Firmware Upgrading... why do it?

[JayS_IPCams]

A general curiosity question; why would one upgrade firmware besides the obvious (you run into an issue with exisiting firmware, that new firmware claims to fix)?
Is that the only reason?

Is my belief; if it ain't broke, don't 'f' with it, valid?

I have some cameras that are 6+ years old now; still run fine (yes, image is 'sh' compared to newer cameras, but they work fine with stock firmware).

Thanks for your comments!

 

[area651]

A general curiosity question; why would one upgrade firmware besides the obvious (you run into an issue with exisiting firmware, that new firmware claims to fix)?
Is that the only reason?

Is my belief; if it ain't broke, don't 'f' with it, valid?

I have some cameras that are 6+ years old now; still run fine (yes, image is 'sh' compared to newer cameras, but they work fine with stock firmware).

Thanks for your comments!

It's just your opinion and that's what matters to you. What I think is only mine.

My thoughts:
The two biggest possible reasons I could think of to update are:
A security hole was found and the new FW patches it.
New features being added to the camera that wasn't there in earlier versions.

If you want to leave security holes open then that's up to you. Some do, some don't. Nefarious dudes could use your cams to mine bitcoin, attack other people, attack other items in your network and even sniff/copy all traffic going across your network. If you've ever logged in anywhere that needs a passcode from your internal network (like your bank maybe?) then you could be sharing the info (even if it is encrypted) with someone you don't want to. And yes, one could say "its encrypted" to which I explain that everything that has ever been broken was believed to be secure at some point.

An example: I had an encrypted word file from 15yrs ago that was laying around on the network. Someone had encrypted it, forgot the password and at the time, they asked me if I could help. I tried at the time and it couldn't be broken. Last year, I saw the file and I tried again with new methods/tech and it cracked within 60seconds.

So yes, you could say that someone might only get the locked code. But remember, it's only locked for now. Next year, it might be easily broken.

 

[fenderman]

It's just your opinion and that's what matters to you. What I think is only mine.

My thoughts:
The two biggest possible reasons I could think of to update are:
A security hole was found and the new FW patches it.
New features being added to the camera that wasn't there in earlier versions.

If you want to leave security holes open then that's up to you. Some do, some don't. Nefarious dudes could use your cams to mine bitcoin, attack other people, attack other items in your network and even sniff/copy all traffic going across your network. If you've ever logged in anywhere that needs a passcode from your internal network (like your bank maybe?) then you could be sharing the info (even if it is encrypted) with someone you don't want to. And yes, one could say "its encrypted" to which I explain that everything that has ever been broken was believed to be secure at some point.

An example: I had an encrypted word file from 15yrs ago that was laying around on the network. Someone had encrypted it, forgot the password and at the time, they asked me if I could help. I tried at the time and it couldn't be broken. Last year, I saw the file and I tried again with new methods/tech and it cracked within 60seconds.

So yes, you could say that someone might only get the locked code. But remember, it's only locked for now. Next year, it might be easily broken.

Security is a non issue if you block the cameras internet access and dont port forward which you should do even on the latest firmware. The cam manufactures are slow to patch vulnerabilities that are disclosed to them, let alone the ones that are not.

 

[tigerwillow1]

I've read enough stories about bricked cameras and NVRs following an attempted firmware upgrade that I do not take the decision lightly.

 

[fenderman]

I've read enough stories about bricked cameras and NVRs following an attempted firmware upgrade that I do not take the decision lightly.

99.9 percent of those cases involve hacked China cams

 

[area651]

Security is a non issue if you block the cameras internet access and dont port forward which you should do even on the latest firmware. The cam manufactures are slow to patch vulnerabilities that are disclosed to them, let alone the ones that are not.

Very true. How often are cameras properly installed though? For that matter, if something is completely secured & isolated, then would any security hole would ever matter?

 

[tigerwillow1]

99.9 percent of those cases involve hacked China cams

I wasn't even thinking of chinese market cams. I have a few international 5231s and have noticed a couple of threads about those being bricked, so I'm in no hurry to tinker with mine. Where I've seen the most bricking threads lately is with dahua nvrs and the version 4 firmware. I'd like the new features but am frankly scared to take the risk. On the other hand, in trying to diagnose my somewhat flaky 5442 camera I've reloaded different firmware versions more than a dozen times with no hiccups. I've upgraded firmware on 8 chinese market dahuas without a hitch but the catch is you have to be really careful to use the correct firmware. After browsing the bricking posts for a few minutes, it looks like the majority are indeed about chinese market cameras that shouldn't have been messed with. I'm definitely in the "if it ain't broke don't fix it" camp.

 

[JayS_IPCams]

Thanks everyone! Security patch is a good reason as well.. but less of one as Fenderman points out, for those of us that segregate our cameras to a VLAN that can't access the internet anyway.

I updated a test camera I had to play with, and another "reason" is for web access. I.e. i can now access the updated camera without a browser plugin and view the video etc.
Now, most likely won't need that (and I don't really care), because I have an NVR (BI) to access it anyway. But some may have only a couple cameras and use direct to SD card to record and watch video. in that case, easier if the browser can access directly.