Hacked: Samsung Smart TV is a Linux-Based Web App Ready To Spy on You
Eke. Smart TVs may be intelligent, but they certainly aren't invincible. A team of researchers at the Black Hat conference this week detailed and warned that Samsung's line of Smart TVs were "rife with vulnerabilities that could leave the devices vulnerable to remote attacks." It sounds eerie, and the potential is certainly huge. Granted, it's important to remember that Black Hat hacks are explained to the companies ahead of time, and the specific hacking methods are kept private in order to keep this from becoming a nefarious thing.
The issue here is that smart TVs of all kinds are really just computers trapped inside a giant LCD, but they haven't generally been patched up and secured in the same manner as PCs. When it comes to Samsung's model, we're looking at a Linux-based computer with a Webkit-based browser, and any system using that configuration is obviously exposed to certain exploits. Turns out, TVs are no different.
The SmartHub in Samsung televisions is a Java-based program, and the researchers were able to prove that it could be "exploited by a local or remote attacker to surreptitiously activate and control an embedded webcam on the SmartTV; the researchers were able to conduct DNS poisoning and drive-by download attacks and show how vulnerabilities could be combined to steal local user credentials and those of connected devices, browser history, cache and cookies as well as credentials for the local wireless network."
Obviously, Samsung has been notified and will hopefully be patching things up soon. Who says all hacking is bad?
The issue here is that smart TVs of all kinds are really just computers trapped inside a giant LCD, but they haven't generally been patched up and secured in the same manner as PCs. When it comes to Samsung's model, we're looking at a Linux-based computer with a Webkit-based browser, and any system using that configuration is obviously exposed to certain exploits. Turns out, TVs are no different.
The SmartHub in Samsung televisions is a Java-based program, and the researchers were able to prove that it could be "exploited by a local or remote attacker to surreptitiously activate and control an embedded webcam on the SmartTV; the researchers were able to conduct DNS poisoning and drive-by download attacks and show how vulnerabilities could be combined to steal local user credentials and those of connected devices, browser history, cache and cookies as well as credentials for the local wireless network."
Obviously, Samsung has been notified and will hopefully be patching things up soon. Who says all hacking is bad?
