topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:58 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: 0-Day TV Exploit  (Read 3816 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
0-Day TV Exploit
« on: December 15, 2012, 08:06 AM »
Looks like TVs have joined the crowd in getting hacked:

http://securityledge...allow-remote-spying/

The company that made headlines in October for publicizing zero day holes in SCADA products now says it has uncovered a remotely exploitable security hole in Samsung Smart TVs. If left unpatched, the vulnerability could allow hackers to make off with owners’ social media credentials and even to spy on those watching the TV using compatible video cameras and microphones.

In an e-mail exchange with Security Ledger, the Malta-based firm said that the previously unknown (“zero day”) hole affects Samsung Smart TVs running the latest version of the company’s Linux-based firmware. It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set.

In short, if it has a network connection... It's fair game.
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #1 on: December 15, 2012, 11:18 AM »
But, it's linux-based! And linux is not windows, so it's super secure! :o :o :o
- carpe noctem

rgdot

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 2,192
    • View Profile
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #2 on: December 15, 2012, 11:46 AM »
Before too long, zero day exploit for smart chips embedded into human brains

SeraphimLabs

  • Participant
  • Joined in 2012
  • *
  • Posts: 497
  • Be Ready
    • View Profile
    • SeraphimLabs
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #3 on: December 15, 2012, 01:13 PM »
At the same time, if this TV is Linux based then all someone savvy has to do to defend themselves is root the device themselves and update it- or reconfigure it to be more secure.

Its like how servers should avoid using the default settings for exposed services. They're harder to exploit if they are custom configured, as the hacker then has to guess what your settings are.

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #4 on: December 15, 2012, 07:51 PM »
But, it's linux-based! And linux is not windows, so it's super secure! :o :o :o
  But if it was Windows based, you would be getting the Blue (or White) screen of death every 2 hours of use.....   :o
  When they say Linux based and it's that unsecure, then it's probably a "homemade" Samsung distro that didn't figure in any kind of protection thinking that it wouldn't need any.  Kind of makes you want to stay away from all that is Samsung for that little mistake....  Either way, I'm still going to Linux when MS stops support for XP......

Rover

  • Master of Smilies
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 632
    • View Profile
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #5 on: December 15, 2012, 07:56 PM »
Thanks f0dder for throwing out some fodder...  You can screw up any OS if you try hard enough.   Of course it's a little hard to do on Linux, but give them credit for trying hard.   :P
Insert Brilliant Sig line here

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #6 on: December 15, 2012, 08:00 PM »
Before too long, zero day exploit for smart chips embedded into human brains

Pictures of the dystopian future... :(

Or, would they just have backdoors?
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: 0-Day TV Exploit
« Reply #7 on: December 16, 2012, 08:21 AM »
But if it was Windows based, you would be getting the Blue (or White) screen of death every 2 hours of use.....   :o
The last time I saw a BSOD was when my SSD (holding my system partition) died. Before that, it was a buggy 3rd party VPN driver. Before that? Probably a hardware failure several years ago :). I wonder how Windows Embedded holds up these days - wouldn't put it in anything life-sensitive (but then I wouldn't use linux there either), but it just might be decent enough for a TV?
- carpe noctem