Tuesday, December 28, 2010

Security in TV


True to my promise to my friends at techece I am restarting my posting on the blogosphere.

To start off, I decided to touch upon a topic that is kind of related to my work viz security for connected devices. Home networking is the way things are headed in the consumer electronics world. It is already happening and pretty soon seamless content sharing and networking of all electronic home devices will be the norm. In this aspect I have wondered earlier whether the devices in your home including your TV and other infotainment devices are secure enough when compared to a PC/Laptop at your home. Well, looks like my thoughts were not entirely unfounded.

According to an article on the New York Times the vulnerability of such devices is indeed high. Quoting from the article,
Researchers at Mocana, a security technology company in San Francisco, recently discovered they could hack into a best-selling Internet-ready HDTV model with unsettling ease.

They found a hole in the software that helps display Web sites on the TV and leveraged that flaw to control information being sent to the television. They could put up a fake screen for a site like Amazon.com and then request credit card billing details for a purchase. They could also monitor data being sent from the TV to sites.

Given the high profile launches of Google TV this holiday season in the US, this is most likely a TV from one of the few to launch Google TV viz Sony, Logitech or LG.

A further visit to the Mocana website yielded the research paper on "Vulnerability Assement of XYZ Internet Connected HDTVs".

Quoting from the paper, the key groupings under which the security aspects that were studied are,

  • Review of the base operating system (OS).
  • Review of the firmware updating process.
  • Review of media parsing functionality.
  • Review of protocol handling functionality.
  • Review of third-party “Apps.”

Being from the industry, I concur with some of the the findings of the report.

The OS vulnerabilities itself are something that is of lower priority given that most OS are found across industries and a fair amount research has been done in this direction.

The firmware updating process too should not be a major issue given that most of the formats for the firmware are proprietary and closely guarded. Additionally the firmware delivery and authentication mechanisms are fairly robust. The same is true for protocol handling.

However, the support for third party Apps and media parsing are something that need to be further reviewed. Especially the third party Apps due to the fact that many a times vulnerabilities of third party apps ( in the PC world ) expose the chinks in the system and the amount of activity that goes in this space ( both in mobile phones and other CE devices ) is a cause for concern.

The entire report can be found here.

Image Courtesy: www.faqs.org
Posted by at 3 comments:
Labels: , , ,

Sunday, September 06, 2009

Comeback post... on Cisco

Wow! Its been quite some time since I posted. Well I am back and hopefully am here to stay.

As a part of this comeback post, I would like to upload a short write up created by me on Leadership @ Cisco Systems as part of my management course @ IIMB.

Feel free to use this document as a reference with proper attribution. Also please leave a comment on this post if you are doing so.
Posted by at 2 comments:
Labels: , ,

Saturday, September 13, 2008

WTF!!

THIS NEEDS TO STOP!!!
Posted by at No comments:
Labels: , ,

Monday, September 08, 2008

Winston Smith is Big Brother!!!

What a revelation!

Winston Smith is Big Brother!!

I have been watching the film adaptation of 1984, the greatest novel of the 20th Century. You see I had not watched the film before. The lead character playing Winston Smith looked awfully familiar.

Now where have I seen him before??

Wait a minute...

The dude is the same guy who plays "The Leader" Adam Susan (Adam Sutler in the movie) in the film adaptation of the greatest graphic novel of 20th Century, V For Vendetta.


The fact that I like V for Vendetta would be evident to those who look at my profile picture on the top left of this page. Adam Susan's character or V for Vendetta for that matter was most definitely inspired by Big Brother and 1984 respectively. To link V For Vendetta with 1984 in this way got me so excited that I had to write about it

The actor's name it turns out is John Hurt. Now, I don't know if the Wachowski Brothers wanted to pay homage to 1984 or whether they wanted to drive home the point that we had forgot 1984 for too long and that history has come one full circle, but I just love this piece of pop culture trivia. So once again...

WINSTON SMITH IS BIG BROTHER!!!
Posted by at 1 comment:

Sunday, September 07, 2008

Welcome to the Nuclear Family

Yesterday was a day of monumental importance to India. India has received a full waiver from the Nuclear Suppliers Group, a cabal of elitist nations which decide who can and cannot use Nuclear Technology.

I am no nuclear tech. expert and am hence not going to delve into the viability of nuclear technology in satisfying India's ravenous hunger for power.

Neither am I a political strategist who can look into the fallout of this deal with respect to geo-strategy. But there are two things that stand out that even a layman like me can notice.

Firstly, this act pretty much completes the aligning of India with the U.S and the West in terms of international geopolitics. At this moment it is impossible or at least very difficult to talk about the long term implications of this move i.e. whether it is of net positive or negative consequence to the ambitions of India. However what can without doubt be said is the fact that India has set itself on a course which is a marked shift in its political strategy thus far.

