Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Millions of Smart TVs Vulnerable To 'Red Button' Attack

Soulskill posted about 5 months ago | from the red-buttons-are-scarier-than-blue-buttons dept.

Security 155

An anonymous reader writes "Researchers from Columbia University's Network Security Lab discovered a flaw affecting millions of Smart TVs supporting the HbbTV standard. The flaw allows a radio-frequency attacker with a low budget to take control over tens of thousands of TVs in a single attack, forcing the TVs to interact with any website on their behalf — Academic paper available online."

Sorry! There are no comments related to the filter you selected.

It doesn't take a genius to come up with an attack (5, Informative)

Opportunist (166417) | about 5 months ago | (#47189437)

Yes, I RTFA. And the responsible consortium knows about the bug and doesn't consider it "important" enough to warrant a change because it's "not cost efficient" to execute an attack.

It is.

If all it takes is to weave a signal into the program, there are SO many places where this can take place that it's literally trivial to execute. Aside of the idea they present themselves, i.e. a 1MW transmitter used to infect a rather small area, how about using the broadcast itself? Yes, that means that you have to gain access to the show when or before it is aired, but considering just how many people are concerned with the creation of TV programming, having an "inside man" is fairly trivial. From production to cutting to storage to preparation to the actual broadcast, a show goes through many, many hands, every single thereof having the chance to inject the signal without anyone noticing before it's too late.

Now add that the more recent history taught us that governments are certainly not above abusing such a flaw and tell me again that there is "no need for concern".

Re:It doesn't take a genius to come up with an att (1, Insightful)

Anonymous Coward | about 5 months ago | (#47189445)

I disagree. That's like claiming you can hack someone's ethernet switch by writing a special html page because the traffic will simply pass through. This red button attack works differently. If I understand correctly the interactive stuff (tv guide, pause, record) is provided by the cable company. They may use an underlying feed from the broadcaster but that's it.

Re:It doesn't take a genius to come up with an att (4, Interesting)

jones_supa (887896) | about 5 months ago | (#47189473)

So the idea is that the attacker overrides the RF signal with his own one, which contains the malicious data. The client TV then automatically interprets the HTML from the transport stream metadata. Provided that the attack was successful, a bunch of TVs can for example be controlled to access a certain website through HTTP requests, causing a denial of service attack for that website.

Re:It doesn't take a genius to come up with an att (5, Funny)

Anonymous Coward | about 5 months ago | (#47189559)

There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission. If we wish to make it louder, we will bring up the volume. If we wish to make it softer, we will tune it to a whisper. We will control the horizontal. We will control the vertical. We can roll the image, make it flutter. We can change the focus to a soft blur or sharpen it to crystal clarity. For the next hour, sit quietly and we will control all that you see and hear. We repeat: there is nothing wrong with your television set. You are about to participate in a great adventure. You are about to experience the awe and mystery which reaches from the inner mind to... The Outer Limits.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47190193)

Showing animated Goatse during prime time would be awesome :D

Re:It doesn't take a genius to come up with an att (4, Informative)

Fnord666 (889225) | about 5 months ago | (#47190445)

So the idea is that the attacker overrides the RF signal with his own one, which contains the malicious data.

No. They are actually overriding the DVB broadcast signal from the broadcaster and inserting malicious packets into the stream.

Abstract: In the attempt to bring modern broadband Internet features to traditional broadcast television, the Digital Video Broadcasting (DVB) consortium introduced a specification called Hybrid Broadcast-Broadband Television (HbbTV), which allows broadcast streams to include embedded HTML content which is rendered by the television. This system is already in very wide deployment in Europe, and has recently been adopted as part of the American digital television standard.

All of the references to the "red button" on the remote are a distraction that can be confusing. The red button on your remote is simply a way that you can invoke or interact with the hybrid content in the broadcast stream. It has nothing to do with the actual attack and the embedded content doesn't need to be actual interactive content.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47189455)

Yes, that means that you have to gain access to the show when or before it is aired, but considering just how many people are concerned with the creation of TV programming, having an "inside man" is fairly trivial. From production to cutting to storage to preparation to the actual broadcast, a show goes through many, many hands, every single thereof having the chance to inject the signal without anyone noticing before it's too late.

So what? There's various ways you can tamper broadcast equipment and program signal as an inside man. Then you simply get fired from the company and you get to pay big fines for the damage you caused.

Re:It doesn't take a genius to come up with an att (1)

AK Marc (707885) | about 5 months ago | (#47189527)

I've been in the cable head-end for a city (a few hundred thousand nodes). All it'd take to do this is walk into the room and swap a commercial with one with the attack embedded. Thousands of people probably could get in there. At the right time, you could dress up as an electrician, and walk in.

And if you are an inside man, how would they catch you? Take a commercial, embed the attack. Then claim it must have been the editors for the commercial, who embedded it before it got to you. How would they prove anything? Would anyone smart enough to figure anything out even be looking at the case?

Re:It doesn't take a genius to come up with an att (0)

sumdumass (711423) | about 5 months ago | (#47189553)

What would actually stop someone from connecting to the cable on the pole, blasting the transmission through it every 200 minutes or something and then pretending like nothing happened?

