Security Threats
Images and video files stored on the RICOH THETA X are important information assets and require appropriate security measures to reduce the risk of information leaks and unauthorized use. To ensure safe use, the operating environment and equipment must be properly configured according to the user's information security policy.
Means of Control
THETA can be controlled via wireless LAN, wired LAN, LTE dongle, USB, Bluetooth®, and buttons/touch panels on the main unit. The security risks for each of these are as follows
Specifications
| Control Method | Initialization | Risk | Starting Procedure |
| Wireless LAN AP (access point) mode | OFF | SSID and encryption key can be used to remotely connect and control the device, which requires proper management. | Enable the function before connecting from the device. |
| Wireless LAN CL (Client) Mode | OFF | Even if Digest Authentication is set, proper management is required because the user name and password can be controlled via WebAPI if they are compromised. | Enable the function after making the necessary settings for connection using the API. |
| Wired LAN | OFF | As with wireless LAN (CL mode), proper management is required. | A wired LAN adapter must be connected to the USB port. |
| LTE Dongle | OFF | Remote control using WebAPI is not possible. | LTE dongle must be connected to the USB port. |
| USB(MTP) | ON | Connect to a PC via USB cable to retrieve images and video files stored on THETA. Please note the operating environment. | Connection via USB cable capable of data transmission is required. |
| USB(UVC) | OFF | Video and audio can be acquired from THETA by connecting to a PC with a USB cable. Pay attention to the operating environment. | Requires activation of the function and connection with a USB cable capable of data communication. |
| Bluetooth® (Low Energy) (Low Energy) |
OFF (~v2.00) ON(v2.00~) |
Communication via NumericComparison or proprietary authentication procedures is available. Please note the environment in which the device is used, as the connection can be allowed by operating the device and information can be acquired via BLEAPI. | Connection from the device is required. |
| Bluetooth® (Classic) (Classic) |
OFF(~v2.00) ON(v2.00~) |
Allows connection to devices with specific profiles. | Registration is required from the touch panel on the main unit. |
| Operation Buttons | No Lock | The power button turns power on and off, and the touch panel turns wireless LAN and Bluetooth® on and off. Settings can also be reset. Please pay attention to the operating environment. | Power ON |
The configuration ranges and procedures related to each operating method are as follows
Wireless LAN
Wireless LAN can be set to OFF, AP mode, or CL mode. Wireless LAN is turned off in Sleep mode.
How to use
Swipe the shooting screen from top to bottom and tap the wireless LAN icon to turn wireless LAN off and on.
By selecting [Client Mode], you can enable the client mode. You can also use the API to select the mode.
By selecting [Wireless Power Saving Settings], [Speed Priority (MIMO)] and [Power Saving Priority (SISO)] can be selected.
Setting Value
| Set value | Default value | Setting Method | Description | |
| Network type | OFF | WebAPI | Options._networkType | Network type to use |
| MTPAPI | 0xD81D NetworkType | |||
| BLEAPI | Set network type Set Options |
|||
| Wireless LAN antenna settings | MIMO (from 2.70) SISO(~2.70) |
WebAPI | Options._wlanAntettaConfig |
Switch between SISO and MIMO |
| MTPAPI | N/A | |||
| BLEAPI | Set Options |
|||
AP (Access Point) Mode
AP (Access Point) Mode
| Network Interface | Wireless LAN
1.WPA2-Personal 2.Encryption method: AES 3.Wireless LAN mode: Access Point The default specifications are as follows SSID: ""THETA""+""serial number""+"".OSC""" Encryption key (passphrase): Random 8-digit string (some models after v3.50) Encryption key (passphrase): last 8 digits of serial number The encryption key can be checked from [Communication Information] with AP mode enabled. |
| Service Protocol | HTTP |
| Service Protocol Authentication Method | None |
| Service Protocol Encryption Method | None | Provided Services | The Web API specification is available at https://docs-theta-api.ricoh360.com/web-api/index.html |
How to use
- Turn on the THETA and operate the touch panel to switch to AP mode.
- Search for the THETA's SSID (by default, the THETA's serial number (2 letters + 8 digits) + .OSC) from the device you are using.
