive that had some sort of encrypted data at rest solution, or just get a cell phone with the best camera available. There are two more things to consider that you probably haven't: For the data to be truly secure it would need to be encrypted using asymmetric encryption and the only way to do that in a camera scenario would be to have the second half of the key stored on that dedicated HW chip that I talked about earlier. So what does this mean? It means that the memory card could only be decrypted while the chip was in the camera which means that now you will need to leave the card in the camera and use the camera's file transfer system to get the data off of the card (another inconvenience that most owners will not tolerate) Data corruption - do you have any idea how long it takes to encrypt large files that are already compressed? The camera would have to stay on for the process which would eat into the battery life and the media would have to be very reliable. I can see a much higher chance of data corruption during the encryption process due to the time it takes to encrypt compressed files. I could go on..I have an entire list in my head..but long story short, what seems easy and inexpensive to you is not even close to being easy or inexpensive so I think it is safe to say it will never happen; no camera maker would ever get their return on investment. Quote Link to comment Share on other sites More sharing options...
Super Members BTM_Pix Posted September 28, 2020 Super Members Share Posted September 28, 2020 There are a few manufacturers of encrypted SD cards, so that would take the onus off the camera to do it but you'd have to do some investigation on the speed implications as they are generally made for things like automotive applications rather than the higher demands of writing 4K 10 bit video files etc. At the risk of pimping the Toshiba FlashAir SD cards yet again...... These cards do provide a solution in that they can automatically offload files in the background to your phone while you are shooting which then means that you have files that are as secure as your phone is from being accessed, providing you are writing them internally, but then you can use an app to encrypt them if you offload them to the micro SD card. It can also automatically be FTPing them to a cloud server as an additional backup which circumvents the problem of your physical media being seized whilst its in the camera or on your person. Having secure physical storage is one thing as it means no one can view your footage but if it is taken off you then neither can you. mtol 1 Quote Link to comment Share on other sites More sharing options...
UncleBobsPhotography Posted September 28, 2020 Share Posted September 28, 2020 43 minutes ago, herein2020 said: There are two more things to consider that you probably haven't: For the data to be truly secure it would need to be encrypted using asymmetric encryption and the only way to do that in a camera scenario would be to have the second half of the key stored on that dedicated HW chip that I talked about earlier. So what does this mean? It means that the memory card could only be decrypted while the chip was in the camera which means that now you will need to leave the card in the camera and use the camera's file transfer system to get the data off of the card (another inconvenience that most owners will not tolerate) The camera doesn't need to know the private key. Give the camera a public key the first time you set it up. To view the content, decrypt the material with a private key from the safety of your home on your home computer (or through a cloud based system). The main hassle would be that you would never be able to review your material from your camera, but neither would the authorities/whoever you are encrypting it from. mtol 1 Quote Link to comment Share on other sites More sharing options...
UncleBobsPhotography Posted September 28, 2020 Share Posted September 28, 2020 I am sure it's possible to make a more user-friendly solution than the one I described above, but the safest way to avoid in-field decryption is to make the camera unable to decrypt it. This could be a usable solution as long as it's easy to toggle encryption on and off. Even the people who need encryption will probably not need it for 90+% of their work. I don't know whether additional hardware is necessary for sufficient encoding speed. I would guess it's necessary for encrypted high quality video, but that encrypted photos at a slower framerates can be done with current hardware? mtol 1 Quote Link to comment Share on other sites More sharing options...