I mean almost no one would ever know it is happening as most cable boxes and TV buffer a small amount and the packet transmission would not need to be very long. Internet provided over the cable would likely just retransmit whatever got lost as it actually had error correction built in.

Re:It doesn't take a genius to come up with an att (1)

Lumpy (12016) | about 5 months ago | (#47189749)

The fact that you will only affect the 6 houses that is connected to that pole. the COAX is only from that Optical termination to the houses, and you can not magically make the equipment at the headend change it's programming from transmit video only to receive the data return and then resend it out the video transmit.

And even if it was old COAX only, you cant magically make RF amplifiers rebroadcast backwards.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47189579)

You can't embed the attack to a commercial or a TV show. The attack is stored in the transport stream, which is a higher abstraction level.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47189595)

Depends. sometimes the commercial content is stored as a TS itself and muxed in (replaced the PID's of the normal stream). They do this for foreign channels where the ads need to be replaced with local equivalents. Depending on the mux setting it would be possible to put the smart tv content in the replacement TS.

Re:It doesn't take a genius to come up with an att (5, Informative)

quetwo (1203948) | about 5 months ago | (#47189803)

The TS most likely re-written on final broadcast. If it is going out OTA, then the transmitter will repack the data as ATSC, regroom the MPEG2 content, and rewrite the PAT at the tower (usually with a custom PID for each video stream, a PID for DATA, etc, to make it consistent at the viewer's side). So changes are low there.

Since most CATV providers require a STB, very few TVs are using the ClearQAM streams directly (usually encrypted streams that require an handshaked box). Those very few that are using a CableCARD or equivalent are probably in such a minority you might not even want to bother. Oh, and the streams are re-packed when they are encrypted so garbage data is probably removed at that point.

Oh, and good luck "just walking into a CATV headend and replacing commercials." Every CATV headend that I've seen (including the one I run), don't store the commercials there, let alone have any way to change them. Those are usually controlled up-stream in some no-name office remotely then muxed or pulled in by the groomers or stat-muxers (depending on how they are setup).

Re:It doesn't take a genius to come up with an att (5, Informative)

Lumpy (12016) | about 5 months ago | (#47189741)

"All it'd take to do this is walk into the room and swap a commercial with one with the attack embedded."

I managed the Cable TV systems for commercial insertion for 10 years, so tell me again how easy it is to swap a TV commercial? Because all the AD insertion servers are password protected and also in locked racks that you have to get through first. Are you an uber haxor? where hacking a server is a 30 second trivial thing and then you know the Ad insertion software suite (Seachange By the way for all you Uber Hax0rs) so well that you carry the client insertion apps with you on your laptop? Oh and what file format did you encode that TV commercial? Because you need the right format for the system setup, no it's not the same nation wide.

In fact it's easier for you to pick a far less protected network location, Like a sales office, Get hired on the cleaning crew and attack the network from there to try and gain access to the encode and upload station at the main ad insertion office. If you are lucky, that one was set up by IT retards and is on both the corporate network and the ad insertion network (ad insertion network is a protected and isolated network)

A far more plausable route is social engineering while wearing a suit and having a lot of money. Contact a sales person for AD insertion, buy Air time and supply them with a Pre Encoded TV commercial that is already set up for their systems file and encoding settings. A file that hopefully they will just drop in the system and not run through any video re-encoding software that will destroy or strip your evil info. faking urgency and throwing a lot of cash at the sales person increases the chances of just a straight file copy, but that is against SOP and has a high possibility of failing. But then Places like Comcast pay nearly minimum wage for the poor guys that do video conversion and upload, so if done late in the day the chance that they will just copy and call it done is high.

Just swap a TV commercial..... That's Hilarious, this is not 1993 when you had racks full of video tapes for the TV commercials.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47190163)

"no it's not the same nation wide."

So tell us again how you are sure OPs comment is about the same system you used?

Tell us how, if they are already not paying these guys much more than minimum wage, they would spend extra money buying an entirely new digital system instead of retrofitting existing hardware to use digital sources?

As for the security of the servers, your very attitude about it makes it that much more likely. The systems "isolated", why bother with strong non-dictionary passwords.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47190501)

Don't bother. Just read into his post:

all the AD insertion servers are password protected and also in locked racks that you have to get through first. Are you an uber haxor?

Like passwords are hard to get around, like they matter at all when someone has physical access, and like terrible three-dollar cam locks can stop someone with even a casual interest in security penetration. He is a buffoon that knows nothing of security and is not in a position to give meaningful advice on that subject.

Re:It doesn't take a genius to come up with an att (1)

dlgeek (1065796) | about 5 months ago | (#47190635)

But then Places like Comcast pay nearly minimum wage for the poor guys that do video conversion and upload, so if done late in the day the chance that they will just copy and call it done is high.

Sounds like that's the place to attack then - hand the minimum wage guy a USB stick and a bag of money.

Re:It doesn't take a genius to come up with an att (4, Interesting)

Opportunist (166417) | about 5 months ago | (#47189651)

I've been doing audits for a rather long while now. Few companies have sensors on their inside.

In other words, it will be easy to find out THAT something went on after the incident. Who did it, otoh, is an entirely different matter. You'd be surprised how easy it is to get into a lot of companies and move about unhindered with the right uniform and the "I belong here" attitude.

