Feeds

Samsung's smart TVs 'wide open' to exploits

The downside to being 'more like a PC'

Beginner's guide to SSL certificates

Samsung's Smart TV has a vulnerability which allows remote attackers to swipe data, according to security researchers.

Malta-based security start-up ReVuln claims to have discovered a zero-day vulnerability affecting Smart TV, in particularly a Samsung TV LED 3D.

Smart TV can be used to browse the internet, use social networks, purchase movies and perform many other functions. A demo video produced by ReVuln shows how a "vulnerability for such devices can be used to retrieve sensitive information, monitor and root the device," according to Luigi Auriemma of ReVuln. Exploits developed by ReVuln appear to allow it to access remote files and information (including viewing history) as well as the ability to siphon off data on USB drives attached to a compromised TV.

"This specific vulnerability affects almost all the Samsung televisions of the latest generations, so multiple models," Auriemma told El Reg.

"We plan to invest more time and effort on the home devices security in the near future testing the products of many other vendors (we chose Samsung because it's the current market leader in this sector) and moreover finding new types of attacks and ways to use such vulnerabilities. The televisions are just the beginning," he added.

ReVuln says it plans to sell information on the vulnerabilities, rather than report them to equipment manufacturers, in order to "speed up" the development of a fix. Consistent with this general policy, ReVuln is not going into details about the flaws it claims to have discovered.

Security flaws in advanced television sets, which are becoming more like computers, and set-top boxes, has elicited the interest of other security researchers over recent months.

For example, Adam Gowdiak of Security Explorations discovered a possible mechanism for infecting set-top boxes with malware back in January. The attack created the means to either steal or share a satellite signal from a pay-TV subscriber. Proof-of-concept malware developed by Gowdiak offered a means to defeat the Conax conditional access system, the cryptographic technology designed to prevent this type of set-top-box hijacking and unauthorised sharing of satellite programming. The same trick might also be used to capture HD content for later distribution over the internet.

Security Explorations said all four satellite receivers (ITI5800S, ITI5800SX, ITI2850ST, ITI2849ST) tested in its lab, each manufactured by Advanced Digital Broadcast for ITI Neovision, are allegedly vulnerable. Each implements Conax conditional access using an additional security feature called chipset pairing. Flaws in chipset pairing lay at the heart of the multiple vulnerabilities uncovered by Security Explorations.

Unlike ReVuln, the Polish security research start-up notified firms that either supplied or used the affected technology.

Gowdiak presented details of the security vulnerabilities at the at Hack In The Box Security Conference in Amsterdam in May.

Set-top boxes and smart TVs are commonly (but wrongly) thought to be immune from malware and hacking attacks. In reality television systems are becoming more like PCs than the dumb devices of yesteryear, a factor that opens them up to potential security exploits. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.