Geoff CB Posted September 28, 2020 Share Posted September 28, 2020 2 hours ago, BTM_Pix said: There are a few manufacturers of encrypted SD cards, so that would take the onus off the camera to do it but you'd have to do some investigation on the speed implications as they are generally made for things like automotive applications rather than the higher demands of writing 4K 10 bit video files etc. At the risk of pimping the Toshiba FlashAir SD cards yet again...... These cards do provide a solution in that they can automatically offload files in the background to your phone while you are shooting which then means that you have files that are as secure as your phone is from being accessed, providing you are writing them internally, but then you can use an app to encrypt them if you offload them to the micro SD card. It can also automatically be FTPing them to a cloud server as an additional backup which circumvents the problem of your physical media being seized whilst its in the camera or on your person. Having secure physical storage is one thing as it means no one can view your footage but if it is taken off you then neither can you. I think this is really the answer, does the OP think governments who would seize your camera wouldn't just break the memory card if they can't see what you recorded? Backing up to your phone or to a server would be a much safer option in my opinion in these situations. As others have said, secure encoding in camera is a lot of development and hardware costs for a small market. I'd also argue that creating this option would add additional headaches to the manufacturers when they had to troubleshoot issues with this when customers are unable to access their footage/photos. Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 28, 2020 Share Posted September 28, 2020 5 hours ago, UncleBobsPhotography said: The camera doesn't need to know the private key. Give the camera a public key the first time you set it up. To view the content, decrypt the material with a private key from the safety of your home on your home computer (or through a cloud based system). The main hassle would be that you would never be able to review your material from your camera, but neither would the authorities/whoever you are encrypting it from. That would work but wouldn't be a great option, in addition to not being able to review the footage the camera would not be able to verify the integrity of the file after dumping the buffer unless it also signed each file then checked the signature prior to clearing the buffer. Any way you look at it, the encryption process would incur overhead; processing, heat, HW, development, etc. and include compromises (complexity, possible lost data, additional costs, etc) for a very small target client base. Also, if you really are in a scenario where the government seizes your camera; if they can't read the data and you are physically unable to provide the decryption key on the spot they will now have an excuse to search the rest of your gear or they will simply destroy the storage medium. Once again phones have the advantage here, they already have network connectivity, they already have data at rest encryption options, they can already livestream events as they happen, etc. Trying to reverse engineer all of that and put it into a camera then trying to market and sell that camera simply isn't something any for profit camera maker would do. 6 hours ago, BTM_Pix said: There are a few manufacturers of encrypted SD cards, so that would take the onus off the camera to do it but you'd have to do some investigation on the speed implications as they are generally made for things like automotive applications rather than the higher demands of writing 4K 10 bit video files etc. At the risk of pimping the Toshiba FlashAir SD cards yet again...... These cards do provide a solution in that they can automatically offload files in the background to your phone while you are shooting which then means that you have files that are as secure as your phone is from being accessed, providing you are writing them internally, but then you can use an app to encrypt them if you offload them to the micro SD card. It can also automatically be FTPing them to a cloud server as an additional backup which circumvents the problem of your physical media being seized whilst its in the camera or on your person. Having secure physical storage is one thing as it means no one can view your footage but if it is taken off you then neither can you. All of the encrypted SD cards that I have seen require a full OS or some way of loading their decryption/encryption application onto the device; something that would be impossible to do with a camera. There may be one that I am unaware of (entirely possible), but I haven't seen a simple SD card you can just plug into a camera and have it encrypt everything that is written to it. I believe they all need an app, and you need to enter the proper authentication information into the app prior to using writable space on the card. I have seen USB drives that have physical PIN pad buttons which is how you enter the volume password like this one: https://www.amazon.com/Apricorn-Validated-256-bit-Encryption-ASK3-120GB/dp/B00W2EN8CE/ref=sr_1_1?dchild=1&qid=1601314672&refinements=p_n_feature_keywords_browse-bin%3A6813186011&s=pc&sr=1-1 but for that to work the camera has to support writing to a USB drive or SSD drive. The FlashAir SD card looks like the best option, but it looks like it would be complicated to setup and get to work reliably. Just turning on and off the camera would require the offloading device to reliably reconnect to the wifi, the app to automatically grab the files as it detects them, then move those files to a cloud backup solution (and we are talking large JPGs here). It's been my experience that getting that many different technologies to work together reliably and repeatedly is uncommon. Rivhop, BTM_Pix and Tim Sewell 3 Quote Link to comment Share on other sites More sharing options...
