× Search


Potential Privacy Bug with virtually all of Canon cameras
/ Categories: News, Canon General News
This post may contain affiliate links(s). An affiliate link means I may earn advertising/referral fees if you make a purchase through my link, without any additional cost to you. It helps to keep this site afloat. Thank you in advance for your support. If you like what we do here, maybe buy me a coffee.

Potential Privacy Bug with virtually all of Canon cameras

What shuttercount author Laszlo Pusztai found was that Canon deletes the author/copywright data from the cameras and leaves remanents around so that other programs can possibly read what was deleted prior.

The deletion seems fine; as it's the nature of how you handle string data in programming such as languages such as C, or C++. where a 0 value determines the end of the string.  Thus Canon placing a 0 at the beginning of the author/copywright string means that any normally formed string reader, would not see the rest of the data.  For instance, if I have a string of 20 characters, and it's filled with "CANONNEWS", it's stored as "CANONNEWS[0]". If I delete the contents, and you inspected the memory directly you'd see "[0]ANONEWS[0]". Reading the string, would get to the first 0 and stop, returning you an empty string.  This is the exact behavior that Laszlo is describing in his article.

This is pretty common, I mean, it's REALLY common. So what Canon is doing here to delete the data is correct from a programmatic standpoint, but perhaps not a privacy standpoint.  Though I have to admit, that if we critically looked at string data as a byte() array we'd have to re-program most of the computer systems in the world today.

What we don't see when you take an image, will that data transfer into the EXIF? VERY highly unlikely because again the EXIF contents are string data, and that would end at the first 0 value.

The bug seems that Canon's API is not itself handling this correctly and allowing programs to see past the 0, and thus is reading the data as a buffered byte array and not as a string.  There should be no way of reading past the first 0 value.

It also appears as if Shuttercount is ignoring the 0 value, and reporting the byte data as well.  Many other programs may do this as well.

I do think there are privacy issues here, however, it's highly unlikely anything serious would ever happen. It's easily provable that the data was in fact removed by identifying the first 0 byte in the data. Any type of forensics would obviously see this as well. it's unlikely anyone would forensically have the talent to drill into the camera's data areas and not recognize the significance of the 0 byte value.

You may decide that wiping all personal data is the way to go - in which case, you may need to use shutter count's wipe personal data, which effectively writes 0's to all memory locations for the author/copywright fields.  Doing a full reset of the camera would also likely wipe the data, however, I don't know that for sure.  If all else fails you can write XXXXXXXXXXXXX's to the author and copyright fields using EOS Utility and effectively wipe out that data as well.

I suspect that Canon will need to patch the EOS Utility API that everyone uses to access these areas to no return a byte() data value and return string data value, which would never show the old information.

Previous Article Canon's Earth Imaging Satellite successfully launched
Next Article Canon C70 Manual Available - and Review
blog comments powered by Disqus

Keep In Touch


Our Sponsors

Want to buy me a coffee?

Free Shipping to the USA and Canada*

Use CANONNEWS for $10 off AuroraHDR

Use CANONNEWS for $10 off Luminar

*Conditions may apply


Terms Of UsePrivacy Statement© 2024 by CanonNews. This site is not affiliated with Canon Inc. or it's subsidiaries.
Back To Top