All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: photography and

Links on this site earn me fees or commissions.
As an Amazon Associate I earn from qualifying purchases @AMAZON

Other World Computing...
B&H Photo...
Get all the tools you need to upgrade the factory HDD of any 2009-2019 iMac to a larger HDD or a modern SSD.
Upgrade the memory of your 2020 iMac up to 128GB

Procedure for Minimizing Risks with a Software Updater that Runs as 'root'

This follows:

Sea Change: Security is Your Job Also, the Writing is on the Wall.

Sony Pictures Hacked: Do You Really Want to Update your Camera Firmware with a Sony Updater that Runs as 'root'?

This discussion actually applies to any software updater, signed or not, for a camera or anything. Because as the Sony fiasco shows, private keys can be stolen.

Even a signed app or updater does not preclude a version modified to contain malware by a hacker who cracks a stolen private key file. And then signs the app so that it looks legitimate*.

  1. Erase a drive, and clone the system to it. (see also How to upgrade your system/boot drive).
  2. Disconnect all drives including the original system drive. Or at least dismount the volumes (sophisticated malware can still infect at the driver level though).
  3. Boot off the clone.
  4. Download the updater, update the camera. Of course, infected firmware could still infect the camera, but the only solution to that is never to update firmware. And even then, really good malware might infect modifiable firmare RAM. Well, it’s all odds.
  5. Disconnect the clone.
  6. Reconnect previous devices, boot up.
  7. Ideally, physically destroy the clone drive (e.g hammer and saw, so to speak). Alternately (and carrying some risk), connect the clone drive (do not boot off it!) then using Disk Utility, erase it, then wipe all blocks (one pass secure erase). SoftRAID 5 also has an even better “Wipe” function.

Obviously if the update is for software you want on your computer, you’re out of luck—in it goes.

You want that software on your system—or do you? It is why MPG installs only absolutely essential software and loathes vendors deliver crapware and automated agents of various kinds. More software means more updates, each of which is a potential vector for compromise.

* That is why it is so critical that a vendor immediately revoke a certificate if there is any suspicion of the private key having been obtained, encrypted or not.

For that matter, a computer containing the private key that signs software should ideally never be connected to the internet. Certainly the private key should not be on a laptop taken for travel. But given reality, the password for the private key should be very long and complex.

Another option — virtualization

Mark A writes with an excellent suggestion of using virtualization via VirtualBox for the temporary bootable system:

I know this is obvious to you, being a software engineer like I am, but your readers may benefit from the understanding that a virtual hard drive can have its changes "rolled back" for free after such a potentially dangerous upgrade and restored to a condition ready for the next one.

Mac OS X is on the official virtualbox list of supported guest OSes. It's just a "normal" EFI-booted Intel OS. I believe Apple changed their license policy for hosting in a VM back in the Lion days.

There's the longer, hackier way ala

Or the way you suggest creating a pristine install and where I'd add a last step to clone the raw drive into a dmg image and then to a virtualbox image via so something like

$ VBoxManage convertfromraw NewImage.dmg NewImage.vdi --format VDI

And a young geek's view (the kind my son would probably prefer rather than actually reading instructions)

View all handpicked deals...

TASCAM TM-280 Studio Microphone with Flight Case, Shockmount, and Pop Filter
$199 $114
SAVE $85 | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__