Super Members BTM_Pix Posted September 28, 2020 Super Members Share Posted September 28, 2020 47 minutes ago, herein2020 said: All of the encrypted SD cards that I have seen require a full OS or some way of loading their decryption/encryption application onto the device; something that would be impossible to do with a camera. There may be one that I am unaware of (entirely possible), but I haven't seen a simple SD card you can just plug into a camera and have it encrypt everything that is written to it. I believe they all need an app, and you need to enter the proper authentication information into the app prior to using writable space on the card Well if you are going to bring facts in to it 😉 I thought the Swissbit ones could do it but looking at it again they do need an additional layer. 47 minutes ago, herein2020 said: The FlashAir SD card looks like the best option, but it looks like it would be complicated to setup and get to work reliably. Just turning on and off the camera would require the offloading device to reliably reconnect to the wifi, the app to automatically grab the files as it detects them, then move those files to a cloud backup solution (and we are talking large JPGs here). It's been my experience that getting that many different technologies to work together reliably and repeatedly is uncommon. You can run scripts on the card so its flexible and customisable but also pretty easy to setup. It can FTP on its own directly so the phone storage can be bypassed depending on needs. You basically setup the phone as a tethering hotspot (or use a separate portable cellular router) and the FlashAir connects to it and just uses its connection to get out to the FTP server. I've used them when shooting live editorial to FTP images to my laptop for editing during matches but also to directly upload them to the agency server when someone has been remote editing for me. They worked as seamlessly and reliably as using my (ridiculously expensive at the time) WT4 and WT5 transmitters and they were also far less cryptic to set up. I was only doing stills with them though, so video files are going to need a whole different kettle of fish bandwidth wise. When 5G becomes standard then that will be less of an issue although, ironically, there are currently a number of hostile reporting situations when covering protests in the UK at least where 5G itself forms part of the narrative of the protest ! Quote Link to comment Share on other sites More sharing options...
Super Members BTM_Pix Posted September 28, 2020 Super Members Share Posted September 28, 2020 dupe Quote Link to comment Share on other sites More sharing options...
Super Members BTM_Pix Posted September 28, 2020 Super Members Share Posted September 28, 2020 and another Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 28, 2020 Share Posted September 28, 2020 5 minutes ago, BTM_Pix said: Well if you are going to bring facts in to it 😉 I thought the Swissbit ones could do it but looking at it again they do need an additional layer. You can run scripts on the card so its flexible and customisable but also pretty easy to setup. It can FTP on its own directly so the phone storage can be bypassed depending on needs. You basically setup the phone as a tethering hotspot (or use a separate portable cellular router) and the FlashAir connects to it and just uses its connection to get out to the FTP server. I've used them during for live editorial during matches to FTP images to my laptop for editing but also to directly upload them to the agency server when someone has been remote editing for me. They worked as seamlessly and reliably as using my (how much !?!?!) WT4 and WT5 transmitters and they were also far less cryptic to set up. I was only doing stills with them though, so video files are going to need a whole different kettle of fish bandwidth wise. When 5G becomes standard then that will be less of an issue although, ironically, there are currently a number of hostile reporting situations when covering protests in the UK at least where 5G itself forms part of the narrative of the protest ! That does sound like the best solution then, at least for images; ironically the cell phone still sounds like the best solution for video. Fortunately in my line of work the most hostile environment I may be in is the father of the bride dislikes who the bride is marrying. BTM_Pix 1 Quote Link to comment Share on other sites More sharing options...
