Forgot your password?
typodupeerror
Security Television Hardware

European HbbTV Smart TV Holes Make Sets Hackable 39

Posted by Unknown Lamer
from the all-the-better-to-spy-on-you dept.
mask.of.sanity writes "Vulnerabilities in Hybrid Broadcast Broadband TV television sets have been found that allow viewers' home networks to be hacked, the programs they watched spied on, and even for TV sets to be turned into Bitcoin miners. The laboratory attacks took take advantage of the rich web features enabled in smart TVs running on the HbbTV network, a system loaded with online streaming content and apps which is used by more than 20 million viewers in Europe."
This discussion has been archived. No new comments can be posted.

European HbbTV Smart TV Holes Make Sets Hackable

Comments Filter:
  • by allaunjsilverfox2 (882195) on Wednesday June 05, 2013 @09:39AM (#43913949) Homepage Journal
    There STILL isn't anything worth watching on tv. :p
  • by ArcadeMan (2766669) on Wednesday June 05, 2013 @09:47AM (#43914029)

    One more reason to buy a dumb computer monitor and use it as a TV.

    • by gstoddart (321705) on Wednesday June 05, 2013 @10:07AM (#43914191) Homepage

      Agreed. I have no interest in having my TV connect to the internet .. or my fridge, or my toaster, or my toilet.

      Everyone is in a big rush to say "ZOMG, it's on the intarwebs and has Facebook and Netflix", but I frequently find myself thinking "wow, what a massive security hole waiting to happen".

      Vendors just want to get their product to market, and they rarely take the time to actually think about (or properly implement) security.

      • by bbn (172659)

        Agreed. I have no interest in having my TV connect to the internet .. or my fridge, or my toaster, or my toilet.

        The internet is the _only_ connection my TV has. I skipped buying cable and terrestrial is not an option here.

        It just happens that my TV can actually show a lot of TV content with just Internet. The national TV is available as streaming. And I got Netflix and HBO Nordic. I am never going to buy cable again.

        Comparing the TV to the fridge, toaster and toilet is so misguided. The TV has a very real reason to be on the internet: The internet is the pipe to entertainment that I am viewing on the TV. It is the co

        • My computer monitor is also connected to the Internet, but via a small AppleTV box. What happens when your manufacturer decides it won't update your TV about a critical security hole?

          The TV itself doesn't have to be connected to anything except a small box. Replacing the small box will be less costly for your wallet and less costly for the environment than replacing the whole TV.

          • by Anonymous Coward

            What happens when Apple decides it won't update AppleTV anymore?

            What a dumb argument.

            • And you're a dumb reader.

              "Replacing the small box will be less costly for your wallet and less costly for the environment than replacing the whole TV."

            • by gstoddart (321705)

              What happens when Apple decides it won't update AppleTV anymore?

              The exact same thing that happened when Apple decided not to update the original iPad ... they pissed off their early adopters, and life went on.

              However, given the cost of an Apple TV versus a large HDTV screen, replacing the Apple TV is still the easier route.

    • Or just don't connect it to the network and save yourself the trouble of having to buy a separate STB and speakers. And getting up to turn it on.
      • by gstoddart (321705)

        But then you'd still have to pay the extra for a smart TV that you're going to use as a dumb screen

        Why would I spend more on a TV for features I don't want and don't plan to use?

        • Why would I spend more on a TV for features I don't want and don't plan to use?

          There is still such a thing as a non-smart TV. Eventually the smart ones will get cheap enough that they'll stop making non-smart, but you still (probably) won't be forced to use the smart features.

          • by gstoddart (321705)

            There is still such a thing as a non-smart TV.

            No shit, but since it was you who suggested we could all just buy smart TVs and not hook them up to the network, telling me now that I could buy a non-smart TV seems kinda pointless.

            • by lgw (121541)

              High-end TVs are all smart now. I find that annoying, as I'm looking for one right now. You can't seem to get a top-quality 60" plasma display that doesn't include a bunch of "smart TV" features bundled with it. I will likely end up buying one, and not hooking it to the network, even though the whole situation is quite silly.

  • Bitcoin mining is so difficult at this point (due to so much interest, and dedicated hardware designs being applied to it) that it is nearly impossible to do on "harvested" hardware like these smartTV devices. Even getting a few thousand into a mining botnet is not likely to yield any significant return compared to say, using it as a for-hire DDOS botnet, or a spam botnet.

    • by Trepidity (597)

      The analyst seems to admit that it probably wouldn't be feasible, in the same breath that he raises the possibility:

      He said JavaScript Bitcoin miners like Bitcoin Plus could be also run on the TVs, though its effectiveness may be questionable.

      • by jeffmeden (135043)

        The analyst seems to admit that it probably wouldn't be feasible, in the same breath that he raises the possibility:

        He said JavaScript Bitcoin miners like Bitcoin Plus could be also run on the TVs, though its effectiveness may be questionable.

        The difficulty is so high that even if you got all 20 million of those, with no optimized hashing you would be looking at a botnet that is sill less powerful than what $1000 can get you off the shelf, and the value as a 20 million node DDoS botnet has to be a lot more than that.

    • by loufoque (1400831) on Wednesday June 05, 2013 @10:21AM (#43914293)

      What is difficult is to mine bitcoins worth more than the costs of running the machine.
      But these hackers obviously do NOT pay the electricity bills of their victims.

  • by Anonymous Coward

    This seems to be blown out of all proportion.

    These attacks made assailants essentially entertainment providers. They included digital video broadcasting (DVB) and digital storage media command and control injection in which attackers specified a URL to inject content into streaming carousels within the TV.

    In other words, an "attacker" who controls the broadcast TV signal can make your TV show a webpage they control. Yawn. The whole point of HbbTV is that the broadcaster can show a webpage on your TV; ther

  • unoptimized bitcoin miners...in a tv set...like THIS is the security threat we all need to be on the lookout for. really?

    but..oh yeah...there will be 20 million of them....with lazers!

  • Also the broadcast station could offer compromised content themselfes. Not very unlikely when you see what some of these folks already do. You could find the original article on mherfurt(dot)wordpress(dot)com Cheers!
  • McAffe for TV!


    [shudder]
  • I will stick with my old fashion 19.5" Sharp CRT TV from 1996 that still works and not always used. :P

    Wait, when will smart TVs get security softwares like other devices? :P

Genius is one percent inspiration and ninety-nine percent perspiration. -- Thomas Alva Edison

Working...