Reporting from Black Hat: Your smart TV is probably spying on your family right now

burn your smart tv mr worst case scenario 08 02 2013 header

Mr. Worst Case Scenario is Digital Trends’ paranoid, squinty-gazed, perpetually on-edge security correspondent. And he’s prepared for anything to go wrong, dammit. This week, he’ll slither out of his underground bunker in Montana, don his tinfoil hat and attend DefCon 2013 in Las Vegas.

If you have a smart TV, burn it. Wheelbarrow that sucker into the gully, hose it down with some 92 octane, and toss on the match.

“No – I love my TV! I’m not going to catch it on fire!” you say? Completely understandable; television is a precious thing. But just shut up for a second, and let me ask you something: Do you love it so much that you’d let some grimy stranger watch your old lady prancing around the living room in her damned undies? Because that’s what’s going to happen if you don’t get it out of the house.

Pardon me for getting worked up. It has been a long day, and I am 99 percent certain that, against my better judgment, turning on my computer’s Wi-Fi to file this report has allowed some mowhawked hacker to have his way with my Guns & Ammo forums account. But that is a consequence I am willing to bear to fill you in on the nightmare I learned about during the final day of Black Hat on Thursday.

In addition to watching what you do, and listening to what you say, a smart TV hacker can even mess with your mind.

Here’s the quick version: A smart TV is easily the most dangerous thing in your house, according to not one, but three security researchers who spoke yesterday in Vegas.

We should have guessed as much. Any half-wit could have figured out that products with “smart” in the title are a patronizing corporate ploy. Little did we know that this particular Trojan horse would let an army of basement dwellers rape and pillage the sanctity of your home.

During the first smart TV talk of the day, iSEC Partners hackers-for-hire Aaron Grattafiori and Josh Yavor ran through a pile of technical details about how a smart TV is “really just a smartphone with a 50-inch screen.”

And by that, they mean it can be taken over from anywhere in the world, by anyone with enough evil computer genius running through their blood.

Grattafiori and Yavor found their way into Samsung’s 2012-model smart TVs by turning the Skype app into a weapon of mass invasion. But, according to Grattafiori, any Samsung smart TV app that you might use to communicate with the outside world has all the nuts and bolts necessary for a Class-A screwjob.

Smart TV hack “Bottom line is that, we’ve demonstrated that, on the applications, we can achieve remote-compromise,” says Grattafiori, “especially through the social media applications – anyplace where we can get remote content injected.”

Once they have access, anything is possible. Record video from the camera? No problem. Steal your username and passwords? You bet‘cha. Trick your browser into accessing virus-ridden websites as soon as it loads? But of course! Whatever hideous thing you can imagine they might do, they can do. And I, for one, can imagine nothing but hideous things.

“Basically, you can do anything you want on a smart TV because it is actually just a regular PC,” says SeungJin Lee, author of the second smart TV horror-talk on Thursday.

Lee agrees with Grattafiori and Yavor that a smart TV is just a giant smartphone, with one key stipulation: A smart TV is much better for spying on people. While it’s possible for a hacker to, say, tap into your smartphone’s cameras, the device spends most of its time in a pocket or purse. A smart TV, on the other hand, has a constant watch over whatever room it is in.

I am 99 percent certain that, against my better judgment, turning on my computer’s Wi-Fi to file this report has allowed some mowhawked hacker to have his way with my Guns & Ammo forums account.

 “Some people will say that surveillance on a smartphone is really critical, and very bad,” says Lee. But “most of the time,” he says, “your phone is on your desk or in your pocket,” so only “one percent” of the photos a hacker with remote access could take reveal anything at all. Plus, taking a bunch of photos quickly drains the battery.

“A smart TV is always connected to the power,” explains Lee. “Of course, a smart TV cannot move. But it takes very good photographs, so it can watch you very well.” 

To twist the knife even harder, says Lee, we place our smart TVs in the most intimate place in our lives – our living rooms, bedrooms, and man caves.

“Surveillance is not about me or you,” says Lee. “It is about your family. If your PC gets hacked, it’s mostly your problem. But if your smart TV gets hacked, it’s about your family and your girlfriend and stuff, so do not make TV see your bed.”