Re:It doesn't take a genius to come up with an att (1)

Lumpy (12016) | about 5 months ago | (#47189753)

Dont even need the right uniform. I do this all the time in just street clothes. Hell even past security checkpoints it's easy "I left my badge in the car" works great.

Re:It doesn't take a genius to come up with an att (4, Interesting)

Opportunist (166417) | about 5 months ago | (#47189891)

Heh. Well, I'm kinda proud of our security staff, they even sent a board member back (despite said board member ranting and raving about how he'll ensure the security person be fired) because he forgot his access card.

And yes, the board member actually demanded him to be fired. When I asked him if he really wants me to fire one of our guards on grounds of him doing his job and following the security protocol unlike a certain board member who expected and ordered the guard to break security protocol, suddenly he had to leave in a hurry... dunno why...

I LOVE working in a company where security trumps productivity.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47190283)

Where I work the response to "I left my badge in the car" is "go back out to the parking lot and get it". To "I left my badge at home", if you've been there long enough you can go around back to the door that has fingerprint scanner access ("long enough" because we don't record fingerprints anymore). If that's not an option, Security will be happy to call your manager so he can come down and vouch for you, then issue you a visitor badge.

Sure, someone determined could storm the place (it's not a military facility or anything like that) but that's hardly a subtle "nobody will ever know" approach.

(And yes, I work for a company that retransmits TV signals ... although I don't have access to the feed.)

Re: It doesn't take a genius to come up with an at (1)

extra88 (1003) | about 5 months ago | (#47189529)

The people involved with the production of a tv show wouldn't have access to the data being exploited, the attack would have to be closer to the OTA broadcast or cable operator. Changing the files containing the code would be fairly obvious so you'd still need to use some hardware for a MITM attack inside the broadcast or cable facility.

Re: It doesn't take a genius to come up with an at (1)

jones_supa (887896) | about 5 months ago | (#47189597)

At that point, you could probably perform various other attacks too. You are given access to important equipment and the company trusts you not to pull any funny shit. After that it all boils down whether you simply want to work ethically and do your job properly.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47189557)

"not cost efficient"

Well... We are talking about their costs. Not the cost for the consumer. So in their minds, they're right. Obviously new buyers of the TV sets would be better off knowing this before they hand over cash - hence the news story is important.

Re:It doesn't take a genius to come up with an att (2)

MrL0G1C (867445) | about 5 months ago | (#47189569)

The Forbes article mentions a 1W and a 25W amplifier. Quick check confirms the paper also says this (not 1MW !).

Re:It doesn't take a genius to come up with an att (1)

msauve (701917) | about 5 months ago | (#47189641)

If a 1W transmitter could cover a neighborhood, a megawatt transmitter could cover a city.

Of course, the OP probably screwed up doubly, and meant mW. Getting and using a megawatt transmitter is hardly "trivial."

Re:It doesn't take a genius to come up with an att (2)

anegg (1390659) | about 5 months ago | (#47189937)

Executable content from an uncontrolled source. Sheesh! Why do the folks who design/build entertainment electronics have such a limited understanding of the digital world? Going back to the invention of the Compact Disc as a music medium, the industry consistently demonstrates an inability to think broadly about the opportunities and consequences of the digital world.

People with home networks (i.e., lots of folks) and a TV that permits executable content that was received from an uncontrolled RF source to run on a CPU that has access to the TV's in-home Local Area Network connection will be so screwed it isn't funny.

If all TV's end up with this capability, we'll have to firewall off our TVs from the rest of our home networks. The last thing I need when I get home from work worrying about the unholy intersection of jackass hackers and jackass software vendors is my TV going rogue and hacking into the rest of my carefully secured digital castle through the television.

Is the US government asleep at the switch? Here is the opportunity to nip in the bud a huge threat to national security (ever see how many TVs there are all over all federal buildings these days?). If they can't understand basic Information Systems security enough to understand that executable content MUST be either be from a controlled/trusted source OR MUST be securely isolated from trusted network connections, then we need a new set of policy folks.

One way to stop this idiocy would be to convince the masses that this threat is too great to ignore. If no one buys the TV sets (which are essentially Trojan Horse wormholes), the manufacturers will certainly take notice. If we get the entertainment electronics journalists on board ringing the danger bell, that might put enough of a dent in sales to get their attention.

Re:It doesn't take a genius to come up with an att (0)

Anonymous Coward | about 5 months ago | (#47189969)

I just bought a new house and have been thinking about how I'm going to setup my network when I finally get a HDTV to go with the new house. Even before this article I was thinking the TV should be on its own vlan. Now I'm certain.

Re:It doesn't take a genius to come up with an att (1)

Anonymous Coward | about 5 months ago | (#47190125)

One MEGAwatt? A transmitter like that will trample on *everything* nearby. I hope you meant one mW, or milliwatt...

AC

So: where is the liability ? (1)

Alain Williams (2972) | about 5 months ago | (#47189451)

Joe Sixpack suffers a loss as a result of such an attack, who compensates him ? He has never heard of the possibility, but ignorance cannot be claimed by neither the smart TV manufacturers nor the TV broadcaster nor the local standards regulator. All of the latter will claim that it was some 'malicious 3rd party', but they knew about it and took no action to mitigate the threat. It is no longer an excuse to complain that ''it is software and very complicated''.

