Posted August 9, 2019 I have just received the following email. This is a firmware release to protect one of my cameras from a new vulnerability. Quote Dear Phill, Canon is always putting customers' security first. Recently we have been made aware of a vulnerability in the EOS 80D. To resolve this, we have released a new firmware update. Whilst the likelihood is small, the vulnerability detected could allow a third-party to access your Canon EOS 80D, if connected to a network. Whilst we are confident that this firmware will prevent the vulnerability, we strongly encourage you not to connect to any network that you don't trust. We recommend that you download and update your firmware, the latest version is 1.0.3. DOWNLOAD NOW Firmware version 1.0.3 incorporates the following corrections: 1. Corrects a PTP communications vulnerability 2. Corrects a vulnerability related to firmware manipulation When updating the firmware of the camera, please review the instructions thoroughly before you download the firmware and confirm the contents of the download. Please direct any inquiries regarding this email to your local Canon Service Support team. To find the contact information, please click on the link below: https://global.canon/en/support/ The Canon Team To be fair, the chances of actually getting compromised are very slim. Most people don't even turn on wifi as it is quite a battery hog. However, with more cameras getting wifi, bluetooth and NFC etc they could be used as a jumping off point to get into a home machine, bit like we have already seen with other IOT devices. Here is the full list of devices and more from Canon. I have three cameras in the list but the only one where I ever use wifi is the 80D. Quote Regarding the security advisory for Canon digital cameras related to PTP (Picture Transfer Protocol) communication functions and firmware update functions – [Added 6 August 2019] Thank you very much for using Canon products. An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates. (CVE-ID:CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001) Due to these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network. At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue. Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used. Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment. Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections. Disable the camera’s network functions when they are not being used. Download the official firmware from Canon’s website when performing a camera firmware update. There is an increase use of PCs and mobile devices in an unsecure (free Wi-Fi) network environment where customers are not aware of the network security. As it has become prevalent to transfer images from a camera to a mobile device via Wi-Fi connection, we will implement firmware updates for the following models that are equipped with the Wi-Fi function. These vulnerabilities affect the following EOS-series digital SLR and mirrorless cameras: EOS-1DX*1 *2 EOS 6D Mark II EOS 760D EOS M5 EOS-1DX MK II*1 *2 EOS 7D Mark II*1 EOS 77D EOS M6 EOS-1DC*1 *2 EOS 70D EOS 1300D EOS M10 EOS 5D Mark IV EOS 80D EOS 2000D EOS M100 EOS 5D Mark III*1 EOS 750D EOS 4000D EOS M50 EOS 5DS*1 EOS 800D EOS R PowerShot SX70 HS EOS 5DS R*1 EOS 200D EOS RP PowerShot SX740 HS EOS 6D EOS 250D EOS M3 PowerShot G5X Mark II *1 If a WiFi adapter or a Wireless file transmitter is used, WiFi connection can be established. *2 Ethernet connections are also affected by these vulnerabilities. Firmware update information will be provided for each product in turn starting from products for which preparations have been completed. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 Time to go back to 35mm Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64 HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64 HP Envy x360 BP series Intel 8th gen AMD ThreadRipper 2! 