Tag: software updates

Article

Sony releases PS3 firmware update to fix last week’s fiasco | Tech Culture – CNET News

Instructions – From the horse’s mouth

Sony PlayStation

Manually updating your PS3 with the firmware

Safe Mode on PS3

My Comments

Sony PS3 games console – latest firmware should be 4.46

Previously, when Sony rolled out version 4.45 of the PlayStation 3 operating software, this update had caused many PS3s not to boot properly for interactive use. The situation had been described where the consoles were effectively “bricked” and Sony had to immediately pull the update from their PS3 software-update servers.

Now they have released version 4.46 of this firmware and made it available also as a manual-update file so you can recover a PS3 that had suffered this fate. When this situation had occurred with the PS3, the version-4.45 software went in to an “endless-loop” during startup thus not reaching the standard “XMB” start menu.

Fortunately, Sony had set up a “safe mode” for the PS3 in a similar way to what Microsoft, Apple and others have offered as a diagnostic startup option for their regular-computer operating systems. Here, this places the equipment in a known state with minimum software and hardware overhead that allows one to perform diagnostic or recovery work on faulty equipment.

In this case, you can load the firmware from a USB memory key and Sony have provided instructions on how to go about this, such as which folder to position the firmware file on the USB memory key. Here, you would need to use your desktop or laptop computer to download the firmware file to the USB memory key in the known location (\PS3\UPDATE).

Here they also detailed how to place the PS3 in to the aforementioned “safe mode” so you can load the firmware from the USB memory key. As well, you would have to connect the game controller to the PS3 via a USB cable while it is in this mode and be sure to select the “System Update” option on the menu that pops up to start this update without destroying your data and settings.

As well, I would suggest that you check that the version of the firmware on your PS3 is indeed 4.46 or newer in order to make sure that your console is behaving in a reliable manner.

An issue that could be raised regarding field-updatable firmware especially for consumer-electronics devices is providing a fail-safe update process with a rollback mechanism. This is more of an issue when there are situations like bugs that missed the quality-control process; failed download / install processes or, at worst, malware written in to field-updated firmware.

Here, the previous firmware could be kept in a separate section of flash memory or secondary storage, as well as the ability for the device to start in to safe mode thus providing the option for software rollback if the software didn’t start to the normal user interface.  Similarly, the standard user interface could be used as a way to facilitate this kind of software rollback, which can come in handy with bugs that creep up during normal operation. This is similar to what has been achieved with most desktop operating systems like Microsoft Windows, where the operating system creates “system restore points” at the start of software install or update processes and is able to roll back to these points if the install or update becomes dysfunctional.

What we are starting to see is that devices like games consoles, smart TVs and printers are becoming as sophisticated as regular computers and entering a point where the same kind of irregularities could creep up on them.

The current situation

A network-attached storage can come in handy for storing software updates rather than downloading them frequently

Operating system and application developers are now being required to provide updates for their products during the product’s service life and beyond. This is to provide for a computing environment that is performs in an efficient, secure, reliable and optimum manner. The updates may be released at regular intervals such as on a monthly basis or in response to a situation such as the discovery of a bug or security exploit.

New devices

A common situation that happens with most regular and mobile computing devices when a user takes delivery of them is that the user downloads a large data package to bring it up to date. This may be done many times if multiple units running the same platform are purchased.

Many devices

Similarly, a household may have multiple units running the same operating environment and they have to keep these up to date. The typical example of this may be a family with two or three children who are at secondary school. Here, they may have two or three computers for the children to use as well as one computer per adult. This could be brought about with the older child being given a more powerful computer as they enter senior high school or another computer given to the younger children as they start their secondary school.

But the same bandwidth would be used again and again to update each and every device. This may not be a problem for a couple with one device per adult but would be a problem when you are thinking of environments with more than two devices which is fast becoming the norm.

Using a network-attached storage to locally cache updates

Somehow the network-attached storage devices need to be able to support the ability to locally hold updates and patches for operating systems and applications used in computers on a home or small-business network.

The practice is performed frequently with large-business computer setups because of the number of computers being managed in these setups. But it could be practiced with home and small-business setups using a simplified interface. This could be based on the use of a local-storage application for regular or mobile client operating environments which supports this kind of local updating.

