SlideShare ist ein Scribd-Unternehmen logo

ciso-platform-annual-summit-2013-Attacks on smart tv

Priyanka Aash
Priyanka Aash

Presented by Martin Herfurt at CISO Platform Annual Summit, 2013.Martin did a lot of work in the field of Bluetooth Security when he founded the trifinite.group in 2004. Currently, he is working for the German IT-Security firm n.runs professionals along with managing his new venture, toothR.

BildungTechnologieBusiness
1 von 29
Security Issues with Hybrid Broadcast Broadband TV (HbbTV) Watching TV suddenly is fun again! © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Who am I • • • • • Martin Herfurt Security Consultant working with n.runs Co-founder of trifinite.org Bluetooth security expert @mherfurt © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
SmartTV Security Overview • December 2012: ReVuln - USB/Local attacks on SAMSUNG Smart TV • March 2013: CanSecWest – Smart TV Security (great talk, but excluding HbbTV stuff) (SeungJin Lee, Seungjoo Kim) • May 2013: (TU Darmstadt) HbbTV Privacy issues (Marco Ghiglieri, Florian Oswald, Erik Tews) • June 2013: Security Issues with HbbTV • August 2013: Attacking Smart TVs via apps (Aaron Grattafiori, Josh Yavor) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
HbbTV Background • • • • Pan-European effort HbbTV = H4TV(fr) + HTML Profil(de) ETSI TS 102796 (published in June 2010) Adopts existing specifications – HTML-CE (Web for Consumer Electronics) – OIPF (Open IPTV Forum) • Goal is to combine broadcast content with online content © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
DVB Stream Plain Old DVB © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Augmented DVB Stream Hybrid Broadband Broadcast TV © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
The Red Button © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
SevenOne Media © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
What you think you see © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
What you are really seeing © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
How is the Red Button displayed? • • • • TV has a DAE (Browser) Content from URL within DVB-Stream Overlay on actual TV image Mostly transparent web page © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Data Collection • Extraction of channel list • Transparent proxy setup • Script for switching channels via IP © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Stations with HbbTV on Astra 19.2E List was generated on 9th of may 2013 with no CI-modules except HD+ in use (e.g. no SKY) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Subset of Stations using Google Analytics RTL2 uses a service called etracker.com Sometimes mechanisms for periodical tracking in use (transparent page refresh) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Possible Injection Vectors ! Augmented DVB Stream ! ! ! © 2013, n.runs professionals GmbH – Security Research Team ! Martin Herfurt
What Would Dr. Evil Do? © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Watering Hole Attacks – sometimes very likely Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26 mod_gzip/1.3.26.1a © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Content Injection © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Rogue Video Display © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Spoofing News Tickers © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Attacks on DNS © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Possilbe Attacks (Javascript) • OIPF Objects – contain device specific (and maybe personal) information (see Open IPTV Forum standard) like channel lists etc. – not everything from standard is implemented • HTML/JavaScript – time-based scan of home networks – transmit information to arbitrary inet location – You name it! • Recycle known malicious javascript code! – Google Dorks © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
© 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Countermeasures © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Unplug SmartTV © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Use a Firewall © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Block Domain Name Service © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
HAL – To Serve & Protect © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
Thank You! Find more on: © 2013, n.runs professionals GmbH – Security Research Team blog.nruns.com Martin Herfurt

Empfohlen

DDOS Audit
DDOS AuditDDOS Audit
DDOS AuditVinoth Sivasubramanan
 
ciso-platform-annual-summit-2013-New Framework for ERP Security
ciso-platform-annual-summit-2013-New Framework for ERP Securityciso-platform-annual-summit-2013-New Framework for ERP Security
ciso-platform-annual-summit-2013-New Framework for ERP SecurityPriyanka Aash
 
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibmciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibmPriyanka Aash
 
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fi
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fiDefcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fi
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fiPriyanka Aash
 
Defcon 22-graham-mc millan-tentler-masscaning-the-internet
Defcon 22-graham-mc millan-tentler-masscaning-the-internetDefcon 22-graham-mc millan-tentler-masscaning-the-internet
Defcon 22-graham-mc millan-tentler-masscaning-the-internetPriyanka Aash
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwarePriyanka Aash
 
Defcon 22-david-wyde-client-side-http-cookie-security
Defcon 22-david-wyde-client-side-http-cookie-securityDefcon 22-david-wyde-client-side-http-cookie-security
Defcon 22-david-wyde-client-side-http-cookie-securityPriyanka Aash
 
Defcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networksDefcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networksPriyanka Aash
 

