Full Disclosure mailing list archives
[SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released)
From: Security Explorations <contact () security-explorations com>
Date: Mon, 28 May 2012 14:12:06 +0200
Dear All, On 24 May 2012, Security Explorations delivered two talks at Hack In The Box Security Conference in Amsterdam [1] where we disclosed details pertaining to our 1.5 years long research project verifying security of a digital satellite TV platform (project SE-2011-01). Updated (minor error corrections) presentation slides for these talks are available for download from our website: http://www.security-explorations.com/en/SE-2011-01-details.html Along with that, we have also updated our FAQ and PoC pages with so far undisclosed details pertaining to the vulnerabilities details and their estimated impact: http://www.security-explorations.com/en/SE-2011-01-faq.html http://www.security-explorations.com/en/SE-2011-01-poc.html As we received inquiries regarding the actual impact of the issues found in DVB chipsets (we provided the number of 541 millions of chips released to the market by STMicroelectronics during our HITB talk), we would like to quote our FAQ in order to make some things more clear with respect to that topic: "Some sources [2] state that a cumulative total of more than 400 million MPEG-2 and MPEG-4 decoder chips used worldwide in STBs, digital television sets and DVD/Bluray players were shipped to the market by STMicroelectronics (as of 2007). STMicroelectronics own sources [3] mention 541 millions as the number of these chipsets released to the market in 2008. They also speak about the company as #1 chipset vendor in H.264 market (68% of market share in 2008). It is however very difficult for us to provide any precise number with respect to how many of these chips are actually vulnerable to the issues found. What we know is that we discovered security issues in Gen-1 (STi7100) and Gen-2 (STi7111) chipsets. This means that some other chipsets from these generations could be vulnerable to the issues found (such as STi7101, STi7109 sharing same SoC architecture with vulnerable STi7100). But again, DVB chipset vendor should make a final verdict in that case. Since on Jan-17-2012, STMicrolectronics informed us that no confidential information would be disclosed to Security Explorations in response to our impact inquiry questions, we suggest that all interested parties (customers, journalists, etc.) contact STMicroelectronics company directly for any impact related inquiries." We hope that the published material is interesting not only for those from a digital satellite TV ecosystem. The first talk might potentially interest those dealing with malware as it discusses malware threats in the context of a novel platform such as digital satellite TV set-to-boxes. The second talk might be interesting for those working with hardware based security as it discloses details of critical security issues found in system-on-chip (SoC) chipsets. Thank you. Best Regards Adam Gowdiak --------------------------------------------- Security Explorations http://www.security-explorations.com "We bring security research to the new level" --------------------------------------------- References: [1] Hack In The Box Security Conference 2012 Amsterdam (http://conference.hitb.org/hitbsecconf2012ams/) [2] World Leader in Set-Top Box Chips Passes MPEG-Decoder Shipment Milestone (http://www.digitaltvnews.net/items/070711st.htm) [3] Multimedia Convergence & ACCI Sector Overview, Philippe Lambinet, STMicroelectronics (http://www.st.com/internet/com/CORPORATE_RESOURCES/COMPANY/COMPANY_PRESENTATION/5_mult_conv_acci_lambinet.pdf) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released) Security Explorations (May 29)