Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Digital Photography > Re: CHDK NEWS: Year 2010 Powershots Just May Get CHDK After All

Reply
Thread Tools

Re: CHDK NEWS: Year 2010 Powershots Just May Get CHDK After All

 
 
RichA
Guest
Posts: n/a
 
      08-17-2010
On Aug 16, 10:41*am, Schneider <(E-Mail Removed)> wrote:
> In an interesting turn of events coming from an unknown-before independent
> research project (see link below), some people managed to figure out
> Canon's own on-board "CBASIC" language. They are now able to run programs
> without loading CHDK and using its (safe) uBASIC or LUA languages as an
> intermediary. Using this "CBASIC", they then wrote an experimental firmware
> dumping program just to see if it would work, while testing all the
> commands they found.
>
> Someone else from the CHDK clan tried using this method on one of this
> year's 2010 Powershot cameras (the A3100) which has so far been unable to
> have its firmware dumped for CHDK porting by using all past available
> techniques (blinking it out of an LED or using small utility programs).
>
> It worked.
>
> So all of you 2010 Powershot buyers/owners may get CHDK available faster
> than anyone suspected. It just requires someone who actually owns one of
> the camera models in mind and also having the ability to modify a CBASIC
> program correctly to get the firmware to the CHDK gang.
>
> The caveat is that this CBASIC may be exploited by the less-reputable and
> could potentially be a malware security risk for many Canon cameras from
> now on.
>
> <http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&ty...>
>
> Would someone working for Nikon release some Canon malware to increase
> their sales? Who knows.


There are all kinds of rumours about malicious software being out
there, from camera makers to studios releasing flawed copies of movies
to torrent groups. I don't think anyone has ever proven a
connection. It would seem to be a stupid thing to do given that such
software users represent a fraction of the whole camera user base.
 
Reply With Quote
 
 
 
 
Schneider
Guest
Posts: n/a
 
      08-17-2010
On Mon, 16 Aug 2010 17:05:00 -0700 (PDT), RichA <(E-Mail Removed)>
wrote:

>On Aug 16, 10:41*am, Schneider <(E-Mail Removed)> wrote:
>> In an interesting turn of events coming from an unknown-before independent
>> research project (see link below), some people managed to figure out
>> Canon's own on-board "CBASIC" language. They are now able to run programs
>> without loading CHDK and using its (safe) uBASIC or LUA languages as an
>> intermediary. Using this "CBASIC", they then wrote an experimental firmware
>> dumping program just to see if it would work, while testing all the
>> commands they found.
>>
>> Someone else from the CHDK clan tried using this method on one of this
>> year's 2010 Powershot cameras (the A3100) which has so far been unable to
>> have its firmware dumped for CHDK porting by using all past available
>> techniques (blinking it out of an LED or using small utility programs).
>>
>> It worked.
>>
>> So all of you 2010 Powershot buyers/owners may get CHDK available faster
>> than anyone suspected. It just requires someone who actually owns one of
>> the camera models in mind and also having the ability to modify a CBASIC
>> program correctly to get the firmware to the CHDK gang.
>>
>> The caveat is that this CBASIC may be exploited by the less-reputable and
>> could potentially be a malware security risk for many Canon cameras from
>> now on.
>>
>> <http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&ty...>
>>
>> Would someone working for Nikon release some Canon malware to increase
>> their sales? Who knows.

>
>There are all kinds of rumours about malicious software being out
>there, from camera makers to studios releasing flawed copies of movies
>to torrent groups. I don't think anyone has ever proven a
>connection. It would seem to be a stupid thing to do given that such
>software users represent a fraction of the whole camera user base.


It should be no big deal to detect if this happens to a Canon camera. Three
things must be in place for it to occur.

1) The string "SCRIPT" must be at offset 0x1F0 of the first sector (Boot
sector). This will be invisible to the average user. And a simple format
will wipe it out if it is there.

2) The file "script.req" must exist on the root directory on the SD card,
and must only contain the string "for DC scriptdisk"

3. The file "extend.m" must exist on the root directory on the SD card.
This file must contain the BASIC script to execute.

CHDK uses none of these. Though an empty "ver.req" or "vers.req" file in
the root directory is often used to determine the camera's firmware version
for CHDK, but at no time will you see a "script.req" or "extend.m" file in
the root directory of any camera using CHDK. Should some malware drop a
trojan to your SD cards when you insert them in a card-reader, and those
two files show up in the root directory, proceed with caution. As-in,
delete them and reformat your card before putting it back into your camera.
Then scan your system for any new malware that might have been accidentally
installed which put those two files onto your SD card. It'll be very easy
to detect AND fix.

