[Luigi Auriemma] almost rendered his brother’s TV useless attempting to play a simple practical joke. In the process, he uncovered a bug that could potentially upset a lot of people. His idea was to connect a computer to the system via WiFi, masquerading as a remote control. [Luigi] found that by altering the packet being sent to the TV by adding a line feed and some other characters to the name, it would begin an endless reboot loop.
He also discovered that he could easily crash the devices by setting the MAC address string too long. We’re not sure if he’s modifying the remote, or the television on this one though.
These bugs affect the Samsung TVs and Blu Ray players that utilize the same chip. The crazy part is that despite his attempts, he has been unable to contact anyone at Samsung to let them know!
[via BoingBoing]
I can see wardriving turning into drive-by brickings in the not so distant future.
Regardless if a Samsung employee flamed him or not it’s funny that even Hack a Day is scensored.
Where is the original comment that I replied to?
http://hackaday.com/2011/07/27/hackaday-comment-policy-were-cleaning-up/
it was either removed by your peers by flagging it above the threshold or it was removed for not falling within our guidelines. Please read the linked post above for clarification.
What samsung employee? They barely can even speak english… go figure reading blogs with silly posts.
long mac address crashing the device? Looks like a buffer overflow. Could be an attack vector!
Posted this before I read the article. They mentioned that :)
Wasn’t this reported a couple of weeks back already?
Are you represented by the Law Offices of Dewey, Cheetum, and Howe?
Not nearly as funny without the original comment. LOL
Given that it’s Samsung, maybe their law firm is Soo, Yuu, & Blind? ^_^
Samsung obviously make some of the best consumer electronics HARDWARE on the market. That being said, there software dept seems to be staffed and run by Apple software “engineers”.
@cyril
more like lowest bidding contract teams, amirite
While Samsung makes some pretty awesome display panels(and heavy machinery), their reputation for bad PCB, bad PCB design, bad components, and general lack of anything to do with circuit design is a huge failure. (Google Samsung 214T)
Is it just me or would most people here prefer a TV that was just a good display, and leave the high end software bits to the computer they attach it to.
Typical ignorant hackaday commenter.
“there software dept seems to be staffed and run by Apple software “engineers”.”
If their sets ran Apple’s software, this wouldn’t have been an issue. FYI, all these Samsung sets run *LINUX*. Also, it’s spelled ‘their’ not ‘there’.
Presumably Apple “engineers” didn’t write the software for my iPhone either then.
LOL, you guys have your head stuck in the cloud?
Where were you engineers when you could gain a Privilege Escalation via a PDF (and there still is some sort of Privilege Escalation error, since people are still JB’ing)?
Anyone could have easily wrote a permanent boot loop code, or perhaps added a command and control server to it — and nobody would be any wiser (the code attached to the JB could easily obscure any references to the C&C server running.)
Think about it. If you JB, you’re trusting that the person who offered it is only jb’ing your device and nothing else despite them having full access to the OS.
Let’s be honest. Despite Charlie Miller’s white hat attack proving malware can make it past the approval (not to mention any privacy slurping applications that aren’t “hacks”), people still think they’re invulnerable and wouldn’t bother even reviewing the things that they’re doing to their own device.
I’m soon going replace the capacitors in both my monitors PSU’s for the third time. Yay quality.
So…. stop using rubbish capacitors? lol….
“he has been unable to contact anyone at Samsung to let them know!”
I think they know already.
:) hey isnt that the guy who made quick bms , i thought he mostly did game hacks xD
Not surprising. I’ve known the Samsung firmware engineers were brain-dead since discovering a flaw in my LCD monitor. Some lower resolutions cause it to overlay a warning over the video, “Not optimum mode”. It’s actually capable of displaying that resolution perfectly, and the warning can be dismissed by pressing a button on the monitor; but a minute after you do, it takes it upon itself to protect you from low-resolution video by shutting itself completely off. An incredibly stupid “feature” that has no fix, and makes the monitor useless for many older games.
I’ve had a similar issue, except my monitor simply doesn’t display the lower resolutions. I’ve got 3 solutions dependant on the game:
– Google around for a “HD patch” that enables higher resolutions.
– Run the game in window mode.
And if all else fails,
– Run the game in a VM so I can window and/or upscale it.
where is that “HD patch” ? I cannot find it.
Its dependant on the game. I.e. Warcraft has a registry edit to enable it.
Graphics cards have had scaling capability since, like, forever. Just go into your settings and restrict scaling to your GPU. I’m using one of the older 30″ panels that can only display 2 resolutions and I haven’t had any issues.
This doesn’t excuse the ‘feature’ obviously. Still better than the ‘video enhancement’ tvs have been getting for the last several years. :/
if this is some sort of way into the firmware, one might be able to slap something useful on the tvs. Have it host a small webpage or server.
buffer over/under run on a frickin TV?
are you kidding me?
and apparently they wont even answear the phone?
thanks, but no thanks, samsung! hahahaha
this post has been edited for politeness
This is surprising, especially considering Samsung makes (arguably) the best smartphones in the world today.
p.s. Anybody else watch today’s live Galaxy S3 unveiling conference? *drool*
Anyone try the Galaxy Indulge they sold to MetroPCS? More like POS. 4G radio that drains the battery within 6 hours IDLE, and no legit way to turn it off without going into airline mode.
Then, they would not cough up the kernel source so the community could fix their screw ups. When they DID cough up the source, it wasn’t the source after all. Finally, the community hacked together a fix that still doesn’t quite work right in many cases. Blech. Nice phone, crap software.
@andar_b
So you noticed the poor battery life fairly early, right?
So why didn’t you return it? Almost all cell companies have a one or two week return period if you’re not satisfied with the phone.