5820K & 6800K 3-way SLI mobo support list Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 Good, my Canon 700D is not on that list, and I get to keep my Magic Lantern CFW. Ryze of the Phoenix: CPU: AMD Ryzen 5 3600 @ 4.15GHz Ram: 64GB Corsair Vengeance LPX DDR4 @ 3200Mhz (Samsung B-Die & Nanya Technology) GPU: MSI RTX 3060 12GB Aero ITX Storage: Crucial P3 1TB NVMe Gen 4 SSD, 1TB Crucial MX500, Spinning Rust (7TB Internal, 16TB External - All in-use), PSU: Cooler Master MWE Gold 750w V2 PSU (Thanks LTT PSU Tier List) Cooler: BeQuite! Prue Rock 2 Black Edition Case: ThermalTake Versa J22 TG Passmark 10 Score: 6096.4 CPU-z Score: 4189 MT Unigine Valley (DX11 @1080p Ultra): 5145 CryEngine Neon Noir (1080p Ultra): 9579 Audio Setup: Scarlett 2i2, AudioTechnica AT2020 XLR, Mackie CR3 Monitors, Sennheiser HD559 headphones, HyperX Cloud II Headset, KZ ES4 IEM (Cyan) Laptop: MacBook Pro 2017 (Intel i5 7360U, 8GB DDR3, 128GB SSD, 2x Thunderbolt 3 Ports - No Touch Bar) Catalina & Boot Camp Win10 Pro Primary Phone: Xiaomi Mi 11T Pro 5G 256GB (Snapdragon 888) Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 Maybe there IS a market for Polaroids still... Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 I just realized my post about going back to 35mm won't work because Canon can be making 35mm camera with Wifi, and people will still get hack! Sheeeeittt!!! Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64 HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64 HP Envy x360 BP series Intel 8th gen AMD ThreadRipper 2! 5820K & 6800K 3-way SLI mobo support list Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 2 hours ago, NumLock21 said: Time to go back to 35mm 110 Master Race here. My eyes see the past… My camera lens sees the present… Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 That's bad. Not too familiar with these things, so I'm not going to take any chances. Does anyone know which button turns the wireless off on my camera? Spoiler Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 2 minutes ago, Captain Chaos said: That's bad. Not too familiar with these things, so I'm not going to take any chances. Does anyone know which button turns the wireless off on my camera? Hide contents Wifi is actually located in that separated module, just throw that out and you're good. Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64 HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64 HP Envy x360 BP series Intel 8th gen AMD ThreadRipper 2! 5820K & 6800K 3-way SLI mobo support list Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 2 hours ago, NumLock21 said: Time to go back to 35mm 26 minutes ago, Zodiark1593 said: 110 Master Race here. No its time for 120 Film, everyone know 35mm and 110 is peasantry. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 23 minutes ago, Dylanc1500 said: No its time for 120 Film, everyone know 35mm and 110 is peasantry. Can I use that with this Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64 HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64 HP Envy x360 BP series Intel 8th gen AMD ThreadRipper 2! 5820K & 6800K 3-way SLI mobo support list Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 5 minutes ago, NumLock21 said: Can I use that with this No that is for the "real" photographers. Unfortunately 120 is for nothing more than an everyday user. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 I don't understand why cameras need wireless capabilities other than convenience of not having to pop out the memory card to transfer photos. I mean, I guess there might be some Bluetooth apps for remote control, but you know, learn how to use the timer function. I have a blog! And a list of guides I've posted Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 1 hour ago, Mira Yurizaki said: I don't understand why cameras need wireless capabilities other than convenience of not having to pop out the memory card to transfer photos. I mean, I guess there might be some Bluetooth apps for remote control, but you know, learn how to use the timer function. On occasion I use my iPad as a remote trigger. I get to see the image and focus using the iPad as a mirror of the screen on the back of the camera. Got quite a few shots that way I would not have got otherwise. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 LOL... 1. Open your search engine of choice 2. type in the search bar "IoT: why the companies don't secure more" 3. Read the results 4. cry https://www.techrepublic.com/article/top-10-iot-security-risks-for-businesses/ https://www.helpnetsecurity.com/2019/08/02/iot-related-risk-exposure/ https://qz.com/1679475/dod-spent-30m-on-china-hackable-tech-from-lenovo-gopro-others/ https://www.cso.com.au/article/664572/internet-things-security-often-overlooked-cyber-defence/ etc. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 2 hours ago, Phill104 said: On occasion I use my iPad as a remote trigger. I get to see the image and focus using the iPad as a mirror of the screen on the back of the camera. Got quite a few shots that way I would not have got otherwise. But surely the camera itself doesn't need to connect to a network, your iPad can just connect to an ADHOC network created by the camera. Other than that, the only thing I can see wireless being useful for on a camera would be to automatically transfer files to a computer as they're being taken, but once again, ADHOC network! Laptop: Spoiler HP OMEN 15 - Intel Core i7 9750H, 16GB DDR4, 512GB NVMe SSD, Nvidia RTX 2060, 15.6" 1080p 144Hz IPS display PC: Spoiler Vacancy - Looking for applicants, please send CV Mac: Spoiler 2009 Mac Pro 8 Core - 2 x Xeon E5520, 16GB DDR3 1333 ECC, 120GB SATA SSD, AMD Radeon 7850. Soon to be upgraded to 2 x 6 Core Xeons Phones: Spoiler LG G6 - Platinum (The best colour of any phone, period) LG G7 - Moroccan Blue Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 1 minute ago, yolosnail said: But surely the camera itself doesn't need to connect to a network, your iPad can just connect to an ADHOC network created by the camera. Other than that, the only thing I can see wireless being useful for on a camera would be to automatically transfer files to a computer as they're being taken, but once again, ADHOC network! Studios often do tethered shooting whether it is wireless or via Ethernet in the case of some cameras which are also affected. A friend of mine for instance does time lapse of plants or fungus growing which can take weeks at a time. His cameras are connected via Ethernet with his PC (a MAC actually so it will never get attacked) which records all the images rather than the cameras memory card. The PTP protocol does seem to be the problem. ADHOC or not, a problem has needed locking down. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 8 minutes ago, Phill104 said: Studios often do tethered shooting whether it is wireless or via Ethernet in the case of some cameras which are also affected. A friend of mine for instance does time lapse of plants or fungus growing which can take weeks at a time. His cameras are connected via Ethernet with his PC (a MAC actually so it will never get attacked) which records all the images rather than the cameras memory card. The PTP protocol does seem to be the problem. ADHOC or not, a problem has needed locking down. I'm not saying the problem doesn't need to be resolved, I'm just saying these days every issue seems to be solved by connecting a device to a network, when in reality there are plenty of other, more secure, ways that it could be done. Does his camera need to be connected via Ethernet, or could it be connected over USB instead? Laptop: Spoiler HP OMEN 15 - Intel Core i7 9750H, 16GB DDR4, 512GB NVMe SSD, Nvidia RTX 2060, 15.6" 1080p 144Hz IPS display PC: Spoiler Vacancy - Looking for applicants, please send CV Mac: Spoiler 2009 Mac Pro 8 Core - 2 x Xeon E5520, 16GB DDR3 1333 ECC, 120GB SATA SSD, AMD Radeon 7850. Soon to be upgraded to 2 x 6 Core Xeons Phones: Spoiler LG G6 - Platinum (The best colour of any phone, period) LG G7 - Moroccan Blue Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 9, 2019 9 minutes ago, yolosnail said: I'm not saying the problem doesn't need to be resolved, I'm just saying these days every issue seems to be solved by connecting a device to a network, when in reality there are plenty of other, more secure, ways that it could be done. Does his camera need to be connected via Ethernet, or could it be connected over USB instead? I do agree to an extent. Networking is not always the best idea, but it is often the easiest. In my friends case he uses Ethernet due to distance. The setup has to be in his barn so the growing conditions are right. His computer is setup in his office a bit of a distance away where he can monitor progress, take screen grabs and adjust the speed and movement of his tracks etc which are also Ethernet controlled. Journalists seem to be the biggest users of wifi and Ethernet on cameras. At events they can in seconds send images to their editors via their phones, tablets or laptops. