Monday, 6 July 2009

Hairy stunt #1: firmware update via wine

My shiny new LG GGW-H20L blu-ray/alphabet soup reader/writer happened to need a firmware update. For some reason, many hardware vendors think win32 executables are handy for this sort of thing. I really... don't.

But I got intrigued when several people reported success updating the firmware through wine. Copious amounts of wine can of course make almost anything seem like a good idea, so I bravely give it a try - it will probably brick something in an amusing way, at least.

winetricks mfc42 grabs the usual missing dlls for us. Yet, the firmware updater fails with something on the order of ERROR_SUCCESS in informativeness.

Oh well. Last try: running wine as root.
... and it works. Quickly and perfectly. I don't _think_ I'm hallucinating. More voluptuous hallucinations would be expected in that case.

I suspect the kernel's blk_verify_command kicked in when running as a normal user. Fair enough, you don't necessarily want the backup job user to be able to overwrite the tape drive firmware with zeroes. Or a more-evil-than-usual ransomware virus.

Still, I boggle. And salute fellow Wine contributors. Well done.


Kjell said...

" I bravely give it a try - it will probably brick something in an amusing way, at least."


Well, I'm about to give it a shot now too, so wish me luck... :)

Erik Inge Bolsø said...

Absolutely. Have fun! :)

dstiner said...

I assume you are referring to this Ubuntu question? -

I was the one who originally posted the "wine as sudo" solution. Great to hear it worked for you also! But would you be able to provide a justification? This seems to be *very* bad practice to rely on Wine magic, and if it is unsafe I would like to post a warning message on that bug report.

Thanks, interesting to see this "magic" fix still being used.

Erik Inge Bolsø said...

Don't assume. I've never seen that specific page, actually, why would I? There are plenty of uninformed comments to go around in various googleable places.

And of course it is completely unsafe, and could just as well wipe the firmware of your hard drive if it gets confused by not actually running under windows - you are explicitly allowing it to do anything it bloody well wants to your computer. What do you expect?

Not to mention what fun could be had if that firmware update was from some "unofficial" source and modified in interesting ways - it doesn't need root privileges or be a native linux program in order to encrypt all files in your home directory and offer the decryption key if you'll only transfer $BIGNUM to this bank account in the seychelles...

Being a security professional doesn't stop me from taking stupid risks with disposable hardware just to see what will happen, this was a controlled experiment with my own hardware - only do it if you're aware of the risks :)

You could probably sandbox it sufficiently by doing a ton of work. Running as normal user + granting some additional capabilities (man 7 capabilities) + selinux to close the permissions back down to "dvd drive only". But I'd worry, and absolutely refuse to do anything like it in a professional context.