Who will compensate Joe Sixpack ?

Re:So: where is the liability ? (1)

Anonymous Coward | about 5 months ago | (#47189841)

Probably no one. Most likely the Smart TV software is provided with a typical "as-is, with no guarantees" policy.

Re:So: where is the liability ? (0)

Anonymous Coward | about 5 months ago | (#47189927)

Oh no... I've been inconvenienced! Somebody must pay!

This, ladies and gentleman, is how the US became the most litigious society on the planet.

Re:So: where is the liability ? (4, Interesting)

BronsCon (927697) | about 5 months ago | (#47190051)

In this case, it's more like "Oh no, I've been inconvenienced as a direct result of someone else's negligent actions."

If the end result of TV manufacturers not releasing a more secure firmware for the affected models is your TV running malicious code that, say, simply bricks your TV, they should be liable for repair or replacement costs. If the result is that your TV ends up running code that hacks into your computer and steals your financial and personal details, they should likewise be liable for any resulting fraud and the cost of cleaning up that mess. In both cases, maybe a little something for the trouble, as well; it's best for society that we discourage purposeful negligence like this.

We're not talking about simply missing a TV show here; there are real and potentially damaging implications here.

Millions of conventional TVs vulnerable too (1)

sosume (680416) | about 5 months ago | (#47189467)

"Researchers from Dickweed University's Network Security Lab discovered a flaw affecting nearly every TV on the planet. The flaw allows a radio-frequency attacker with a low budget to take control over tens of thousands of TVs in a single attack, forcing the TVs to turn on or off, or switch channels. The attack works by equipping a drone with a powerful universal remote, sending commands to all TVs in a broad range." It's even scarier like this!

Re:Millions of conventional TVs vulnerable too (2)

yacc143 (975862) | about 5 months ago | (#47189549)

Well, one important detail. Exactly the neighborhoods that have a high level of SmartTVs, will also be receiving their programming via cable or sat, so your RF highjacking is received by only tiny subset.

Re:Millions of conventional TVs vulnerable too (1)

Mr D from 63 (3395377) | about 5 months ago | (#47189563)

Good point. How many people are watching terrestrial broadcasts, a particular station, with one of the vulnerable Smart TVs in a given area at any particular time? My guess is its probably very few.

Re:Millions of conventional TVs vulnerable too (1)

BitZtream (692029) | about 5 months ago | (#47189591)

Timing would make it easier to get larger numbers of televisions. Certain TV shows are more popular. The state of the union address, for example, would be watched by many of those in the more affluent neighborhoods.

Re:Millions of conventional TVs vulnerable too (1)

Mr D from 63 (3395377) | about 5 months ago | (#47189683)

Of course, most of those affluent folks will be watching cable or satellite, not broadcast.

Re:Millions of conventional TVs vulnerable too (1)

jmac_the_man (1612215) | about 5 months ago | (#47189717)

The State of the Union address is normally in English on the four "broadcast*" networks, plus the three cable news channels. I haven't checked, but I bet there's at least one channel in my cable package simulcasting it in Spanish as well.

*In an affluent neighborhood, the broadcast networks will probably be coming in by cable or satellite too. If I understand correctly that makes them immune from this attack.

Re:Millions of conventional TVs vulnerable too (1)

Fnord666 (889225) | about 5 months ago | (#47190543)

"Researchers from Dickweed University's Network Security Lab discovered a flaw affecting nearly every TV on the planet. The flaw allows a radio-frequency attacker with a low budget to take control over tens of thousands of TVs in a single attack, forcing the TVs to turn on or off, or switch channels. The attack works by equipping a drone with a powerful universal remote, sending commands to all TVs in a broad range." It's even scarier like this!

That is not how this attack actually works. The attack has nothing to do with the remote and references to it and the "red button" have derailed things. This is an attack on the broadcast television signal. As you recall, broadcast TV was switched from an analog signal to digital. In Europe the protocol for this signal is DVB and in the US it is ATSC. Within these digital broadcasts is a protocol called the HbbTV standard which allows additional interactive data, features, etc. to be embedded to provide a hybrid viewing experience. For example during a baseball game they might embed an HTML page with the stats for the current batter. The exploit is that this embedded data is not protected in any way so anyone can inject a malicious payload into the signal. This could allow such attacks as session hijacking, etc. In the demonstration the researchers are attacking smartTVs in the neighborhood by rebroadcasting a local channel with the extra packets added to the stream. That approach is limited of course to the extend to which you can override the regular broadcast signal. A much broader impact would be if you could inject the packets at the broadcast source, for example on the network between the broadcast station and the actual transmitter station. In that case your attack would reach entire greater metropolitan areas.

What I am interested in is how much, if any, of this HbbTV information gets through when local channels are carried on other transmission media such as satellite or cable.

Good luck with that (1)

jones_supa (887896) | about 5 months ago | (#47189487)

It requires a fair amount of RF and broadcast equipment know-how to set up your own mini TV station with a DVB stream with HTML properly injected in the TS metadata. And then you have to make sure that the receivers actually pick up your channel. Possible, but far from trivial. I suspect no one bothers exploiting this one.

