Slashdot Mirror

← Back to Stories (view on slashdot.org)

Millions of Smart TVs, Phones and Routers At Risk From Old Vulnerability (trendmicro.com)

Posted by Soulskill on from the why-fix-something-when-you-can-just-not-fix-something dept.

itwbennett writes: Adding fuel to the growing concern over how manufacturers of devices such as routers and smart TVs deal with security vulnerabilities that emerge in their products, Trend Micro found that a 3-year-old vulnerability in a software component used in millions of smart TVs, routers and phones still hasn't been patched by many vendors. Although a patch was issued for the component in December 2012, Trend Micro found 547 apps that use an older unpatched version of it, wrote Veo Zhang, a mobile threats analyst on the Trend Micro blog. 'These are very popular apps that put millions of users in danger; aside from mobile devices, routers, and smart TVs are all at risk as well,' he wrote.

3 of 65 comments (clear)

  1. Re:Apologists unite! by gstoddart · · Score: 4, Insightful

    Well ... let's see ... first you could have a vulnerable cable modem your ISP gave you ... and a lot of people might not have a firewall behind that and connect directly to it. Hell, you could even have a modem from your ISP which does the wifi you use in your house.

    The level of network security in most households probably means that the number of people who could easily have devices exploitable by this is likely not small.

    The problem is that consumer adoption of the "internet of stuff" is growing FAR faster than the quality of security they have. Many people simply won't even know they're at risk, because they just took it out of the box and did the easiest bit of configuration.

    --
    Lost at C:>. Found at C.
  2. Re:This is one reason I don't use smart TV apps by kheldan · · Score: 3, Insightful

    This is one reason I don't use smart TV at all

    There, fixed that for you, friend.

    In this day and age of mass surveillance and the corporate practice of scraping people's lives for data to sell to other corporations, just like so many scammers and malware authors do, I wouldn't at all be surprised if they haven't 'fixed' the 'bug' because it's not a bug, it's a feature, intended to allow them them 'send carefully crafted packets' to allow 'execution of arbitrary code' (read as: 'run code that allows enhanced snooping on what you're doing with your TV, and to turn on the camera and microphone to spy outright on you) so they can collect their otherwise illegal data and still maintain a plausible deniability.

    In my opinion you're asking for trouble if you connect a so-called 'smart TV' to any network in the first place. Do yourself a favor and reject the entire idea and buy a non-smart TV instead. You want 'smarts'? Connect it to a media center PC or a DVR or something else. Or maybe just, I dunno, watch TV instead of making it a lifestyle? FFS TVs are turning into just gigantic versions of people's phones. Enough already..

    --
    Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
  3. Appliances do not get updates by sanf780 · · Score: 3, Insightful
    After all, TV OEMs want to sell products one year, and sell new products next year. They do not want to spend money on supporting old sets.

    This one also goes for other connected things: automobiles, routers, mobile phones...