Freelance Word Punk

[THIS SITE IS NO LONGER BEING UPDATED - IF YOU HAVE ENDED UP HERE YOU ARE IN THE WRONG PLACE, PLEASE CLICK WWW.HAPPYGEEK.COM TO VIEW NEW CONTENT BY DAVEY WINDER]

Tuesday, March 03, 2015

Blu-ray hacking exposed

Addressing last weeks Securi-Tay conference hosted by the Abertay Ethical Hacking Society in Scotland, Stephen Tomkinson from the NCC Group detailed how Blu-ray players can do more than play videos; they can open up a new attack surface for the hacker. Tomkinson demonstrated a new tool that had been released in order to enable the investigation of embedded network devices, and used the network exposed features on a common Blu-ray player as an example. He showed how an innocent looking Blu-ray disc can actually circumvent sandboxes and present the hacker with control of the underlying systems. Of course, that innocent looking Blu-ray disc was anything but, it was highly malicious. The disc itself, by combining a number of vulnerabilities discovered in Blu-ray players, was able to both detect the player it was inserted in and then launch a platform specific malicious executable. It also played a movie, to do otherwise would be a tad suspicious. The full technical background is published here but essentially the rich features of Blu-ray interactivity are built using a Java variant called BD-J, this both user interfaces and embedded applications to be structured as Xlets which can be thought of as akin to web Applets. Tomkinson and his team managed to circumvent the JVM SecurityManager controls and gain access to the underlying OS.
Newer Post Older Post Home

Blog Archive




Co-founder of IT Security Thing Ltd, Davey Winder is a three time winner of the Information Security Journalist of the Year award (2006/2008/2010) and received the prestigious Enigma Award for his lifetime contribution to information security journalism in 2011.



Simple theme. Powered by Blogger.