
HDMI – Hacking Displays Made Interesting - experiment0
http://media.blackhat.com/bh-eu-12/Davis/bh-eu-12-Davis-HDMI-WP.pdf
======
AndrewNCarr
I was involved in the creation of the Arduino CEC library, so I instantly
recognized the schematic included in the PDF on page 17. My hardware
implementation of interface is here: <http://www.andrewncarr.com/hdmi/> (I
included additional wiring for hotplug detection and an EDID interface)

It has been great to see the progress in the 2.5 years since, with LibCEC and
availability of commercial adapters. As far as I know, no discrete video card
yet offers access to the CEC bus.

I'm not sure what security vulnerabilities are possible via CEC, no vectors
that I can see, but I am no Moxie Marlinspike. I suppose newer sets may store
things like Netflix credentials, but CEC is often implemented in a discrete
chip, or embedded port controller. That was the state of things in 2008 models
anyway, and it is a fast moving area, so I am likely way out of date. The OSD
"internet features" of my 2008 Samsung are laughably quaint compared to what
budget models can do today.

------
teilo
It never ceases to amaze me how even the most innocuous things (like the video
port on your netbook) could be an attack vector for security exploits.

