{"id":2870,"date":"2012-04-23T16:27:12","date_gmt":"2012-04-23T14:27:12","guid":{"rendered":"http:\/\/blog.netspark.de\/?p=2870"},"modified":"2012-04-25T13:45:38","modified_gmt":"2012-04-25T11:45:38","slug":"new-samsung-tv-devices-endangered","status":"publish","type":"post","link":"https:\/\/blog.netspark.de\/?p=2870","title":{"rendered":"New Samsung TV devices endangered?"},"content":{"rendered":"

\"\"It looks grim for Samsung’s most actual TV devices that also offer network
\ncapabilities and streaming. It seems as if there’s a way to completely defeat
\nyour TV set or blu-ray player simply by placing invalid chars into a control
\ndata packet from Android and iDevices. The result: A non-working device!<\/p>\n

As Luigi Auriemma (Electro-device security research specialist) has found out (read here<\/a>), a simple Carriage return may shut down Samsung’s device upon reception. The symptoms are easy to find out. Your TV does no longer receive commands from your iDevice and your remote. After 5 more seconds the TV switches off and can no longer be switched on again. Only a service reset brings the TV set back to life. Same behaviour is also seen with blu-ray players.<\/p>\n

However this security issue is only dangerous if you expose TCP port 55000 on your firewall to the public. But most users don’t know how to do port forwards or how to expose certain ports to the web.<\/p>\n

So this security hole may only be used on a small number of users. Yet it is annoying and it makes me shake my head why a simple Carriage Retunrn character can crash a TV set’s BIOS\/firmware (if you can speak of such)…<\/p>\n","protected":false},"excerpt":{"rendered":"

It looks grim for Samsung’s most actual TV devices that also offer network capabilities and streaming. It seems as if there’s a way to completely defeat your TV set or blu-ray player simply by placing invalid chars into a control data packet from Android and iDevices. The result: A non-working device!<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4,3,19],"tags":[575,1668,605,1667,71],"class_list":["post-2870","post","type-post","status-publish","format-standard","hentry","category-curiosities","category-news","category-thoughts-2","tag-hack","tag-remote","tag-samsung","tag-security-leak","tag-tv"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/2870","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2870"}],"version-history":[{"count":0,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/2870\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}