- Connect to THETA's SSID from the device you are using. At this time, you will need to enter the encryption key.
Setting value
| Setting value | Initial value | Setting Method | Description | |
| SSID | Serial number (2 alphabetic characters + 8 digits) + .OSC | WebAPI | Options._ssid Can be set/obtained in WLAN AP mode |
Name to identify the THETA's WLAN |
| MTPAPI | N/A | |||
| BLEAPI | Set Options |
|||
| Encryption Key (Passphrase) | Set per device | WebAPI | Options.wifiPassword Encryption key can be set Options._defaultWifiPassword Allows you to retrieve the factory default encryption key |
Encryption key used when connecting in AP mode Can be changed using the RICOH360 Smartphone App Passwords can be set to a length of eight digits, but this makes them vulnerable to brute force attacks. Please take measures such as making the password longer or selecting characters from multiple sets, including uppercase and lowercase letters, numbers, and special characters. |
| MTPAPI | 0xD806 Passphrase |
|||
| BLEAPI | Set Options Allows you to set the encryption key Get Options Allows you to retrieve the factory default encryption key Read WLAN password state Allows you to retrieve the encryption key update status |
|||
| Frequency setting | 2.4GHz | WebAPI | Options._wlanFrequency Can be set/retrieved in WLAN AP mode Can be retrieved in WLAN CL mode |
Frequency setting used in AP mode |
| MTPAPI | 0xD821 Wlan Frequency | |||
| BLEAPI | Set Options |
|||
CL (Client) mode: Control via WebAPI
Specification
| Network Interface | Wireless LAN 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES 3.Wireless LAN mode: Client(Station) SSID and password of the access point to be connected must be set. Wired LAN (USB-LAN adapter) 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES |
| Service Protocol | HTTP Detect the camera IP address using mDNS |
| Service Protocol Authentication Method | HTTP Digest Access Authentication |
| Service Protocol Encryption Method | None |
| Provided Services | The Web API specification is available at https://docs-theta-api.ricoh360.com/web-api/index.html |
How to use
When controlling via the API, digest authentication settings are required. It is also necessary to configure settings according to the network used.
When using the wireless LAN CL mode, information on the router to be connected must be registered. These settings must be configured using wireless LAN or BLE or MTP. Router information can also be registered by operating the unit.
When using wireless LAN (AP mode)
- Connect in AP mode.
- Set the user name and password for digest authentication.
- Set the frequency band to be used.
- Register the router to be connected.
When setting up via Bluetooth® (standard)
- Turn on the THETA.
- Search for Bluetooth® (8-digit alphanumeric code) from the device to be used.
- When connecting from the device, a 6-digit PIN code will appear on both the device and the THETA, make sure both are the same and select OK.
- Depending on the device, you may be asked for permission to connect before the PIN code is displayed.
- Set the user name and password for Digest Authentication.
- Register the router to be connected.
(A) Register router information directly (using Camera Control Command v2).
(B) Detect the router with THETA (using WLAN Control Command v2)
When setting up via MTP
- Turn on the THETA.
- Connect to PC via USB.
- Set the user name and password for digest authentication. (The router to be connected via MTP cannot be registered.
When setting up router information using the THETA
- Turn on the THETA.
- Swipe the shooting screen from top to bottom.
- Select [Client Mode] and then [ON].
- Select the router you wish to connect to.
- If you select [Add Network], you can also register using the information scanned from the QR code.
- Enter the password. Tap [Aa1#] in the lower left corner to change the input character. <>Use <> to move to the next character.
- When you have finished entering (selecting) the password, tap [Connect] in the upper right corner.