Secondly, it is our Prime Minister Manmohan Singh's moment in international history. Mr. Singh had almost two decades back led a then very unpopulist movement called 'economic liberalization' and that has turned out well of India (at least thus far). I hope that he has made the right choices this time too. I have to say that I am really impressed by the personal conviction with which he has led this campaign. Conviction and the balls to take up unpopular but much needed decisions are qualities that are as rare in India as the fuel grade Uranium and Plutonium that we so desperately seek.

Kudos Mr. Singh. Here's to you!
Posted by at No comments:
Labels: , ,

Thursday, September 04, 2008

Are you game?

Disclaimer: This post is based on the ending of the movie 'The Dark Knight' which had the late Heath Ledger portray the 'Joker' with psychotic perfection. If you have not seen the movie yet and do not wish for the plot to be revealed, please leave this page now.

For others, here is a quick recap of the climax.



Plot Spoiler Begins:

The Joker loves to play games.Being faithful to his sadistic instincts, he decides to play a game whose high stakes are human lives.

There are two boats marooned off the coast of Gotham City. One of the boats holds the law abiding citizens of Gotham City fleeing from his tyranny, while the other boat holds the law breaking convicts of Gotham City who are being transported to another penitentiary.

Now here is the GAME.

Both the boats, unbeknown to its occupants have been filled with explosives. However, the detonators for the explosives are in the hands of the occupants of the other boat i.e. the convicts hold the detonator to blow up the civilians' boat while the civilians can at the same time blow up the boats holding the convicts. The Joker then, lays down the rules frightened people playing the 'Game'...

1. If you blow up the occupants of the other boat, you live.
2. If by midnight, neither of the boats have blown each other up, the Grand Referee a.k.a the Joker shall blow both of them up.

However, the people of Gotham City, the honorable souls that they are, decide not to blow up each other.

Plot Spoiler Ends

Now this is where the really interesting(?) part of this post begins.

With my recent exposure to Game Theory, I became fascinated with the nature of the game being played by the Joker. So I decided to create a payoff matrix for the game (See below).




As you can see, the Rows represent the decisions taken by the Convicts and the Columns represent the decisions taken by the Civilians. Additionally, in each cell, the first number represents the payoff for the Convicts and the second one represents the payoff for the Civilians.

Now here is the rationale for the payoffs...

minus 2 - The payoff of the guilt of killing somebody.

minus 100 - The payoff for dying :) with the sense of betrayal as you have been killed by the other group.

minus 50 - The pay off for dying but without the sense of betrayal as you would have been killed by the joker.

minus 102 - Dying with both a sense of guilt and betrayal.

As was already mentioned, the result was that neither of them killed each other .

Those familiar with Game theory will smile and say that this payoff matrix is exactly similar to that of the Prisoners' Dilemma. They are absolutely right. The payoff matrix ended up this way coincidentally (Scout's Honor). As this is indeed the Prisoners' Dilemma, the Nash Equilibrium would have ended with both the teams blowing each other up. However, they have played cooperatively and it is interesting to know that in trusting each other, they have also achieved the highest payoffs possible. Another interesting thing to note is that both the teams played cooperatively without any kind of communication except for the fact that if they are still alive, then the other team has not blown them up yet. This help build the trust slowly to the level that they knew that the other group too was playing cooperatively. Thus there are still certain things that Microeconomics can't explain :D.

I myself agree that there are two possible loopholes in my above theory.

1. The Kill/Kill payoff is practically impossible as the chances of it occuring is very less.
2. The Kill/Kill and Don't Kill/Don't Kill payoffs should be much closer.

Now this brings us to the end of this long blog post. I would love to know your viewpoints on my above theory. Please feel free to dissect the payoff matrix and provide your own solution to the above game. What do you think?

ARE YOU GAME?
Posted by at 4 comments:
Labels: ,

Tuesday, September 02, 2008

Now I know how Rajni felt...

Today is Vinayaka Chathurthi. I wish every one a great time praying to the most affable God from the Indian Pantheon.

Today was also a day when I was in the same shoes as Rajni.

After a lot of coaxing I was convinced by my mom to perform the puja on the Vinayaka clay murthi. I might be a qualified Embedded Video Engineer , but when it comes to chanting Vedic Mantras, I am as skillful as my 'Puratchi Deivam' Sam Anderson trying to dance. For the uninitiated, Vedic Mantras is as easy as Microbiology, Neuroscience and Astrophysics put together. Anyways, my parents who are quite aware of my IQ in Vedic Mantras asked me to follow my father's lead.

All was going well until I was asked to repeat a piece of mantra at the speed in which my father chanted it. To get the drift of my father's speed, just think of Eminem rapping 'Way I am' in twice the speed. Over the years I have adapted fairly enough to following his lead, but this one left me stunned and gasping for comprehension. Which is the mantra you ask? Look at 2:14 in the below video.



Now I felt what Rajni must have felt. I have promised myself to find out what this Mantra is and what it actually means. Any idea which mantra this is?

BTW, take a look at my 'Puratchi Deivam' dancing to the tunes of 'Rasathi'. Enjoy!!

Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)