Computer scientists say 'red button attack' leaves millions of smart TVs vulnerable
Flaw in the HbbTV standard gives hackers a way in to home networks
Monday 09 June 2014
Computer scientists from Columbia University have warned of a critical vulnerability in smart TVs that lets hackers quickly and anonymously hijack home networks.
In a recently-published paper Yossi Oren and Angelos Keromytis say the so-called ‘red button attack’ (named after the button on remote controls that bring up interactive content) allows hackers to post spam through users' social networks, launch attacks against other computers and even hijack the microphones and cameras built into some TVs.
The attack affects any device that is compatible with the HbbTV industry standard (it's short for hybrid broadcast-broadband) which the researchers says is deeply flawed, essentially offering an open network to any individual with a cheap radio amplifier and a few lines of code.
Oren and Keromytis say that with a £260 device a hacker in an urban area could target “more than 20,000 devices in a single attack”. They could do this without being identified, taking control of any online accounts accessed through the TV as well as looking for vulnerable devices on the same network.
Oren and Keromytis told Forbes magazine that they had warned the body responsible for the standard only to be told the attack wasn’t severe enough to merit any action. HbbTV has been adopted in many European countries including France, Germany and Spain – although the standard is not widespread in the UK and has not been introduced to North America.
Sales of the tablet are set to fall again, say analysts
World's most lethal spider found under a bunch of bananas
I Am Bread could actually be a challenging and nuanced title
Company decides to go for simply scary after criticising other sites for 'creepy and targeted' advertising
Footage shot by a passerby shows moment an ill man was carried out of his burning home
Peter Biaksangzuala died from his injuries in hospital on Sunday
Life & Style blogs
Soylent: Could a slug of nutritionally engineered sludge ever replace the leisurely meal?
Jeremy Hunt tells nurses 'path to lower cost is the same as the path to safer care'
Cara Delevingne photographed naked by Mario Testino for Allure magazine
Dear young men: The old stereotypes of what it is to be a 'man' are a load of rubbish
What lies beneath La Perla's 60 years of luxury lingerie?
Cameron is warned 'no possibility' of UK reducing immigration and that bid to bring in quota on migrant workers would be illegal
Sorry Judy Finnigan – Ched Evans is no less sickening than an alleyway rapist
Residents should throw a street party and mix with immigrant neighbours, councils told
Workers 'could be forced to pay £5 a week' to get benefits
Russell Brand threatened with arrest after filming outside Fox News headquarters
Amal Alamuddin calls for the return of the Elgin Marbles from Britain: 'Injustice has persisted for too long'
- 1 Jack the Ripper: Scientist who claims to have identified notorious killer has 'made serious DNA error'
- 2 Ebola outbreak: What is bushmeat – and is it to blame for the disease that has killed thousands?
- 3 Star Wars memorabilia called a 'bit of plastic' on Antiques Roadshow by Fiona Bruce valued at £50,000
- 4 Meet Thea, Norway's 12-year-old child bride
- 5 Russell Brand might seem like a sexy revolutionary worth getting behind, but he will only fail his fans
iJobs Gadgets & Tech
£60000 - £65000 per annum: Sauce Recruitment: A globally successful media and ...
competitive + benefits: Sauce Recruitment: Are you looking for your next role ...
£45000 - £55000 per annum: Sauce Recruitment: This is your chance to join a gl...
£22000 Per Annum: Clearwater People Solutions Ltd: Our client based in Thame i...