Latest or all posts or last 15, 30, 90 or 180 days.
2024-03-18 21:21:48
Designed for the most demanding needs of photographers and videographers.
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$3399 $2999
SAVE $400

$2997 $2997
SAVE $click

$348 $248
SAVE $100

$999 $699
SAVE $300

$5999 $4399
SAVE $1600

$1049 $879
SAVE $170

$4499 $3499
SAVE $1000

$999 $849
SAVE $150

$999 $799
SAVE $200

$5999 $4399
SAVE $1600

$799 $699
SAVE $100

$1199 $899
SAVE $300

$1099 $899
SAVE $200

$348 $248
SAVE $100

$1602 $998
SAVE $604

$3399 $2999
SAVE $400

$3997 $3697
SAVE $300

$5999 $4399
SAVE $1600

$1397 $997
SAVE $400

Nikon Fails to Secure Its Web Sites for Firmware Updates, Putting All Users at Risk of System Compromise

See my Nikon wish list and get Nikon D850 at B&H Photo.

Sony is far worse with its root kit updater, but Nikon deserves harsh criticism too, for not securing its web sites with https. Nikon does the firmware updater right (in usability and security terms) by having the camera itself do the update—no some 'rootkit' installer on a computer.

There is NO EXCUSE for running insecure http these days, especially so for a corporation. Such a situation should be spelled out in quarterly corporate SEC-mandated reports as gross security incompetence putting the corporation at liability.

In my view, sites that fail to implement https ought to leave the company wide open to class action lawsuits that rightfully and fairly financially destroy the company—bankrupt it by liability for major damage to users of the site. Indeed, I call upon congress to articulate severe penalties for any company that runs an insecure http web site which can be proven to have led to compromise of user computers.

...

As shown below, Nikon’s firmware-updater and related web sites are insecure http sites.

Security is a BFD today—no laughing matter. An insecure site is wide open to all sorts of security risks which an ultimately lead to total system compromise, which ultimately could lead to losing all your passwords and money, just to put it in concrete terms.

Any attempt to use https on Nikon’s firmware updater site is flagged by Apple Safari as shown below, rightfully so.

Nikon does not implement https on these critical sites at all! It is risky and irresponsible for Nikon to offer firmware updates and similar on an insecure web site.

Attempts to use https on a site that does not implement it are properly flagged by Apple Safari a security risk. It is not possible to download Nikon firmware updates securely, because https is not enabled.

Insecure Nikon web site for firmware updates: attempts to use https are properly flagged by Apple Safari

View all handpicked deals...

Nikon Z7 II Mirrorless Camera
$2997 $2997
SAVE $click

diglloyd Inc. | FTC Disclosure | PRIVACY POLICY | Trademarks | Terms of Use
Contact | About Lloyd Chambers | Consulting | Photo Tours
RSS Feeds | X.com/diglloyd
Copyright © 2022 diglloyd Inc, all rights reserved.