mtol Posted September 29, 2020 Author Share Posted September 29, 2020 On 9/28/2020 at 3:52 AM, herein2020 said: Data corruption - do you have any idea how long it takes to encrypt large files that are already compressed? The camera would have to stay on for the process which would eat into the battery life and the media would have to be very reliable. I can see a much higher chance of data corruption during the encryption process due to the time it takes to encrypt compressed files. My entire workflow requires me to encrypt files the minute they are out of camera. I think if it happens at the storage device level, the loss of speed is usually quite trivial. There is no practical solution I can imagine that would require a password to be entered for every single photo or video instance - likely just when the camera is powered on. On 9/28/2020 at 6:50 AM, Geoff CB said: does the OP think governments who would seize your camera wouldn't just break the memory card if they can't see what you recorded? I'm talking about protecting the materials on the card, but no, I don't think (based on experience) destruction of materials is a guarantee. Unfortunately cloud based backups are not really an option when I'm working remotely. On 9/28/2020 at 4:39 AM, UncleBobsPhotography said: The camera doesn't need to know the private key. Give the camera a public key the first time you set it up. To view the content, decrypt the material with a private key from the safety of your home on your home computer (or through a cloud based system). The main hassle would be that you would never be able to review your material from your camera, but neither would the authorities/whoever you are encrypting it from. This sounds ideal! Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 29, 2020 Share Posted September 29, 2020 2 hours ago, mtol said: My entire workflow requires me to encrypt files the minute they are out of camera. I think if it happens at the storage device level, the loss of speed is usually quite trivial. There is no practical solution I can imagine that would require a password to be entered for every single photo or video instance - likely just when the camera is powered on. But your encryption workflow involves a multi-GHz CPU, SSD or faster hard drives, and no other processes really clogging up the processing pipeline. Also, it sounds like we are still talking mainly about images. Encrypting a video feed in real time regardless of its final destination is no simple feat even for specialized equipment that is designed to do it. We are talking about tiny camera bodies here whose internals are optimized to move data from the sensor to the storage device very quickly. UncleBob's public key approach still has the problem with verifying the written file prior to clearing the buffer and does not account for video. In my opinion the only reliable way to account for both photos and video would be to have a dedicated chip in the camera with the private key; not just blindly encrypting files on the way to the storage medium and hope they write successfully. This approach would probably also be able to keep up with the read and write speeds the camera needs to function; the only downside being that the files aren't actually encrypted until the camera is turned off, the memory card is removed from the camera, or a an encryption button is pressed. BTW this is also how cell phones and computers do it as well, they have a dedicated chip like a TPM chip which is where the private keys are stored. I still think the best and simplest solution that is available right now is the encrypted USB storage solution. Now how many cameras can write directly to USB-C storage and what the adapter options are for this is a different story. You could have a device like this one in your pocket and no memory cards in the camera or dummy ones that will look empty to law enforcement, the only missing piece is a camera that will write to USB-C but I'd imagine one exists: https://www.zdnet.com/article/this-is-the-worlds-most-versatile-hardware-encrypted-usb-flash-key-with-prices-starting-at-59/ If no existing cameras will record directly to USB-C then THAT is what I would ask of camera makers, that would have much wider appeal and would solve your encryption problems. Quote Link to comment Share on other sites More sharing options...
