Rooting without touching shouldnt be a problem... at least not over dvb-t (dvb-t with hbbtv signals are super eazy to make with hw for less then 100$, no expirience at all with dvb-s, dvb-c should be the same as t, but you have to cut trough a cable or something eheheheh).
The old exeDSP is full of bugs / the new exeAPP probablie too. dont really see the difficulty in this.
Additionally you can upgrade the firmware in many models over dvb.... As shown in talks before (
https://vimeo.com/113053663)
We dont see in this movie what he does exactly, tough this paper of him explains probably how:
http://www.isti.tu-berlin.de/fileadmin/ ... c_2014.pdf
The user actually has to download the Media file...
First, the attacker places a
manipulated popular video file on the Internet or targets it
directly at a specific victim (1). The victim downloads and
places the file on storage connected to the TV (2). The TV
is compromised as the victim starts to play back the video
on the TV (3). Then the attacker?s payload is executed on the
TV, which, e.g., attacks other systems on the local network or
transmits data from the built-in camera and microphone (4).
additionally he talks about exeDSP which is only used in the old models... Comon, these models use gecko from 2012 ~ for theyer hbbtv browser... just send an hbbtv signal and use an drive by injection...
Are there any other remote attacks shown in the paper that i missed?
Sad the tv show either brings unpublished material and / or no background information, while there are many many eazy ways to do this...
and sorry for the bit salty comment hehehehe i just dont like it if tv shows make a statement but dont back it up at all
(but the board reduced the solution)
