Computer scientists say 'red button attack' leaves millions of smart TVs vulnerable
Flaw in the HbbTV standard gives hackers a way in to home networks
Monday 09 June 2014
Computer scientists from Columbia University have warned of a critical vulnerability in smart TVs that lets hackers quickly and anonymously hijack home networks.
In a recently-published paper Yossi Oren and Angelos Keromytis say the so-called ‘red button attack’ (named after the button on remote controls that bring up interactive content) allows hackers to post spam through users' social networks, launch attacks against other computers and even hijack the microphones and cameras built into some TVs.
The attack affects any device that is compatible with the HbbTV industry standard (it's short for hybrid broadcast-broadband) which the researchers says is deeply flawed, essentially offering an open network to any individual with a cheap radio amplifier and a few lines of code.
Oren and Keromytis say that with a £260 device a hacker in an urban area could target “more than 20,000 devices in a single attack”. They could do this without being identified, taking control of any online accounts accessed through the TV as well as looking for vulnerable devices on the same network.
Oren and Keromytis told Forbes magazine that they had warned the body responsible for the standard only to be told the attack wasn’t severe enough to merit any action. HbbTV has been adopted in many European countries including France, Germany and Spain – although the standard is not widespread in the UK and has not been introduced to North America.
Life & Style blogs
GTA 5 Online DLC: San Andreas Flight School update brings 16-seater jet plane and more
What is ALS and the Ice Bucket Challenge?
Anal sex study reveals climate of 'coercion'
Common antibiotic linked to increased risk of heart disease
Karl Lagerfeld shoots Eurovision winner Conchita Wurst in suspenders for fashion shoot
Scottish independence: English people overwhelmingly want Scotland to stay in the UK
Richard Dawkins on babies with Down Syndrome: 'Abort it and try again – it would be immoral to bring it into the world'
Isis threat: Cameron wants an alliance with Iran
Crisis? What crisis? A visiting US doctor gives the NHS a rave review
Michael Brown shooting: Chaos erupts on the streets of Ferguson after autopsy shows teenager was shot six times – twice in the head
Scottish Independence Referendum: Salmond described as 'arrogant, ambitious and dishonest' by Scottish women
- 1 Richard Dawkins on babies with Down Syndrome: 'Abort it and try again – it would be immoral to bring it into the world'
- 2 ALS ice bucket challenge co-founder Corey Griffin drowns, aged 27
- 3 James Foley beheading: Fox news presenter Megyn Kelly annoyed by Ferguson update during broadcast about murdered journalist
- 4 Kajieme Powell: Missouri police release video footage of second man killed by officers
- 5 Paul Scholes: Manchester United need five experienced players who can turn round a desperate situation
iJobs Gadgets & Tech
£250 per day: Orgtel: Network Engineer (CCNP), Cisco Gold Partner, Farnborough...
£250 - £300 per day: Orgtel: Senior Network Integration/Test Engineer Berkshir...
£30000 - £37000 per annum + attractive benefits: Ashdown Group: .NET Developer...
£20000 - £25000 per annum + OTE £40,000: SThree: SThree Group have been well e...