mtol Posted September 29, 2020 Author Share Posted September 29, 2020 3 minutes ago, herein2020 said: You could have a device like this one in your pocket and no memory cards in the camera or dummy ones that will look empty to law enforcement, the only missing piece is a camera that will write to USB-C but I'd imagine one exists: https://www.zdnet.com/article/this-is-the-worlds-most-versatile-hardware-encrypted-usb-flash-key-with-prices-starting-at-59/ Definitely Black Magic Pocket Cinema 4k, among others. This a really cool device I wasn't aware of. 4 minutes ago, herein2020 said: But your encryption workflow involves a multi-GHz CPU, SSD or faster hard drives, and no other processes really clogging up the processing pipeline. Also, it sounds like we are still talking mainly about images. Encrypting a video feed in real time regardless of its final destination is no simple feat even for specialized equipment that is designed to do it. We are talking about tiny camera bodies here whose internals are optimized to move data from the sensor to the storage device very quickly. It's more that entire drives are encrypted and function without a major speed loss, and these include slow 5200 rpm drives and portables. 6 minutes ago, herein2020 said: UncleBob's public key approach still has the problem with verifying the written file prior to clearing the buffer and does not account for video. It looks like Magic Lantern worked on this a bit, but for .jpg and .cr2 only, and not for video.... https://www.magiclantern.fm/forum/index.php?topic=10279.0 Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 29, 2020 Share Posted September 29, 2020 29 minutes ago, mtol said: Definitely Black Magic Pocket Cinema 4k, among others. This a really cool device I wasn't aware of. It's more that entire drives are encrypted and function without a major speed loss, and these include slow 5200 rpm drives and portables. It looks like Magic Lantern worked on this a bit, but for .jpg and .cr2 only, and not for video.... https://www.magiclantern.fm/forum/index.php?topic=10279.0 Yes, it looks like they came to the same conclusion that I did....its not feasible for video. Also their implementation of encryption for the sake of speed is very weak. The 64 LFSR encryption method can be reversed in less than an hour with a fast enough modern computer, even they admitted it wasn't very good and had to be downgraded from the typical 256bit standard due to IO speeds and that was in 2014. Your comparison of 5200RPM drives is mixing apples and oranges, the drive read/write speed is not where you will see the most penalty, typically the encryption/decryption is done in the CPU which is where you could get up to a 30% hit when reading/writing to the encrypted drives. Modern CPUs tend to have way more power than most users need so you wouldn't notice the hit to the CPU unless you did a before and after benchmark and modern CPUs are designed to perform cryptographic functions efficiently. The problem of course as I mentioned earlier, is that cameras do not have all of these spare CPU cycles laying around or onboard TPM chips. In the Magic Lantern example the camera's CPU would be needed to encrypt every byte of data in real time which is where the performance penalty and unreliability would kick in. A camera cannot afford to lose 30% of its CPU and encounter up to 20%+ more storage latency when recording video or shooting bursts of images; the buffer would never have a chance to clear. The true hardware solutions like the USB-C drive I sent you manage to skip this penalty because you are technically writing to a storage space after passing through a dedicated encryption chip whose only purpose is to encrypt the data; data which can then only be read after the proper pin has been input into that dedicated encryption chip. Even though this may still incur a small penalty in IO, you manage to get enough remaining IO to conform to the USB-C standard which means it will have enough remaining IO bandwidth to meet the USB-C data transfer standards. Quick Google Search http://cherrybyte.blogspot.com/2012/11/quick-comparison-of-disk-performance.html https://www.phoronix.com/scan.php?page=article&item=2019-linux-encrypt&num=2 https://www.isumsoft.com/computer/how-much-does-bitlocker-impacts-on-hard-disk-io-performance.html Rivhop and mtol 2 Quote Link to comment Share on other sites More sharing options...
