Security quotes of the week
These days audio hardware usually consists of a very generic codec containing a bunch of digital→analogue converters, some analogue→digital converters and a bunch of io pins that can basically be wired up in arbitrary ways. Hardcoding the roles of these pins makes board layout more annoying and some people want more inputs than outputs and some people vice versa, so it's not uncommon for it to be possible to reconfigure an input as an output or vice versa. From software.
Anyone who's ever plugged a microphone into a speaker jack probably knows where I'm going with this. An attacker can "turn off" your TV, reconfigure the internal speaker output as an input and listen to you on your "microphoneless" TV. Have a nice day, and stop telling people that putting glue in their laptop microphone is any use unless you're telling them to disconnect the internal speakers as well.
Don't associate it with your Wi-Fi network — don't plug it into your Ethernet.
Posted Mar 9, 2017 13:08 UTC (Thu)
by smitty_one_each (subscriber, #28989)
[Link] (5 responses)
Suddenly viewing content via a relatively dumb DVD looks a little less dumb.
Posted Mar 10, 2017 13:50 UTC (Fri)
by hkario (subscriber, #94864)
[Link] (4 responses)
or in other words: Smart TV != HTPC + TV; or even Roku + TV
Posted Mar 10, 2017 16:38 UTC (Fri)
by excors (subscriber, #95769)
[Link] (3 responses)
I got a quite expensive Samsung Smart TV some years ago and it seems the smart software (which was fairly rubbish and painfully slow) has barely changed at all since it was released, apart from some of the apps disappearing. Samsung also helpfully sold an Evolution Kit, which was a piece of hardware you could plug into the back to upgrade it to the next year's version of the smart UI - but that was restricted to only the most expensive models of TV, not the merely quite expensive ones. And it cost around £250. (£250 for the Evolution Kit, not the TV). And that'd only extend the TV's useful life by about one year.
Alternatively you can get any TV with an HDMI input and add a Roku Streaming Stick or Fire TV Stick or Chromecast etc for under £40, which are decently designed and will probably be well supported for several years. When they become obsolete, or if they have unresolved security issues, you can easily and cheaply throw them away and get a new model, and you can keep the expensive TV screen forever.
So I kind of agree with the advice in Lauren Weinstein's post, except I think all the reasoning there is wrong:
> if you have one, don’t connect it to the Internet directly.
The leaked CIA wiki mentions USB installation of hacked firmware, not a remote exploit. Lack of internet won't stop it getting exploited, and once it's exploited it can silently connect to the wifi access point in the CIA van outside your house.
> "Well, what if the spooks are subverting both my smart TV and my external dongle?" [...] The solution though even for that scenario is simple — kill the power to the dongle when you’re not using it.
If they're both subverted, but (for some reason) the subverted TV isn't connected to wifi directly, it could simply buffer the recorded audio and send it over to the subverted dongle once it's powered on again.
> Buy a Chromecast or Roku or similar dongle that will provide your Internet programming connectivity via HDMI to that television — these dongles don’t include microphones [...]
Many versions of Roku and Fire TV have voice search via a microphone in the remote. (And the remotes are battery powered so in theory they could also record audio while your dongle is unpowered (though in practice they only have a tiny amount of storage)). Chromecast's 'remote' is your phone, which also has microphones (and at least two cameras, and a couple of internet connections, and a load of storage and local processing power, and known-insecure years-old software).
Posted Mar 10, 2017 18:28 UTC (Fri)
by rgmoore (✭ supporter ✭, #75)
[Link]
Maybe that will happen if you're a target of a powerful nation state's intelligence service, but that's not the threat most of us should really be worrying about. The typical person is at far more risk of having their TV hacked by script kiddies who want to add it to their botnet, or to spy on random people for the thrill of it. You'll probably be able to dodge that threat by not connecting your TV directly.
For the people who are targets of powerful security agencies, shutting down any particular avenue of attack is really just playing whack-a-mole. If the CIA is really targeting you, they aren't going to let your lack of a smart TV stop them; they'll just use one of their numerous other tools to do the job. The only way to avoid that kind of really dedicated spying attempt is by traditional tradecraft.
Posted Mar 10, 2017 19:55 UTC (Fri)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Posted Mar 16, 2017 8:50 UTC (Thu)
by oldtomas (guest, #72579)
[Link]
This would be for the CIA's premium customers. For the rest of us, access is via the neighbour's open (possibly also hacked[1]?) WiFi.
I always thought: "I trust my WiFi router, so my TV won't go to the Internet". Until I realized that. Now, I'll have to look into my TV... gah, I hoped I could ignore it.
[1] Endless possibilities, like DNS spoofing, offering your TV better firmware upgrade opportunities. Unless the firmware engineers got everything right (HAH!)...
Posted Mar 9, 2017 22:07 UTC (Thu)
by andrey.turkin (guest, #89915)
[Link] (4 responses)
Ok, let's assume the attacker can reconfigure codec chip so that PCM output becomes PCM input or something. What about power amplifier sitting between the codec and the speakers? It can't be reconfigured to pass audio the other way, can it? Methinks not. Maybe there are some codecs with embedded amplifiers for laptops (and maybe they CAN be reconfigured that way) but I really doubt anything like that can work on TV.
Posted Mar 14, 2017 6:49 UTC (Tue)
by jmspeex (subscriber, #51639)
[Link] (3 responses)
Posted Mar 14, 2017 14:40 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (2 responses)
Choosing a random reconfigurable codec shows that you have a 2.3W per channel amp embedded in the codec. So, you've got "jack detection" (which means that it can reconfigure pins to select whether they're mic in, line in, line out, headphone out or speaker out pins), plus a 2.3W per channel amplifier for the speaker out.
That type of chip can easily be reconfigured to use a speaker as a microphone from software - it won't be as good as a dedicated digital microphone, but it'll be as good as any cheap analog microphone.
Posted Mar 15, 2017 11:10 UTC (Wed)
by cladisch (✭ supporter ✭, #50193)
[Link] (1 responses)
And while it could be imagined that someone builds a TV on top of PC hardware, it would not be possible to rely on the built-in amp (2.3 W is "for mini-speakers").
Posted Mar 15, 2017 15:23 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
I've found equivalent reconfigurable I2S codecs in the past, inside smart TVs, driving the speakers directly. It's just that even getting a feature list for the I2S codec version is next to impossible if you haven't already already signed an NDA with the codec maker, whereas the HDA codec makers will give out a feature list but not a datasheet without NDA.
Security quotes of the week
Security quotes of the week
Security quotes of the week
Security quotes of the week
The leaked CIA wiki mentions USB installation of hacked firmware, not a remote exploit. Lack of internet won't stop it getting exploited, and once it's exploited it can silently connect to the wifi access point in the CIA van outside your house.
Security quotes of the week
Security quotes of the week
Security quotes of the week
Security quotes of the week
Security quotes of the week
Security quotes of the week
Security quotes of the week