this post was submitted on 07 Oct 2023
581 points (96.6% liked)

Technology

60084 readers
2731 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 118 points 1 year ago* (last edited 1 year ago) (3 children)

Worth pointing out this isn't any proper Android TV devices, but rather those cheap boxes that are often basically SBCs with AOSP installed on them which are predominantly sold as easy piracy boxes.

Edit: in fact, the article doesn't currently have TV in the title

[–] [email protected] 28 points 1 year ago (4 children)

Leaving out the TV makes it less precise and more clickbaity because then it sounds like Android phones are affected.

[–] [email protected] 17 points 1 year ago (6 children)

I guess the problem is that "Android TV" is a specific thing that none of these devices actually are, they're just dodgy boxes running Android that can be plugged into a TV.

For me it's more clickbaity because Android TV isn't actually involved here at all.

[–] [email protected] 7 points 1 year ago (1 children)

I'd say it would be more clickbaity if you just removed the "TV", because it'd make you think of smartphones, and those would be much more concerning

load more comments (1 replies)
load more comments (5 replies)
load more comments (3 replies)
load more comments (2 replies)
[–] [email protected] 68 points 1 year ago (10 children)
[–] [email protected] 11 points 1 year ago (10 children)

If I don't connect it to the internet they don't get to sell ur data innit

load more comments (10 replies)
[–] [email protected] 7 points 1 year ago

LOL I'm still using an old CRT TV because it just won't die and I barely watch TV

[–] [email protected] 7 points 1 year ago (3 children)

I'm annoyed that they don't sell them and that even if you don't connect a smart tv to wifi to keep it dumb it'll still not just be a display and it'll try to shove stuff in your face

load more comments (3 replies)
[–] [email protected] 7 points 1 year ago (1 children)

Walmart sells Sceptre 4k tvs which are dumb, sure they aren't OLED or have amazing refresh rates but they are the perfect TV for most people, it's much easier to chuck and buy a new $20 streaming device when updates make it crawl to a near stop than it is to do the same with a $600+ TV.

load more comments (1 replies)
load more comments (6 replies)
[–] [email protected] 63 points 1 year ago (25 children)

That's why you should build your own media center from an old machine. Much safer and more private.

[–] [email protected] 18 points 1 year ago (2 children)
[–] [email protected] 32 points 1 year ago (17 children)
  1. Connect old PC to TV. Both can be 15 years old.
  2. (optional) For better performance, get a small SSD alongside the big HDD (a 64GB / partition will do), maybe have a homemade NAS ready too
  3. Install Lubuntu, Mint XFCE, Puppy Linux or any other distro of choice
  4. Set up KDE Connect, qBittorrent and VLC
  5. Enjoy
load more comments (17 replies)
[–] [email protected] 13 points 1 year ago (2 children)

Look into Plex servers, that should keep you busy for the next six months till you get it up and running.

[–] [email protected] 32 points 1 year ago (17 children)
load more comments (17 replies)
load more comments (1 replies)
[–] [email protected] 10 points 1 year ago (5 children)

The problem is that YouTube app and F1 app are Android only so having a Linux media box won't help. It needs to run Android to run Android apps.

Plus I like to use Chromecast, we use it all the time to send YouTube videos from our phones to the big screen.

load more comments (5 replies)
load more comments (23 replies)
[–] [email protected] 49 points 1 year ago (3 children)

Wait, smart devices might not be secure?! I'm shocked!

load more comments (2 replies)
[–] [email protected] 29 points 1 year ago* (last edited 1 year ago)

These are just generic Android TV devices that use Allwinner board. Allwinner made these kind of generic boards for Android TV and Android Auto head unit and sell them to OEMs. The OEMs then "customize" it by adding their APKs into the ROM provided by Allwinner. I doubt the malware come from Allwinner. Maybe it's just one (or more) OEM that include whatever APK they found on the internet without checking.

[–] [email protected] 11 points 1 year ago

In total the researchers confirmed eight devices with backdoors installed—seven TV boxes, the T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G, and a tablet J5-W.

The other thing discussed is fraudulent android apps that have been removed from the play store.

[–] [email protected] 7 points 1 year ago

This is the best summary I could come up with:


This week, cybersecurity firm Human Security is revealing new details about the scope of the infected devices and the hidden, interconnected web of fraud schemes linked to the streaming boxes.

“They’re like a Swiss Army knife of doing bad things on the Internet,” says Gavin Reid, the CISO at Human Security who leads the company’s Satori Threat Intelligence and Research team.

“This is a truly distributed way of doing fraud.” Reid says the company has shared details of facilities where the devices may have been manufactured with law enforcement agencies.

In the second half of 2022, Human Security says in its report, its researchers spotted an Android app that appeared to be linked to inauthentic traffic and connected to the domain flyermobi.com.

When Milisic posted his initial findings about the T95 Android box in January, the research also pointed to the flyermobi domain.

The company’s report, which has data scientist Marion Habiby as its lead author, says Human Security spotted at least 74,000 Android devices showing signs of a Badbox infection around the world—including some in schools across the US.


The original article contains 455 words, the summary contains 180 words. Saved 60%. I'm a bot and I'm open source!

load more comments
view more: next ›