It’s still premature to say you need firewall or antivirus protection for your television set, but a duo of recently diagnosed firmware vulnerabilities in widely used TV models made by two leading manufacturers suggests the notion isn’t as far-fetched as many may think.
The most recent bug, found in a wide range of high-definition TVs from Samsung, was disclosed on Thursday by an Italy-based researcher who regularly finds security flaws in Microsoft Windows, video games, and even the industrial-strength systems used to control dams, gas refineries, and other critical infrastructure. While poking around a Samsung D6000 model he inadvertently discovered a way to remotely send the TV into an endless restart mode that persists even after unplugging the device and turning it back on.
The TV was connected by ethernet cable to a home network, so he thought it would be funny to use a computer connected to the same network to send it a message that contained a series of custom headers. Without warning, the TV spiraled into an endless loop of restarts. For about five seconds, the device would appear to work correctly, but then would stop responding to commands entered by remote control or through the panel. A few seconds later, the TV would restart and repeat the process. Unplugging the power cord or ethernet cable did nothing.
You cannot change the volume, channels or access any function,” he wrote in his description of the attack. “After 35 seconds the TV stop(s) working and back. This happens 3 times. At fourth time, the TV shuts down. In less than 3 minutes, the TV is off remotely. It is necessary to turn on the TV physically.”
As more and more electronic devices connect to the Internet and home networks, it’s likely their internal software will be visited by the same vicious exploits that for years have preyed on products from Microsoft, Adobe, and more recently, Apple.