UncleBobsPhotography Posted September 29, 2020 Share Posted September 29, 2020 54 minutes ago, herein2020 said: UncleBob's public key approach still has the problem with verifying the written file prior to clearing the buffer and does not account for video. In my opinion the only reliable way to account for both photos and video would be to have a dedicated chip in the camera with the private key; not just blindly encrypting files on the way to the storage medium and hope they write successfully. I don't understand this problem. When writing a file to the memory card, the encrypted file will reside in memory (assuming a software solution) untill it is written to the memory card. After writing to the memory card, the encryped file on the memory card can be compared with the encrypted file in RAM before being removed from RAM. It's not necessary to decrypt it just to ensure that the write operation was successful. I agree with most of your points though, and my proposal is more like a DIY hack than a proper solution to encrypted cameras. Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 29, 2020 Share Posted September 29, 2020 2 hours ago, UncleBobsPhotography said: I don't understand this problem. When writing a file to the memory card, the encrypted file will reside in memory (assuming a software solution) untill it is written to the memory card. After writing to the memory card, the encryped file on the memory card can be compared with the encrypted file in RAM before being removed from RAM. It's not necessary to decrypt it just to ensure that the write operation was successful. I agree with most of your points though, and my proposal is more like a DIY hack than a proper solution to encrypted cameras. I think that's where we are disagreeing, I'll admit, I don't know anything about how much memory cameras have but I would imagine it would not be enough to store the entire file plus the encryption prior to writing to the memory card, especially when it comes to video. I just don't see a 100GB video file sitting in memory encrypted in its entirety before being written to the memory card. So in that case it would have to be an inline HW encryptor which goes back to the previous problem; how to verify the integrity of the file during the write operation if the camera cannot read it as it is writing it. Either that or cut the video into small encrypted chunks in real time based on the available memory which would be another problem entirely when it comes to trying to put the video back together (if its even possible). Even for images, I would imagine the speed hovering somewhere between unacceptable and unusable. What is interesting is the link to Magic Lantern that the OP provided; they tried this and ran into the exact problems I am describing; they didn't try it on video (probably due to the memory limitations) and the users were reporting a lot of corrupt files even for images; and that was using encryption that can be plaintext hacked within an hr. The only way this would work and be reliable IMO would be to either offload the encryption to the storage device like the USB-C device with physical buttons, or the camera makers would need to add a HW encryption module with the private key and keep the volume unlocked during operations. I can see the SW Public Key only solution working for a few images at a time under ideal conditions and maybe for JPGs, but not with any degree of reliability in many real world conditions. Quote Link to comment Share on other sites More sharing options...
UncleBobsPhotography Posted September 30, 2020 Share Posted September 30, 2020 6 hours ago, herein2020 said: I think that's where we are disagreeing, I'll admit, I don't know anything about how much memory cameras have but I would imagine it would not be enough to store the entire file plus the encryption prior to writing to the memory card, especially when it comes to video. I just don't see a 100GB video file sitting in memory encrypted in its entirety before being written to the memory card. So in that case it would have to be an inline HW encryptor which goes back to the previous problem; how to verify the integrity of the file during the write operation if the camera cannot read it as it is writing it. Either that or cut the video into small encrypted chunks in real time based on the available memory which would be another problem entirely when it comes to trying to put the video back together (if its even possible). Even for images, I would imagine the speed hovering somewhere between unacceptable and unusable. What is interesting is the link to Magic Lantern that the OP provided; they tried this and ran into the exact problems I am describing; they didn't try it on video (probably due to the memory limitations) I see your point now. Keeping the whole file in memory before writing to storage is definitely not a good idea for video. In theory I am sure it's possible to come up with a workaround (encrypting and writing parts of the file at a time), but that doesnt adress the issue that the camera lacks the prosessing power to encrypt video. So yes, the best approach would be a hardware solution. Maybe it would be a niche small enough for one of the smaller camera companies. Pentax, this is your chance to shine! Quote Link to comment Share on other sites More sharing options...
herein2020 Posted September 30, 2020 Share Posted September 30, 2020 11 hours ago, UncleBobsPhotography said: I see your point now. Keeping the whole file in memory before writing to storage is definitely not a good idea for video. In theory I am sure it's possible to come up with a workaround (encrypting and writing parts of the file at a time), but that doesnt adress the issue that the camera lacks the prosessing power to encrypt video. So yes, the best approach would be a hardware solution. Maybe it would be a niche small enough for one of the smaller camera companies. Pentax, this is your chance to shine! I think all camera makers should offer more cameras that can record to a USB-C device, on the other side of the USB-C interface you could have options for nearly unlimited cheap storage and USB-C is fast enough to keep up with the bus speed requirements for even the most demanding video bitrates. That would also solve the encryption wishlist by letting users use encrypted USB-C options and would keep camera makers out of the encryption business not to mention it would appeal to far more users than encryption alone. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.