Now, I try to avoid sex at all cost. It drains a man of his essence, and dulls the senses. But I can see how this particular fact might put a damper on some of your lives.

In addition to watching what you do, and listening to what you say, a smart TV hacker can even mess with your mind, says Lee. Say, for example, that you’re watching local news; a skilled smart TV hacker could pull up a fake graphic on your smart TV that says “BREAKING NEWS: The president has been shot.” And then what happens? All hell breaks loose.

Consider yourself warned.

Over and out.

The views expressed here are solely those of the author and do not reflect the beliefs of Digital Trends.


Smartphone makers are vomiting a torrent of new phones, and we’re sick of it

Smartphone manufacturers like Huawei, LG, Sony, and Motorola are releasing far too many similar phones. The update cycle has accelerated, but more choice is not always a good thing.

Need to record calls on an iPhone? Check out our handy guide

Are you wondering how to record calls on your iPhone? It isn't as easy as you might think, but we'll walk you through the process of doing so with Google Voice, and identify several other apps and external voice recorders that can help.
Smart Home

Knock, knock. Who's there? With a video doorbell, you'll never have to guess

When it comes to knowing who's at your door before you actually open it, there's nothing better than a video doorbell. Plus, you can "answer" the door even if you're not home. Here are some of our favorites.

Best deals for smart home plugs that control your lights and appliances

Smart hubs and speakers play central communication and management roles in your home, but smart plugs let you add lights and appliances to your system. Any smart plug you buy must support one feature or anything you plug in stays dumb.

Simplify your life with one of these wireless smartphone charger deals

Banish nightly cable fumbling with a wireless smartphone charger. If your smartphone is compatible with wireless charging, the simplicity of placing it on a pad is a beautiful thing. Wireless chargers are also excellent gifts for coworkers.

Do we even need 5G at all?

Faster phones, easier access to on-demand video, simpler networking -- on the surface, 5G sounds like a dream. So why is it more of a nightmare?
Home Theater

The Apple AirPods 2 needed to come out today. Here are four reasons why

Apple announced numerous new products at its October 30 event, a lineup that included a new iPad Pro, a MacBook Air, as well as a new Mac Mini. Here are four reasons we wish a new set of AirPods were on that list.

Razer’s most basic Blade 15 is the one most gamers should buy

Razer's Blade 15 is an awesome laptop for both gamers, streamers, professionals, and anyone else needing serious go in a slim profile, but its price is out of reach for many games. The new Blade 15 Base solves that problem with few…

Going to hell, again. The Switch makes 'Diablo 3' feel brand-new

I've played every version of Diablo 3 released since 2012, racking up hundreds of hours in the process. Six years later, I'm playing it yet again on Nintendo Switch. Somehow, it still feels fresh.

‘Fallout 76’ may have online multiplayer but it’s still a desolate wasteland

"Is Fallout 76 an MMO?" That depends on who you ask. Critics and players often cite its online multiplayer capabilities as a reason it qualifies. Yet calling the game an MMO only confuses matters, and takes away from what could make…
Digital Trends Live

Microsoft has #*!@ed up to-do lists on an epic scale

Microsoft has mucked up to-do lists on a scale you simply can’t imagine, a failure that spans multiple products and teams, like a lil’ bit of salmonella that contaminates the entire output from a factory.

As Amazon turns up the volume on streaming, Spotify should shudder

Multiple players are all looking to capitalize on the popularity of streaming, but it has thus far proved nearly impossible to make a profit. Could major tech companies like Amazon be primed for a streaming take-over?

Throw out the sandbox. ‘Red Dead Redemption 2’ is a fully realized western world

Despite featuring around 100 story missions, the real destination in Red Dead Redemption 2 is the journey you make for yourself in the Rockstar's open world, and the game is better for it.

‘Diablo Immortal’ is just the beginning. Mobile games are the future

Diablo fans were furious about Diablo Immortal, but in truth, mobile games are the future. From Apple and Samsung to Bethesda and Blizzard, we’re seeing a new incentive for games that fit on your phone.