Designfax weekly eMagazine

Subscribe Today!

Archives

View Archives

Partners

Manufacturing Center
Product Spotlight

Modern Applications News
Metalworking Ideas For
Today's Job Shops

Tooling and Production
Strategies for large
metalworking plants

Design flaws: How hackers can eavesdrop on security cameras -- and phone cams too

Capturing real-time video through walls isn't hard if you have an antenna and a little bit of engineering know-how. It could be a massive threat to billions of security and phone cameras.

By Cody Mello-Klein, Northeastern University

When it comes to protecting a bank or even your home, security cameras are one of the first lines of defense. But what if those cameras aren't as secure as we all think?

New research from Northeastern University confirms that there might be a massive gap in our security infrastructure -- and it comes from the very devices designed to protect it.

ECE/Khoury Professor Kevin Fu explains how easy it can be to eavesdrop on most modern cameras, as well as what cybersecurity measures you should take. [Credit: Photo by Matthew Modoono/Northeastern University]

 

 

 

 

Kevin Fu, a professor of electrical and computer engineering at Northeastern who specializes in cybersecurity, has figured out a way to eavesdrop on most modern cameras, from home security cameras and dash cams to the camera on your phone. Called EM Eye, short for Electromagnetic Eye, the technique can capture the video from another person's camera through walls in real time. It redefines the idea of a peeping Tom.

According to Fu, anyone with a few hundred dollars of equipment, a radio antenna, and a little bit of engineering know-how could do this. The problem, Fu says, is not the lens but the wires inside most modern cameras.

"With your typical security camera, on the inside there's a camera lens and then there's got to be something else on the inside, like a computer chip, that's got a wireless connection back to the internet," Fu says. "There are wires between two different chips inside [these cameras], and those wires give off electromagnetic radiation. We pick up that radio and then we decode it, and it just happens to be that we get the real-time encoded video."

Kevin Fu, Professor in the Department of Electrical & Computer Engineering. [Credit: Photo by Matthew Modoono/Northeastern University]

 

 

 

 

The data transmission cable that sends a video as bits and bytes ends up unintentionally acting as a radio antenna that leaks all kinds of electromagnetic information, including those bits and bytes. If someone had the desire and the technical knowledge, they could take that electromagnetic signal and reproduce the real-time video, without audio.

The technique exposes a gap in how manufacturers approach the design and production of cameras.

"The state of modern smartphone cameras is [manufacturers] try really hard to protect the intentional digital interfaces, the actual upload channel to the cloud," Fu says. "They don't appear to put a lot of effort into the leakage of information through unintended channels. They never intended for this wire to become a radio transmitter, but it is."

The version of the video that Fu and his team get is initially distorted -- it looks almost like an X-ray -- due to pixel loss in the process of being transmitted. However, using machine learning, Fu and his team were able to clean up the video to appear much closer to the original.

Fu and his team have tested EM Eye on 12 different kinds of cameras, including smartphone cameras, dash cams, and home security cameras. Results vary on how far away someone would have to be in order to eavesdrop on these different devices. For some, a peeping Tom would have to be less than 1 ft away; for others, they could be as far away as 16 ft.

However, he says, if someone had enough technical know-how, it would take very little to extend that range.

"A sophomore or junior in college could probably do it, but it does get into electrical and computer engineering skills to boost that distance," Fu says.

More importantly, since EM Eye eavesdrops on the wires, not a computer recording footage to a hard drive, your camera doesn't actually have to be recording in order for someone to eavesdrop on it.

"If you have your lens open, even if you think you have the camera off, we're collecting," Fu says. "Basically, anywhere there's a camera, now there's a risk of that live, real-time feed being collected by someone as close as a meter or so through walls."

Published February 2024

Rate this article