“Flaw” (yeah, right) In Samsung TV’s Allow Hackers To Check You Out With It’s Built In Camera
Saturday, August 3, 2013 12:23
% of readers think this story is Fact. Add your two cents.
“Flaw”
(yeah, right) In Samsung TV’s Allow Hackers To Check You Out With It’s Built In
Camera
Posted By: Watchman
Date:
Friday, 2-Aug-2013 18:10:36
The camera in your TV is
watching you
LAS VEGAS (CNNMoney)
Today’s high-end televisions are almost all equipped with “smart”
PC-like features, including Internet connectivity, apps, microphones and
cameras. But a recently discovered security hole in some Samsung Smart TVs
shows that many of those bells and whistles aren’t ready for prime time.
The flaws in Samsung
Smart TVs, which have now been patched, enabled hackers to remotely turn on the
TVs’ built-in cameras without leaving any trace of it on the screen. While
you’re watching TV, a hacker anywhere around the world could have been watching
you. Hackers also could have easily rerouted an unsuspecting user to a
malicious website to steal bank account information.
Samsung quickly fixed the
problem after security researchers at iSEC Partners informed the company about
the bugs. Samsung sent a software update to all affected TVs.
But the glitches speak to
a larger problem of gadgets that connect to the Internet but have virtually no
security to speak of.
Security cameras, lights,
heating control systems and even door locks and windows are now increasingly
coming with features that allow users to control them remotely. Without proper
security controls, there’s little to stop hackers from invading users’ privacy,
stealing personal information or spying on people.
Related story: The
scariest search engine on the Internet
In the case of Samsung
Smart TVs, iSEC researchers found that they could tap into the TV’s Web browser
with ease, according to iSEC security analyst Josh Yavor. That gave hackers
access to all the functions controlled by the browser, including the TV’s
built-in camera.
“If there’s a
vulnerability in any application, there’s a vulnerability in the entire
TV,” said Aaron Grattafiori, also an analyst at iSEC.
Yavor and Grattafiori
were also able to hack the browser in such a way that users would be sent to
any website of the hacker’s choosing. While the hack would have been obvious if
the website on the screen didn’t match the desired address, Yavor says there
could be serious implications if a bad actor sent a user to a lookalike banking
page and retrieved a user’s credentials.
Related story: NSA chief
recruits hackers
The research was
conducted on different models of 2012 Samsung Smart TVs and was presented this
week at the Black Hat cybersecurity conference in Las Vegas.
In a statement to
CNNMoney, Samsung said it takes user safety very seriously. Addressing the
camera flaw, a company spokesperson said, “The camera can be turned into a
bezel of the TV so that the lens is covered, or disabled by pushing the camera
inside the bezel. The TV owner can also unplug the TV from the home network
when the Smart TV features are not in use.”
Samsung also recommends
that customers use encrypted wireless access points.
The iSEC crew said they
remain skeptical that the technology is perfectly secure, even after Samsung
patched the bugs.
“We know that the
way we were able to do this has been fixed; it doesn’t mean that there aren’t
other ways that could be discovered in the future, ” Yavor said.
Companies like Samsung pay
hackers when they report security vulnerabilities like the ones iSEC found. The
researchers are iSEC confident that there are more undetected flaws in these
devices that they are running a fund-raiser off of finding bugs in Smart TVs at
technology conference Def Con later this week.
Yavor and Grattafiori say
users should run regular updates from vendors like they would for anti-virus
definitions or system updates on the smartphone.
And when all else fails,
users can always put tape over their cameras.
(yeah, right) In Samsung TV’s Allow Hackers To Check You Out With It’s Built In
Camera
Posted By: Watchman
Date:
Friday, 2-Aug-2013 18:10:36
The camera in your TV is
watching you
LAS VEGAS (CNNMoney)
Today’s high-end televisions are almost all equipped with “smart”
PC-like features, including Internet connectivity, apps, microphones and
cameras. But a recently discovered security hole in some Samsung Smart TVs
shows that many of those bells and whistles aren’t ready for prime time.
The flaws in Samsung
Smart TVs, which have now been patched, enabled hackers to remotely turn on the
TVs’ built-in cameras without leaving any trace of it on the screen. While
you’re watching TV, a hacker anywhere around the world could have been watching
you. Hackers also could have easily rerouted an unsuspecting user to a
malicious website to steal bank account information.
Samsung quickly fixed the
problem after security researchers at iSEC Partners informed the company about
the bugs. Samsung sent a software update to all affected TVs.
But the glitches speak to
a larger problem of gadgets that connect to the Internet but have virtually no
security to speak of.
Security cameras, lights,
heating control systems and even door locks and windows are now increasingly
coming with features that allow users to control them remotely. Without proper
security controls, there’s little to stop hackers from invading users’ privacy,
stealing personal information or spying on people.
Related story: The
scariest search engine on the Internet
In the case of Samsung
Smart TVs, iSEC researchers found that they could tap into the TV’s Web browser
with ease, according to iSEC security analyst Josh Yavor. That gave hackers
access to all the functions controlled by the browser, including the TV’s
built-in camera.
“If there’s a
vulnerability in any application, there’s a vulnerability in the entire
TV,” said Aaron Grattafiori, also an analyst at iSEC.
Yavor and Grattafiori
were also able to hack the browser in such a way that users would be sent to
any website of the hacker’s choosing. While the hack would have been obvious if
the website on the screen didn’t match the desired address, Yavor says there
could be serious implications if a bad actor sent a user to a lookalike banking
page and retrieved a user’s credentials.
Related story: NSA chief
recruits hackers
The research was
conducted on different models of 2012 Samsung Smart TVs and was presented this
week at the Black Hat cybersecurity conference in Las Vegas.
In a statement to
CNNMoney, Samsung said it takes user safety very seriously. Addressing the
camera flaw, a company spokesperson said, “The camera can be turned into a
bezel of the TV so that the lens is covered, or disabled by pushing the camera
inside the bezel. The TV owner can also unplug the TV from the home network
when the Smart TV features are not in use.”
Samsung also recommends
that customers use encrypted wireless access points.
The iSEC crew said they
remain skeptical that the technology is perfectly secure, even after Samsung
patched the bugs.
“We know that the
way we were able to do this has been fixed; it doesn’t mean that there aren’t
other ways that could be discovered in the future, ” Yavor said.
Companies like Samsung pay
hackers when they report security vulnerabilities like the ones iSEC found. The
researchers are iSEC confident that there are more undetected flaws in these
devices that they are running a fund-raiser off of finding bugs in Smart TVs at
technology conference Def Con later this week.
Yavor and Grattafiori say
users should run regular updates from vendors like they would for anti-virus
definitions or system updates on the smartphone.
And when all else fails,
users can always put tape over their cameras.
http://money.cnn.com/video/technology/security/2013/08/01/t-tv-is-watching-you.cnnmoney
NESARA- Restore America – Galactic News
Source: http://nesaranews.blogspot.com/2013/08/flaw-yeah-right-in-samsung-tvs-allow.html
