Researchers Find Directv Security Hole No One is Patching

Researchers tried to do this the right way with no luck so now they are seeing if bad publicity will get the job done.

AT&T Directv creates a private wireless network to transfer video, audio and the user interface between it’s wireless slave boxes  hanging off the back of your TVs and the DVR that they talk to.

According to researchers, the bug is trivial to exploit and will go undetected.

The wireless video bridge, as it is called, is running a web server and when the researcher decided to check it out, he discovered that the web server does not require you to log in to it.  After all, all that should be talking to it is a Genie slave unit.

Worse yet, the web server does not do any kind of input validation, so if you want to send it bogus data, you can own the box as ROOT, Linux’ super admin userid.

The good news is that this wireless bridge is not connected to the Internet, but if someone was able to compromise a PC on the network, then it would be trivial to use it to compromise the Directv box.

The first attack that the researchers considered is a Mirai botnet like attack where a couple of thousand AT&T Directv boxes are used to attack the Internet and take down Google or Microsoft or whomever.  Definitely possible.

The researchers notified AT&T 6 months ago and AT&T has gone completely dark, so they are announcing the  bug.  Maybe the fear of being on the front page of every newspaper in the country – after all, now millions of hackers are aware of how to break in – might get them off the dime.

From a user perspective, there are only a couple of things that you can do and #1 is to completely isolate your AT&T devices from the rest of your network.

Information for this post came from The Register.

by