A local client application to manage system-update needs

Here, the local-client software could register which operating environment the host computer runs and what eligible applications are on the system so as to prepare an “update manifest” or “shopping list” for the computer. The “shopping list” would be based on the core name of the software, no matter whether different computers are running different variants of the software, such as home laptops running Windows 7 Home Premium while a work-home laptop runs Windows 7 Professional. This manifest would be updated if new applications are installed, existing applications are removed or changed to different editions or the operating system is upgraded to a different version or edition.

A local software manifest held by the NAS

This manifest is then uploaded to the NAS which runs a server application to regularly check the software developers’ update sites for the latest versions and updates for the programs that exist on the “shopping list”. There could be a “commonality” check that assesses whether particular updates and patches apply across older and newer versions of the same software, which can be true for some Windows patches that apply from Windows XP to Windows 7 with the same code.

At regular intervals, the NAS checks for the updates and downloads them as required. Here, it could be feasible to implement logic the check the updates and patches for malware especially as this update path can be an exploit vector. Then the computers that exist on the network check for new software updates and patches at the NAS.

Software requirements

Such a concept could be implemented at the client with most regular and mobile operating systems and could be implemented on network-attached storage devices that work to a platform that allows software addition.

It would also require software developers who develop the operating systems and application software to provide a level of support for update checking by intermediate devices. Initially this could require setups that are particular to a particular developer being installed on the client device and the NAS, but this could move towards one software update solution across many developers.

A change of mindset

What needs to happen is a change of mindset regarding software distribution in the home and small business. Here, the use of local network storage for software updates doesn’t just suit the big business with more than 50 computers in its fleet.

It could suit the household with two or more children in secondary school or a household with many young adults. Similarly a shop that is growing steadily and acquiring a second POS terminal or a medical practice that is setting up for two or more doctors practising concurrently may want this same ability out of their server or NAS.

Conclusion

The NAS shouldn’t just be considered as a storage device but as a way of saving bandwidth when deploying updates in to a household or small business who has multiple computers on the same platform.

Article

What went wrong with iOS 6 Wi-Fi | ZDNet – loop

My Comments

You may have upgraded your iPhone or iPad to iOS 6. But after your Apple device shuts down and restarts as part of applying the update, you find that you are not on your home or business Wi-Fi network even though you downloaded that update through the same network.

The problem is not necessarily a flawed network configuration, but part of the iOS Wi-Fi automatic troubleshooting routine. Here, the software attempts to load a “Success” stub page from the Apple servers. This logic is intended to cause the iOS device to load a login or “assent” page that is part of a public-access or guest-access Wi-Fi network’s user experience. This stub was deleted by a former Apple employee before he left without realising it was part of iOS 6 troubleshooting logic.

The computer press have realised that this logic is flawed because this can place the servers at risk of denial-of-service attacks thus crippling iOS 6 devices. Similarly, someone could use a “man-in-the-middle” or “evil-twin” attack to point the device to a site that is of a malevolent nature. If a “show particular Webpage” logic is to be implemented in a network troubleshooting logic, it could work with a list of commonly-available Websites like Web portals or Web resource pages which the device chooses from at random.

It could be a chance for software developers to create network-test logic that makes less reliance on loading a particular Web site as proof of function. This could be through use of simplified randomised test routines that work with locations that are randomly chosen from a list of commonly-known highly-available Internet locations. This can be augmented by government standards bodies and similar organisations like NIST or BSI adding basic-HTML “Internet Success” pages to their Websites and making the URLs available to the IT industry.

Sometimes an NTP or similar time-fetch routine that obtains the time from one of many atomic-clock time servers to synchronise a device’s internal clock can work as a simplified Internet-functionality-test routine. If the time-server supports HTTP access where the UTC time is obtained via an HTML or text string, this could be achieved using HTTP so as to test Web-access functionality.

By not relying on one particular server as a proof-of-functionality test for Internet access and integrating a “login-page load” failover routine for public-access networks, we can achieve a safe and sure network setup experience.

Article

How A Prison Had Its CCTV Hacked | Lifehacker Australia

My Comments

In this article, it was found that a prison’s video-surveillance system was compromised. The security team checked the network but found that it wasn’t the institution’s main back-office network that was compromised but a Windows Server 2003 server that was affected. This box had to be kept at a particular operating environment so it could work properly with particular surveillance cameras.