Re:Good luck with that (1)

drolli (522659) | about 5 months ago | (#47189615)

Slashdot comments dominated by software guys. I can tell you, with the *right* (semi-expensive ~ 10k) equipment, the hardware part of this is fairly trivial. (lets say 1h)

Police and secret services use IMSI catchers and trojan-based attacks on a large scale, so why should they not set up a DVB base station for an attack on a specific target (nevertheless infecting 1 Mio of devices in the target area).

Large-scale phishing attacks could get *much* easier. Imagine a News channel which broadcasts a warning about credit card fraud with a contact number to call.

Imagine a finance stock market TV which broadcasts a sudden warning about a stock on which you placed your bets before.

Criminal easily spend 10000s of $ for bullet-proof hosting, so buying DVB Test devices and applications from Agilent could even reduce their costs. If you earn enoung money with it, it pays off.

Everything which worked via spam now can be done without any chance of blocking it. I am fascinated by the idea that a semi-modern device would accept anything withou authentication. (oh, i forgot, typing in a verification number would be *so inconvenient*, so it would hinder shoveling advertisements up into everybody's ass).

Re:Good luck with that (4, Informative)

citizenr (871508) | about 5 months ago | (#47189869)

Actually it requires about $200 and nothing more.

http://www.hides.com.tw/produc... [hides.com.tw]

Bundled Opencaster offers point and click HbbTV support.

Re:Good luck with that (1)

jones_supa (887896) | about 5 months ago | (#47189905)

Okay, so far so good, but how about the signal amplifying and transmitting part?

Huh? (1)

frnic (98517) | about 5 months ago | (#47189515)

Since this is SLashdot, I didn't bother reading the article - so, I am sure there is an obvious answer.

How does someone with a LOW BUDGET even have 10's of thousands of smart tv's in range of an RF signal?

Re:Huh? (1)

Gaygirlie (1657131) | about 5 months ago | (#47189565)

How does someone with a LOW BUDGET even have 10's of thousands of smart tv's in range of an RF signal?

Rooftop, a tall tree, a drone and so on -- you just need a transmitter and a high place to go with it.

Re:Huh? (1)

MrL0G1C (867445) | about 5 months ago | (#47189577)

$250 for an 'amplifier' that reaches tens of thousands of people according to the article and paper.

Re:Huh? (1)

Lumpy (12016) | about 5 months ago | (#47189755)

NYC and find a tall building.

Okay I'll be the one to say it (1)

Rosco P. Coltrane (209368) | about 5 months ago | (#47189531)

TVs have no business being on the internet, much less downloading stuff from Facebook. A TV is for watching television. How did we do it up to now, without the internet? Gee...

Re:Okay I'll be the one to say it (1)

Stormwatch (703920) | about 5 months ago | (#47189545)

A TV is for watching television.

I think it's for connecting game consoles, media players, and whatnot. But indeed, it has no business being "smart".

Re:Okay I'll be the one to say it (4, Insightful)

Mr D from 63 (3395377) | about 5 months ago | (#47189555)

Right. There is little need for TVs that tune or are smart anymore. Just need a monitor. Let separate upgradeable or replaceable devices handle video sources. Today's Smart TVs are like yesterday's TVs with the built in DVD player.

Re:Okay I'll be the one to say it (2)

RyuuzakiTetsuya (195424) | about 5 months ago | (#47189609)

If space is a premium like it is in New York or other urban areas, a smart tv isn't bad value. Plus it frees up an HDMI socket. maybe Facebook integration is overboard but hulu and Netflix aren't going away for awhile. Neither is Plex or DLNA or Spotify or...

As an aside, what I really want from a smart tv is much smarter UI. I don't think I've seen a smart tv with a decent UI. Something that makes it easy to switch the inputs, change settings, etc. also implements CEC so I can turn on my consoles or whatever and have it control a receiver with one remote.

Re:Okay I'll be the one to say it (1)

Mr D from 63 (3395377) | about 5 months ago | (#47189657)

^Sure, as long as you are OK with the inability to upgrade the "smart" part with better hardware, or new functionality. But as for space, their are many very small products that can mount out of sight directly on the back of the TV. I do use Netflix on my Sony TV, which is not very old, but its smart functionality is already "outdated" by newer hardware with much better performance, like the Roku3.

Re:Okay I'll be the one to say it (1)

alen (225700) | about 5 months ago | (#47189763)

if your TV plays Netflix and Vudu, what is the point of upgrading?

DRM treadmill and wireless security (2)

tepples (727027) | about 5 months ago | (#47190085)

if your TV plays Netflix and Vudu, what is the point of upgrading?

For one thing, Netflix may choose to end compatibility with older devices that don't support the new digital restrictions management capabilities on which its licensors insist. For another, a TV that supports only WEP won't work anymore if you upgrade your house's wireless network to better WPA family protocols.

Re:Okay I'll be the one to say it (1)

Mr D from 63 (3395377) | about 5 months ago | (#47190229)

DD/DTS audio for one reason. Profile compatibility for another..... and whatever future changes occur.

