IPTV - Security and Malware
- Thread starter skjom
- Start date
Drox
TK Veteran
The anti-vaxxers have been infected by all sorts of crap from watching their youtube 'doctors'
skjom
Member
Thanks , yes but if you have a fire tv and keep it regularly updated without side loaded apps you are relatively secure albeit it dependant on u're defense on home , firewall etc.
IPTV you install the app which could contain malware. The streaming although unlikely could be an actor vector also.
Think all points here reflect that.
I guess like any security, measures can be taken , secure for example the fire tv running IPTV on its own Vlan with inbound and outbound rules.
bazcfc1
VIP Member
I’ve no updates done on my firestick and uninstall and re install apps constantly even doing friends/family devices for them with no updates
skjom
Member
Isn't that a security risk though any of the fixed android vulnerabilities would be open
bazcfc1
VIP Member
If they want access to my porn hub app they can gladly email me 🤣🤣🤣🤣🤣
Could well be but if you don’t put details on or if you use a dummy Amazon account then nothing to be taken
Well in that case you will not get far on fire tv or firestick especially when there are no apps for iptv from amazon if it was not for downloader app or side loading I do not think it would be as popular to the masses.
skjom
Member
I don't think that's the case though unless you have taken some security measures to isolate the device from the rest of your network.
An infected device such as a fire stick should be able to propogate to rest of your home network in less than a minute.
I manage a few hundred android devices in the field and we keep them regularly updated to avail of the latest security updates from Google. It's not really about protecting the device itself but more to protect what it's connected to on rest of the network.
Same applies for Linux devices, we recently done a deep scan on our enterprise network for them , the level of vulnerabilities open was crazy on Linux that wasn't patched. Thankfully our enterprise network is behind some farely large scale firewalls and some serious security measures.
Understand there are no official apps.
But if there was a significant risk could lock down the traffic using pfsense so the device is isolated on home network.
steptoe
VIP Member
Can you explain how anything can execute on Linux without express permission from the owner/admin of the device it has been downloaded to,?
There are no standard admin/root permissions on Linux unless they have been specifically set-up, which only an idiot would do, like microshite has allowed on windoze.
skjom
Member
Heres a quick example from random search:
https://ubuntu.com/security/CVE-2022-28960
But some old ones :
Anatomy of a data leakage bug – the OpenSSL “heartbleed” buffer overflow
Bash “Shellshock” vulnerability – what you need to know
There is a bit of a myth Linux is secure, maybe 10 years ago this was true, but the attacks target vulnerabilities just as they do on windows.
In our enterprise environment, we constantly patch both windows and Linux including android.
skjom
Member
Thanks , but would not go back to sky, been gone over 15 years. I was just curious did people take measures to secure devices.
It's a common theme on another forum I frequent - IPCAM talk , but it's done mainly as the cameras have firmware exploits. Some very good basic primer papers which includes Vlan out the network to more complex pfsense with intrusion detection.
steptoe
VIP Member
I'd suggest it's your enterprise network that is insecure, and not Linux as a whole.
Linux as a daily driver is very secure as long as it's used properly, and ni root permissions are provided.
skjom
Member
No our enterprise network is not insecure.
We have over 100 people in our security team section and trust me the thing is like fort Knox.
Patching is mandated by security leads of IT group who have more tools and measures taken than I've ever seen , this includes TLS/SSL breakers using gigamon to inspect any suspicious packet. From talking to them they see Linux vulnerabilities as a significant threat , below windows but it's pretty high on their threat matrix.
Linux is more secure than windows yes as daily machines. I run proxmox hypervisor myself with multiple VMs and LXC containers all using Ubuntu or Debian OS. But also keep them up to date for patches as well and under no allusion there are many vulnerabilities.
My post was to ask was their any attacks via IPTV and to determine had others taken any measures to secure their networks.
We have over 100 people in our security team section and trust me the thing is like fort Knox.
Patching is mandated by security leads of IT group who have more tools and measures taken than I've ever seen , this includes TLS/SSL breakers using gigamon to inspect any suspicious packet. From talking to them they see Linux vulnerabilities as a significant threat , below windows but it's pretty high on their threat matrix.
Linux is more secure than windows yes as daily machines. I run proxmox hypervisor myself with multiple VMs and LXC containers all using Ubuntu or Debian OS. But also keep them up to date for patches as well and under no allusion there are many vulnerabilities.
My post was to ask was their any attacks via IPTV and to determine had others taken any measures to secure their networks.
Drox
TK Veteran
Op has a valid question.
I'd be surprised if there has never ever been a case of hacking through a provider's own app. I mean all these 'cheap' netflix, dazn, etc. subs must come from somewhere.
If we haven't heard of it, it probably means there still getting away with it LOL.
My firm chooses not to use android phones as a work phone due to android's lax security in contrast to iOS.
I'd be surprised if there has never ever been a case of hacking through a provider's own app. I mean all these 'cheap' netflix, dazn, etc. subs must come from somewhere.
If we haven't heard of it, it probably means there still getting away with it LOL.
My firm chooses not to use android phones as a work phone due to android's lax security in contrast to iOS.
