Save Your Thumbs With This Netflix Password Sender

August 29, 2017 by Dan Maloney 22 Comments

Chances are anyone who has an entry-level to mid-range smart TV knows that setting them up with your streaming account credentials is a royal pain. Akin to the days of texting on a flip phone, using the number pad or arrow keys to compose your user name and password seems to take forever. So why not avoid the issue with this automated Netflix logger-inner?

As if the initial setup wasn’t bad enough, when [krucho5]’s LG smart TV started asking for his Netflix credentials every few days, he knew something needed to be done. An Arduino to send “keystrokes” was the obvious solution, but when initial attempts to spoof the HID on the set proved fruitless, [krucho5] turned to the IR remote interface. He used an IR receiver module to capture the codes sent while entering user name and password, and an IR LED plays it back anytime the TV ask for it. The video below shows how much easier it is now, and the method should work just fine for any other online service accounts.

We like [krucho5]’s build, but the fit and finish are a little rough. Perhaps slipping them into a pair of Netflix-enabled socks would be a nice touch?

Continue reading “Save Your Thumbs With This Netflix Password Sender” →

Hack Your Own Samsung TV With The CIA’s Weeping Angel Exploit

April 26, 2017 by Jack Laidlaw 57 Comments

[Wikileaks] has just published the CIA’s engineering notes for Weeping Angel Samsung TV Exploit. This dump includes information for field agents on how to exploit the Samsung’s F-series TVs, turning them into remotely controlled spy microphones that can send audio back to their HQ.

An attacker needs physical access to exploit the Smart TV, because they need to insert a USB drive and press keys on the remote to update the firmware, so this isn’t something that you’re likely to suffer personally. The exploit works by pretending to turn off the TV when the user puts the TV into standby. In reality, it’s sitting there recording all the audio it can, and then sending it back to the attacker once it comes out of “fake off mode”.

It is still unclear if this type of vulnerability could be fully patched without a product recall, although firmware version 1118+ eliminates the USB installation method.

The hack comes along with a few bugs that most people probably wouldn’t notice, but we are willing to bet that your average Hackaday reader would. For instance, a blue LED stays on during “fake off mode” and the Samsung and SmartHub logos don’t appear when you turn the TV back on. The leaked document is from 2014, though, so maybe they’ve “fixed” them by now.

Do you own a Samsung F-series TV? If you do, we wouldn’t worry too much about it unless you are tailed by spies on a regular basis. Don’t trust the TV repairman!

Remotely Get Root On Most Smart TVs With Radio Signals

April 6, 2017 by Jack Laidlaw 59 Comments

[Rafael Scheel] a security consultant has found that hacking smart TVs takes nothing much more than an inexpensive DVB-T transmitter, The transmitter has to be in range of the target TV and some malicious signals. The hack works by exploiting hybrid broadcast broadband TV signals and widely known about bugs in web browsers commonly run on smart TVs, which seem run in the background almost all the time.

Scheel was commissioned by Cyber security company Oneconsult, to create the exploit which once deployed, gave full root privileges enabling the attacker to setup and SSH into the TV taking complete control of the device from anywhere in the world. Once exploited the rogue code is even unaffected by device reboots and factory resets.

Once a hacker has control over the TV of an end user, he can harm the user in a variety of ways, Among many others, the TV could be used to attack further devices in the home network or to spy on the user with the TV’s camera and microphone. – Rafael Scheel

Smart TV’s seem to be suffering from IoT security problems. Turning your TV into an all-seeing, all-hearing surveillance device reporting back to it’s master is straight out of 1984.

A video of a talk about the exploit along with all the details is embedded below.
Continue reading “Remotely Get Root On Most Smart TVs With Radio Signals” →

Custom Case Lends Retro Look To Smart TV

May 14, 2016 by Dan Maloney 15 Comments

Refits of retro TVs and radios with the latest smart guts are a dime a dozen around Hackaday. And while a lot of these projects show a great deal of skill and respect for the original device, there’s something slightly sacrilegious about gutting an appliance that someone shelled out a huge portion of their paycheck to buy in the middle of the last century. That’s why this all-new retro-style case for a smart TV makes us smile.

GE 806 restored by Steve O'Bannon — 1940s GE 806 restored by Steve O’Bannon

Another reason to smile is the attention to detail paid by [ThrowingChicken]. His inspiration came from a GE 806 TV from the 1940s, and while his build isn’t an exact replica, we think he captured the spirit of the original perfectly. From the curved top to the deep rectangular bezel, the details really make this a special build. One may quibble about not using brass for the grille like the original and going with oak rather than mahogany. In the end though, you need to work with the materials and tooling you have. Besides, we think the laser cut birch ply grille is pretty snazzy. Don’t forget the pressure-formed acrylic dome over the screen – here’s hoping that our recent piece on pressure-forming helped inspire that nice little touch.

This project was clearly a labor of love – witness the bloodshed after a tangle with a tablesaw while building the matching remote – and brought some life to an otherwise soulless chunk of mass-produced electronics.

[via r/DIY]