Re:Okay I'll be the one to say it (2)

Lumpy (12016) | about 5 months ago | (#47189767)

If you think "space is at a premium" even in a 250 sq foot apartment, that a Smart TV is a good idea, then you are nuts.

You have a buttload of space on the back of that TV to put a Roku Box, and a Apple TV, and a XBMC box, and your Cable TV box Plus a HDMI switcher if you bought low end with less than 4 HDMI inputs. And if that space is really at a premium, then you also bought a universal remote and a IR extender so all the devices can be on the back of that TV out of the way and you have only one remote to really simplify operation of the whole setup.

There is NEVER a reason to buy a smart TV other than being talked into it by the sales guy at Best Buy.

Re:Okay I'll be the one to say it (1)

Culture20 (968837) | about 5 months ago | (#47190475)

In a 250 sq foot apartment, you don't even need the IR extenders. The IR will bounce off the walls easily enough.

Re:Okay I'll be the one to say it (1)

tepples (727027) | about 5 months ago | (#47190091)

So what device would tune OTA television broadcasts? I haven't seen a lot of OTA tuners since the end of the coupon program, and even those were required to be standard definition. And no, Netflix doesn't have sports, and online sports services black out anything shown OTA.

Re:Okay I'll be the one to say it (1)

Mr D from 63 (3395377) | about 5 months ago | (#47190257)

RE OTA Tuners.... I can still see keeping tuner functionality even though an ever shrinking percentage of folks actually use the tuners. There are plenty of tuner options out there, including HDHomerun's latest network tuners with DLNA support, tuner STBs, etc.

The issue regarding netflix and sports is a separate topic, IMO, that is a fact regardless of having smart TV built in or separate.

Re:Okay I'll be the one to say it (0)

Anonymous Coward | about 5 months ago | (#47190057)

My only tv isn't even HDTV and the only thing I watch on it is the occasional DVD and content streamed from the internet. I gave up watching "channels" years ago.

Re:Okay I'll be the one to say it (0)

Anonymous Coward | about 5 months ago | (#47190231)

It's not just about YOU bozo. If it were, we would be talking about 1200 baud modems and Hercules graphic cards.

Whew! (1)

msobkow (48369) | about 5 months ago | (#47189575)

Looks like I just escaped disaster by not owning a TV at all. Torrents, baby, torrents and streaming.

I honestly don't understand why people would buy a "smart" TV instead of a monitor, surround sound speakers, and plug it in to a laptop or computer. How many people really use OTA broadcasts nowadays?

Re:Whew! (2)

BitZtream (692029) | about 5 months ago | (#47189613)

Looks like I just escaped disaster by not owning a TV at all.

Aren't you so special and clever.

Torrents, baby, torrents and streaming.

And proud to be a thief. How many legitimate sources of video are offered as torrents? I'd be interested in trying them myself.

I honestly don't understand why people would buy a "smart" TV instead of a monitor, surround sound speakers, and plug it in to a laptop or computer.

Then you're an idiot. Not everyone wants 3 or 4 different devices to do one simple thing. Not everyone wants to dick around keeping a computer working properly all the time.

How many people really use OTA broadcasts nowadays?

About 8% at last check, use OTA exclusively. Significantly more use a mix of OTA and other sources. So a significant number of people.

Of course if you weren't so busy trying to show us how brilliant you were, you'd have taken the 3 seconds required to Google it.

So awesome, you've used your leet skills to run someone else's software, someone else's OS and done a custom setup so you could steal most of your content and contribute nothing at all useful to society other than your arrogance.

We're so glad you have more time than brains so you can set around and do, for more money, what the rest of us do for less without offering in significant advantage.

Re:Whew! (0)

Anonymous Coward | about 5 months ago | (#47189669)

NSA?

Re:Whew! (0)

Anonymous Coward | about 5 months ago | (#47189871)

This year will be 15 years without TV for me.

"Smart gadgets"? No thank you! I'd like my tools to do _MY_ bidding. Not follow someone else's agenda.

Btw, what's your problem? You basically ranted against 4 sentences from a random internet dude.

Re:Whew! (0)

Anonymous Coward | about 5 months ago | (#47189875)

He is not a thief. He may be infringing a copyright if the material is newer than 1900 and, if copyrighted, the legal qualifying uses are not met.

Re:Whew! (1)

tepples (727027) | about 5 months ago | (#47190101)

Television was invented after 1900. For which substantial use of torrents as a substitute for subscription or free-to-air television are "the legal qualifying uses [...] met"?

Re:Whew! (0)

msobkow (48369) | about 5 months ago | (#47190181)

Being a smart ass and having a sense of humour is not claiming to be brilliant.

You, on the other hand, seem to have an arrogant ego the size of a medium planet. :P

Re:Whew! (0)

Anonymous Coward | about 5 months ago | (#47190243)

About 8% at last check, use OTA exclusively. Significantly more use a mix of OTA and other sources. So a significant number of people.

Of course if you weren't so busy trying to show us how brilliant you were, you'd have taken the 3 seconds required to Google it.

In related news, hackers have developed a technique capable of tricking unwary Internet users into Googling for information on their behalf.