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 6 hours ago, Mira Yurizaki said: I don't understand why cameras need wireless capabilities other than convenience of not having to pop out the memory card to transfer photos. I mean, I guess there might be some Bluetooth apps for remote control, but you know, learn how to use the timer function. There is that wifi SD card from a while back. Intel Xeon E5 1650 v3 @ 3.5GHz 6C:12T / CM212 Evo / Asus X99 Deluxe / 16GB (4x4GB) DDR4 3000 Trident-Z / Samsung 850 Pro 256GB / Intel 335 240GB / WD Red 2 & 3TB / Antec 850w / RTX 2070 / Win10 Pro x64 HP Envy X360 15: Intel Core i5 8250U @ 1.6GHz 4C:8T / 8GB DDR4 / Intel UHD620 + Nvidia GeForce MX150 4GB / Intel 120GB SSD / Win10 Pro x64 HP Envy x360 BP series Intel 8th gen AMD ThreadRipper 2! 5820K & 6800K 3-way SLI mobo support list Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 7 hours ago, Dylanc1500 said: No its time for 120 Film, everyone know 35mm and 110 is peasantry. I'm mildly disappointed you didn't bring up APS film. I still have loads of APS negatives at home with old family pictures. My eyes see the past… My camera lens sees the present… Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 44 minutes ago, Zodiark1593 said: I'm mildly disappointed you didn't bring up APS film. I still have loads of APS negatives at home with old family pictures. What next, Kodak disk film? Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 10 hours ago, Mira Yurizaki said: I don't understand why cameras need wireless capabilities other than convenience of not having to pop out the memory card to transfer photos. It’s come in handy whenever a client wants photos straight after an event and I don’t have a laptop with me. Also handy when your camera doesn’t have a flip out LCD (thanks Fujifilm) The Workhorse (AMD-powered custom desktop) CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro The Portable Workstation (Apple MacBook Pro 16" 2021) SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey The Communicator (Apple iPhone 13 Pro) SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1 Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 7 hours ago, Cora_Lie said: LOL... 1. Open your search engine of choice 2. type in the search bar "IoT: why the companies don't secure more" 3. Read the results 4. cry https://www.techrepublic.com/article/top-10-iot-security-risks-for-businesses/ https://www.helpnetsecurity.com/2019/08/02/iot-related-risk-exposure/ https://qz.com/1679475/dod-spent-30m-on-china-hackable-tech-from-lenovo-gopro-others/ https://www.cso.com.au/article/664572/internet-things-security-often-overlooked-cyber-defence/ etc. Internet needs lots of time before it wont be a security risk FNIGE Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 6 hours ago, Zodiark1593 said: I'm mildly disappointed you didn't bring up APS film. I still have loads of APS negatives at home with old family pictures. I should have, granted that film never really caught on. I also thought of bringing up the 20x24 Polaroid instant film, but decided against it. Considering the success Polaroid seems to be having lately with them bringing back their old camera lines with the demand from all the "hip amateur photographers", I'm surprised they haven't yet brought back a 20x24 Camera. Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Posted August 10, 2019 Also, I don’t see how new this is. Anything with the ability to connect to another device over a wireless protocol has an inherent third-party security risk. A camera is no different. The Workhorse (AMD-powered custom desktop) CPU: AMD Ryzen 7 3700X | GPU: MSI X Trio GeForce RTX 2070S | RAM: XPG Spectrix D60G 32GB DDR4-3200 | Storage: 512GB XPG SX8200P + 2TB 7200RPM Seagate Barracuda Compute | OS: Microsoft Windows 10 Pro The Portable Workstation (Apple MacBook Pro 16" 2021) SoC: Apple M1 Max (8+2 core CPU w/ 32-core GPU) | RAM: 32GB unified LPDDR5 | Storage: 1TB PCIe Gen4 SSD | OS: macOS Monterey The Communicator (Apple iPhone 13 Pro) SoC: Apple A15 Bionic | RAM: 6GB LPDDR4X | Storage: 128GB internal w/ NVMe controller | Display: 6.1" 2532x1170 "Super Retina XDR" OLED with VRR at up to 120Hz | OS: iOS 15.1 Link to comment Share on other sites More sharing options... Link to post Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now