Vulnerabilities in a DVB-T digital broadcast signal, and poor code in Samsung’s Tizen operating system, mean your smart TV may not be entirely secure.
How safe is your television? A demonstration by Swiss security consultant Rafael Scheel has shown how malicious code in a DVB-T digital broadcast signal can be used to load the TV’s web browser.
Once the browser is loaded, Scheel uses a known vulnerability to remotely control the TV through the internet.
Scheel also points out the hack is not limited to DVB-T broadcasts, and hackers can use other transmission paths – by adding malicious code to transmissions of IPTV services, for example.
Hypothetically, this means blackhat hackers could attack an internet TV service and add the code to a transmission, which would then give them access to tens of thousands of TVs at once.
Combined with the recent news that the CIA possbily hacked Samsung smart TVs to act as microphones, recording viewers’ conversations without their knowledge, this isn’t a particularly encouraging revelation.
Furthermore, in a interview with Motherboard published yesterday, Israeli researcher Amihai Neiderman said he uncovered 40 vulnerabilities in Samsung’s Tizen operating system which could allow the control of millions of newer Samsung smart TVs, smart watches, and mobile phones already on the market.
Calling it “the worst code I’ve ever seen”, Neiderman is presenting his research at the upcoming Kaspersky Lab’s Security Analyst Summit.
One security hole Neiderman uncovered involved Samsung’s TizenStore app, where a flaw in its design allowed him to hijack the software to deliver malicious code to his Samsung TV.
What with these revelations, the exploding Galaxy Note 7 and the acting head of Samsung being arrested over charges of governmental corruption, the brand’s 2017 range of TVs and upcoming Galaxy S8 smartphone have something to prove beyond the way they perform.