The reality with “business-durable” hardware and systems

Here, the problem was focusing on an issue with “business-durable” hardware like the video-surveillance cameras, point-of-sale receipt printers and similar hardware that is expected to have a very long lifespan, usually in the order of five to ten years. But computer software works to a different reality where it evolves every year. In most cases, it includes the frequent delivery of software patches to improve performance, remedy security problems or keep the system compliant to new operating requirements.

Newer software environments and unsupported hardware

The main problem that can occur is that if a computer is running a newer operating environment, some peripherals will work on lesser functionality or won’t work at all. It can come about very easily if a manufacturer has declared “end of life” on the device and won’t update the firmware or driver set for it. This also applies if a manufacturer has abandoned their product base in one or more of their markets and leaves their customers high and dry.

Requirement to “freeze” software environments

Then those sites that are dependent on these devices will end up running servers and other computer equipment that are frozen with a particular operating environment in order to assure the compatibility and stability for the system. This can then compromise the security of the system because the equipment cannot run newly-patched software that answers the latest threats. Similarly, the system cannot perform at its best or support the installation of new hardware due to the use of “old code”.

In some cases, this could allow contractors to deploy the chosen updates using removable media which can be a security risk in itself.

Design and lifecycle issues

Use standards as much as possible

One way to tackle this issue is to support standard hardware-software interfaces through the device’s and software’s lifecycle. Examples of these include UPnP Device Control Protocols, USB Device Classes, Bluetooth Profiles and the like. It also includes industry-specific standards like ONVIF for video-surveillance, DLNA for audio-video reproduction

If a standard was just ratified through the device’s lifespan, I would suggest that it be implemented. Similarly, the operating environment and application software would also have to support the core functionality such as through device-class drivers.

Provide a field-updatable software ecosystem

Similarly, a device would have to be designed to support field-updatable software and any software-update program would have to cover the expected lifespan of these devices. If a manufacturer wanted to declare “end of life” on a device, they could make sure that the last major update is one that enshrines all industry-specific standards and device classes, then encompass the device in a “software roll-up” program that covers compliance, safety and security issues only.

As well, a “last driver update” could then be sent to operating-system vendors like Microsoft so that the device can work with newer iterations of the operating systems that they release. This is more so if the operating-system vendor is responsible for curating driver sets and other software for their customers.

The device firmware has to work in such a way to permit newer software to run on servers and workstations without impairing the device’s functionality.

As well, the field-updating infrastructure should be able to work in a similar way to how regular and mobile computer setups are updated in most cases. This is where the software is sourced from the developers or manufacturers via the Internet, whether this involves a staging server or not. This should also include secure verification of the software such as code-signing and server verification where applicable.

Conclusion

What this hacking situation revealed is that manufacturers and software designers need to look seriously at the “business-durable” product classes and pay better attention to having them work to current expectations. This then allows us to keep computer systems associated with them up to date and to current secure expectations.

Article

Firmware modders keep legal storm brewing

My comments

There is an increasing trend to design devices as though they are a computer similinar to a regular desktop computer. Here, the operating software for these devices, commonly known as “firmware”, is designed so it can be updated in the location where the device is used.

Typically newer versions of this software are delivered over the Internet, most likely via the manufacturer’s Web site or, in some cases, through device-support forums.

Methods

One common way of delivering this software is to deliver the update as a binary package that you download using your regular computer, then upload to the device in one or more different ways.

This may involve physically transferring the package to the device using removable media which you install in the device. Then you may either restart the device or select a “Firmware Update” menu option to load this software in the device. An example of this may be a digital camera or an MP3 player.

It may also include uploading the software to the device’s Web management interface as is commonly done with wireless routers. On the other hand you may have to run a firmware-update program on your regular computer which delivers the software to your directly-connected device such as a printer or, in some cases, your network-connected device.

Some consumer-focused devices like the Cyrus Lyric network CD receiver or a lot of appliances require you to connect your regular computer to a “debug” port and run a firmware-update program on that computer to install the new firmware. This can be very tedious for ordinary end-users, but a lot of these manufacturers who take this approach presume that the ordinary consumer will run the device with “out-of-the-box” software.