Set value
| Set value | Initial value | Setting Method | Description | |
| Authentication method | digest | WebAPI | N/A | Authentication method used in CL mode |
| MTPAPI | N/A | |||
| BLEAPI | N/A | |||
| Digest Authentication User Name | THETA+ serial number (2 alphabetic characters + 8 digits) | WebAPI | Options._username Can be set in WLAN AP mode |
User name used for digest authentication |
| MTPAPI | 0xD815 Username |
|||
| BLEAPI | Set Options |
|||
| Digest Authentication Password | Not set or 8 digits of serial number (2 alphabetic characters + 8 digits) | WebAPI | Options._password Can be set in WLAN AP mode |
Password to be used for Digest Authentication. Cannot be used unset. Passwords can be set to a length of eight digits, but this makes them vulnerable to brute force attacks. Please take measures such as making the password longer or selecting characters from multiple sets, including uppercase and lowercase letters, numbers, and special characters. |
| MTPAPI | 0xD816 Password |
|||
| BLEAPI | Set Options |
|||
| Access Point Information | Not set | WebAPI | camera.setAccessPoint Can be set in WLAN AP mode |
Information on access point (router) to be connected in WLAN CL mode |
| MTPAPI | N/A |
|||
| BLEAPI | Set Access Point |
|||
| Proxy Information | Not set | WebAPI | camera.setAccessPoint |
Proxy information to connect in wireless LAN CL mode |
| MTPAPI | N/A | |||
| BLEAPI | N/A | |||
Wired LAN
How to use
When controlling via API, digest authentication settings are required. Settings must also be made according to the network used.
These settings must be made using wireless LAN or BLE (standard/proprietary specifications) or MTP.
Also, swipe the shooting screen from top to bottom and set [USB Power Settings] to [Automatic].
After completing the settings, connect the wired LAN adapter and connect it to the router with a wired LAN cable.
When setting up in wireless LAN (AP mode)
- Connect in AP mode.
- Set user name and password for Digest Authentication.
- Set the wired LAN connection configuration if necessary.
When configuring via Bluetooth® (standard)
- Turn on the THETA.
- Search for Bluetooth® (8-digit alphanumeric code) from the device to be used.
- When connecting from the device, a 6-digit PIN code will appear on both the device and the THETA, make sure both are the same and select OK.
- Depending on the device, you may be asked for permission to connect before the PIN code is displayed.
- Set the user name and password for Digest Authentication.
- Set the wired LAN connection configuration if necessary.
When configuring via MTP
- Turn on the THETA.
- Connect to a PC via USB.
- Set the user name and password for Digest Authentication. Wired LAN connection configuration cannot be set via MTP.
Setting value
| Set value | Default value | Setting Method | Description | |
| Wired LAN connection settings | ipAddressAllocation="dynamic" | WebAPI | Options._ethernetConfig Can be set/retrieved in WLAN AP/CL mode |
Configuration for wired LAN connection |
| MTPAPI | N/A | |||
| BLEAPI | N/A | |||
| Authentication method | digest | WebAPI | N/A | Authentication method used in CL mode |
| MTPAPI | N/A | |||
| BLEAPI | N/A | |||
| Digest Authentication User Name | THETA+ serial number (2 alphabetic characters + 8 digits) | WebAPI | Options._username Can be set in WLAN AP mode |
User name used for digest authentication |
| MTPAPI | 0xD815 Username |
|||
| BLEAPI | Set Options |
|||
| Digest Authentication Password | Not set or 8 digits of serial number (2 alphabetic characters + 8 digits) | WebAPI | Options._password Can be set in WLAN AP mode |
Password to be used for Digest Authentication. Cannot be used unset. Passwords can be set to a length of eight digits, but this makes them vulnerable to brute force attacks. Please take measures such as making the password longer or selecting characters from multiple sets, including uppercase and lowercase letters, numbers, and special characters. |
| MTPAPI | 0xD816 Password |
|||
| BLEAPI | Set Options |
|||
CL (Client) Mode: Controlled by RICOH360 Cloud
Specifications of RICOH360 Cloud
| Network Interface | Wireless LAN 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES 3.Wireless LAN mode: Client(Station) SSID and password of the access point to be connected must be set. Wired LAN (USB-LAN adapter) 4G LTE (USB-LTE adapter) Tethering connection 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES |
| Service Protocol | MQTT |
| Service Protocol Authentication Method | MQTT connection with mutual TLS(mTLS) authentication |
| Service Protocol Encryption Method | TLS |
CL (Client) mode: live streaming
Specifications
| Network Interface | Wireless LAN 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES 3.Wireless LAN mode: Client(Station) SSID and password of the access point to be connected must be set. Wired LAN (USB-LAN adapter) 4G LTE (USB-LTE adapter) Tethering connection 1.Authentication Method: none, WEP, WPA/WPA2-PSK 2.Encryption method: AES |
| Service Protocol |
WebRTC WebSocket-TLS |
| Service Protocol Authentication Method | JWT |
| Service Protocol Encryption Method | TLS, SRTP, TLS |
Methods in use
In preparation
Mobile network (LTE dongle)
How to use
Connect the LTE dongle and use the main unit menu to configure mobile network settings as needed.
