More details about a now-patched vulnerability in Comcast's XR11 voice remotes have emerged, which would have made it easy for a threat actor to intercept radio frequency communications between the remote and the set-top box, effectively turning the remote into a surveillance device. The XR11 remotes are some of the most common around, with more than 18 million scattered across homes in the U.S. A man-in-the-middle attack conducted by researchers at Guardicore, dubbed "WarezTheRemote," allowed the team to listen in on conversations from up to 65 feet away.
One of America's largest broadband providers, has now deployed RPKI on its network to defend against BGP route hijacks and leaks. "In practical terms, it means that Comcast now both cryptographically signs route information and validates the cryptographic signatures of other networks' route information."
Researchers from segmentation solutions provider Guardicore have identified a series of vulnerabilities that could have been exploited by a hacker to turn a TV remote into a spying device. The research focused on the XR11 remote provided by Comcast to Xfinity customers.
Could your cable TV device spy on you? Vulnerability found and patched in Comcast TV remote. Security firm Guardicore reverse-engineered the firmware update process for Comcast's XR11 remote to take control of the device.
A voice-activated TV remote can be turned into a covert home surveillance device, according to researchers from infosec firm Guardicore who probed the device to show that a man-in-the-middle attack could compromise it. Guardicore discovered an attack vector on US telco giant Comcast's Xfinity XR11 voice remote - of which around 18 million units have been sold - that allowed malicious people to turn it into an eavesdropping device.
A security flaw allowing attackers to remotely snoop in on victims' private conversations was found to stem from an unexpected device - their TV remotes. The flaw stems from Comcast's XR11, a popular voice-activated remote control for cable TV, which has more than 18 million units deployed across the U.S. The remote enables users to say the channel or content they want to watch rather than keying in the channel number or typing to search.
Dubbed WarezThe Remote, the attack allowed taking over the remote and snooping on conversations from at least 65 feet, making possible a "Van parked outside" scenario. Unlike regular remotes that use infrared, Comcast's XR11 relies on radiofrequency to communicate with cable set-top boxes and comes with a built-in microphone to allow voice commands.
Comcast has agreed to be the first home broadband internet provider to handle secure DNS-over-HTTPS queries for Firefox browser users in the US, Mozilla has announced. This means the ISP, which has joined Moz's Trusted Recursive Resolver Program, will perform domain-name-to-IP-address lookups for subscribers using Firefox via encrypted HTTPS channels.
The nation's largest gigabit speed provider, now becomes one of the first U.S. Internet Service Providers to offer a WiFi 6 Certified gateway delivering faster speeds, ultimate capacity, lower latency and best-in-class WiFi coverage throughout the home. The xFi Advanced Gateway is designed for high-performance users to handle more capacity for even more smart home devices coming online today and in the future.
Comcast is making its internet service faster and more secure with new hardware and free security features that alerts customers to threats. Comcast Xfinity made two big announcements at CES 2020: It's going to have a fast new gateway available, and it's making important security features available for free to its internet customers.