Spoiler Alert: Your TV Will Be Hacked

snydeq writes "With rising popularity of Internet-enabled TVs, the usual array of attacks and exploits will soon be coming to a screen near you. 'Will Internet TVs will be hacked as successfully as previous generations of digital devices? Of course they will. Nothing in a computer built into a TV makes it less attackable than a PC. ... Can we make Internet TVs more secure than regular computers? Yes. Will we? Probably not. We never do the right things proactively. Instead, we as a global society appear inclined to accept half-baked security solutions that are more like Band-Aids than real protection.'"

Why not yet ?

[nonos]

I'm wondering why my tv hasn't been hacked with air waves : one morning, I switched it on and it told me a firmware update had been uploaded over the air during the night.

What can stop hackers to send rogue fw updates over the air ?

Also, is it possible to exploit mpeg2 video decoder bugs to takecontrol of tv ?

Any info of previously discovered hacks of this kind ?

Think!

[flyneye]

Think once,
Think twice,
Think don't watch television. It was never beneficial. It soaks up valuable internet/gaming time. Pay t.v. is never worth the cost.
Just another screen to clean.It encourages relatives/loafers to hang around your place eating your food for longer than normal.
Whatever is on will just piss you off / bore you. It's just re-runs anyway. Just take it to Salvation Army and get a donation receipt for tax purposes.

Re:Heh

[AmiMoJo]

I recently got a Panasonic smart TV. There is an Android app that lets you control it from your phone/tablet, and you can push photos and video directly from the device onto the TV screen. It works over wifi and there isn't any kind of authentication or code. In other words if your neighbours have insecure wifi and a Panasonic TV you and display whatever you like on their screen.

I'm sure many other smart TV platforms are similarly insecure, in that they assume your wifi network is a secure environment.

Re:Heh

[mcgrew]

My ten year old analog TV does that -- I have a computer plugged into it. The only difference is the computer isn't inside the TV. I can bluetooth pictures from my phone, wifi files to it from my notebook, and I use a wireless mouse as a remote control and the internet for "cable".

But nobody's hacked it yet. In fact, in 30 years of computing I've only been hit three times (my house has been broken into more often), none with any permanent damage. The first was the Michelangelo virus I got by putting one of my own floppies (five inch variety) in a computer at work, and learned that being smart is no defense against viruses -- the woman who infected the work computer held a PhD, but she was pretty clueless about computers.

The second time was a targeted attack by a bunch of young people I'd made fun of on my web site (I made fun of everyone, I was the Don Rickles of the Quake world). All they did was replace a picture of a bunch of down's syndrome kids with a basketball team. I wonder of those guys are now lulzsec? It was over 15 years ago.

The third time was when Sony rooted my box with their goddamned XCP trojan. That one really fucked up my computer BAD, took quite a while to repair the damage Sony's vandalism had done.

So judging from my own (admittedly limited) experience with being cracked, I worry far more about some big international corporation that has no fear of law enforcement than I am some Russian cyberburglar or teenage cybervandal.

And hey, this is only tengentally on topic but can we take our verbage back that was stolen and twisted by the muggles? Don't call them "hackers" unless they wrote the malware. Call them cybervandals or cyberburglars instead. Lets (at least among ourselves) reserve the word "hacker" for someone who writes quick and dirty one time use code and folks who modify hardware. I mean, come on, I've been both a hardware hacker and a code hacker, but I've never broken into someone's computer without their begging me to (working of a bios password on an old laptop now, have to take the whole damned thing apart to do it).