Chances are anyone who has an entry-level to mid-range smart TV knows that setting them up with your streaming account credentials is a royal pain. Akin to the days of texting on a flip phone, using the number pad or arrow keys to compose your user name and password seems to take forever. So why not avoid the issue with this automated Netflix logger-inner?
As if the initial setup wasn’t bad enough, when [krucho5]’s LG smart TV started asking for his Netflix credentials every few days, he knew something needed to be done. An Arduino to send “keystrokes” was the obvious solution, but when initial attempts to spoof the HID on the set proved fruitless, [krucho5] turned to the IR remote interface. He used an IR receiver module to capture the codes sent while entering user name and password, and an IR LED plays it back anytime the TV ask for it. The video below shows how much easier it is now, and the method should work just fine for any other online service accounts.
We like [krucho5]’s build, but the fit and finish are a little rough. Perhaps slipping them into a pair of Netflix-enabled socks would be a nice touch?
Next logical step: a keyboard that translates keypresses into the navigational inputs required to get to that key from where the last key left you.
wouldn’t a Bluetooth keyboard work as well ? and be a little more secure ..
But they don’t sell them on Ebay for $5(Cough Cough), It’s far easy to get a IR-LED and wait some 4 weeks for a $2 arduino and an unreliable power source on a fiddly board that is susceptible to breaking if grabbing it incorrectly while drinking or snapping parts off of it by accidental bump or other things landing on it.
now everyone knows email and netflix is linked to it – and pw at that time was 8 ….
high chance starting with a “s” … he will have fun to link new email and get rid of spam and other attacks—
sorry but please check other users content before re-posting. or make him aware of his error (if he she isnt already)
He was not trying to hide his email. It’s the same name as is on the hackaday.io page linked. Use compute unit moar.
OMG HIS IP ADDRESS IS 192.168.1.56. He’s ganna git haXed.
How not to password 101. This is a pretty good demonstration why password requirements need to be sensible. If you don’t ask sensible things from people, they will concoct a workaround and create a situation that isn’t really secure in the process.
It’s not that different from enforcing ridiculous character requirements. The result is that people simply write down passwords on a sticky and put it next to the monitor.
OTP from your favourite paragraph from a book just don’t be quoting it to people ever.
It’s trivial to add whole libraries of books to a dictionary. If your general area of interest is known, it becomes even easier. That strategy won’t work.
Against WHAT??
I just set you comment to my password.
Your
That’s one of the things I like about the Roku products… it’s possible to send it characters via HTTP post from any “Roku Remote” app.
Great. Now the hackers can snoop on IR band for my password. I feel less secure now that my arduino is blasting it at my TV.
Hackin ur netflix…. Smutting up your suggestions…. ANARCHY!
IR being line of sight and all, it seems pretty easy to tell when someone is snooping and trying to steal your password.
This is a common problem with LG Smart TVs, and is due to them running out of memory over time. My personal theory is that it’s due to memory leaks but I wasn’t able to confirm. The solution is to factory reset the TV and wipe the memory, then start again. It will then remember the password again.
I tried adding a keyboard and mouse and the TV didn’t recognise them.
The next thing to go will be the wifi module which there is no fix for out of warranty, I had to change to wired network.
> when [krucho5]’s LG smart TV started asking for his Netflix credentials every few days
sounds like broken “smart” TV
Why not just type the password into an easier, more accessible input device? Maybe a bluetooth keyboard? Wait…..then it wouldn’t be a hack. Only the writer would be.
You can´t “type”, characters must be clicked navigating this keyboard.
Never never ever automate a security feature.
Why? He’s not using this to log into his bank account, it’s his netflix account FFS. If he’s that worried about someone stealing this firmware to discover his password (again, to netflix), then just use a unique password like you’re supposed to do anyway. This is also leaving out the fact that if someone manages to get a copy of the firmware, this dude’s got way bigger problems because his pc has either been physically stolen or hacked into. Lost arduino? Change password. Big freakin deal.