An increasingly-common method that is used for devices that are connected to the Internet is to invoke a firmware-update routine through the setup menu. Here, the device visits a special server run by its manufacturer, checks the version of the firmware on that server and downloads the latest version if it exists on that server. This may be performed as part of the setup routine for a new device or the device may poll the server for new firmware updates at specified times.

Benefits

The main benefit from device firmware that is updated through the device’s lifespan is that there is a chance for the device’s manufacturer to “iron out” bugs that may have been overlooked in the haste to get the device to market as soon as possible. This also includes “tuning” the device’s performance at handling particular tasks as newer algorithms come along.

In some cases, a firmware update may be about improving security, which is part of the increasingly-common “cat and mouse” game between the device manufacturer and the device-modding community. It also is about adding extra functions to the device that it didn’t come with when it was launched. An example of this include Draytek adding 3G wireless-broadband WAN functionality to their VPN routers or supporting newer wireless-broadband modems on these routers.

The security issue has in recent years come to light with respect to distributed denial-of-service attacks caused by the Mirai botnet and with home-network routers running compromised firmware. Here, software engineers are calling out for manufacturers to adopt a similar process to what Apple, Microsoft and Google are doing with their operating systems where security exploits that are identified in the software are rectified as quickly as possible.

The field-updatable firmware packages can allow a device to enjoy a longer service life as newer requirements can be “baked” in to the software and rapidly pushed out to customers. Examples of this can include support for newer peripheral hardware or newer operating standards.

Drawbacks

There may be cases where some functions offered by the device may be broken due to a firmware update; or the device’s user has to learn new operating procedures to perform some of the functions.

As well, firmware updates that are drawn down by the device may chew up bandwidth especially if there are more of the same device to be update. This can also extend to frequently-delivered large firmware updates for the same device.

Experiences

One situation that I had observed was the use of a Creative Labs Nomad Jukebox as a music-playout device at the church I go to. Initially, there were problems with using this music play because the previous music-playout device, which was a MiniDisc deck had a time-remaining indicator for the currently-playing track.

Subsequent to the purchase of this music player, Creative Labs delivered a major firmware update across the Nomad Jukebox range and this firmware had a “fuel-gauge” indicator to show how far in to the currently-playing track the unit was as well as a time-remaining indicator. Once the latest firmware was applied to this Nomad Jukebox, it became easier to use the device for the purpose that the church bought it for.

Another example was the Western Digital WDTV Live network media adaptor. Through the time I had the unit, there had been many firmware updates with UPnP AV / DLNA media playback being delivered through one of the updates and full MediaRenderer functionality being delivered at a subsequent update. Similarly, this device acquired Facebook, TuneIn Internet radio and other network-service functionality.

Yet another example was where I reviewed two HP business laser printers for this site. I had noticed that once these printers received firmware updates, they were able to work with HP’s ePrint ecosystem.

Issues

A large software image for a small problem

One main issue with firmware updating is that the company typically needs to deliver a complete firmware image to fix a small problem in the device. This can be annoying as devices have a firmware size equivalent to earlier incarnations of the Windows operating environment and this figure is increasing rapidly.

A direction that may have to be looked at for firmware-update delivery is to implement practices associated with updating regular-computer operating systems. This is where smaller incremental updates are delivered to the device and installed by that device. Apple has headed in to that direction with the iOS and this has become easier for them due to the regular desktop computing system being their founding stone. This direction may not work if the firmware is to be subject to a major rewrite with a changed user-interface.

Making and breaking preferred content distribution mechanisms

The article looked at the issue of field-updatable device software as making or breaking a preferred content-distribution model. There are examples of this with games consoles having their software modified so they can play pirated, homebrew or grey-import games titles; the “jailbreaking” of iOS devices (iPhone, iPad, iPod Touch) so they run software not provided by the iTunes App Store; or DVD and Blu-Ray players modified to play pirated and grey-import movies.

The manufacturers are in a game of “cat and mouse” with these devices with the software-modification community to keep these preferred distribution mechanisms alive. This is especially with devices like printers or games consoles that may be sold at loss-leading prices so that customers buy software or accessories at higher prices through preferred distribution chains.

