Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Security Flaws Discovered In Internet HDTVs

Posted by Soulskill on from the toasters-soon-to-be-at-risk dept.

wiredmikey writes "Security researchers have discovered several security flaws in one of the best-selling brands of Internet-connected HDTVs, and believe it's likely that similar security flaws exist in other Internet TVs. The security researchers were able to demonstrate how an attacker could intercept transmissions from the television to the network using common 'rogue DNS,' 'rogue DHCP server,' or TCP session hijacking techniques. Mocana was able to demonstrate that JavaScript could then be injected into the normal datastream, allowing attackers to obtain total control over the device's Internet functionality."

32 of 128 comments (clear)

  1. Re:Heh by xystren · · Score: 4, Funny

    Now I got an excuse... No Honey, I wasn't watching porn, the TV just switched and it won't let me change the channel!

  2. Outer Limits Intro ..... by Anonymous Coward · · Score: 5, Funny

    "We control the horizontal."
    "We control the vertical...."

    1. Re:Outer Limits Intro ..... by tomhudson · · Score: 4, Interesting

      Those controls disappeared decades ago.

      FTFA:

      This attack could render the product unusable at important times and extend or limit its functionality without the manufacturer’s permission.

      Screw the users. Looks like almost everyone has accepted the "you bought it but you don't control it" mentality.

      Who do we blame? Steve Jobs. Verizon? Microsoft? The Supreme Court? Everyone for not making more noise?

    2. Re:Outer Limits Intro ..... by russ1337 · · Score: 2

      I guess you can now apply the business meaning....

      http://en.wikipedia.org/wiki/Vertical_integration & http://en.wikipedia.org/wiki/Horizontal_integration

      The entire entertainment chain being controlled all the way vertically: entertainment production, manufacture of devices and what you can watch; and horizontally across all distribution channels and devices that you watch it on.

      basically the Apple business model.

  3. But How Connected is the TV Anyways? by damn_registrars · · Score: 2

    I have a hard time seeing a compromised TV being as much of a security risk as a compromised PC. Would a TV have your personal information on it? Probably not. Would it be able to access a computer on your home network enough to get at personal information? Seems unlikely. Sure, I suppose it may be possible for an internet TV to become a botnet agent helping in a DDoS attack or something, but even that seems like it would be of minimal utility. I don't really see a TV as being useful in pumping out spam, either, unless the manufacturers were putting mail agents in there to report problems back to the manufacturer.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    1. Re:But How Connected is the TV Anyways? by Samantha+Wright · · Score: 2

      I strongly suspect everyone here will feel much the same way, but TFA and I agree that there are a lot of people out there who are just technically challenged enough to use their web-capable TVs on sites where credit cards might be involved, or perhaps not find it surprising when attempting to purchase PPV content responds with a mysterious credit card prompt they've never seen before. The TFA also mentions scenarios where the TV's functionality could be extended, limited, or denied to the user, in addition to things like stealing browser history.

      --
      Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
    2. Re:But How Connected is the TV Anyways? by theNetImp · · Score: 4, Interesting

      I live in Japan. We just bought a new Sony Bravia TV, and unlike the ones in the states, it contains, a hard drive, and the ability to serve as a DVR. Someone hacks into it, and can now use it to store what ever they want, even use it as part of the botnet. Think it's not a security risk now? There is a reason my Television is not connected to the internet, even though it could be connected to it.

    3. Re:But How Connected is the TV Anyways? by Tuoqui · · Score: 2

      It would become trivially easy to DOS attack someone's TV by making it display nothing but goatse and 2girls1cup.

      --
      09F911029D74E35BD84156C5635688C0
      +2 Troll is Slashdot's way of saying groupthink is confused
    4. Re:But How Connected is the TV Anyways? by IMightB · · Score: 3, Informative

      The one that I just got supports external HDD's, USB Cameras, wired, wireless, HTTP (via vieracast). Granted, the TV's OS is very limited, but it supports enough that it could be very damaging if compromised.

