Latest or all posts or last 15, 30, 90 or 180 days.
Upgrade the memory of your 2018 Mac mini up to 64GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$100 $40
SAVE $60

$3498 $2998
SAVE $500

$4499 $2999
SAVE $1500

$2198 $1748
SAVE $450

$898 $698
SAVE $200

$2999 $1699
SAVE $1300

$799 $529
SAVE $270

$2397 $2197
SAVE $200

$130 $100
SAVE $30

$2397 $2197
SAVE $200

$1697 $1597
SAVE $100

$2998 $2798
SAVE $200

$2198 $1748
SAVE $450

$1799 $1599
SAVE $200

$2198 $1898
SAVE $300

Nikon Fails to Secure Its Web Sites for Firmware Updates, Putting All Users at Risk of System Compromise

See my Nikon wish list and get Nikon D850 at B&H Photo.

Sony is far worse with its root kit updater, but Nikon deserves harsh criticism too, for not securing its web sites with https. Nikon does the firmware updater right (in usability and security terms) by having the camera itself do the update—no some 'rootkit' installer on a computer.

There is NO EXCUSE for running insecure http these days, especially so for a corporation. Such a situation should be spelled out in quarterly corporate SEC-mandated reports as gross security incompetence putting the corporation at liability.

In my view, sites that fail to implement https ought to leave the company wide open to class action lawsuits that rightfully and fairly financially destroy the company—bankrupt it by liability for major damage to users of the site. Indeed, I call upon congress to articulate severe penalties for any company that runs an insecure http web site which can be proven to have led to compromise of user computers.

...

As shown below, Nikon’s firmware-updater and related web sites are insecure http sites.

Security is a BFD today—no laughing matter. An insecure site is wide open to all sorts of security risks which an ultimately lead to total system compromise, which ultimately could lead to losing all your passwords and money, just to put it in concrete terms.

Any attempt to use https on Nikon’s firmware updater site is flagged by Apple Safari as shown below, rightfully so.

Nikon does not implement https on these critical sites at all! It is risky and irresponsible for Nikon to offer firmware updates and similar on an insecure web site.

Attempts to use https on a site that does not implement it are properly flagged by Apple Safari a security risk. It is not possible to download Nikon firmware updates securely, because https is not enabled.

Insecure Nikon web site for firmware updates: attempts to use https are properly flagged by Apple Safari

Best Deals, Updated Weekly
View all handpicked deals...

Sony a7R IVA Mirrorless Camera
$3498 $2998
SAVE $500

diglloyd Inc. | FTC Disclosure | PRIVACY POLICY | Trademarks | Terms of Use
Contact | About Lloyd Chambers | Consulting | Photo Tours
RSS Feeds | Twitter
Copyright © 2021 diglloyd Inc, all rights reserved.