Chromecast: based on Google TV and Android

Jul 30, 2013

Depending on a product’s popularity, it’s common practice nowadays for a new piece of hardware or software to get hacked almost instantly after release. Google released its cheap media streaming device, the Chromecast, less than one week ago, and it has already been hacked. The surprising part, though, isn’t that it was hacked, but what was gleaned from from the process.

Google introduced the Chromecast as using a stripped-down version of Chrome OS, Google’s Linux-based web-app-only operating system that is mainly found in Chromebooks. A hacker group known as GTV Hacker exploited bugs residing in the device soon after it released, and found that the Chromecast is essentially running Android more than it is running Chrome OS, and that it resembles a Google TV release more than Android. It is modified to have Bionic removed, which is Android’s standard library for the C programming language. The Chromecast also has Dalvik removed, which is Android’s app-running Java virtual machine. The hacker group said that “most of the Google TV code was reused,” from the binaries and bootloader, to the init scripts and kernel. In fact the group found the similarities between the Chromecast and Google TV so pronounced, that it speculated that the Chromecast could become something of a Google TV stick, rather than spending its life as the Chromecast.

As for why the group hacked and released an exploit package for the Chromecast, the usual answer of helping researchers become more familiar with the environment, as well as helping developers build software for the device, was given. The group also notes that the exploit, which allows access via a root shell, won’t do much for the normal user of the device, but is targeted more toward the more advanced users that like to muck about within a device’s guttyworks. The exploit, though, began with a feature Google put into the Chromecast. If you hold down the stick’s only button, the device will boot into USB mode, which looks for a signed image on the drive. Once the image is located, it is sent off to the device’s cryptography hardware to be verified, but oddly, the return code isn’t checked. After the group made some modifications to the USB booted kernel, it was able to inject its own code and modify the device at the system level, thus allowing the root shell to spawn.

GTV Hacker notes that while the exploit currently works, the team did not include any sort of protection from updates into the hack, so Google could simply send off an update at any time to protect the device from the exploit.

If you were thinking about purchasing the Chromecast because it’s so cheap, don’t let the exploit deter you. Not only is Google’s device just $35, but the exploit doesn’t tarnish its capabilities in any way. If anything should deter you from making a purchase, it’s the Chromecast’s competitors: various Roku models and Apple TV. Certain Roku models are as cheap as $50, and the Roku platform has more content available than the Chromecast at this time. Meanwhile, for only $55 more than the Chromecast, Apple TV has more content available, such as HBO Go and Hulu Plus, but the real killer feature is that more apps can connect to Apple TV than the Chromecast, which means Apple TV currently works with more devices.

Regardless of which media streaming device is for you, none are safe from exploits, but at least in the Chromecast’s case, those exploits would only benefit you.

Source: ExtremeTech