Samsung TVs Can Be Hacked Into Endless Restart Loop

← Back to Stories (view on slashdot.org)

Samsung TVs Can Be Hacked Into Endless Restart Loop

Posted by timothy on Tuesday April 24, 2012 @04:57AM from the you-were-warned dept.

Gunkerty Jeb writes "Italian security researcher Luigi Auriemma was trying to play a trick on his brother when he accidentally discovered two vulnerabilities in all current versions of Samsung TVs and Blu-Ray systems that could allow an attacker to gain remote access to those devices. Auriemma claims that the vulnerabilities will affect all Samsung devices with support for remote controllers, and that the vulnerable protocol is on both TVs and Blu-Ray enabled devices. One of the bugs leads to a loop of endless restarts while the other could cause a potential buffer overflow."

6 of 187 comments (clear)

Min score:

Reason:

Sort:

Re:Great trick by xclr8r · 2012-04-24 05:05 · Score: 5, Informative

The buffer overflow is worrisome . A lot of the newer BluRay Players have additional features like netflix over wifi/homenetwork. The basic consumer may put in their credit card (or ____ forbid their debit card) info to start their netflix account.

--
Beware of those who profit off the docile and persecute the unbelievers.
Anybody pine for that golden age by Compaqt · 2012-04-24 05:08 · Score: 5, Insightful

Where we had dumped carburetors for computer-controlled engines, but they didn't need to get updates, and those updates weren't wirelessly and remotely pushed?
Where we had dumped cathode ray tubes for flat, liquid crystal displays, but hadn't put the tubes back into TV by stuffing the Internet (and viruses) into them?
Where we had dumped both rotary and touch tone land line phones for cellular phones that could do most anything you'd want them to, and you carry it whereever you went, but you didn't have to have an antivirus running on the phone and didn't have to worry about your contact details being sent to Nigeria?

--
I'm not a lawyer, but I play one on the Internet. Blog
Original article and scope by enriquevagu · 2012-04-24 05:14 · Score: 5, Informative

The vulnerability is originally disclosed here, not in the posted link.
This vulnerability only works from the same broadcast domain where the TV is, since the remote control protocol relies on broadcast messages to announce the service. This means that your TV cannot be cracked from the Internet. Let's hope that Samsung apply a fix soon, in any case.
Re:TV by JoeCommodore · 2012-04-24 05:26 · Score: 5, Funny

My parents recently got a 52" Internet connected Samsung TV. Any way I could use this to replace the crap Samsung apps with something better?
Sure. Just give me the IP address...
It's 127.0.0.1 - hack away!

--
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
Re:Great trick by Jeremiah+Cornelius · 2012-04-24 05:30 · Score: 5, Funny

Hey! Deja Vu,
I think I've seen this movie before...
Hey! Deja Vu,
I think I've seen this movie before...
Hey! Deja Vu,
I think I've seen this movie before...
Hey!

--
"Flyin' in just a sweet place,
Never been known to fail..."
Re:Great trick by Anonymous Coward · 2012-04-24 05:33 · Score: 5, Informative

(or ____ forbid their debit card)
And?
Unless you have a very terrible bank and/or don't bother checking your account ever, this isn't exactly a big deal. I just went through this a few weeks ago, when yonder random payment processor got owned hardcore.
Checked my account - like I do regularly, and found a weird charge. Called up my bank, said, "What is this I don't even?" Bam. Charge killed, money returned, new card in the mail, before I could even say, "Wow, you guys aren't nearly as evil as the Internet led me to believe."
Of course, I suppose the fact that I actually bother checking my account activity regularly makes me some sort of Fiscal Wizard compared to your average person. :p