657-admin - 27.08.18

Is your smart TV getting too smart?

The media has abounded lately with stories concerning vulnerabilities following installments of sensors and smart technology into our homes and lives (check out the reading list below the story).

A recent story in Wired sums it up:

At this point, it seems like every so-called consumer smart device—from routers and baby monitors to connected thermostats and garage door openers—has been shown to have vulnerabilities. But that same security crisis has also played out on a macro scale, exposing municipal works and public safety sensors to manipulation that could destabilize traffic lights, undermine radiation sensors, or even create a calamity like causing a dam to overflow because of tainted water level data.

Professor Iain Sutherland at Noroff in Oslo has taken a look at Smart TVs. His paper “Forensic analysis of Smart TV: A Current Issue and Call to Arms” has been accepted for a special edition of the Journal of Digital Investigation.

The paper explores the problem of the number of new entertainment systems with embedded computing capabilities that have appeared on the market in recent years. Smart TVs have the ability to connect to networks, browse the web, purchase applications and play games. But what does this mean in terms of personal security?

Early versions of Smart TV’s were based on proprietary operating systems, however newer versions released from 2012 are based on existing operating systems such as Linux and Android, and may inherit security problems. The paper asks the question as to what sort of challenges and opportunities they present to the forensics examiner. Are these new platforms, or simply new varieties of existing forms of devices? What data do they retain and how easy is it to access this data?

The paper concludes that we need to adapt or develop tools and standards to secure and investigate these systems.

It may only be a question of time before cyber criminals begin exploiting their security flaws on a mass scale. PC World runs through a deft history of smart TV spies, culminating with voice activated features opening for private conversations with your TV. So have we become smarter about TV safety? PC World asks.

The short answer is no. In February, the results of hack tests on internet-connected TVs of five major brands, each of which use a different smart TV platform, were released.  The devices were found to be susceptible to rather unsophisticated hacks that would enable an attacker to remotely flip through channels, crank up the volume to blaring levels, install new apps, and knock the device off Wi-Fi. […]Much like mobile phones, smart TVs have become internet-connected ‘computers’. It would no doubt help if we thought of them as such and protected them accordingly.