Other issues in this category (26)
Orwell wouldn't like it
Tuesday, January 24, 2017
Thanks to the fact that microelectronic devices keep getting cheaper and are being so actively integrated into everyday life, common household items are getting smarter and smarter. Fridges can order food (if such a service is available in your neighbourhood), lamps can adjust their brightness level and hunt for insects, electric sockets can turn electrical equipment off and on at the request of homeowners who can issue commands via their smartphones from anywhere in the world. TVs can think for us and suggest programmes and commercials based on our preferences.
While in the past each device used its own unique hardware and software, nowadays mostly standard components are used.
Apple released a security update for its Apple TV microconsole to close 33 vulnerabilities. A hacker can exploit 10 of the loopholes and execute code on a target machine remotely. Six of them allow code to be executed with elevated privileges. A hacker can also take advantage of a memory corruption error (CVE-2015-5776) and cause an application to crash or execute arbitrary code. The outdated libxml2 library’s three vulnerabilities (CVE-2012-6685, CVE-2014-0191 and CVE-2014-3660), which were discovered by security researcher Felix Groebert, can be exploited to facilitate DDoS attacks. Other flaws can be used to execute code with elevated privileges using malicious DMG files and applications.
And, how many vulnerabilities exist that manufacturers don’t yet know about?
TVs are becoming increasingly user friendly. You can never find your remote control? Use your voice to tell your TV which channel to switch to.
Now you can spend more time watching programmes you like instead of searching through countless channels for interesting movies and shows. The Voice Interaction feature enables TVs to process natural speech so that you can just ask a question and the device will suggest shows and movies that align with your preferences.
Convenient? Sure! But criminals can use the microphone too.
Samsung confirmed that their Smart TV devices catch every word a user says so customers are advised not to engage in private conversations in the vicinity of the device.
According to Samsung, the voice interaction feature of its Smart TV devices captures all nearby conversations. Devices can send data that may include sensitive information to Samsung as well as to third-party services, theweek.com noted.
- In November 2013, it was discovered that LG's smart TVs send the company's servers undesirable data, including information about what channels users watch and the names of the files that are stored on external hard drives that connect to the devices via USB. After discovering this fact, British blogger “DoctorBeet” wrote that the data keeps being sent even if the user disables this option.
- At the Black Hat Conference in August 2013, Aaron Grattafiori and Josh Yavor showed how vulnerabilities they discovered in 2012 Samsung TV sets enabled hackers to gain remote access to the devices' cameras and any Facebook and Skype applications in use
In Orwell's novel 1984, TV screens were installed by default in all homes.
The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live — did live, from habit that became instinct — in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.
George Orwell, 1984
Now 1984 is in the distant past. Telescreens have become much smarter than Orwell ever could have anticipated!
Yahoo! filed a patent application for a smart billboard that will be equipped with biometric sensors and microphones. It will be able to collect information about everyone who drives or walks by. Moreover, a billboard of this kind may also feature a retinal scanner and a speech recognition module to determine what a person is looking at and talking about.
The Anti-virus Times recommends
- We equip our households with all sorts of devices without thinking about what they can do. Orwell would be taken aback were he to learn that people had voluntarily gone way beyond his wildest and creepiest assumptions about the future.
- If you purchase and install a device, make sure that you familiarise yourself with all its features; disable those you won't be using, change the default password (you remember the Anti-virus Times issue about routers, right?) to one that is stronger, and configure the firewall if one is available to you.
- It is very unlikely that the manufacturer itself will spy on you. But, there’s no shortage of people who want to exploit the vulnerabilities in your device’s hardware and software. For example, they could record a domestic argument or someone undressing in a dimly lit room and put the video on YouTube. Install an anti-virus—it will protect you from those who like to peep and eavesdrop.