Beware, your TV is watching you

In the past, we were watching TV, nowadays our TV is watching us.

You don’t believe me? Then continue reading…

You may already own one of those so called smart TVs that add Internet access, cloud functions, apps, Facebook, Skype etc. to your living room. So now, we must have everything we need and will love to use all those fancy new functions from our couch by using our remote control, don’t we?

Have you ever had a look to those strange and hidden settings and disclaimers on your TV? If not, maybe it’s time to do now. You will be surprised. Toshiba TVs for instance offers a disclaimer (down the menu after two other trivial disclaimers) which tells you what kind of data Toshiba collects from your TV. The list of what they collect fills a couple of pages and contains information like when and what kind of channel you are watching etc. Of course, this all is enabled and you have to actively disagree to this disclaimer.

Ok, let’s just disagree and we are done. Really ?

LG for instance has a setting called “Collection of watching info” which can be enabled and disabled. But too bad – even if you disable this setting, LG TVs will continue collection everything. So they just don’t care and ignore your decision.

Ok, so they know what I am watching. Who cares ? I personally would, to be honest.

Recently it was found that LG for instance is also interested in knowing what’s on you USB device you connect to the TV. It reads out filenames and sends them home. But because everything we are watching via USB is legal and everybody can know what we are watching, yes, maybe we don’t need to care.

Wait a minute, everybody ?

Yes, potentially everybody with access to your network as this information is not encrypted at all.
I personally don’t like my TV watching me so I just have most of the TVs at home not connected to the internet at all – at least not via WLan. But as the LG case shows, there is not much we can do against it if we connect it to the internet. At least we should not trust our TV.

So again, like I used to say, don’t trust the evil.

Have a nice post-Thanksgiving weekend,

kind regards,
Marcus


European Parliament hacked

You may have already read about the recent successful attempt of a hacker breaking into mail accounts of European Parliament members. I don’t want to repeat the story here which can be found on numerous locations on the web.

Just in short: The EU Parliament uses an old Microsoft Exchange mail system along with a synchronization component called Active Sync on mobile phones. Both components have many and well known security flaws which were not fixed (or have not been replaced I would say). It was quite easy for the hacker to perform some kind of MITM (man-in-the-middle) attack while he was just sitting close to the parliament and waits for somebody to connect to the exchange server via WiFi.

So what is the lessen we can learn here. First of all, the IT department of the European Parliament did a really bad job. That’s quite obvious and there is no excuse for that. They even allow Windows XP computers inside their network which is like if they would roll out a big poster on the Parliament which reads “Hackers Welcome!” – unbelievable.

So thats not really a lessen we can learn so what else went wrong? As with this and other MITM attacks, there are often indications that something is not right. For instance, if somebody has compromised your network you may see “wrong certificate” messages in your browser or Email system or https: connections switch over to http: connections and things like that. In this case, users did receive an error message which they just confirmed and thus the hacker got access to the mail account. Of course users, especially users of Microsoft software may already got used to error messages but again, such messages should never be just ignored. So if your own network setup produces regular error messages, I can strongly recommend to find and solve the reason for that. Once it is solved (or even when not) see those messages at least as a reminder to change your passwords – which should happen on a regular basis anyway.

What else? The hacker did use WiFi for his attack. It is so easy to fake a public WiFi hotspot or to listen to communication that goes through a public WiFi hotspot that doesn’t use extra encryption. This attack could have been prevented if the Parliament members would have used a Cell/3G/4G/LTE connection instead of WiFi. You may wonder why they did use WiFi. If you look at the names of the people who have been compromised you will notice that all seem to be from other EU countries but France. In Europe, unfortunately, if you cross a border, you got pushed back to stone-age in terms of communication. In Europe there is almost no global data roaming available which means you have either to use GPRS at speeds of 171kbs or accept ridiculous communication costs. I doubt that the Parliament members had the costs in mind but they rather found that Internet is just not working on their devices without WiFi when being in Strasbourg.

Even though I think you as a user of NetworkToolbox are aware about the insecurity of WiFi but just in case: Try to prevent to use public WiFi hotspots wherever and whenever possible. Always give cell/3G/4G/LTE communication precedence if available, even if slower. Although these Networks are not 100% secure and by no means against NSA, GCHQ but way way more secure than any WiFi connection. It seem to get a common hobby for kids sitting with their laptops or phones on public places or transports and to setup their own “Free and secure Internet connection” to grab other peoples Email accounts and Facebook credentials. Moreover, I have seen so many wrong and insecure configured public WiFi networks that let anybody who is logged in to the network browse any computer connected to that network at the same time. You can try it out yourself with NetworkToolbox. You will be surprised.

Of course, sometimes there are no alternatives to WiFi and if you have to use it, ensure that your device is secured enough and try to prevent to send credentials at all or at least unsecured over the WiFi network. You can ensure this by using just https: connections when connecting to facebook etc. Even if you don’t plan to check your mails over WiFi and even if you just like to quickly browse a certain website, keep in mind that your mail client most likely will check for new mails in the background once you are connected. So ensure that you mail client has been setup using SSL/TLS etc. In addition, I change my passwords every time when I come back from vacation or business trip as even the aforementioned measures can not 100% protect you.

Next week I will write about security issues with TV Sets from LG and others that are known to spy out your privacy.

So as always, don’t trust the evil.

Have a great and secure weekend,

regards,

Marcus