Root Access Through Radio

Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
Rafael Scheel has found that hacking the glowing box in your living room is as easy as spending 180 bucks on a DVB-T transmitter. Once the transmitter is in range of the target boob-tube the hack begins to exploit hybrid broadcast TV signals to leverage common bugs that exist in most web browsers on Smart TVs. With successful pwnage complete, an attacker can gain root access to the TV's operating system, setup SSH, and subsequently gain full control over the device from anywhere on the globe.

You can watch the video here.
 
Last edited:
Good thing I have a tuner less "home theater" display :D

Except it's a Vizio... D:
 
Satellite ftw.

There is a way to mitigate this by modding your aerial.
You can surround the aerial with an earthed metal mesh except for the direction it is pointing, extending the mesh forward about 50cm to 1m (depending on your aerial size).
This will only accept a signal coming from the direction and elevation it is pointing at.
 
Is there supposed to be a link to more info in the OP 'cause there's no link as there historically has been in a News post. Might wanna check on that. ;)
 
Is there supposed to be a link to more info in the OP 'cause there's no link as there historically has been in a News post. Might wanna check on that. ;)

Yeah, I was debating on whether to include a link to the white paper on HBBS on the front page as it is VERY long and goes directly to the .pdf . I'll add it just for you Tiberian. :)

https://www.dvb.org/resources/public/standards/a137_hybrid_broadcast_broadband_signalling.pdf

Here's the white paper that kicked off the concept. Added it.

http://iss.oy.ne.ro/Aether.pdf
 
Last edited:
Seems this would only work on TV's that are connected to an antenna.
If you are using cable or satellite, your antenna or did is connected to a cable box or DVR, so even if they tapped into the cables, they wouldn't have direct access to the TV.
 
for this hack to work, i assume you have to be tuned to the particular digital channel first. It's not even hit or miss, just miss or miss.
 
for this hack to work, i assume you have to be tuned to the particular digital channel first. It's not even hit or miss, just miss or miss.

Nope. The TV has to be tuned to any channel that uses DBV-T. The TV itself needs to support HbbTV and have a vulnerable web browser (which is pretty much every smart tv browser) and that's it. I don't think HbbTV is as prevalent in the US as it is in Europe, so the risk dwindles there.

The real issue, in my opinion, is the fact that these attacks can be embedded in broadcast signals from the broadcasters themselves. Otherwise, you might have a problem *IF* the TV processes DBV-T signals in the background...and some do according to the video.


Seems this would only work on TV's that are connected to an antenna.
If you are using cable or satellite, your antenna or did is connected to a cable box or DVR, so even if they tapped into the cables, they wouldn't have direct access to the TV.

Commands a re sent through shader manipulation of the broadcast signal itself. That manipulation would carry on to the TV. There could be an issue if the cable box is scaling or modulating the signal for a different standard. I'm not real certain on how those boxes convert signal in to signal out for whatever port is connected.
 
Last edited:
So... what? My neighbor can spy on my wife watching HGTV and Cooking channel shows? I assume this only applies to smart TV's that have WIFI enabled. Mine doesn't have wifi...even if my next one does I'll probably still run ethernet to it.

Now, as an entry point attack into your network to circumvent a firewall, I can see potential issues with that. I guess that would also apply to internet connected toasters and coffee makers too.

The only non-computer/tablet/phone device in my house that uses wifi is my thermostat. I hope that is protected enough, I'd hate to come home from a trip to find my house heated to 150 degrees and my animals all dead and rotting in the house. Isn't that what they did on Mr Robot? Hacked into a networked thermostat at the data vault place?
 
Seems this would only work on TV's that are connected to an antenna.
If you are using cable or satellite, your antenna or did is connected to a cable box or DVR, so even if they tapped into the cables, they wouldn't have direct access to the TV.

Around here at least, there are no armed guards and triangulation teams protecting the television transmitter or the receivers at the cable company. It might be called terrorism, if it happened, but it sure could happen.
 
So... what? My neighbor can spy on my wife watching HGTV and Cooking channel shows? I assume this only applies to smart TV's that have WIFI enabled. Mine doesn't have wifi...even if my next one does I'll probably still run ethernet to it.

Now, as an entry point attack into your network to circumvent a firewall, I can see potential issues with that. I guess that would also apply to internet connected toasters and coffee makers too.

The only non-computer/tablet/phone device in my house that uses wifi is my thermostat. I hope that is protected enough, I'd hate to come home from a trip to find my house heated to 150 degrees and my animals all dead and rotting in the house. Isn't that what they did on Mr Robot? Hacked into a networked thermostat at the data vault place?

Not exactly. A stranger can mic and cam your room through the TV. They can attack other computers, interfaces or anything on your network or internet. DDoS, data theft, destruction...All possible. They could also completely brick your TV.

You can't stage the same attack with a IoT Toaster due to toasters not needing broadband to show an image.
 
Not exactly. A stranger can mic and cam your room through the TV.

You make some interesting points, but the cam spy one would require the TV to have a camera and mic. Mine doesn't, and the TV I'm looking at right now (Samsung UN65KS8000) doesn't either. But, knowing this, I'll make sure whatever TV I end up with doesn't have one. Not that any hackers would want to see me or my wife sitting on the couch. Nothing exciting to look at here... move along.
 
Back
Top