Mr. Worst Case Scenario is Digital Trends’ paranoid, squinty-gazed, perpetually on-edge security correspondent. And he’s prepared for anything to go wrong, dammit. This week, he’ll slither out of his underground bunker in Montana, don his tinfoil hat and attend DefCon 2013 in Las Vegas.
If you have a smart TV, burn it. Wheelbarrow that sucker into the gully, hose it down with some 92 octane, and toss on the match.
“No – I love my TV! I’m not going to catch it on fire!” you say? Completely understandable; television is a precious thing. But just shut up for a second, and let me ask you something: Do you love it so much that you’d let some grimy stranger watch your old lady prancing around the living room in her damned undies? Because that’s what’s going to happen if you don’t get it out of the house.
Pardon me for getting worked up. It has been a long day, and I am 99 percent certain that, against my better judgment, turning on my computer’s Wi-Fi to file this report has allowed some mowhawked hacker to have his way with my Guns & Ammo forums account. But that is a consequence I am willing to bear to fill you in on the nightmare I learned about during the final day of Black Hat on Thursday.
In addition to watching what you do, and listening to what you say, a smart TV hacker can even mess with your mind.
Here’s the quick version: A smart TV is easily the most dangerous thing in your house, according to not one, but three security researchers who spoke yesterday in Vegas.
We should have guessed as much. Any half-wit could have figured out that products with “smart” in the title are a patronizing corporate ploy. Little did we know that this particular Trojan horse would let an army of basement dwellers rape and pillage the sanctity of your home.
During the first smart TV talk of the day, iSEC Partners hackers-for-hire Aaron Grattafiori and Josh Yavor ran through a pile of technical details about how a smart TV is “really just a smartphone with a 50-inch screen.”
And by that, they mean it can be taken over from anywhere in the world, by anyone with enough evil computer genius running through their blood.
Grattafiori and Yavor found their way into Samsung’s 2012-model smart TVs by turning the Skype app into a weapon of mass invasion. But, according to Grattafiori, any Samsung smart TV app that you might use to communicate with the outside world has all the nuts and bolts necessary for a Class-A screwjob.
“Bottom line is that, we’ve demonstrated that, on the applications, we can achieve remote-compromise,” says Grattafiori, “especially through the social media applications – anyplace where we can get remote content injected.”
Once they have access, anything is possible. Record video from the camera? No problem. Steal your username and passwords? You bet‘cha. Trick your browser into accessing virus-ridden websites as soon as it loads? But of course! Whatever hideous thing you can imagine they might do, they can do. And I, for one, can imagine nothing but hideous things.
“Basically, you can do anything you want on a smart TV because it is actually just a regular PC,” says SeungJin Lee, author of the second smart TV horror-talk on Thursday.
Lee agrees with Grattafiori and Yavor that a smart TV is just a giant smartphone, with one key stipulation: A smart TV is much better for spying on people. While it’s possible for a hacker to, say, tap into your smartphone’s cameras, the device spends most of its time in a pocket or purse. A smart TV, on the other hand, has a constant watch over whatever room it is in.
I am 99 percent certain that, against my better judgment, turning on my computer’s Wi-Fi to file this report has allowed some mowhawked hacker to have his way with my Guns & Ammo forums account.
“A smart TV is always connected to the power,” explains Lee. “Of course, a smart TV cannot move. But it takes very good photographs, so it can watch you very well.”
To twist the knife even harder, says Lee, we place our smart TVs in the most intimate place in our lives – our living rooms, bedrooms, and man caves.
“Surveillance is not about me or you,” says Lee. “It is about your family. If your PC gets hacked, it’s mostly your problem. But if your smart TV gets hacked, it’s about your family and your girlfriend and stuff, so do not make TV see your bed.”
Now, I try to avoid sex at all cost. It drains a man of his essence, and dulls the senses. But I can see how this particular fact might put a damper on some of your lives.
In addition to watching what you do, and listening to what you say, a smart TV hacker can even mess with your mind, says Lee. Say, for example, that you’re watching local news; a skilled smart TV hacker could pull up a fake graphic on your smart TV that says “BREAKING NEWS: The president has been shot.” And then what happens? All hell breaks loose.
Consider yourself warned.
Over and out.
- Level Lock review: A stealthy, costly smart lock
- Why you shouldn’t mount your TV above your fireplace
- Gone too Zune: Remembering the underdog MP3 player that stole my heart
- Amazon Echo Dot (3rd Gen) with Clock review: The time is now
- The best romantic comedies on Netflix