Bluetooth®
Bluetooth® Low Energy (BLE) and Bluetooth® Classic are controlled simultaneously. Bluetooth® Classic is enabled by default; to control THETA, you must be connected via BLE.
Note that Bluetooth® Classic is turned off in sleep mode.
Specifications
| Interface |
Bluetooth® Low Energy 1. Profile: GATT 2. Security: Some models have multiple connections. BLE(standard) - BLE Security mode 1 - BLE Security Connections level4 - Numeric Comparison Pairing (Bluetooth® standard 4.2 or higher) * Supports characteristics that correspond to BLE Security mode 1/BLE Security Connections level 4. BLE(proprietary) :Used only by RICOH smartphone apps - BLE Security mode 1 - RICOH proprietary pairing 3. BLE mode: Peripheral |
| Service Protocol | GATT |
| Service Protocol Authentication Method | BLE(standard) FIPS, Numeric Comparison Pairing BLE(proprietary) :Used only by RICOH smartphone apps RICOH proprietary pairing |
| Service Protocol Encryption Method | BLE(standard)
AES-CCM BLE(proprietary) :Used only by RICOH smartphone apps None |
Provided Services | The Bluetooth® API specification is available at https://docs-theta-api.ricoh360.com/bluetooth-api/ Camera control command v2 service WLAN Control Command service WLAN Control Command v2 service Registration to RICOH360 Cloud can only be performed with RICOH applications. |
Usage
Connect via Bluetooth®: BLE(standard)BLE/Bluetooth® Classic is enabled by default (v2.00~).
If disabled, it must be enabled using the API or by operating the main unit. The THETA can be controlled as a peripheral device by following the steps below.
- Turn on the THETA.
- Swipe the shooting screen from top to bottom and tap the Bluetooth® icon to enable Bluetooth®.
- Search for the THETA (the last 8 digits of the serial number) via Bluetooth® from the device you are using.
- Once connected from the device, a 6-digit PIN code will appear on both the device and the THETA, make sure both are the same and select OK.
- Some devices may ask permission to connect before the PIN code is displayed.
When connecting an external device such as a headset or remote controller, the device must be connected using the unit's controls.
Connecting via Bluetooth®: BLE(proprietary)
BLE/Bluetooth® Classic is enabled by default (v2.00~).
If disabled, it must be enabled using the API or by operating the unit. The THETA can be controlled as a peripheral device when connected according to the following procedure.
- Turn on the THETA.
- Swipe the shooting screen from top to bottom and tap the Bluetooth® icon to enable Bluetooth®.
- Connect from the RICOH Smartphone App.
- A connection permission request from the app will be displayed, allow it.
To connect an external device such as a headset or remote controller, the device must be connected via the unit's operation.
Setting value
| Setting value | Initial value | Setting method | Description | |
| Bluetooth® status | OFF(~v2.00) ON(v2.00~) |
WebAPI | Options._bluetoothPower Can be set/obtained in WLAN AP/CL mode |
Enables/disables Bluetooth® switching |
| MTPAPI | N/A | |||
| BLEAPI | Set Options |
|||
USB
Specifications
| Interface | Compliant with the following standards: USB Spec.3.2 super speed standard USB2.0 High speed standard |
| Service Protocol | MTP (Media Transfer Protocol) UVC (USB Video Class) |
| Service Protocol Authentication Method | None |
| Service Protocol Encryption Method | None | Provided Services | The MTP API specification is available at https://d ocs-the ta-api.ricoh360.com/usb-api/ |
How to use
When controlling via USB, it must be determined whether the device is to be used as an MTP device or a UVC device.
