The GoPro HERO7 White & Silver are completely different beasts from previous GoPro cameras. Based upon yet another image processor, Qualcomm Snapdragon 624, the architecture is a Qualcomm Snapdragon reference design with the GoPro application layer. Here is a quick psuedo-teardown of the GoPro HERO7 White & Silver.
Hardware Name Tasmania perhaps originally named Popoyo
|GoPro HERO7 White
|GoPro HERO7 Silver
Qualcomm APQ8053 Snapdragon 624: Octa-Core, 8x ARM Cortex A53 Up To 1.80 GHz.
APQ8053-Lite GoPro HERO7 White = Vision Intelligence 100
|Linux/arm 3.18.71 Android
|Bosch BMI160160 (Silver Only?)
|Ublox_M8030 (Silver Only?)
Built In: Bluetooth 4.2 + BLE, 802.11a/b/g/n/ac (2.4/5 GHz) Wi-Fi
|Size & vendor unknown
|Connectivity to Apple devices
- Completely Linux Android based code. The software that used to run on the RTOS is now a binary that runs in linux called gpcam.
- Silver and White revisions run the same code base. There is a single resistor value read that determines the camera model. I'm unsure if the GPS Antenna & module are installed on the White revision.
Theoretical: Hard code "drv_get_prod_id" to return '0' for a White revision to work as a Silver. Seems White version has a "lite" processor so perhaps this will not work. With that said, since GoPro is worried about inventory, they possibly have the same motherboard for both cameras. In the future, dependent upon sales, they could cost reduce the white to the "slower" processor. It's doubtful, but a possibility.
gpcam looks for test commands on /tmp/t_cmd_sock. Luckily a test app at /usr/bin/t interfaces to this socket. Using one of the numerous shell vulnerabilities* that remain from previous GoPro revisions, a user can do something like this to enable ADB over USB:
/usr/bin/t 't frw usb set_usb_class'
Not sure if the second t is needed yet but debugging can still be done to the alias /tmp/fuse_d or /mnt/sdcard
With that said /mnt/gopro has many nifty possible keys.
ADB over USB should give you root access to the camera where you can test what happens with a modified gpcam binary. gpcam logs to the ADB logging subsystem.
Hypoxic HERO7 Github Repo
* There is no contact to disclose vulnerabilities to GoPro.