Myce.com Latest Updates

Internet HDTV’s & web devices need better security to avoid hacking

Posted 31 December 2010 08:00 CET by Randomus

Consumer electronics such as HDTVs and other products that were previously offline-only devices are now facing new challenges as they are connected to the Internet. Security research firm Mocana has discovered a security vulnerability that opens up some Web-connected HDTVs to data theft.

The vulnerability was found in the HDTV’s Internet browser that was used to display Web pages on screen. Specifically, a maliciously crafted JavaScript page was found to be able to exploit HDTVs that don’t verify script safety before executing the files. Hackers using this technique can intercept transmissions, modify data in transmissions and even trick users into providing credit card numbers or other sensitive information.

“Consumer electronics makers as a class seem to be rushing to connect all their products to the Internet,” said Adrian Turner, Mocana CEO. “I can tell you for a fact that the design teams at these companies have not put enough thought into security.”

Mocana didn’t publicly disclose which HDTV models they were able to compromise, and said attacks are still hypothetical, but these examples provide a realistic glimpse of future threats.

Another security issue was found that is related to unencrypted information that could allow HDTV owners to watch pay-per-view content and other material without paying. This is a very pressing issue because broadcasters and investors want to ensure everyone watching a given video stream is rightfully paying for that content.

The full Mocana report is available here (PDF).

Connected HDTVs and other electronics should significantly grow in 2011, so it’s important that vulnerabilities like this are fixed when discovered. HDTV makers and software companies also want content and Web access in the living room to be secure, so these discoveries could help force the issue in 2011. I expect manufacturers to work with security companies to better lock down their devices and take a more proactive approach to security on web connected devices in the future.

Post your comment

Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies

Background

Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here

Layout

Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page

×