When setting up via button operation
- Turn on the THETA power.
- Connect to a PC with a USB cable.
- Press the Mode button to switch between still image, movie, and live streaming (UVC).
- Swipe the shooting screen from top to bottom and set [Auto Switch Live Streaming] to [On] to automatically switch to UVC when connected to a PC.
Operating Device
Operation of the unit's power button, mode button, and touch panel cannot be inhibited.
Device Settings
Location and date/time information is recorded on images and videos. These settings affect the integrity of the information.
Location Information
You can specify whether to add location information to images and videos. If positioning is not possible with the built-in GPS, location information can be set using the API.
The azimuth information acquired using the electronic compass is recorded in magnetic north.
When the icon is white, built-in GPS positioning is available.
Setting value
| Setting value | Default value | Setting Method | Description | |
| Location | Not set | WebAPI | Options.gpsInfo Can be set/retrieved in WLAN AP/CL mode |
Location information |
| MTPAPI | 0xD801 GpsInfo | |||
| BLEAPI | Set Options |
|||
| Assign location information | on | WebAPI | Options._gpsTagRecording Can be set/retrieved in WLAN AP/CL mode |
Select whether to add location information |
| MTPAPI | 0xD832 GPStagRecording | |||
| BLEAPI | Set Options |
|||
Date and time information
Allows you to set the date and time information for this product.
When date and time information is obtained from NTP, the time is also corrected, but the time zone is not.
The time zone can also be set by operating the main unit. Swipe down from the top of the shooting screen and select [Date/Time Settings].
Set value
| Set value | Default value | Setting Method | Description | |
| Date, time, and time zone information | 2021/01/01 00:00:00 |
WebAPI | Options.dateTimeZone Can be set/obtained in WLAN AP/CL mode |
Date, time, and time zone information |
| MTPAPI | 0x5011 DateTime | |||
| BLEAPI | Set Options |
|||
Set power status
The API can be used to control the camera power. However, it is not possible to wake up the camera from a powered-off state.
The camera buttons can be used to control power on, sleep, and power off.
Setup Value
| Setup Value | Default value | Setting Method | Description | |
| Power status | OFF | WebAPI | Options._cameraPower Can be set/retrieved in WLAN AP/CL mode |
Set power status |
| MTPAPI | 0x1013 PowerDown 0xD80E SleepMode |
|||
| BLEAPI | Set Options |
|||
| Sleep mode setting | ON | WebAPI | Options._powerSaving Can be set/retrieved in WLAN AP/CL mode |
Power saving mode enable/disable setting |
| MTPAPI | N/A | |||
| BLEAPI | Set Options |
|||
| Sleep Mode Transition Time | 180 (seconds) |
WebAPI | Options.sleepDelay Can be set/obtained in WLAN AP/CL mode |
Period of inactivity (in seconds) before entering sleep mode |
| MTPAPI | 0xD803 SleepDelay | |||
| BLEAPI | Set Options |
|||
| Power off transition time | 43200 (seconds) |
WebAPI | Options.offDelay Can be set/retrieved in WLAN AP/CL mode |
Period of inactivity from sleep mode to power off (60+ seconds in seconds) |
| MTPAPI | 0xD81B AutoPowerOffDelaySec |
|||
| BLEAPI | Set Options |
|||
Device Log
The device logs at least 1000 events for critical information assets such as images and video files.
This log can be accessed via WebAPI.
| API Name | getEventLog |
| URL /log/eventLog/eventLog | /log/eventLog |
| Content-Type | Text/plain; |
| Charset | Charset=UTF-8 |
| method | GET |
Vulnerability Response
We recommend firmware updates to address software vulnerabilities. Firmware update information will be posted on our website and smartphone applications.
https://support.ricoh360.com/system-information
How to update the firmware
Please refer to the User's Manual for instructions on how to update the firmware.
Update using the RICOH360 Smartphone App
https://support.ricoh360.com/manual/x-ricoh360-app-firm-update-01Update using the basic application for PCs
https://support.ricoh360.com/manual/x-update-02?apps=ricoh-thetaUpdate from RICOH360 Cloud
https://support.ricoh360.com/manual/ricoh360-web-08Update via THETA itself
When connected via wireless LAN CL mode, wired LAN, or LTE dongle, the THETA can check for firmware updates. If an updated firmware is found, the update can be performed.