I can make my TV power off by just tying to play some large downloaded video off a USB drive.
thats why i like my stupid visio and my myth tv boxes :P
I hacked the family TV when I was 8, a few decades ago.
I came out of my bedroom with a magnet and demonstrated it to my folks:
“look what it does to the TV – the colors change! The image distorts!”
“You made a purple spot! Why isn’t it going back?!”
“OH. NO.”
I actually fixed a tv with a purple spot once using a rare earth magnet. However, you have to swipe it quikly past the screen, kind of like how degaussing works. Also a lot of people inadvertantly get this problem by placing big speakers next to their CRTs.
Looks like samsung DOES know about this :O
I don’t think they do, unless they read this lame post. o.O
Actually, if you read the article, he did in fact connect and resolve the issue.
I don’t suppose it matters that “LAN” here could also mean somebody connecting to an open (or WPA secured) WiFi network while driving down the street?
Sure.. we all heard of dangerous pranksters that drive around and break into wifis just to brick TVs!
Come on.
all network hacks start off as a local network attack
an infected PC, open port, exploit in one of the other apps, social engineering … there are many ways that a local hack can become a remote hack … not every hacker can do it all thats why its so smiled upon to publish code even if seemingly useless as is
sure skids might be confused but who cares
Sure, but maybe “the great luigi” doesn’t know that these TVs (B and C series) where rooted two years ago by samygo group. And I was the first to root D series models.
@zibri [citation needed]
I’ve often wondered what more the CPUs, controllers and graphics chips in electronic devices could be capable of, aside from what the device they’re in already does.
For example, my 37″ Vizio 1080p TV has some very nice menu graphics and it’s obviously going through some boot up sequence behind the scenery of the splash logo. I wonder how much RAM and flash ROM the thing has?
Same story for the LG BD611 Blu-Ray player. It most likely has higher native capability than the TV with its animated screens and internet access for firmware updates and BD-Live plus all the video, audio and image formats it can play from disc and USB drives.
That’d be some sweet hacking to take a piece of consumer electronics and convert it to a general purpose computer. Extra points if it retains all its original capabilities.
I often wondered about this too, but a total lack of standardization plus the secrecy around the IP always puts a dampener on the idea.
At least Linux seems to be de facto in TVs now which means that in theory source and tool chain should be available, even if there might still be firmware encryption to overcome.
PowerPCs were quite popular for AV gear, but I suspect technology has moved on now. Toshiba use their own home-grown CPU cores for example.
“The crazy part is that despite his attempts, he has been unable to contact anyone at Samsung to let them know!”
I tried to drive my car under water and it didn’t work. Wonder if Toyota cares.
“I’ve tried to drive though puddle and tires dissolved. Wonder if Toyota cares.”
Right, because TVs are designed to be hacked. Maybe they should be designed to interface with a microwave too because I want to play a prank on my brother.
I don’t care if it designed to be hacked or not (although if it really is linux based than not releasing source code violates license), but if someone finds two remote exploits just by accident then software QC is at least questionable. Few days of fuzzing would most likely reveal much higher number of bugs. This is just a question if data stored in these TVs would be worth the effort.
Another lie.
Samsung is one of the few companie releasing ALL the source code of their TVs.
You can find it at: http://opensource.samsung.com
that awkward moment when you are a firmware engineer and released a similar bug :x
Mayby he should start a thread here
http://forum.samygo.tv/
or just look for help :-)
All of the comments from Samsung employees here are hilarious
Yeah, everybody knows the way to contact Samsung is to get on the front page of hackaday. Scan the comments for trolls, and you’ve found your Samsung employee
Yeah, samsung is one of the only TV’s that is not linux based and it shows. Their TCP/IP stack is a joke, and there are far more bugs than he found. If you send the TV CEC controls via HDMI and try some of the more obscure but general commands it is SUPPOSED to respond to you can lock up the TV to the point that it needs a full power down (as in unplug from the wall) to regain use.
Samsung is pretty low end for TV’s, so I am not suprised.
Samsung TVs *are* linux based.
Yep. They also have one of the best upscale algorithms of the major brands, meaning SD content looks really good.
Yep! True. The dedicated chip does an impressive upscale. There is also another dedicated chip for image enhancing. Obviously I’m talking about high end TV (D7000, D8000 and ES7000/8000 series).
“have one of the best upscale algorithms of the major brands”
“dedicated chip does an impressive upscale”
Both valid points, but if you cannot play your desired content, you are left with pretty menus and little else.
Contrast: Car engine dies on toll roads and 3+ lane highways. However, its stereo system is amazing!
(Disclaimer: might be a bit unhappy still that my Samsung Blu-ray multimedia player wired Enet simply stopped working after 5 days, across multiple units)
I can play all the contents I want on my TVs. I don’t get your point.
You can always tell who the truly dumb commenters are by the level of grossly false or inaccurate information they spew. Samsung is a top player among manufacturers, was one of the first to ship TVs with Linux, and makes the panels for just about everyone else. If you think Samsung TVs are ‘low end’, then all your taste is in your mouth, and brains in your rear.
Maybe meant Samtron? :P
this is what you get when your TV is turned into a computer.
they want their TV steets longer while a TV was invented to include pictures to show but now is also on the Internet with their TV and more. what’s wrong with a device that you put next to your TV and you go through that device on the Internet or used as a media center.
I think that I like TV as much as possible, but rather what it can go wrong with the software of the TV and then does nothing and you may have little do to make your TV again
I’ve personally tried to contact samsung once for a bug found on my phone on the hardware side and after a full day,wasn’t able either to reach someone. Samsung doesn’t really care.
My parents Panasonic Vierra goes a little quirky when there are pics with a “.” in the name. File property descriptors and flags can send it into a tizzy. Otherwise a pretty nice tv and how many of us sit there and watch pic slideshows on our tvs?