ShutterCount 4.8 Released

March 13, 2021 by

The latest update to my ShutterCount app is now available on the App Store for Mac, iPhone and iPad. This update brings a few under-the-hood changes.

The computer technology world is loud with privacy-related issues these days, and we highly value Apple’s efforts at the conceptual level. Unfortunately, their implementation is a hot mess, being a constant source of headache for me in the last couple of years.

Case in point: iOS 14 requests the user’s permission to allow an app to access the local network, which for example ShutterCount requires for Wi-Fi and Ethernet camera pairing and connections. For several users, this is just one more annoying popup, and choose “Don’t Allow” just to be safe. And then they try to pair a network camera, which will fail. In better case they contact our support, but leaving a bad review tends to be the norm.

Wouldn’t it be nice to ask iOS about the state of this permission before pairing so that we can inform the user that he/she denied access? Absolutely, but iOS doesn’t provide that functionality for developers… Half-baked mess…

Fortunately we were able to develop a clever workaround and the app warns users about the missing permission right on the spot.

Well, people who ignore every and all error messages will still be a problem, but that’s a topic for another day.

The next change is that ShutterCount on iOS 14 no longer needs full Photos access to read a Nikon or Pentax shutter counter from a photo.

Just choose the image from your photo library, and that’s all. On the flip side, if that image happens to be in iCloud, we can’t show you a download progress indicator, because Apple forgot to provide download progress information. Half-baked mess again…

Now something we’re very proud of:

We are in the business of making and selling software to you, and not selling your private life to some sneaky data brokers. This is one reason why the prices of our apps are what they are.

Lastly, we’ve updated error messages on the Mac to cover the situation where the connection can’t be made because of a corrupted memory card.

The update is free for existing users. New users can download ShutterCount from the respective App Store.

Filed Under: My Apps, Photo Software Tagged With: , , ,

Privacy Issue With Canon Copyright Info Setting

November 10, 2020 by

I work with Canon cameras a lot as a developer, and sometimes discover nasty things in their firmware. Most of the time these are just annoyances that delay or block some feature’s availability, but what I recently found may have a serious impact on every Canon EOS camera user’s privacy.

To demonstrate the issue I’ll use my ShutterCount app, which among many other things, can display camera data in question.

The Problem

You are a photographer who cares about intellectual property rights and thus properly set up copyright info in the camera. This consists of four fields: owner name, artist name, copyright and (on newer pro cameras) IPTC info.

Now, you are also privacy-conscious, and delete these before selling a camera to a used equipment dealer. You use the camera’s Delete copyright information menu item, thinking that it will remove everything. Unfortunately this isn’t the case. Besides not touching owner and IPTC fields at all, it only replaces the very first character of the author name and copyright fields with a zero, leaving your previously set copyright information in the camera.

ShutterCount‘s new Raw Copyright Information feature reveals deleted data.

Moreover, setting a shorter-than-previous author or copyright using the camera’s menu will just overwrite the newly entered characters, leaving part of the previous longer text unmodified.

Red characters mark the leftover, black characters are legitimate, currently active text. Zero memory values are displayed as spaces for better legibility.

Leftover after setting shorter text in-camera.

The remote control interface is also affected. Using EOS Utility (and possibly many other remote control apps) will fill the remainder of these fields with arbitrary memory contents of the camera. Actually this is what triggered my research into the issue: I saw part of my address from the IPTC info in the author field.

The garbage EOS Utility leaves. Note parts of the previous values!

As far as I know, this behavior is exhibited by every single Canon EOS digital camera model announced since 2007.

Consequences

Your identity may be exposed to anyone who buys your camera through a used equipment dealer. I don’t know about you, but the idea that some camera-illiterate idiot will bug me after buying my old camera through a shop makes me uncomfortable.

Or worse, your long-sold camera may be found on a crime scene, and CSI finds the copyright info that accuses you being connected with the crime. Creepy, isn’t it?

Yeah, private information leaks are creepy. But this bug is double-edged sword, and may be terribly useful every once in a while.

Suppose your camera was stolen, and the thief deleted your copyright with the aforementioned menu command. Law enforcement will be able to reveal that it actually belongs to you.

Used equipment dealers may also benefit from it, being able to double-check the camera’s owner.

Mitigation

There’s a zero-cost method, which takes some time, but there’s also an automated method, which costs a few bucks.

The zero-cost method is to first delete both the owner and and IPTC info with EOS Utility, then go into the camera’s menu and completely fill the author and copyright fields with spaces, or X characters (or anything you would like), and save them. Then use the Delete copyright information menu item.

If you prefer the automated method, ShutterCount‘s Wipe Personal Data command will securely wipe all ownership and copyright information from the camera. This feature is available in the Pro version, or after you purchased the Plus Plack in the regular version.

I’d like to mention that the Copyright Information Template in both my ShutterCount and Kuuvik Capture apps will set the author and copyright fields properly, removing any previous leftover.

Ultimately I hope Canon will step up and address this issue by properly zero-padding the author and copyright fields, regardless of whether they were set in-camera, or remotely.

Exploiting It for Good Purposes

As you know by now, ShutterCount can reveal the extraneous information contained in the author and copyright fields, and can be used by anyone who has a reason to peek into that. It displays the dialog box what you see on the screen shot above.

I’m sure used camera shops and law enforcement agencies will find this feature rather useful. And hope that camera shop personnel will go through their used assets now, wiping personal data from every single one of them as a courtesy to previous owners.

The mentioned features are available in ShutterCount 4.7 or later. The Raw Copyright Information and Wipe Personal Data commands are on the Camera menu on macOS and under Camera Settings on the More tab on iOS.

Filed Under: My Apps, Photo Equipment, Photo Software Tagged With: , , , ,