Re:Whew! (2)

dingen (958134) | about 5 months ago | (#47189759)

I honestly don't understand why people would buy a "smart" TV instead of a monitor, surround sound speakers, and plug it in to a laptop or computer. How many people really use OTA broadcasts nowadays?

Yeah, because computers aren't susceptible to attacks at all. Everyone knows there's nothing more secure than keeping an internet-connected computer running 24/7 in your house.

How many people really use OTA broadcasts nowadays (1)

EzInKy (115248) | about 5 months ago | (#47189953)

I'd say everyone who is like me and refuses to "pay for TV". Really, have you ever actually watched what they pay for? Commercials with commercials embedded in them, that is what people who think you "pay for TV" pay for.

Because of convenience (1)

tepples (727027) | about 5 months ago | (#47190123)

I honestly don't understand why people would buy a "smart" TV instead of a monitor, surround sound speakers, and plug it in to a laptop or computer.

Because not having a huge noisy tower next to the TV is more spouse-acceptable [wikipedia.org] than having one. Because people don't have to keep it updated with Windows updates and antivirus updates. Because a computer's out-of-the-box interface is designed to be navigated from a desk with a mouse and keyboard rather than from a recliner with a traditional TV remote control. Because people have trouble plugging in a cable box and a BD player [slashdot.org] , let alone a computer. Because some people have tried to build a home theater PC and had a poor experience [slashdot.org] . And finally, because of tradition. Other people have weighed in on this [pineight.com] .

My 2 cents (0)

Anonymous Coward | about 5 months ago | (#47189593)

Maybe I got the article wrong but if you can hijack the feed than whats to stop you from inserting a 25th frame and zombie the population?
And if broadcasting companies can use smart tv sets to monitor what the people are watching then such an attack can screw up the actual data and inflate channel commercial prices. At least locally.

Re:My 2 cents (0)

Anonymous Coward | about 5 months ago | (#47189671)

it is illegal

Re:My 2 cents (0)

Anonymous Coward | about 5 months ago | (#47190631)

And hacking isn't? ))

Can't just turn it off (2)

Monoman (8745) | about 5 months ago | (#47189625)

I prefer my Roku 2/3 to the smart features on my TVs but it is difficult to buy a nicer TV these days without the "Smart" features included. It would be nice is if you could disable the "Smart" part of these TVs. I don't think I have seen that as an option but I guess you could just disable the networking.

Re:Can't just turn it off (2)

drinkypoo (153816) | about 5 months ago | (#47189677)

I don't think I have seen that as an option but I guess you could just disable the networking.

By which you mean don't plug it in, and don't give it your wifi password? It's not like these devices get to speak on your network without you taking action.

Re:Can't just turn it off (1)

jones_supa (887896) | about 5 months ago | (#47189699)

What if a weird suitcase man comes into my living room, calmly chucks the ethernet cable to the TV, gives me an angry stare, and disappears behind the corner?

Re:Can't just turn it off (2)

Lumpy (12016) | about 5 months ago | (#47189775)

You sit there and cry because we all know that ethernet cables are impossible to unplug once they are plugged in. DAMN THEM for making them a single use permanent item!

Re:Can't just turn it off (1)

Nethead (1563) | about 5 months ago | (#47190833)

Hey, I've met a few RJ45s that thought they were permanent. You know the ones, thick snag guard and clip side positioned where you need a lock pick set just to release it.

Re:Can't just turn it off (1)

Monoman (8745) | about 5 months ago | (#47189835)

Correct in my case and probably for most /. readers.

We all know that no manufacturer in their right minds would turn WiFi on by default and auto join any network possible. No consumer would ever have a WLAN configured to be wide open without a password. Nah, never happen. ;-)

Re:Can't just turn it off (0)

Anonymous Coward | about 5 months ago | (#47189725)

What about not plugging it into yout network/wifi?
Or blocking connections from the TV to outside, so you can stream stuff from your PC?

Re:Can't just turn it off (1)

dingen (958134) | about 5 months ago | (#47189751)

I can turn off HbbTV support on my Smart TV, no problem. In fact I had disabled it even before I realized it could be a security hazard, as it also slows down booting and channel switching, while providing no benefit to me whatsoever.

Re:Can't just turn it off (0)

Anonymous Coward | about 5 months ago | (#47190207)

Actually, if you disagree to the terms of service/EULA when you initially install the TV, it disables most/all of the "SMART" TV functionality automatically.

Re:Can't just turn it off (1)

jebblue (1160883) | about 5 months ago | (#47190575)

We cut the cable cord over a year ago, we use OTA for all the major networks - free HD; Roku for Netflix, Twitch, AolOn (we like Newsy), YouTube, Smithsonian channels and 3 games we bought. The OTA antenna was about $45 bucks. The Roku $99. One time costs, we now save well over $100 per month we were paying to cable and get better content in many cases and the same in others. I miss the History channel, too bad they are greedy and don't have a Roku channel with all unlocked content paid for by advertising.

Budweiser Ad Hijacked, Viewers Directed to Miller (1)

retroworks (652802) | about 5 months ago | (#47189719)

News at 11. Or is it...? (organ music) Dunnn Dunnn DUNNNNNN!!!

