Smokey's Security Weblog

veritas odium parit

Most recent firmware download for Seezeus Shadow Recorder GT550WS

For security reasons on the road I use a dashcam (dashboard camera) in my car, like many others also do. My dashcam choice to use was a Seezeus Shadow Recorder GT550WS GPS 2.7″ LCD HD 1080p WDR GPS Logger Dash Cam Car DVR + GPS module, this for reason of the fair price, many useful features/options and very good clear picture quality by daylight as well at night.

Why to use a dashcam? The answer is simple: to be able to provide video evidence in an event of an accident, there are many idiots on the road and it can become very handy in case such an idiot will cause an accident. But not only pure idiots on the road, also many careless people aren’t watching the road in the way it should be, they use their cellphone, laptop, navigation and other equipment during driving and lose demanded attention for what’s really going on.

I noticed there’s a real need for dashcam firmware updates, many people are looking for it but can’t find a download source. That’s the reason I offer you the most recent firmware v2.6G for the Seezeus Shadow Recorder GT550WS. Keep in mind this firmware is only suitable for mentioned dashcam, don’t try to flash it on a different dashcam. And when you brick your dashcam during a firmware flash you will lose dashcam vendor/seller warranty.

On Google Drive you can download the GT550WS most recent firmware v2.6G here YouTube instructions how to flash the firmware here It’s an instruction movie for a different dashcam however firmware flash procedure for the GT550WS is similar.

Drive safely!

Note: because the Seezeus Shadow Recorder GT550WS died very soon (read the story below) I had to buy a new cam, this time I decided to go for a Onstar MateGo MG380G. With the MateGo I’m really happy, my review about the MG380G can you find here. In the review there’s also a downloadlink to the most recent Onstar MG380G firmware v1.01.03, dated 2015/06/18.

Update May 31, 2015: I bought the cam first week of December 2014 from a eBay seller named estore009, located in China, and received the item more than 1 month later, in the middle of Jan. 2015. Starting with the first day I used the cam there were problems: with the firmware, with a faulty GPS module, cam also stopped regularly with recording, and finally the cam freezes on the start screen during boot-up and therefore is the cam useless now forever. Mind you this all happened within 4 months after I used the cam for the first time, and long delivery time also didn’t make me happy at all. You will understand atm I’m really pissed, and asked seller estore009 for a refund. Seller isn’t willing to do so, and even don’t want to talk about a partial refund. IMO after all the problems I had with the cam seller should provide decent service hence a refund could be the only acceptable solution but as told before seller refused such. Therefore my advice: stay far away from estore009, items sold by him are or could be faulty, service is a non existing word for him.

March 1, 2015 Posted by | Action & Dash Cam Talk: News, Comparisons, Reviews, Tests | , , , , , , , , | 4 Comments

[How-to] Vulnerability test Superfish, Komodia, PrivDog & similar

Probably you have heard about the Lenovo debacle, many of their laptop series are preloaded adware/spyware Superfish (you can also call Superfish a dirty piece of malware) that will intercept all your secure connections and this will allow criminals to do it too. Superfish uses an “SSL hijacker” (Komodia Redirector with SSL Digestor) and an untrustworthy Komodia root certificate. Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing. In this way an attacker can spoof HTTPS sites and intercept HTTPS traffic without triggering browser certificate warnings in affected systems.

Many other softwares do similar because Komodia sold its malicious kit to other companies as well, some of these companies/vendors are e.g. Atom Security, Inc, Infoweise, KeepMyFamilySecure, Kurupira, Lavasoft, Qustodio and Websecure Ltd. There will be others as well.

Superfish removal can be done via Windows standard add/remove programs utility, find Superfish Inc VisualDiscovery, tick it, and click uninstall. Uninstalling Superfish and other Komodia-type programs does not remove the root certificates, so you need to do this: type certmgr.msc into the Windows search box, right click on the programs name, and select “run as administrator” from the pop-up menu. Subsequent click the action menu item and select “find certificates”. Type Superfish etc into the search box and click the “find now” button. If you find an unwanted certificate, right-click and select delete.

Fwiw never download from unsafe places such as CNet’s Download.com or from Google search ads, downloading software from such places can be really dangerous, in many cases the downloaded software can and will be contaminated with adware, spyware and/or malware.

There’s a simple way to check your machine on the existence of Superfish, Komodia, PrivDog & Co, we advise you to visit the filippo vulnerability test page and perform the vulnerability test: https://filippo.io/Badfish/ Important: do the test with all browsers installed.

Instructions for identifying and removing a root certificate from Windows here: http://windows.microsoft.com/en-us/windows-vista/view-or-manage-your-certificates

Finally we know that many AV (antivirus) products will find and remove the Superfish, Komodia, PrivDog and similar crap, despite we still strongly advise to perform the filippo vulnerability test and to check your machine also on the existence of untrustworthy certificates.

March 1, 2015 Posted by | Uncategorized | , , , , , , , , , , , , , , , , , , , , , | Leave a comment