Swipe the shooting screen from top to bottom and select [Firmware Update] to check for firmware updates.
Deleting and initializing registered information
The connection information stored on the THETA main unit can be initialized by performing the following operations.
To delete the RICOH360 registration on the THETA main unit, delete it from the application.
Images and videos stored on the THETA main unit can also be deleted from a USB-connected PC.
| Registration information | Initialization to factory defaults | Reset settings | Initialization of connection information | Storage Format |
| API | Swipe down from the top of the shooting screen to select/API | Swipe down from the top of the screen to select/API | Swipe down from the top of the shooting screen to select/API | |
| Network Type | Initialize ( OFF ) | Initialize ( OFF ) | N/A | N/A |
| Wireless LAN Antenna Settings | Initialize ( MIMO ) | N/A | N/A | N/A |
| SSID | Initialize | Initialize | N/A | N/A |
| Encryption key (passphrase) | Initialize | Initialize | N/A | N/A |
| Frequency setting ( AP mode ) | Initialize ( 2.4GHz ) | Initialize ( 2.4GHz ) | N/A | N/A |
| Digest Authentication User Name | Initialize | Initialize | N/A | N/A |
| Digest Authentication Password | Initialize | Initialize | N/A | N/A |
| Access point information | Initialize ( delete ) | Initialize ( delete ) | N/A | N/A |
| Proxy information | Initialize ( delete ) | Initialize ( delete ) | N/A | N/A |
| Wired LAN connection settings | Initialize | Initialize | N/A | N/A |
| Mobile network settings | Initialize | N/A | N/A | N/A |
| Bluetooth® Status | Initialize | Initialize | N/A | N/A |
| Connection information with Bluetooth® peripherals | Initialize ( delete ) | N/A | Initialize ( delete ) | N/A |
| Connection information with Bluetooth® terminal | Initialize | N/A | Initialize | N/A |
| Location information set by API | delete | N/A | N/A | N/A |
| Assign location information | Initialize ( ON ) | Initialize ( ON ) | N/A | N/A |
| Date, time, and time zone information | Initialize | Initialize | N/A | N/A |
| Power saving mode setting | Initialize ( ON ) | Initialize ( ON ) | N/A | N/A |
| Sleep mode transition time | Initialize | Initialize | N/A | N/A |
| Power off transition time | Initialize | Initialize | N/A | N/A |
| Still image/video file | Initialize ( delete ) | N/A | N/A | Initialize ( delete ) |
| Device log | Initialize ( delete ) | N/A | N/A | N/A |
| RICOH360 Registration Information | Initialize ( delete ) | N/A | N/A | N/A |
Set value
| Type of processing | Operation Method | Setting Method ( API ) | |
| Initialization to shipping state | N/A | WebAPI | camera._initializeDevice Can be set/obtained in WLAN AP/CL mode |
| MTPAPI | N/A | ||
| BLEAPI | N/A | ||
| Reset Settings | Swipe down from the top of the shooting screen Select [Reset Settings |
WebAPI | camera.reset Can be set/retrieved in WLAN AP/CL mode |
| MTPAPI | 0x1017 ResetDevicePropValue [*1]. |
||
| BLEAPI | N/A | ||
| Initialize connection information | Swipe down from the top of the shooting screen and select Select [Reset Connection Information |
WebAPI | camera._deleteAccessPoint [*2]. Can be set/obtained in WLAN AP/CL mode |
| MTPAPI | N/A | ||
| BLEAPI | N/A | ||
| FORMAT | Swipe down from the top of the shooting screen to Select [Format: Internal Memory] or [Initialize: Card]. |
WebAPI | camera.delete Can be set/retrieved in WLAN AP/CL mode |
| MTPAPI | 0x100B DeleteObject | ||
| BLEAPI | N/A | ||
[*1] Reset the DeviceProperties defined in the MTP.
[*2] Deletes access point information configured via API.