Empfohlen

DDOS Audit
DDOS AuditDDOS Audit
DDOS AuditVinoth Sivasubramanan
 
ciso-platform-annual-summit-2013-New Framework for ERP Security
ciso-platform-annual-summit-2013-New Framework for ERP Securityciso-platform-annual-summit-2013-New Framework for ERP Security
ciso-platform-annual-summit-2013-New Framework for ERP SecurityPriyanka Aash
 
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibmciso-platform-annual-summit-2013-ciso assessment exec summary _ibm
ciso-platform-annual-summit-2013-ciso assessment exec summary _ibmPriyanka Aash
 
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fi
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fiDefcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fi
Defcon 22-phil-polstra-cyber-hijacking-airplanes-truth-or-fiPriyanka Aash
 
Defcon 22-graham-mc millan-tentler-masscaning-the-internet
Defcon 22-graham-mc millan-tentler-masscaning-the-internetDefcon 22-graham-mc millan-tentler-masscaning-the-internet
Defcon 22-graham-mc millan-tentler-masscaning-the-internetPriyanka Aash
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwarePriyanka Aash
 
Defcon 22-david-wyde-client-side-http-cookie-security
Defcon 22-david-wyde-client-side-http-cookie-securityDefcon 22-david-wyde-client-side-http-cookie-security
Defcon 22-david-wyde-client-side-http-cookie-securityPriyanka Aash
 
Defcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networksDefcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networksPriyanka Aash
 
Splunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto NetworksSplunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto NetworksGeorg Knon
 
Converging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from NagraConverging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from NagraJustindwah
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...Burton Lee
 
Get to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko TeamGet to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko TeamAhmed EL Murtada
 
20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentation20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentationjfvcarreira
 
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19Lisa Laxton
 
Keynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G StoneKeynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G Stonemfrancis
 
Debunking IoT Security Myths
Debunking IoT Security MythsDebunking IoT Security Myths
Debunking IoT Security Mythscumulocity
 
Core Values Decision Sept
Core Values Decision SeptCore Values Decision Sept
Core Values Decision SeptComputer_Forensic
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
4 stars
4 stars4 stars
4 starsPrince Soni
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deckRichard Blech
 
Android Application Development Basic
Android Application Development BasicAndroid Application Development Basic
Android Application Development BasicOESF Education
 
Testing with a Rooted Mobile Device
Testing with a Rooted Mobile DeviceTesting with a Rooted Mobile Device
Testing with a Rooted Mobile DeviceTechWell
 
Far South Networks Vision
Far South Networks VisionFar South Networks Vision
Far South Networks VisionClarotech_Events
 
Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12Kristof Geilenkotten
 
Internet of things basics
Internet of things basicsInternet of things basics
Internet of things basicscumulocity
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing securityGroup of company MUK
 
Daniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM ConnectionsDaniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM ConnectionsLetsConnect
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 

Weitere ähnliche Inhalte

Ähnlich wie ciso-platform-annual-summit-2013-Attacks on smart tv

Splunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto NetworksSplunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto NetworksGeorg Knon
 
Converging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from NagraConverging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from NagraJustindwah
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...Burton Lee
 
Get to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko TeamGet to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko TeamAhmed EL Murtada
 
20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentation20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentationjfvcarreira
 
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19Lisa Laxton
 
Keynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G StoneKeynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G Stonemfrancis
 
Debunking IoT Security Myths
Debunking IoT Security MythsDebunking IoT Security Myths
Debunking IoT Security Mythscumulocity
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deckRichard Blech
 
Android Application Development Basic
Android Application Development BasicAndroid Application Development Basic
Android Application Development BasicOESF Education
 
Testing with a Rooted Mobile Device
Testing with a Rooted Mobile DeviceTesting with a Rooted Mobile Device
Testing with a Rooted Mobile DeviceTechWell
 
Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12Kristof Geilenkotten
 
Internet of things basics
Internet of things basicsInternet of things basics
Internet of things basicscumulocity
 
Daniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM ConnectionsDaniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM ConnectionsLetsConnect
 

Ähnlich wie ciso-platform-annual-summit-2013-Attacks on smart tv (20)

Splunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto NetworksSplunk Webinar: Splunk App for Palo Alto Networks
Splunk Webinar: Splunk App for Palo Alto Networks
 
Converging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from NagraConverging CAS and DRM, David Bouteruche from Nagra
Converging CAS and DRM, David Bouteruche from Nagra
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
Lieven Vermaele - SDNsquare - Flanders Belgium - Stanford Engineering - Mar ...
 