      For instance, my TV currently has stored in it passwords for my Skype/Netflix/Pandora accounts as well as my WPA2 creds.

      The very limited VieraCast interface simply uses HTTP to generate it's menus and people have already started to use squid/DNS redirecting to do things like stream from Myth etc etc.

      This guy so far seems to have made the most progress.

      http://customvieracast.blogspot.com/

    5. Re:But How Connected is the TV Anyways? by nospam007 · · Score: 3, Funny

      "Would a TV have your personal information on it? Probably not."

      How about the kiddie/personal porn on the USB HD attached directly to the TV?

    6. Re:But How Connected is the TV Anyways? by LordLimecat · · Score: 5, Informative

      1) Set up ssh and dynamic dns on compromised TV, or perhaps a cron job to do a reverse SSH tunnel every so often (to bypass firewall). Now you know where this connection is, at all times, and have full control, at any time.
      2) Set up BIND DNS, set to forward to whatever malicious DNS server you want.
      3) Either set up a phony DHCP server, and/or do some arp poisoning so that all traffic to the internet is routed thru the TV.
      4) Control the entire household's internet connection -- rewriting HTTP pages, sending whatever DNS responses you want (Google? SURE, its this IP here in china!), capturing passwords (redirecting HTTPS to HTTP so that cert errors dont occur, or inserting non HTTPS javascript to capture the password), etc.

      ANY smart device on a home network has the potential to wreak massive havok on that network.

    7. Re:But How Connected is the TV Anyways? by timeOday · · Score: 2
      Having my TV join a botnet still doesn't sound like that much of a crisis.

      The biggest problem I do see is that my Bravia is linked to my amazon.com account. We can purchase streaming movies with a few remote control key-presses. So I would guess if my TV is cracked, the thieves could go on an amazon shopping spree with my account.

      But then, I've had credit cards compromised before (both personal and corporate). They were resolved with a couple phone calls, and I wasn't liable for anything.

      So I am not going to worry about it, much less go without Netflix or Amazon streaming "just in case." This is a problem that Sony should be all over (assuming they are one of the affected brands) - I know they can update the TV software whenever they want.

    8. Re:But How Connected is the TV Anyways? by multisync · · Score: 5, Insightful

      it contains, a hard drive, and the ability to serve as a DVR. Someone hacks into it, and can now use it to store what ever they want, even use it as part of the botnet

      I would be more concerned with entertainment companies "hacking in to it" to remove programs you might be storing. The Kindle experience has shown us that devices that can be remotely accessed by the vendor can not be trusted.

      I'll stick with dumb devices that simply do what I tell them.

      --
      I don't care why you're posting AC
    9. Re:But How Connected is the TV Anyways? by countertrolling · · Score: 3, Funny

      I don't really see a TV as being useful in pumping out spam...

      Approximately 16 minutes of every hour is devoted to spam... formerly known as "bathroom breaks"

      --
      For justice, we must go to Don Corleone
    10. Re:But How Connected is the TV Anyways? by Sloppy · · Score: 2

      Saying "don't be a television and a web browser" is like pointing at a PDP11 running Unix and saying, "Don't be a document editor and also a formatter and also a C compiler." You're trying to apply the Unix philosophy at the wrong level. Look inside and then you'll see it. There's a codec library (and/or hardware) that does one thing well, and is used as part of many applications, just like "sed" is.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    11. Re:But How Connected is the TV Anyways? by internewt · · Score: 4, Insightful

      Having my TV join a botnet still doesn't sound like that much of a crisis.

      Right up until it is used as a proxy to download child porn, and all of a sudden you are having to explain why your IP has accessed CP to law enforcement, family, friends, the media.....

      Yeah, I know CP is one of those bogey men used to persuade people to see danger from unlikely events, but an accusation of CP can be enough to ruin lives. If you can avoid it, it's probably for the best.

