Smashing Security podcast #133: Cookie cock-ups, Hong Kong protests, and smart TV virus scans

We head to Hong Kong to look at how technology has helped anti-government protesters (and how China has tried to disrupt it), Samsung is skittish over whether to tell TV owners to virus-scan their devices, and you won’t believe whose website is not GDPR-compliant.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by James Thomson.

British TV viewers targeted by email fraudsters

TV fraudsters are using the disguise of emails from the TV Licensing authority to steal large sums of money from the bank accounts of unwary Brits.

TV Licence website said it was secure. It wasn’t

The official UK TV licensing website was allowing licence purchasers to submit their personal identifiable information and bank details in unsafe, unencrypted plaintext.

Rule #1: If you want something to be private, don’t broadcast it (even blurred out!) on TV

No problem that a private key is blurred out on screen. Two hackers still managed to descramble it.

VIDEO: BBC News reveals password on-air

Don’t forget – you have reduced the point of a password if you stick it on the very device which needs the password. And nothing good is going to come from broadcasting that password on national TV.

Flawed EZCast media streamer can let hackers run malware on your home network

A HDMI TV streaming dongle allows attackers to easily infiltrate home owner’s Wi-Fi networks, steal confidential information and launch malicious code.

David Bisson reports.

Vizio Smart TVs spy on you by default – here’s how to stop them

As more and more manufacturers are jumping on the internet of things bandwagon, it’s clear that many cannot resist the temptation of finding a way to make money out of their customers’ data.

TV5Monde attack proves hacking attribution is very difficult

It’s “Islamic State hackers”. It’s “Kremlin-backed hackers”.

Oh please make up your mind…

Oops! Train control centre passwords revealed on BBC TV

A BBC documentary revealed more than it planned this week, exposing the passwords used at a rail control centre, overseeing part of England’s rail system.

Station de télévision exposé its own passwords on l’air. A Franglais report

To save the embarrassment of TV5MONDE I have attempted to write the following story in Franglais.

Only people with a loose understanding of the French language will be able to laugh at the TV station’s ineptitude.

French TV network taken off air after attack by pro-ISIS hackers

Pro-ISIS hackers have managed to take the TV5MONDE TV network off air, and hijack its website and Facebook page.

Read more in my article on the State of Security blog.

Israeli TV hijacked by Hamas hackers

Hackers connected to Hamas claimed responsibility for an attack which interrupted regular programming for some satellite TV viewers in Israeli.

Find out more in this article on the Hot for Security blog.

Got a Boxee TV account? You should change your password

The personal details of some 158,128 people – including their names, email addresses, birth dates, IP addresses – have been leaked following what appears to be a serious security breach at Samsung-owned web TV service, Boxee.

Philips Smart TVs riddled with security and privacy flaws, researcher reveals

A researcher has discovered that so-called Smart TVs from Philips suffer from a number of serious security flaws that could allow hackers to steal information from attached USB sticks, play pornographic movies as a prank, and hackers access viewers’ online accounts.

Passwords leaked on live TV as UK responds to flood emergency

The UK has been hit hard by extreme weather conditions, with transport systems shut down, homes flooded and high winds cutting electricity supplies.

So the authorities probably don’t have time to make sure there’s nothing sensitive in view of the camera crews…

Sochi Olympics hacking fears hyped by misleading NBC TV report

Earlier this week, NBC News broadcast a sensational report about the dangers of taking computers to the Sochi Olympics in Russia.

Unfortunately, it’s complete bunk – and badly misrepresents the facts.