Fairly Simple Hack Makes Samsung TVs Reboot Forever

[Luigi Auriemma] almost rendered his brother’s TV useless attempting to play a simple practical joke. In the process, he uncovered a bug that could potentially upset a lot of people. His idea was to connect a computer to the system via WiFi, masquerading as a remote control.  [Luigi] found that by altering the packet being sent to the TV by adding a line feed and some other characters to the name, it would begin an endless reboot loop.

He also discovered that he could easily crash the devices by setting the MAC address string too long. We’re not sure if he’s modifying the remote, or the television on this one though.

These bugs affect the Samsung TVs and Blu Ray players that utilize the same chip. The crazy part is that despite his attempts, he has been unable to contact anyone at Samsung to let them know!

[via BoingBoing]

64 thoughts on “Fairly Simple Hack Makes Samsung TVs Reboot Forever

  1. Samsung obviously make some of the best consumer electronics HARDWARE on the market. That being said, there software dept seems to be staffed and run by Apple software “engineers”.

    1. While Samsung makes some pretty awesome display panels(and heavy machinery), their reputation for bad PCB, bad PCB design, bad components, and general lack of anything to do with circuit design is a huge failure. (Google Samsung 214T)

      Is it just me or would most people here prefer a TV that was just a good display, and leave the high end software bits to the computer they attach it to.

    2. Typical ignorant hackaday commenter.

      “there software dept seems to be staffed and run by Apple software “engineers”.”

      If their sets ran Apple’s software, this wouldn’t have been an issue. FYI, all these Samsung sets run *LINUX*. Also, it’s spelled ‘their’ not ‘there’.

      1. LOL, you guys have your head stuck in the cloud?

        Where were you engineers when you could gain a Privilege Escalation via a PDF (and there still is some sort of Privilege Escalation error, since people are still JB’ing)?

        Anyone could have easily wrote a permanent boot loop code, or perhaps added a command and control server to it — and nobody would be any wiser (the code attached to the JB could easily obscure any references to the C&C server running.)

        Think about it. If you JB, you’re trusting that the person who offered it is only jb’ing your device and nothing else despite them having full access to the OS.

        Let’s be honest. Despite Charlie Miller’s white hat attack proving malware can make it past the approval (not to mention any privacy slurping applications that aren’t “hacks”), people still think they’re invulnerable and wouldn’t bother even reviewing the things that they’re doing to their own device.

  2. Not surprising. I’ve known the Samsung firmware engineers were brain-dead since discovering a flaw in my LCD monitor. Some lower resolutions cause it to overlay a warning over the video, “Not optimum mode”. It’s actually capable of displaying that resolution perfectly, and the warning can be dismissed by pressing a button on the monitor; but a minute after you do, it takes it upon itself to protect you from low-resolution video by shutting itself completely off. An incredibly stupid “feature” that has no fix, and makes the monitor useless for many older games.

    1. I’ve had a similar issue, except my monitor simply doesn’t display the lower resolutions. I’ve got 3 solutions dependant on the game:
      – Google around for a “HD patch” that enables higher resolutions.
      – Run the game in window mode.
      And if all else fails,
      – Run the game in a VM so I can window and/or upscale it.

    2. Graphics cards have had scaling capability since, like, forever. Just go into your settings and restrict scaling to your GPU. I’m using one of the older 30″ panels that can only display 2 resolutions and I haven’t had any issues.

      This doesn’t excuse the ‘feature’ obviously. Still better than the ‘video enhancement’ tvs have been getting for the last several years. :/

  3. buffer over/under run on a frickin TV?
    are you kidding me?
    and apparently they wont even answear the phone?

    thanks, but no thanks, samsung! hahahaha

    this post has been edited for politeness

      1. Anyone try the Galaxy Indulge they sold to MetroPCS? More like POS. 4G radio that drains the battery within 6 hours IDLE, and no legit way to turn it off without going into airline mode.

        Then, they would not cough up the kernel source so the community could fix their screw ups. When they DID cough up the source, it wasn’t the source after all. Finally, the community hacked together a fix that still doesn’t quite work right in many cases. Blech. Nice phone, crap software.

      2. @andar_b

        So you noticed the poor battery life fairly early, right?

        So why didn’t you return it? Almost all cell companies have a one or two week return period if you’re not satisfied with the phone.

  4. I hacked the family TV when I was 8, a few decades ago.

    I came out of my bedroom with a magnet and demonstrated it to my folks:

    “look what it does to the TV – the colors change! The image distorts!”
    “You made a purple spot! Why isn’t it going back?!”
    “OH. NO.”

