Abstract
The smart TV market is growing at an ever faster pace every year. Smart TVs are equipped with many advanced functions, allow users to search, chat, browse, share, update, and download different content. That is one of the reason why smart TVs became a target for the hacker community. In this article, we decided to test security of Tizen operating system, which is one of the most popular smart TV operating systems. Tizen is used on many different devices including smartphones, notebooks, wearables, infotainment systems, and smart TVs. By now, there are articles which present security mechanisms of Tizen OS, and sometimes with a way to bypass them; however, none of them are applicable to the smart TVs. In the article, we focused on developing an algorithm that will allow us to gain root access to the smart TV. The proposed attack scenario uses CVE-2014-1303 and CVE-2015-1805 bugs to bypass or disable security mechanisms in Tizen OS and finally gain root access.
Highlights
We live in an era where electronics are an essential aspect of our everyday lives [1,2,3].It is currently difficult to imagine life without it; washing machines, refrigerators, watches, mobile phones, and televisions are increasingly equipped with modules that allow remote connection with other devices and become a part of the internet of Things (IoT) [4,5,6]
Through this publication, we hope to raise awareness about security issues in modern smart TVs and hopefully increase the percentage of people who regularly update their firmware. It was presented how a root shell can be executed with all smart TV variants of Tizen OS security mechanisms enabled (Section 5.2.4)
We found bugs even in the newest model of Samsung smart TVs, we decided that to follow the principle of responsible disclosure and not endanger users’ security in a meaningful manner (Section 7), we described issues found in the 2015 model, J, as vendor issued necessary patches over six years ago
Summary
It is currently difficult to imagine life without it; washing machines, refrigerators, watches, mobile phones, and televisions are increasingly equipped with modules that allow remote connection with other devices and become a part of the internet of Things (IoT) [4,5,6]. Smart TVs are an excellent example of a device that has internet access and complete operating system, and they are often even equipped with a camera and microphone. PCs and smartphones are much better secured than smart TV devices [14]. We hope that this situation will change when people realize that their devices are more than TVs and that somebody might take advantage of that to spy on them [15]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
