In the mid-1990s, television broadcast stations around the world began moving to digital television. As well as being significantly more bandwidth efficient than its analog counterpart, digital television provides the ability to send digital data to receivers as well as the normal program content. Digital television receivers have now quickly evolved into smart TVs with dramatically more capabilities than their cathode ray tube predecessors. As well as advanced capabilities, however, these new devices also have associated risk to privacy and security. Michéle points out that smart TVs are at the same level of development as PCs were in the 1980s and that smart TVs have the same potential for vulnerabilities, security attacks, and need for patches as the PC does. Michéle provides a concise update on the state of play of smart TV technology, explaining not only the basics, but also a good level of technical detail, including security issues and vulnerabilities associated with these devices.
Chapter 1 gives an introduction to smart TV technology, covering hardware and software architecture, vulnerabilities, and attack vectors. Some of the countermeasures that vendors have implemented to date in an attempt to secure smart TV architectures are also presented.
Chapter 2 examines the media player applications built into smart TVs, where these applications are vulnerable, and how these vulnerabilities can be exploited. A casual (though technically savvy) reader can gain a good understanding of how the identified vulnerabilities can be exploited without necessarily studying code examples, although these are provided.
Chapter 3 covers the reception of digital broadcast television by smart TVs and how the standards used can also transport interactive digital applications. Digital video broadcasting (DVB) and hybrid broadcast broadband television (HbbTV) standards are detailed along with several transmission methods. The mechanisms that allow attacks to compromise and exploit transmissions are covered in surprising detail for such a small book. Several of the attack mechanisms that have been described in recent years are reviewed, as is a detailed proof of concept for a compromise mechanism for HbbTV. Systems for authentication and protection using cookies via an Internet connection to the smart TV are discussed, and potential protection schemes are introduced. The concluding paragraphs of chapter 3 form a useful synopsis of the general thrust of Michéle’s book.
Chapter 4, the final chapter, looks at the security and privacy implications of insecure smart TV systems for consumers, content providers, smart TV vendors, and broadcasters. The threats to consumers and vendors in particular are explained in detail.
The book is part of the “Springer Briefs” series, aimed at presenting short (the book is just 92 pages) synopses on various technical topics. This small book is packed with smart TV technical detail, well supported with figures and examples. Each chapter is nicely self-contained and well laid out, beginning with a short abstract and finishing with an extensive list of references. There is a good table of contents and a useful list of acronyms used (although one or two, such as software development kit (SDK), appear to have been missed).
The television has become just another piece of invisible furniture in modern households. Michéle delivers a good, concise, technical explanation of smart TV technology and also the potential security and privacy implications we accept by having them in our living rooms.
