**Disclaimer: I am posting this on my own, with no relation to the manufacturer I work for. I have been interested in this for a while, and finally got around to building a linux VM to play.**
I am starting this discussion for people to be able to discuss about firmware encryption. This may not be the most scientific method, just what I know about so far...
Many hackers and researchers find vulnerabilities by reviewing firmware to see the file system, code, database, user list & password hashes, etc. Once they find what operating system/files are present, they can then look for weak algorithms, client side hashing, or buffer overflows.
Link to video showing a hacker playing with firmware...
Encrypting the firmware makes this a lot harder. The hacker instead needs access to a device that they already have user access to, as opposed to just reviewing the firmware and then attempting to access a device on the Internet.
I have chosen models based on common manufacturers that I could access firmware for. I am not familiar with all of the lines for each manufacturer, so let me know if there is a better, newer model to test. If you can point me to a firmware link, I am happy to take a look.
Below are screenshots of firmware that is not encrypted.
You can then use the software to extract the contents to examine:
I had to manipulate the file to remove a header. Then I was able to extract the firmware archive.
Here is the web filesystem:
Here is a firmware that is encrypted. Note that it states that the file uses OpenSSL encryption.
Some firmware files I was not able to tell, which may mean the firmware has been obfuscated or it may also be encrypted, but I was unable to tell with the tools I have.
Arecont surrountvideo omni g2 av20275dn v65199 unknown/Possibly encrypted
Avigilon H4 ES camera line ACC188.8.131.52 h4HD-FW-t200-184.108.40.206 no encryption
Axis P3225-LVE no encryption
Bosch dinion ip dynamic 7000 hd cpp 6.32.0099 unknown/Possibly encrypted
Canon vbh43 v.1.25 not encrypted
Dahua DH-IPC-HDBW42A1FN-AS v432105 not encrypted
Digital watchdog wdc-md421d 220.127.116.11 not encrypted
Flir quasar gen II fs20160805nsz - broadcom header, appears not enc.
Hanwha Techwin QND-7080R v1.01 Encrypted
Hikvision DS-4x12 v5.4.0 not encrypted
Panasonic SFV78L v2.53es unknown/Possibly encrypted
Pelco Sarix IME+ next gen dome cameras - IME329 v18.104.22.168 no encryption
Sony G6 v2.7.3 No encryption
Vivotek FD8369A-V v0200e not encrypted
Anyone else think that this is important, and that firmware should be encrypted or at least have an MD5 hash listed so you can confirm that the file has not been tampered with?