Case Project Assignment: Read the following Case Study below and answer the questions below the study.
Basically there are three types of televisions today. A basic TV uses the Digital Video Broadcasting (DVB) protocol for receiving the cable signal, but the TV itself is relatively "dumb." A media center TV has the basic components of a computer: processor, memory, hard disk, and some type of operating system. These TVs provide wired or wireless home network connections along with USB ports and memory card readers. They also may support other TCP/IP protocols like DHCP, HTTP, and FTP to receive media content or firmware upgrades. At the top end of the TV scale are the newer smart TVs. These Internet-enabled devices are really specialized computers running a version of Linux or Windows with Internet connectivity and a web browser to surf the Web. Users can even download and install apps or widgets and play multi-user games in real time with other users around the world.
Reports by security researchers now show how vulnerable these TVs can be. A set of fuzz testing tools was used to test different TVs from different vendors. What they found was that each of these TVs failed multiple tests and was vulnerable to a variety of attacks, such as a denial of service (DoS) attack against a media center or smart TV to cause it to crash. In addition, malware can be installed that turns the TV into a zombie that attacks other computers and TVs or turns on the cameras and microphones of the attached game players to spy on users. Other malware can steal the credit card numbers or the passwords used to pay and access on-demand streaming services that are stored on the TVs. And this malware can easily be transported to other computers through the home network or by tricking the user through social engineering to insert a USB flash drive into the TV, which is then carried to other devices.
What do you think?
• Who should be responsible for protecting smart TVs?
• The customer or the vendor? Should the vendor send out regular patch updates for security purposes?
• What if vendors were to charge for this feature? Should users be given the option to pay?
• Or should all vendors be required to keep these TVs protected?