Lost+Found: Hacking Smart TVs, scammer hotlines and Vaccination
Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H's radar over the last seven days: taking apart Samsung's Smart TV software, phone scammers with their own hotline, tricking malware with Vaccination, Qualcomm is pre-installing Kaspersky on Android phones, and Twitter account security.
- Marco Ramilli documents how to take apart the firmware of Samsung Smart TVs and, in the process, extract interesting interfaces as well as private keys and certificates. He starts with a PE file, extracts a RAR archive from it using a special tool and then cracks that open to reveal a SquashFS image of encrypted files.
- The telephone scammers that usually disguise themselves as Microsoft technicians have launched a new service initiative: effective immediately, one does not have to wait for them to ring up, because they have now launched their own service hotline.
- A lot of malware does not execute its malicious payload on virtual machines – not out of benevolence, but to make the lives of security researchers harder. Rapid7's Vaccination tool turns the tables on the malicious code and simulates a malware analysis running on a virtualised system to browbeat the attackers.
- Kaspersky has signed a deal with Qualcomm that gives the chip manufacturer the ability to ship Android phones using its Snapdragon processors with pre-installed anti-virus software from Kaspersky. What is currently unknown is whether the present from Kaspersky will stop working after 60 days as is common in the Windows world.
- Is your Twitter password secure? This helpful web service can tell you.