 
Reply With Quote
 
 
 
 
LOL!
Guest
Posts: n/a
 
      08-18-2010
On Wed, 18 Aug 2010 00:19:19 -0500, SneakyP
<(E-Mail Removed)> wrote:

>RichA <(E-Mail Removed)> wrote in news:234a6f35-c2bc-4991-9ec3-
>(E-Mail Removed):
>
>> There are all kinds of rumours about malicious software being out
>> there, from camera makers to studios releasing flawed copies of movies
>> to torrent groups. I don't think anyone has ever proven a
>> connection. It would seem to be a stupid thing to do given that such
>> software users represent a fraction of the whole camera user base.
>>

>
>Almost all of the malicious software out now has a criminal element
>involved, to find a way to steal money from others.
>What will such malware do to a camera? Brick it? (locks-up any device to
>make it as useful as a brick).


I could tell you precisely how it could be used. But since you like to
filter any posts with this header, and you're also not worth my time to
boot up any of the other newsreaders and NNTP hosts that I also use to
bypass your childish filters. So ... YOUR LOSS.

What a perfectly prime example of the fate of someone that craves a bliss
of self-induced ignorance by poking their own eyes out.

I love it!

LOL!!!!!!!!!!!!

 
Reply With Quote
 
DanP
Guest
Posts: n/a
 
      08-18-2010
On Aug 18, 6:19*am, SneakyP <(E-Mail Removed)>
wrote:

> Almost all of the malicious software out now has a criminal element
> involved, to find a way to steal money from others. *
> What will such malware do to a camera? *Brick it? (locks-up any device to
> make it as useful as a brick).


No harm can be done to the camera, only to the pictures.
CHDK resides on the card and Canon says using it does not void the
warranty.
Formatting the card or even moving the read only tab in write mode
removes it.

DanP
 
Reply With Quote
 
Peter
Guest
Posts: n/a
 
      08-18-2010
"SneakyP" <(E-Mail Removed)> wrote in message
news:Xns9DD82F2597D748umofa02sneakemailc@127.0.0.1 ...

>
> Almost all of the malicious software out now has a criminal element
> involved, to find a way to steal money from others.
> What will such malware do to a camera? Brick it? (locks-up any device to
> make it as useful as a brick).
>


A lot of may be criminally related, however I am not convinced that "almost
all" is. There are a lot of sick minds who get their rocks off by screwing
things up. Just look at the trolls in news groups.


--
Peter

 
Reply With Quote
 
Peter
Guest
Posts: n/a
 
      08-18-2010
"Outing Trolls is FUN!" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> On Wed, 18 Aug 2010 08:42:43 -0400, "Peter" <(E-Mail Removed)>
> wrote:
>
>>"SneakyP" <(E-Mail Removed)> wrote in message
>>news:Xns9DD82F2597D748umofa02sneakemailc@127.0.0 .1...
>>
>>>
>>> Almost all of the malicious software out now has a criminal element
>>> involved, to find a way to steal money from others.
>>> What will such malware do to a camera? Brick it? (locks-up any device
>>> to
>>> make it as useful as a brick).
>>>

>>
>>A lot of may be criminally related, however I am not convinced that
>>"almost
>>all" is. There are a lot of sick minds who get their rocks off by screwing
>>things up. Just look at the trolls in news groups.

>
> Yes. Your relentless off-topic thread-hijacking trolling gets tedious. Do
> us all a favor, at least buy a toy-store camera or one of those
> keychain-cams at the checkout counter of your grocery store so you'll have
> a modicum of real experience behind any of your words. At least this way,
> it'll finally be true if you ever claim to have held a camera during your
> lifetime.
>



Ah!
The voice of experience!
Wonder if you take your own advice, or is your allowance too small to cover
the expense.

--
Peter

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Share-Point-2010 ,Share-Point -2010 Training , Share-point-2010Hyderabad , Share-point-2010 Institute Saraswati lakki ASP .Net 0 01-06-2012 06:39 AM
Re: Year Later, CHDK coming SOON for Canon Ultra-Zoom SX120. -Motion Detection, Remote Shutter, Time Lapse, etc ray Digital Photography 23 01-12-2011 01:10 AM
CFP with Extended Deadline of Mar. 31, 2010: The 2010 InternationalConference on Modeling, Simulation, and Visualization Methods (MSV'10), USA,July 2010 A. M. G. Solo VHDL 0 03-25-2010 12:04 PM
CHDK NEWS: A Discussion Forum Dedicated to CHDK D. Larson Digital Photography 0 11-28-2007 02:45 AM
NEW CHDK Features for Canon Powershot Cameras, CHDK Build #144 and Later HokusPokus Digital Photography 23 07-16-2007 09:20 PM



Advertisments