    1. I actually fixed a tv with a purple spot once using a rare earth magnet. However, you have to swipe it quikly past the screen, kind of like how degaussing works. Also a lot of people inadvertantly get this problem by placing big speakers next to their CRTs.

  5. I don’t suppose it matters that “LAN” here could also mean somebody connecting to an open (or WPA secured) WiFi network while driving down the street?

  6. all network hacks start off as a local network attack

    an infected PC, open port, exploit in one of the other apps, social engineering … there are many ways that a local hack can become a remote hack … not every hacker can do it all thats why its so smiled upon to publish code even if seemingly useless as is

    sure skids might be confused but who cares

    1. Sure, but maybe “the great luigi” doesn’t know that these TVs (B and C series) where rooted two years ago by samygo group. And I was the first to root D series models.

  7. I’ve often wondered what more the CPUs, controllers and graphics chips in electronic devices could be capable of, aside from what the device they’re in already does.

    For example, my 37″ Vizio 1080p TV has some very nice menu graphics and it’s obviously going through some boot up sequence behind the scenery of the splash logo. I wonder how much RAM and flash ROM the thing has?

    Same story for the LG BD611 Blu-Ray player. It most likely has higher native capability than the TV with its animated screens and internet access for firmware updates and BD-Live plus all the video, audio and image formats it can play from disc and USB drives.

    That’d be some sweet hacking to take a piece of consumer electronics and convert it to a general purpose computer. Extra points if it retains all its original capabilities.

    1. I often wondered about this too, but a total lack of standardization plus the secrecy around the IP always puts a dampener on the idea.

      At least Linux seems to be de facto in TVs now which means that in theory source and tool chain should be available, even if there might still be firmware encryption to overcome.

      PowerPCs were quite popular for AV gear, but I suspect technology has moved on now. Toshiba use their own home-grown CPU cores for example.

  8. “The crazy part is that despite his attempts, he has been unable to contact anyone at Samsung to let them know!”

    I tried to drive my car under water and it didn’t work. Wonder if Toyota cares.

      1. I don’t care if it designed to be hacked or not (although if it really is linux based than not releasing source code violates license), but if someone finds two remote exploits just by accident then software QC is at least questionable. Few days of fuzzing would most likely reveal much higher number of bugs. This is just a question if data stored in these TVs would be worth the effort.

  9. Yeah, everybody knows the way to contact Samsung is to get on the front page of hackaday. Scan the comments for trolls, and you’ve found your Samsung employee

  10. Yeah, samsung is one of the only TV’s that is not linux based and it shows. Their TCP/IP stack is a joke, and there are far more bugs than he found. If you send the TV CEC controls via HDMI and try some of the more obscure but general commands it is SUPPOSED to respond to you can lock up the TV to the point that it needs a full power down (as in unplug from the wall) to regain use.

    Samsung is pretty low end for TV’s, so I am not suprised.

        1. Yep! True. The dedicated chip does an impressive upscale. There is also another dedicated chip for image enhancing. Obviously I’m talking about high end TV (D7000, D8000 and ES7000/8000 series).

      1. “have one of the best upscale algorithms of the major brands”
        “dedicated chip does an impressive upscale”

        Both valid points, but if you cannot play your desired content, you are left with pretty menus and little else.

        Contrast: Car engine dies on toll roads and 3+ lane highways. However, its stereo system is amazing!

        (Disclaimer: might be a bit unhappy still that my Samsung Blu-ray multimedia player wired Enet simply stopped working after 5 days, across multiple units)

    1. You can always tell who the truly dumb commenters are by the level of grossly false or inaccurate information they spew. Samsung is a top player among manufacturers, was one of the first to ship TVs with Linux, and makes the panels for just about everyone else. If you think Samsung TVs are ‘low end’, then all your taste is in your mouth, and brains in your rear.

  11. this is what you get when your TV is turned into a computer.
    they want their TV steets longer while a TV was invented to include pictures to show but now is also on the Internet with their TV and more. what’s wrong with a device that you put next to your TV and you go through that device on the Internet or used as a media center.
    I think that I like TV as much as possible, but rather what it can go wrong with the software of the TV and then does nothing and you may have little do to make your TV again

  12. My parents Panasonic Vierra goes a little quirky when there are pics with a “.” in the name. File property descriptors and flags can send it into a tizzy. Otherwise a pretty nice tv and how many of us sit there and watch pic slideshows on our tvs?

Leave a Reply to kalleguldCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.