Millions of Smart TVs Vulnerable To 'Red Button' Attack

An anonymous reader writes "Researchers from Columbia University's Network Security Lab discovered a flaw affecting millions of Smart TVs supporting the HbbTV standard. The flaw allows a radio-frequency attacker with a low budget to take control over tens of thousands of TVs in a single attack, forcing the TVs to interact with any website on their behalf — Academic paper available online."

Re:It doesn't take a genius to come up with an att

[nmb3000]

Abstract: In the attempt to bring modern broadband Internet features to traditional broadcast television, the Digital Video Broadcasting (DVB) consortium introduced a specification called Hybrid Broadcast-Broadband Television (HbbTV), which allows broadcast streams to include embedded HTML content which is rendered by the television.

And for anyone wondering just why the hell anyone would want this, TFA clarifies:

Broadcasters and advertisers have been eager to use the HbbTV to target ads more precisely and add interactive content, polls, shopping and apps, to home viewers.

So let me get this right... "Punch the Monkey", coming to a TV near you? Flashing and bouncing "Take the "Which Ninja Turtle are you most like?" poll for a chance to win $1000!!!"? Malicious "Your TV isn't secure! Click here to upgrade!" ads that install some bullshit TV "app" that does only god-knows-what? Remote scripting running on a device designed without any security in mind, and which will probably never be updated during its 8+ year lifetime?

How can I make this clear? Do. Not. Fucking. Want. Yet another reason to avoid "smart" TVs, I guess.