TheMG Premium Member join:2007-09-04 Canada MikroTik RB450G Cisco DPC3008 Cisco SPA112
|
to cowboyro
Re: Samsung TV vulnerability could let a hacker change the ch.said by cowboyro:Such a vulnerability requires a TV that is directly accessible from the internet (public IP or specifically opened ports), or the hacker to have access to the local network. Non-issue for 99.9999% of the people. The details of the vulnerability have not been described/released, so I'm not sure how you came to that conclusion. It is possible to gain access to a computer by dropping a piece of malware onto it, by having the user visit an infected web page. This type of attack can potentially give the attacker full control, and does not require the device to have a public IP or to be wide open to the internet. Most consumer firewalls and routers are effective at stopping things from getting in, but quite poor at stopping things from getting out. The same method of attack might be possible on "smart" devices. Anyways, the exact method in which this Smart TV attack works is all speculation at this point in time, so we can't be 99.999999% sure of anything. |
|
|
cowboyro
Premium Member
2012-Dec-13 9:24 am
said by TheMG:The details of the vulnerability have not been described/released, so I'm not sure how you came to that conclusion. Most TVs, including Samsung, don't have a web browser. Just vendor-supplied apps. So no infected page can be visited, the user can only access a handful of vendor-approved services. That leaves only one access avenue, and that is direct access. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2012-Dec-13 9:41 am
But this TV has a web browser and this vulnerability is in that web browser. ReVuln have released enough information to come to that conclusion, even if they haven't given out the whole details. said by revuln on youtube : In this video we demonstrate one of our 0-day vulnerabilities affecting Smart TV, in this case a Samsung TV LED 3D. Smart TV can be used to browse the internet, use social networks, purchase movies and do many other things. This demo shows how a vulnerability for such devices can be used to retrieve sensitive information, monitor and root the device itself remotely. |
|
|
cowboyro
Premium Member
2012-Dec-13 10:08 am
said by dave:But this TV has a web browser and this vulnerability is in that web browser.
ReVuln have released enough information to come to that conclusion, even if they haven't given out the whole details. Watch the video. The exploit is targeting the IP of the TV. That pretty much confirms what I said. |
|
Woody79_00I run Linux am I still a PC? Premium Member join:2004-07-08 united state |
For starters, I would NEVER hook a TV up to the internet period....its stupid to do so...Why even bother with a Smart Tv anyways...if you want that kinda functionality, then just By an Xbox 360 or something (that also doubles as a set top box), has a web browser, is updated frequently, and will do pretty much what you want...
hooking a TV up to the internet is bad news...even if it is behind a router...TV that have cameras and microphones attached to them and being hooked up to the net still send packets out and talk to god knows who....the apps you could install may be spying on your TV watching habits and sending that data back somewhere....not to mention Samsung (or some app) could get access to the TV cam and mic and watch and listen to whats going on in your home...no thanks...
My sis just got a smart TV with all that crap in it...the 1st thing i told her was NEVER give it Internet Access period...Smart TV has the ability to spy on their users and the only way to stop it is to keep it disconnected from the Net.....so far she has heeded my advice... |
|
Bob4Account deleted join:2012-07-22 New Jersey |
Bob4
Member
2012-Dec-13 11:48 am
I like the ability to use the DLNA capabilities to stream HD videos from my PC to the TV wirelessly. |
|
sivranVive Vivaldi Premium Member join:2003-09-15 Irving, TX |
sivran
Premium Member
2012-Dec-13 12:08 pm
My recently-purchased LG has DLNA, but oddly enough, no web browser or other "smart" apps. I had it connected for a while, since my NAS box has a DLNA server, but since I have an Asus OPlay the DLNA is largely redundant. It couldn't play as much as the OPlay could anyway. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to Woody79_00
Not all Samsung Smart TVs have a mike or camera. Mine doesn't. It does have a web browser that is very difficult to use without a Samsung keyboard remote. So, I don't use the web browser. I have the TV on the network though. Why would I purchase a Smart TV unless I intended to give it internet access? It would be a complete waste of money. I did waste $100 on the web browser but then Smart TVs were brand new in 2011 and I was curious. Only the lowest in the series came without the web browser anyway and then most were that horrible 3D crap...so there wasn't too much to choose from. |
|