Watching the Watchers: Are You The Star Of an Encrypted Drone Video Stream?

Small aircraft with streaming video cameras are now widely available, for better or worse. Making eyes in the sky so accessible has resulted in interesting footage that would have been prohibitively expensive to capture a few years ago, but this new creative frontier also has a dark side when used to violate privacy. Those who are covering their tracks by encrypting their video transmission should know researchers at Ben-Gurion University of the Negev demonstrated such protection can be breached.

The BGU team proved that a side-channel analysis can be done against behavior common to video compression algorithms, as certain changes in video input would result in detectable bitrate changes to the output stream. By controlling a target’s visual appearance to trigger these changes, a correlating change in bandwidth consumption would reveal the target’s presence in an encrypted video stream.

Continue reading “Watching the Watchers: Are You The Star Of an Encrypted Drone Video Stream?”

The ChipWhisperer At Defcon

We’ve seen [Colin]’s entry to The Hackaday Prize before. After seeing his lightning talk at Defcon, we had to get an interview with him going over the intricacies of this very impressive piece of hardware.

The ChipWhisperer is a security and research platform for embedded devices that exploits the fact that all security measures must run on real hardware. If you glitch a clock when a microcontroller is processing an instruction, there’s a good probability something will go wrong. If you’re very good at what you do, you can simply route around the code that makes up the important bits of a security system. Power analysis is another trick up the ChipWhisperer’s sleeve, analyzing the power consumption of a microcontroller when it’s running a bit of code to glean a little information on the keys required to access the system. It’s black magic and dark arts, but it does work, and it’s a real threat to embedded security that hasn’t had an open source toolset before now.

Before our interview, [Colin] did a few short and sweet demos of the ChipWhisperer. They were extraordinarily simple demos; glitching the clock when a microcontroller was iterating through nested loops resulted in what can only be described as ‘counter weirdness’. More advanced applications of the ChipWhisperer can supposedly break perfectly implemented security, something we’re sure [Colin] is saving for a followup video.

You can check out [Colin]’s 2-minute video for his Hackaday Prize entry below.

Continue reading “The ChipWhisperer At Defcon”