Is this a good place to address TiVo vulnerabilities?

How are your neighbors getting on your Wifi network to be able to see this?

Scott

 

If you were Trump maybe this would be a problem, but come on, who cares what you watch; and how much time would anybody spend trying to find out. I guess TiVos main data base could be hacked and someone could find out what you and others were doing with your TiVo.

 

Advertisements

This still requires your wireless network weakness be the point of ingress, this is a non-issue if you run your Tivo wired which would be far safer for someone paranoid enough to be worrying about vulnerabilities and the default mode of Tivo network communication.

 

They still have to get on the network (whether wired or Wifi) to exploit them).

Scott

 

You tried.

 

At least none that find this to be a pressing issue.

 

Hard wire everything, wi-fi is too easy to exploit and trying to secure it is a moving target.

 

Unpatched Windows machines are the biggest vulnerability for home networks. Combine that with users that will open any email, attachment or allow installation of any browser add-in and you have a breach. Portable storage devices, particularly from students, are also a common source of malware.

Accessing a Tivo to do harm to a home network? Way too much trouble when you can use the above to get into a home network. Oh, and the above techniques work on corporate networks also.

 

To exploit this "vunerability" someone first has to get on my network, if they manage that, the TiVo is literally the last on the list of what I am concerned about.

 

TiVo knows what you are watching

I agree it seems these well known issues should be remediated but I don't see a serious problem with the vulnerabilities you have listed.
I disagree with your stance that it is "pretty easy" and at what benefit for the work, no SPI here. At best someone bent on hacking you sees these opportunities and spends time to get the information ending up only getting a list of your recorded shows.

 

You seem to be misreading those results. I question if you are a "security community person". The SSHv2/v3 listed is not a vulnerability, Nessus is telling you that SSH is running and open on the TiVo box. SSH is a perfectly secure and standard service, and TiVo uses it for inter-TiVo communication among other things

Security is not an exact science. It is built on layers of security and it is based on mitigating vulnerabilities against the risk they pose. That risk is defined as the likelihood that an attacker will try to exploit a given vulnerability combined with the impact of what would happen should that attacker be successful.

In this case, we're talking about potentially weak cipher suites used to secure the HTTPS interface on your TiVo. This interface is used by the TiVo app on your phone and other API-based apps that send commands to your TiVo to change channels, etc. It's also used by various apps to download content from your TiVo

The only sensitive data that would be exposed, should you be compromised, would be your Media Access Key. TiVo does warn you to not expose this to anyone outside of your home, but in the grand scheme of things it wouldn't be a huge deal. No one would be able to steal your personal information (aside from what you record) or infect your TiVo with a virus or other malware.

Finally, to exploit those weak ciphers, your neighbors would have to be on your network. If someone is physically on your network listening to your traffic, you already have massive security problems well above and beyond the scope of weak SSL ciphers on your cable box

 

You've got your home LAN behind both a Palo Alto and an F5 firewall? Can I ask why?

 

I always find it amazing that those that claim to be computer security experts simply take the word of some script/program/application that they run and then take the output screaming to those in charge of the equipment and say "You have a vulnerability and it needs to remediation ASAP!"

Of course when those that actually understand what they are reading review the report and it says something like "only an issue if xyz is in use" and of course that feature is not in use and will never be. The current one going around is Spectre and Meltdown, first I question how easy it is to exploit, regardless of how easy it is to exploit I suspect that multi-tennant systems are the ones most at risk. An appliance that we use at my company, the vendor responded to the meltdown "crisis" with the following: "The Meltdown vulnerability requires a remote attacker with capabilities that permit executing custom binary code on a (vendor name removed) device without credentialed access. (If a user gains this type of access, they can commit significantly more damage in a much simpler manner than by taking advantage of the Meltdown vulnerability.)"

I'm guessing the moral of the story is "if you have all your doors and windows properly protected, don't spend your life worring about an unreachable device"

-TL

 

actually no, but if you understood the attack it was due to unpatched PUBLIC FACING servers/applications, not due to a server/application unreachable from the public networks.

You need to remember that just because you close all the little tiny holes in an environment but ignore the bit gaping open back door you've done nothing other then check a box off.

Oh one other thing, your network and your data is not interesting to "hackers" so you are also not a target.