Get to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko TeamGet to know infoSec - EEESE2014 presentation - Duko Team
Get to know infoSec - EEESE2014 presentation - Duko Team
 
20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentation20100115 Critical Links Edge Box Product Presentation
20100115 Critical Links Edge Box Product Presentation
 
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
IMA/Thales EchoVoice (VOIP) for OpenSimulator Presentation at OSCC19
 
Keynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G StoneKeynote - Introducing the Digital Home Working Group - G Stone
Keynote - Introducing the Digital Home Working Group - G Stone
 
Debunking IoT Security Myths
Debunking IoT Security MythsDebunking IoT Security Myths
Debunking IoT Security Myths
 
Core Values Decision Sept
Core Values Decision SeptCore Values Decision Sept
Core Values Decision Sept
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
 
4 stars
4 stars4 stars
4 stars
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deck
 
Android Application Development Basic
Android Application Development BasicAndroid Application Development Basic
Android Application Development Basic
 
Testing with a Rooted Mobile Device
Testing with a Rooted Mobile DeviceTesting with a Rooted Mobile Device
Testing with a Rooted Mobile Device
 
Far South Networks Vision
Far South Networks VisionFar South Networks Vision
Far South Networks Vision
 
Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12Asoreco presentatie werfmonitor_v12
Asoreco presentatie werfmonitor_v12
 
Internet of things basics
Internet of things basicsInternet of things basics
Internet of things basics
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing security
 
Daniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM ConnectionsDaniel Glueck - How Bosch develops for IBM Connections
Daniel Glueck - How Bosch develops for IBM Connections
 

Mehr von Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

Mehr von Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Kürzlich hochgeladen

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Kürzlich hochgeladen (20)

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

ciso-platform-annual-summit-2013-Attacks on smart tv

  • 1. Security Issues with Hybrid Broadcast Broadband TV (HbbTV) Watching TV suddenly is fun again! © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 2. Who am I • • • • • Martin Herfurt Security Consultant working with n.runs Co-founder of trifinite.org Bluetooth security expert @mherfurt © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 3. SmartTV Security Overview • December 2012: ReVuln - USB/Local attacks on SAMSUNG Smart TV • March 2013: CanSecWest – Smart TV Security (great talk, but excluding HbbTV stuff) (SeungJin Lee, Seungjoo Kim) • May 2013: (TU Darmstadt) HbbTV Privacy issues (Marco Ghiglieri, Florian Oswald, Erik Tews) • June 2013: Security Issues with HbbTV • August 2013: Attacking Smart TVs via apps (Aaron Grattafiori, Josh Yavor) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 4. HbbTV Background • • • • Pan-European effort HbbTV = H4TV(fr) + HTML Profil(de) ETSI TS 102796 (published in June 2010) Adopts existing specifications – HTML-CE (Web for Consumer Electronics) – OIPF (Open IPTV Forum) • Goal is to combine broadcast content with online content © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 5. DVB Stream Plain Old DVB © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 6. Augmented DVB Stream Hybrid Broadband Broadcast TV © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 7. The Red Button © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 8. SevenOne Media © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 9. What you think you see © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 10. What you are really seeing © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 11. How is the Red Button displayed? • • • • TV has a DAE (Browser) Content from URL within DVB-Stream Overlay on actual TV image Mostly transparent web page © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 12. Data Collection • Extraction of channel list • Transparent proxy setup • Script for switching channels via IP © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 13. Stations with HbbTV on Astra 19.2E List was generated on 9th of may 2013 with no CI-modules except HD+ in use (e.g. no SKY) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 14. Subset of Stations using Google Analytics RTL2 uses a service called etracker.com Sometimes mechanisms for periodical tracking in use (transparent page refresh) © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 15. Possible Injection Vectors ! Augmented DVB Stream ! ! ! © 2013, n.runs professionals GmbH – Security Research Team ! Martin Herfurt
  • 16. What Would Dr. Evil Do? © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 17. Watering Hole Attacks – sometimes very likely Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26 mod_gzip/1.3.26.1a © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 18. Content Injection © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 19. Rogue Video Display © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 20. Spoofing News Tickers © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 21. Attacks on DNS © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 22. Possilbe Attacks (Javascript) • OIPF Objects – contain device specific (and maybe personal) information (see Open IPTV Forum standard) like channel lists etc. – not everything from standard is implemented • HTML/JavaScript – time-based scan of home networks – transmit information to arbitrary inet location – You name it! • Recycle known malicious javascript code! – Google Dorks © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 23. © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 24. Countermeasures © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 25. Unplug SmartTV © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 26. Use a Firewall © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 27. Block Domain Name Service © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 28. HAL – To Serve & Protect © 2013, n.runs professionals GmbH – Security Research Team Martin Herfurt
  • 29. Thank You! Find more on: © 2013, n.runs professionals GmbH – Security Research Team blog.nruns.com Martin Herfurt