Limiting “out-of-the-box” functionality unless updates are performed

This can lead to devices and partner software being unable to function fully unless the device is updated.

Some examples of this may include the PlayStation 3 games console package cited in the original article where you needed to download a significant update to play a game that was packaged with the console. Then you had to download extra software on to the console from the game supplier before you could play online.

Another example would be the previously-mentioned HP LaserJet printers which needed to be updated before they could run with the ePrint ecosystem. This situation may happen if the new software requirement was ran out just after the hardware was released.

Update loops

A situation that can occur with devices that implement Internet-based updating is what I call an “update loop” or “update chain”. This is where the device completes many firmware-update cycles before it becomes useable. It has happened with the WDTV Live network media adaptor but can happen with other devices.

What manufacturers could do is to allow a “once and for all” update cycle that obtains and installs the latest firmware. The server software could prepare a software build that is particular to the device’s current firmware and supply that build rather than supplying earlier software builds.

PC-style functionality addition

The trend now is to have our devices work in a similar vein to a regular personal computer, where users can add accessory hardware and software at a later date through the product’s lifecycle.

This is intensified with the “app” ecosystem that has been driven by smartphones and tablets, where users visit an “app store” to download programs to their devices. Similarly, TV manufacturers are integrating programs like Skype in their network-enabled TVs and allowing customers to add on Webcams to these sets for video conferencing.

Here, we could the thinking of adding software functionality to devices either through apps and “drivers” that are downloaded as hardware is installed or subsequent full firmware updates. The former method could work well with devices that can have their functionality evolved by the customer or installer whereas the latter method would work with devices that perform the same function all the time.

What could be looked at with device software management

UPnP Device Management

The UPnP Forum have recently released a DeviceManagement Device Control Protocol which allows for network-based configuration and management of devices. This includes a SoftwareManagement Service which looks after the issue of software delivery for these devices.

This may be of relevance where another device works as a management point for another networked device with no user interface or a limited user interface. An example of this setup may be a regular computer or a tablet running an application that co-ordinates and manages firmware updates for a variety of devices; or an IPTV set-top box that is part of a “triple-play” setup managing the software on the router that is at the network-Internet “edge”.

Use of a network-attached storage to keep device software images

An increasing number of home networks are or will be equipped with a network-attached storage device which shares data held on a hard disk across the local network. One main application for this would be to keep music, picture and video files so that they can be shared across the network.

The industry could look at ways of using these NAS (network attached storage) to track down and keep a local cache of new firmware for devices on the home network. Then the devices can check this resource for newer software images when they need to update their firmware.  This may suit home networks where there are multiple devices running the same software, such as multiple units of the same games console or multiple TVs made by the same manufacturer within a close time frame.

It may sound like a practice associated with computing in the “big end of town” where the desire by business IT teams is to maintain standard operating environments; but this technique could be used to keep multiple devices from the same manufacturer up to date without using up bandwidth for firmware updates. As well, with the appropriate protocols, it could allow for a “hands-off” approach when adding new devices to the network or maintaining existing devices.

Conclusion

As more and more dedicated-purpose devices move towards the computing model used by regular computers, we will need to think of issues concerning keeping the software up to date and using the updates to improve the devices.

Articles

Chrome 5.0 en version finale | Le Journal du Geek (France – French language)

Google veröffentlicht Chrome 5 für Windows, Mac OS und Linux | Der Standard (Austria – German language)

Google ships “fastest-ever” Chrome out of beta | The Tech Herald

Download link

http://www.google.com/chrome

My comments

Google have updated their Chrome browser to the next major version. It has been fine-tuned “under the hood” for speed in a similar way to what has happened with Windows 7 and MacOS X “Snow Leopard” and is intended to be faster than the prior versions.

There is also improvements in how it handles the new HTML5 language, which will make it ready for the Web’s new direction. Other improvements include “experience synchronisation” between different computers, a must have if you are upgrading computers constantly or operating two different computers like a desktop and a laptop.

At the moment, there isn’t a stable Adobe Flash plugin for this version but it will be provided as part of the browser’s update process.

This may appeal to you if you have jumped from Internet Explorer to Google Chrome, whether directly or through the Browser Choice screen in Europe.