Latest or all posts or last 15, 30, 90 or 180 days.
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$2798 $2198
SAVE $600

$348 $278
SAVE $70

$389 $299
SAVE $90

$2098 $1298
SAVE $800

$1499 $1129
SAVE $370

$322 $242
SAVE $80

$1499 $1129
SAVE $370

$330 $330
SAVE $click

$498 $398
SAVE $100

$180 $140
SAVE $40

$500 $275
SAVE $225

$180 $136
SAVE $44

$130 $100
SAVE $30

$2997 $2497
SAVE $500

$3498 $2998
SAVE $500

$370 $370
SAVE $click

$4899 $4499
SAVE $400

$1000 $1000
SAVE $click

$1699 $1149
SAVE $550

$280 $230
SAVE $50

$1899 $1499
SAVE $400

$4499 $3499
SAVE $1000

$2198 $1998
SAVE $200

$3998 $3498
SAVE $500

$1799 $1699
SAVE $100

$18599 $16599
SAVE $2000

$1149 $1149
SAVE $click

$650 $450
SAVE $200

$199 $119
SAVE $80

$280 $200
SAVE $80

$1399 $1049
SAVE $350

$1199 $779
SAVE $420

$250 $200
SAVE $50

$1699 $1149
SAVE $550

$200 $130
SAVE $70

$76 $46
SAVE $30

$120 $30
SAVE $90

$189 $159
SAVE $30

$3899 $1499
SAVE $2400

$2999 $1999
SAVE $1000

$1699 $849
SAVE $850

$1698 $1198
SAVE $500

$1149 $1149
SAVE $click

$1399 $1049
SAVE $350

$1498 $998
SAVE $500

$2797 $2497
SAVE $300

$280 $230
SAVE $50

$899 $549
SAVE $350

$1699 $1149
SAVE $550

Upgrade the memory of your 2018 Mac mini up to 64GB
B&H Photo Black Friday Deals

Photo, video, television, far more!.
OWC Black Friday Deals

Upgrades, sound, iPad/iPhone, computing, storage, more!

Sony Firmware Updater: a Security Risk

A kernel extension (kext) is as nasty as it gets for system compromise, since a kext has unfettered access to everything. Seems like the perfect vector for a 'root kit'.

Yet Sony foists an firmware updater app on users whose signature is invalid (see log below). Running as 'root' and using a kernel extension is as ugly as it gets and for updating camera firmware?

Nikon and Canon do it right for their DSLRs: copy a firmware file to a card, have the camera update. Job done, no security risk to the computer. Shame on Sony. These days, hackers come at all angles. It is very poor design judgment to require root level access to update things like camera firmware.

BTW, the Sony firmware updater doesn’t work on OS X Yosemite. At first I missed this note at the bottom of the Sony firmware updater page. Why is something “IMPORTANT” placed last, where it can scroll off the screen and never be seen (I did not see it).

IMPORTANT: This update is not compatible with Mac OS® X 10.10. Please use Mac OS X 10.9 or lower to install this update

The suggestion is rather amazing: anyone who has updated to 10.10 is not likely to have a 10.9 bootable system any more. I do have it on a spare computer, so I suppose there is a workaround for me, but this does not change the risk of a kernel extension. It is a valid consideration in terms of what gear to buy to contemplate that a month after OS X Yosemite appeared, Sony users on Yosemite still have no working updater for their cameras.

While Nikon’s apps are badly written and also have problems, at least potential system compromise is not needed to update firmware with Nikon DSLRs.