The article winds up with "Another fix would be to prompt users to press a button confirming their okay before an app launches on their TV, as well as regular reminders that apps are loading or running whenever they switch channels." Well, I don't look forward to having to click my remote to approve apps from my couch, but it's not exactly an emergency. Seems appropriate to wait for Miller Beer or Dr. Evil to actually execute the attempt first, before worrying much about the potential for television broadcast content impurities.

Gee, who woulda thunk... (5, Funny)

FuzzNugget (2840687) | about 5 months ago | (#47189789)

When you make cheap, shitty, under-engineered, non-compatible systems that can't be commodotized because everyone is banking on their propriety system taking off and cornering the market... that you'll end up with a cheap, shitty, under-engineered system with major security flaws?

Yet another reason why Smart TVs are worse than useless.

Here is the hardware to do the attack: (3, Interesting)

citizenr (871508) | about 5 months ago | (#47189893)

http://www.hides.com.tw/produc... [hides.com.tw]

This is an USB dongle, you push TS stream into it. Bundled Opencaster software will build TS stream for you. Basically its a small Digital TV station capable of transmitting one mux.

* DVB-T version, will not work with ATSC TVs in US. Btw LOL US and your ATSC A/53 mpeg2 "hd"tv.

Hi, I co-authored the paper :-) (5, Informative)

Yossi Oren (3686971) | about 5 months ago | (#47189945)

Thanks for the comments. I hope I can clarify some of the things people said here.

Re popularity of OTA vs. cable: Cable is more popular in the US, but that's just the US. Digital Terrestrial is much more common in other places - for example it's the most popular delivery method in Europe by far (page 39) . [europa.eu] In the US immigrants use it a lot more than US-born.

To whomever suggested attacks via the remote control's IR port: that sounds a lot of fun to try, but the IR receiver's much less sensitive than the RF jack, it has a much lower data rate, and it needs line of sight.

About the power calculations: 1 Watt (0 dBm) can cover an area of 1.4 square Kilometers, under reasonable assumptions. The math is in the paper.

One last thing: A big shout-out to Martin Herfurt, whose work on HbbTV security [wordpress.com] was our starting point.

Re:Hi, I co-authored the paper :-) (2, Informative)

Anonymous Coward | about 5 months ago | (#47190169)

About the power calculations: 1 Watt (0 dBm) can cover an area of 1.4 square Kilometers, under reasonable assumptions. The math is in the paper.

I hope the math in the paper is right, then, because 1 watt would be 30 dBm. A value of 0 dBm is 1 milliwatt.
http://en.wikipedia.org/wiki/DBm [wikipedia.org]

Re:Hi, I co-authored the paper :-) (2)

Yossi Oren (3686971) | about 5 months ago | (#47190189)

Yep sorry. Mod parent tired.

Ideal for last day local election attack ads, eh? (0)

Anonymous Coward | about 5 months ago | (#47189987)

Want control of your local school board or city council?
Cheapest possible way.

We know name recognition sways lots of voters -- no matter how they happened to see the name, once they're staring at a ballot, oh, that one is one I've heard.

http://www.latimes.com/nation/... [latimes.com]

flamers (1)

ultranerdz (1718606) | about 5 months ago | (#47190043)

for the flamers that say you need expensive equipment, there are always the heroes that can make it happen with low budget

http://bellard.org/dvbt/ [bellard.org]

so now we just need a power amplifier, and its not a 1MW PA. A 100W will do

What moron designed this spec .. (1)

lippydude (3635849) | about 5 months ago | (#47190049)

"When an HbbTV application is downloaded from the Internet via URL, the origin of the web content is clearly defined by the URL, appropriately isolating HbbTV applications to their own domain and preventing them from interfering with Internet at large. However, when the content is embedded in the broadcast data stream it is not linked to any web server and, as such, has no implicitly defined origin.

The HbbTV specification suggests that in this case the broadcast stream should explicitly define its own web origin by setting the simple_application_boundary_descriptor property in the AIT to any desired domain name. The security implications of this design decision are staggering. Allowing the broadcast provider control over the purported origin of the embedded web content effectively lets a malicious broadcaster inject any script of his choice into any website of his choice
."

some hack the cable / sat box I want free HBO!!! (0)

Anonymous Coward | about 5 months ago | (#47190093)

someone hack the cable / sat box I want free HBO!!!

Staples Easy Button? (1)

Lawrence_Bird (67278) | about 5 months ago | (#47190153)

I knew the Easy Button could do a lot of things but this is just incredible

Tell me again? (2)

kheldan (1460303) | about 5 months ago | (#47190327)

Tell me again why we even need 'smart TVs' in the first place?
I'd rather spend the money on a basic TV with better picture quality and get the 'smart' part from what I connect to it (DVR in my case).

Re:Tell me again? (0)

Anonymous Coward | about 5 months ago | (#47190841)

So the corporations can spy on you, and the government can spy on you, and the neighbor who gets hard for your daughter can spy on you.

Huh? Tens of thousands of TVs in RF range? (0)

Anonymous Coward | about 5 months ago | (#47190395)

Where are these tens of thousands of TVs in range of one RF transmitter? Isn't this like opening a garage door with a universal scanner? You might open one or two, but tens of thousands? Is this why Google is building satellite drones?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?