Symantec security suggests DAB-IP could be open to Internet attacks
From The Smart PDA I found an article by a Symantec security expert about the possibility of the mobile television (and radio) protocol, DAB-IP (Digital Audio Broadcasting-Internet Protocol), being open to attacks from hackers.
Virgin Mobile in the U.K. on October 1, 2006 began transmitting DAB-IP service on its HTC-made Lobster 700TV cellular phone (see below). Virgin offers selected programs from BBC One, ITV1, Channels 4, E4 and, most recently, 24-hour news from ITN News, to postpaid and prepaid subscribers.
Ollie Whitehouse, a technical advisor in the Symantec Security Response group, writes that as he began reading the technical documentation about DAB he began thinking the protocol could be attacked in the DAB stack, IP stack and media codecs.
Pondering the possibilities
Whitehouse writes:
"• I wonder if they firewall the DAB connection on the device?
"• Can I spoof content? If so, how hard is it to attack the media codec with this spoofed content?
"• Is it possible to leverage that old IP stack DoS and take out every DAB-IP enabled mobile/cell phone in a 10-mile radius?
"You end up with a situation where you could conceivably 'broadcast' exploits to a geographic area if you were able to successfully attack any of the attack surfaces outlined above. It makes you think, doesn't it?"
Comments