      Also, if your TV is in a botnet then it might be inside your firewall, if you use a straight forward NAT router. The TV could be used to attack other computers on your LAN which may contain more important data.

      --
      Car analogies break down.
  4. Go back to dumb devices by GrumblyStuff · · Score: 3, Interesting

    I hate how all these "smart" ones can be tricked into doing nefarious deeds.

  5. Re:Heh by DWMorse · · Score: 5, Funny

    To the first hacker that figures out how to Rick Roll an entire family watching a gripping TV series finale: One Internet Dollar!

    --
    There's a spot in User Info for World of Warcraft account names? Really?
  6. So, basically... by msauve · · Score: 2

    If you have control over the network infrastructure, you can give a host DHCP/DNS info which might not be right and make it go where you want.

    Major automotive security alert!!11!!! If someone steals your car, they get the stuff inside, too.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  7. Javascript is becoming a major plague by Anonymous Coward · · Score: 3, Insightful

    Of course, the language per se is innocent. But embedding programmability in everything (Web pages, PDF what not) is becoming the biggest security nightmare all around. And the Web Masters want to entice us to be part of the fray. Quoth slashdot:

    There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

    Thanks, but no, thanks. I might not want anything (Classic needs cookies, bad Fido, no cookies for you today). Quoth again Slashdot:

    Why does "This Function Require JavaScript?"

    Welcome to the now, man!
    [...]

    Well, thanks again, but no, thanks. I'm getting pretty well along without my browser executing random stuff from out there (in most cases in ain't even malicious, but wickedly bad programming, just DOSing my computer).

    Meh.

  8. Linux by tsa · · Score: 4, Interesting

    Don't most of the newer TVs run Linux? My father's LG does. So it's entirely possible that the first real viruses for Linux will run on TVs rather than normal computers.

    --

    -- Cheers!

    1. Re:Linux by mattdm · · Score: 2

      Also, it comes with a copy of the GPL and an offer for source code.

  9. Inevitable by nitehawk214 · · Score: 4, Insightful

    Q: What happens when you combine a TV with a computer?

    A: You get a computer.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust
  10. Rogue DHCP server? by WD · · Score: 4, Funny

    Well that's just great! You're telling me it's not safe to lug my HDTV into Starbucks anymore?

  11. Re:Heh by FatdogHaiku · · Score: 5, Informative

    http://xkcd.com/351/

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  12. User permission by Gumshoe · · Score: 3, Insightful

    This attack could render the product unusable at important times and extend or limit its functionality without the manufacturer's permission.

    Surely that should read, "without the user's permission".

    1. Re:User permission by fluffy99 · · Score: 2

      This attack could render the product unusable at important times and extend or limit its functionality without the manufacturer's permission.

      Surely that should read, "without the user's permission".

      No that's probably correct. The manufacturer probably uses the same chassis and hardware across many models, and the only difference is the software features. Another similar example is Video cards where the lesser models simply have a few cores turned off in the GPU. Enabling those features would give you the equivalent of the more expensive model.

  13. Re:Heh by hedwards · · Score: 2, Funny

    Duty Calls

  14. Re:Heh by c6gunner · · Score: 2

    It also grew arms, pulled down my pants, and put this bottle of hand-lotion on the table beside me!

  15. Re:Heh by John+Hasler · · Score: 3, Insightful

    > This is one of the reasons I say we need NAT on IPV6.

    No. You need a firewall.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  16. Re:Heh by gmhowell · · Score: 2

    Now THERE is a tv I would buy.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  17. ISP overages by tepples · · Score: 2

    Let me be a "Devil's Advocate" here". If it's not hurting me, it's not really a security risk, right?

    Participating in a botnet is hurting you. It runs up your GB per month, for which some ISPs charge overage fees. It can get your Internet access shut down, or it can even get you prosecuted for participating in the distribution of illegal pornography, as internewt pointed out.