Additionally, all five devices had vulnerabilities that could let an attacker track their location or manipulate their software. In the latter's case, that could include delivering malware to the device that might eventually give an attacker access to a police network. Further, Mitchell found that the devices lacked mechanisms to verify whether recorded footage is intact, had unsecured WiFi access points and had WiFi radios that gave away too much information about the devices themselves.
"With some of these vulnerabilities -- it's just appalling," Mitchell told Wired. "These videos can be as powerful as something like DNA evidence, but if they're not properly protected there's the potential that the footage could be modified or replaced. I can connect to the cameras, log in, view media, modify media, make changes to the file structures. Those are big issues."
In all, the findings point to a number of serious flaws that could threaten the integrity of body camera footage and, therefore, the whole point of body cameras themselves. "If there aren't reliable ways of ensuring that such equipment meets strong security standards, then something is deeply broken," ACLU Senior Policy Analyst Jay Stanley told Wired. "No police equipment should be deployed that doesn't meet such standards." Mitchell told Wired that he notified the five body camera companies of the issues he discovered and is working with them to close the vulnerabilities.