Internet Enabled TVs Hacked

HDTV Hacked Several security flaws have been discovered in a best-selling brand of Internet-enabled HDTVs and the security researchers that discovered the hole believe it’s likely that similar security flaws exist in other Internet-enabled HDTVs.

Mocana, a technology company offering products for device security frameworks including embedded SSL and SSH as well as IPSEC and alternatives to OpenSSH, discovered that the TV’s Internet interface failed to confirm script integrity prior to running remote scripts resulting in intercepted transmissions using “rogue DNS” or TCP session hijacking techniques. Mocana then demonstrated that JavaScript could be injected allowing attackers to take control of the Internet functionality of the HDTV which could lead to Denial of Service (DoS) or local home network hacking as well s phishing for credit card information.

Mocana was able to recover the manufacturer’s private “third-party developer keys” from the television as this information was transmitted in the clear (funny how Mocana sells embedded SSL technologies to encrypted such transmissions).

Read the further details here.

1 comment

Comments are closed.