At the recent Black Hat cyber security conference in Las Vegas, iSec (a security firm) revealed a hack which allowed researchers access to remotely enable the webcam on a Samsung smart TV without the user even knowing.
The method of hacking was through a web browser exploit which gave the researchers access to all of the functionality of the browser which unfortunately also gave them the ability to control the webcam.
Luckily Samsung has patched the exploit that was utilized, but iSec remains skeptical that all security concerns have been addressed with regards to the webcam. The exploit that was utilized of course raises privacy concerns, as a hacker who could have hypothetically utilized the exploit could easily have been viewing you while you were using the camera and the exploit was also such that it could have re-routed you to a malicious website. The horrors of these malicious websites are well known — such activity could easily lead to identity theft and the stealing of banking information.
Along with the patch, Samsung has said that the camera can be easily disabled by either covering the camera lens or disabling it by pushing it into the bezel. Although this may not be satisfying to spooked customers, it actually is a very effective means of preventing hackers from viewing you remotely. However, it does not address the fact that if you were to be hacked in such a manner that the hackers would have indeed maliciously accessed your computer and if they already have access to your computer it probably would not be too hard for them to take it even further and exploit you even further.
I guess Samsung Smart TV owners can only hope that Samsung has properly addressed any security concerns which could scar the reputation of what seems to be an otherwise great product.
[via Iclarified ]