Pranksters Can Hijack Your Chromecast

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
I have no idea why anyone would want to build something like this but I'm sure some of you will find this entertaining. Remind me to never invite this guy over. ;)

Analyst Dan Petro has built the Rickmote Controller, a proof-of-concept device that hijacks Google's media stick to play everyone's favorite Rick Astley video (and theoretically, any media) on loop. The Raspberry Pi-based box simply floods the Chromecast with WiFi disconnection requests, kicking the adapter into its setup mode; after that, it's easy for the Rickmote to make its own connection and deliver non-stop '80s pop.
 
Guess this is what happens when the video is taken down from youtube, somebody comes up with a new play to watch it and to troll people
 
This is awesome, I saw it on TechCrunch yesterday. The good news is its open source so you can put it on a Pi and rickroll your friends.
 
The good news is its open source so you can put it on a Pi and rickroll your friends.

While earning yourself a Federal Criminal charge, sounds fun :rolleyes:
 
While earning yourself a Federal Criminal charge, sounds fun :rolleyes:

I'll bet you think that remote that turns all the TV's off would get you a federal charge too eh?
 
I know I've heard this story before with basically this exact wording. I have major Deja Vu on it. Weird. Anyone else?
 
FLECOM, I bet you don't fucking get the concept of the "Computer Fraud and Abuse Act"

http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the inter-state nature of most internet communication.

(5)

(A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.

Take some time and read the information at the bottom about court cases. You should start to see a pattern. That little dongle, the Cromecast, is a pretty small communications device which is part of a network. Since the purpose of the device is to allow the user to access subscription and non-subscription content, highjacking the device is in essence a denial of service.

Now we bring you this.

http://www.justice.gov/criminal/cybercrime/docs/ccmanual.pdf

In the context of computer crime, the inexorable connection between the Internet and interstate commerce may sometimes be sufficient to satisfy the jurisdictional element of the statute at issue. For example, many of the charges in 18 U.S.C. §1030 prohibit unlawful access of a “protected computer,” which includes a computer used in or affecting “interstate or foreign commerce or communication.” 18 U.S.C. § 1030(e)(2)(B). In most cases, demonstrating
that a computer was connected to the Internet will satisfy this requirement.

That device is not a remote as in a TV remote, it's a RaspberryPI and it's a computer and the guy was attacking the wireless router, a communications device, in order to gain access to the Cromecast, a communications device, which both are connected to the Internet and allow the owner to engage in Interstate Commerce.

It's not me that needs to do some thinking.
 
Back
Top