Thursday, April 20, 2017

"Smart" TVs remotely hackable via over-the-air or over-the-cable broadcasts

Well, that's about it for "Smart" TVs.  If you have one of these, unplug it from the Internet.  Run, don't walk.  There's code that hacks them and installs itself, and even a factory reset doesn't clear it out:
A new attack that uses terrestrial radio signals to hack a wide range of Smart TVs raises an unsettling prospect—the ability of hackers to take complete control of a large number of sets at once without having physical access to any of them.
The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung. By exploiting two known security flaws in the Web browsers running in the background, the attack was able to gain highly privileged root access to the TVs. By revising the attack to target similar browser bugs found in other sets, the technique would likely work on a much wider range of TVs.
So basically, anyone with one of these low cost transmitters could pwn your TV.  Put it on a drone and fly over, or in your car and drive by and you now have someone who can turn on the built-in microphone and listen in.  Smart, huh?  Oh, and it gets even better:
"Once a hacker has control over the TV of an end user, he can harm the user in a variety of ways," Rafael Scheel, the security consultant who publicly demonstrated the attack, told Ars. "Among many others, the TV could be used to attack further devices in the home network or to spy on the user with the TV's camera and microphone."
But wait, we're not done!
The approach could also be modified in ways that give it greater reach. For instance, in the event a TV station or network was compromised—for example, a more extreme version of the 2015 hack that blacked out 11 channels belonging to French broadcaster TVMonde5—the attackers could surreptitiously embed malicious code into the signal being broadcast to millions of TVs. Embedding malicious commands into broadcasts from cable or satellite providers is also theoretically possible. A 2014 research paper written by Yossef Oren and Angelos D. Keromytis discussed embedding the exploits into various types of broadcasts.
Mass pwnage via the cable.  The question is not whether exploits are being developed as you read this, but who besides State Actors are working on the 'sploits.  Holy cow - this may be the single most horrifying security problem I've ever seen, and I've seen some pretty horrifying security bugs.

I repeat: if you have a "Smart" TV that is connected to the Internet, unplug it from the 'net RIGHT NOW.  It is unsafe,  and quite frankly it's not clear when (or if) it will ever be safe to plug it in.  The manufacturers have a long track record of not caring at all about your security.


SiGraybeard said...

If someone unplugs the TV from the 'net, all it does is prevent them from hurting other people, right? They're still getting hacked over the air, right? They're still potentially having their TV bricked, it's just that the TV can't be calling home with everything they do or say.

Minion Beta said...

Why would anyone have a TV in the first place? It's known as the "Idiot Box" for a reason you know...