When Nikon launches a new digital SLR they tend to be very impressive. LO: For me, one of the kind of overarching issues that this report points to is, obviously this vulnerability, but you know, also mobile app permissions and how it’s possible for, in this specific instance, any application without specific permissions to control the Google camera app, and force it to take photos or record videos.
In a worst-case scenario, this vulnerability can be exploited to do things like record the user’s video during a call, scrape location information from GPS metadata of photos if the location tagging is enabled in the camera app (and effectively get the phone’s current location), and more.
The direction of the slant depends on the direction the shutter curtains run in (noting also that as in all cameras the image is inverted and reversed by the lens, i.e. “top-left” is at the bottom right of the sensor as seen by a photographer behind the camera).
After that was granted, the app was then able to take photos and record videos on the victims’ phone (even if the phone is locked and the screen is turned off), access stored videos and photos, and the GPS metadata embedded in stored photos (to potentially locate the users).
There are a lot of features in this camera you find in much more expensive models, like Dual Pixel AF, 4K recording (with a 1.7x crop), built-in image stabilization (for video capture only in the form of Movie Digital IS), a microphone port, and a fully-articulating touchscreen that is suitable for vlogging.