0-Day TV Exploit

[Renegade]

Looks like TVs have joined the crowd in getting hacked:

http://securityledge...allow-remote-spying/

The company that made headlines in October for publicizing zero day holes in SCADA products now says it has uncovered a remotely exploitable security hole in Samsung Smart TVs. If left unpatched, the vulnerability could allow hackers to make off with owners’ social media credentials and even to spy on those watching the TV using compatible video cameras and microphones.

In an e-mail exchange with Security Ledger, the Malta-based firm said that the previously unknown (“zero day”) hole affects Samsung Smart TVs running the latest version of the company’s Linux-based firmware. It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set.

In short, if it has a network connection... It's fair game.

[f0dder]

But, it's linux-based! And linux is not windows, so it's super secure!

[rgdot]

Before too long, zero day exploit for smart chips embedded into human brains

[SeraphimLabs]

At the same time, if this TV is Linux based then all someone savvy has to do to defend themselves is root the device themselves and update it- or reconfigure it to be more secure.

Its like how servers should avoid using the default settings for exposed services. They're harder to exploit if they are custom configured, as the hacker then has to guess what your settings are.

[Tinman57]

But, it's linux-based! And linux is not windows, so it's super secure!

-f0dder (December 15, 2012, 11:18 AM)

  But if it was Windows based, you would be getting the Blue (or White) screen of death every 2 hours of use.....   
  When they say Linux based and it's that unsecure, then it's probably a "homemade" Samsung distro that didn't figure in any kind of protection thinking that it wouldn't need any.  Kind of makes you want to stay away from all that is Samsung for that little mistake....  Either way, I'm still going to Linux when MS stops support for XP......

[Rover]

Thanks f0dder for throwing out some fodder...  You can screw up any OS if you try hard enough.   Of course it's a little hard to do on Linux, but give them credit for trying hard.   

[Renegade]

Before too long, zero day exploit for smart chips embedded into human brains

-rgdot (December 15, 2012, 11:46 AM)

Pictures of the dystopian future...

Or, would they just have backdoors?

[f0dder]

But if it was Windows based, you would be getting the Blue (or White) screen of death every 2 hours of use.....   

-Tinman57 (December 15, 2012, 07:51 PM)

The last time I saw a BSOD was when my SSD (holding my system partition) died. Before that, it was a buggy 3rd party VPN driver. Before that? Probably a hardware failure several years ago . I wonder how Windows Embedded holds up these days - wouldn't put it in anything life-sensitive (but then I wouldn't use linux there either), but it just might be decent enough for a TV?