Is Sony's Camera Firmware Updater a Security Risk?

Sony A7Riii

Firmware is data that is usually stored on a camera's or any hardware's read-only memory (ROM) that basically tells the device exactly how to operate. Unlike software like OS X or Windows which can be changed or deleted easily, firmware requires a special program to be modified. Why? The updates are usually crucial ones, that tell the device exactly how to do things and if your techno-illiterate uncle is allowed to mess with the firmware in the camera menu, he's probably going to turn that camera into a paperweight. 

Oftentimes, the longer a camera is in service the more firmware updates there are. Say over the course of the products run, Canon finds that the camera in question has a hard time syncing to the phone app, so, they'd release a firmware update that tells the camera how to better communicate with your phone and hopefully fix the issue. In layman's terms, your camera was speaking French and the app was speaking Spanish and the firmware update taught the Camera Spanish, therefore, now everyone understands each other. 

Firmware updates are essential to getting the best performance out of your devices. Manufacturers like Nikon and Canon make it easy. You can usually just scroll through the menu and update the firmware right on the camera if it's connected to wifi. 

Sony, on the other hand, doesn't allow that. They insist on you installing a desktop-based updater, which would be fine if it was just an updater program,  but it's not. 

In October of 2017 Lloyd Chambers of diglloyd discovered that the Sony Firmware update wasn't working with macOS 10.13 High Sierra... because Apple recognized the dangers of the application. For some reason, the Sony firmware updater REQUIRES "administrative root access". For those of us who don't understand why that's bad, Lloyd elaborates:

"When an application is given administrative 'root' access, it can do just about anything. That means it can install things like a keyboard sniffer, transmitting everything you type to some hacker in Belarus, so to speak. Thus all your accounts, all your money, your identity, etc is placed at risk.

Thus it's no minor concern letting a program have unfettered root-level access to a computer these days. This is why Apple (kudos) increasingly has locked down macOS, particularly kernel extensions, which cannot run without explicit user approval in the Preferences => Security. This is why Sony's updater "might" not work--because Apple is taking steps to lock out risky software."

diglloyd mac sony firmware.png
(Sony advisory that camera firmware cannot be updated on macOS High Sierra - photo from diglloyd)

Cut to January, where Sony says they fixed the issue, not by eliminating the need for root access that is, but instead by providing a work a workaround, that according to Lloyd, makes it even more dangerous to install, because now it requires a kernel extension. 

For those of us who might not understand why that's so bad, again Lloyd explains:

The current status of the Sony firmware updater is unacceptable because it requires the user to assume that Sony software is free of malware. That the software is signed only guarantees that something was signed by Sony, not that it is free of any infection (infection could have occurred prior to signing). [Indeed, even malware can be signed].

If Sony software is ever compromised (including at the source code level!), that malware would have unfettered root/kernel access to the system until the system were wiped out (assuming such an infection did not overwrite firmware in various places, in that case the machine becomes dumpster material).

That's really scary. So, what can you do if you have a fancy new Sony Camera that needs a firmware update? Chambers suggests using a virtual machine, which is basically an emulation of a fake computer in a separate secure space on the hard drive, and then delete the VM when the update is finished. 

For information please check out Lloyd Chamber's incredibly informative website diglloyd