Dmitry Sklyarov and his colleagues at Elcomsoft have cracked the "image verification" system in high-end Canon cameras; this system digitally signs the photos you take so any alternations, "touch ups" or other modifications can be detected. Sklyarov (who became a cause celebre when he broke the DRM on Adobe's ebooks and was thrown in jail by the FBI at Adobe's behest) and his team have a sense of humor -- they've produced correctly signed images of astronauts planting the Soviet flag on the moon and the Statue of Liberty holding a sickle, among others.
The problem is that the HMAC sits in the camera's RAM in a de-obfuscated form and can be extracted, according to Sklyarov. It is also possible to extract the HMAC from the camera's Flash ROM and manually de-obfuscate it. Canon also released a third version of ODD, which Sklyarov was also able to break and forge the ODD. Elcomsoft has written a program that can analyze a camera's processor and firmware.The problem, of course, is that for this system to work, the camera has to keep a secret from its owner -- and if one camera owner manages to extract the secret, all cameras fall. According to NetworkWorld, Sklyarov offers a silly remedy for this: "Canon should prevent its cameras from running non-Canon code to avoid the use of software tools by an attacker" -- that is, use DRM to control which code can run on a Canon camera (there is a thriving world of hobbyists who have improved the Canon firmware).The problem is a design flaw and can't be fixed, according to Elcomsoft. Sklyarov said he was able to extract the HMAC keys for the following models: EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D.
Dmitry Sklyarov and co. crack Canon's "image verification" anti-photoshopping tool
Backlink: http://feeds.boingboing.net/~r/boingboing/iBag/~3/5zDr8YfeqYo/dmitry-sklyarov-and.html