drwxr-xr-x@ 3 root   wheel     102 Nov 11 12:58 SONYDeviceType01.kext
22014-11-11 12:58:27.149 authexec[87813]: executing /Volumes/Update_ILCE7RV110/FirmwareUpdater.app/Contents/Resources/FirmwareUpdaterTool
2014-11-11 12:58:27.166 sudo[87814]:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/Volumes/Update_ILCE7RV110/FirmwareUpdater.app/Contents/Resources/install.sh /Volumes/Update_ILCE7RV110/FirmwareUpdater.app/Contents/Resources i386
2014-11-11 12:58:27.175 sudo[87816]:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/cp -r /Volumes/Update_ILCE7RV110/FirmwareUpdater.app/Contents/Resources/x86/SONYDeviceType01.kext /tmp/SONYDeviceType01.kext
2014-11-11 12:58:27.186 sudo[87818]:     root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/chown root:wheel /tmp/SONYDeviceType01.kext
2014-11-11 12:58:27.196 sudo[87820]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext ; USER=root ; COMMAND=/usr/sbin/chown root:wheel Contents
2014-11-11 12:58:27.205 sudo[87822]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents ; USER=root ; COMMAND=/usr/sbin/chown root:wheel Resources
2014-11-11 12:58:27.214 sudo[87824]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents/Resources/English.lproj ; USER=root ; COMMAND=/usr/sbin/chown root:wheel InfoPlist.strings
2014-11-11 12:58:27.222 sudo[87826]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents/Resources ; USER=root ; COMMAND=/usr/sbin/chown root:wheel English.lproj
2014-11-11 12:58:27.231 sudo[87828]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents ; USER=root ; COMMAND=/usr/sbin/chown root:wheel MacOS
2014-11-11 12:58:27.240 sudo[87830]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents/MacOS ; USER=root ; COMMAND=/usr/sbin/chown root:wheel SONYDeviceType01
2014-11-11 12:58:27.248 sudo[87832]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents/MacOS ; USER=root ; COMMAND=/bin/chmod a+x SONYDeviceType01
2014-11-11 12:58:27.257 sudo[87834]:     root : TTY=unknown ; PWD=/private/tmp/SONYDeviceType01.kext/Contents ; USER=root ; COMMAND=/usr/sbin/chown root:wheel Info.plist
2014-11-11 12:58:27.265 sudo[87836]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/bin/chmod 755 /tmp/SONYDeviceType01.kext
2014-11-11 12:58:27.273 sudo[87838]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/bin/chmod 755 /tmp/SONYDeviceType01.kext/Contents/Info.plist /tmp/SONYDeviceType01.kext/Contents/MacOS /tmp/SONYDeviceType01.kext/Contents/Resources
2014-11-11 12:58:27.281 sudo[87840]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/bin/chmod 755 /tmp/SONYDeviceType01.kext/Contents/MacOS/SONYDeviceType01
2014-11-11 12:58:27.289 sudo[87842]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/bin/chmod 755 /tmp/SONYDeviceType01.kext/Contents/Resources/English.lproj
2014-11-11 12:58:27.296 sudo[87844]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/bin/chmod 755 /tmp/SONYDeviceType01.kext/Contents/Resources/English.lproj/InfoPlist.strings
2014-11-11 12:58:27.303 sudo[87846]:     root : TTY=unknown ; PWD=/private/tmp ; USER=root ; COMMAND=/sbin/kextload /tmp/SONYDeviceType01.kext
2014-11-11 12:58:27.569 com.apple.kextd[20]: ERROR: invalid signature for com.sony.driver.dsccamFirmwareUpdaterType00, will not load    

Sony has a worrisome history

I wrote “root kit” because of what it seemed to me to emulate, forgetting about what reader Jim F reminds me of:

Their previous uncouth behavior. Oh and illegal too.

Quoting from Wikipedia:

The Sony BMG CD copy protection rootkit scandal of 2005–2007 concerns deceptive, illegal, and potentially harmful copy protection measures implemented by Sony BMG on about 22 million CDs. When inserted into a computer, the CDs installed one of two pieces of software which provided a form of digital rights management (DRM) by modifying the operating system to interfere with CD copying. Both programs could not be easily uninstalled, and they created vulnerabilities that were exploited by unrelated malware. Sony claims this was unintentional. One of the programs installed even if the user refused its EULA, and it "phoned home" with reports on the user's private listening habits; the other was not mentioned in the EULA at all, contained code from several pieces of open-source software in an apparent infringement of copyright, and configured the operating system to hide the software's existence, leading to both programs being classified as rootkits.

Sony BMG initially denied that the rootkits were harmful. It then released, for one of the programs, an "uninstaller" that only un-hid the program, installed additional software which could not be easily removed, collected an email address from the user, and introduced further security vulnerabilities.

Following public outcry, government investigations, and class-action lawsuits in 2005 and 2006, Sony BMG partially addressed the scandal with consumer settlements, a recall of about 10% of the affected CDs, and the suspension of CD copy protection efforts in early 2007.

No one can implement a root kit like this by accident (“unintentional”). To offer that as justification is not credible and worse. Has such thinking at Sony been extirpated?

In this context, do you want to install and run the Sony updater, which contains a kernel extension ('kext')? A kernel extension has unfettered access to the system. Who is to say it doesn’t introduce vulnerabilities that malware could attack? How does one know that it does not do other things? This is the kind of consumer software that intelligence agencies must adore. As per the Sony licensing agreement:

THE PROGRAM AND ACCOMPANYING ONLINE DOCUMENTATION ARE FURNISHED TO YOU FOR USE AT YOUR OWN RISK

Indeed, at your own risk.

OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!
Holiday Deals on Camera Gear


Sony, Nikon, Canon, Fujifilm, more!
OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!

Save the tax, we pay you back, instantly!
View all handpicked deals...

Sony WH-1000XM4 Wireless Noise-Canceling Over-Ear Headphones (Black)
$348 $278
SAVE $70

diglloyd Inc. | FTC Disclosure | PRIVACY POLICY | Trademarks | Terms of Use
Contact | About Lloyd Chambers | Consulting | Photo Tours
RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.