A DOS attack is not a DoS attack

Anyone who works in an IT related field, or who possesses a basic understanding of networking, or even those who have used the internet in the past 10 years, have heard of DoS attacks.  Regardless of method, the concept of bombarding a server with data to the point of failure is a simple concept. 

Historically, this started with hackers crashing web servers with an onslaught of request packets.  The cat and mouse game of security developments vs. hacking attacks, generated a wide variety of DoS and subsequent Distributed DoS (DDoS) weaponry.  Servers could be pinged to death, flooded with SYNs, overwhelmed by fragmented packet reassembly or defeated by DNS amplification.  Armed with large botnets, today's attacks include powerful variations and combinations of these, having lead to shutdowns of many large sites, as well as crippling the country of Estonia.

However, after reading a recent article in Electronic Design by staff editor Bill Wong, it seems that he, or more likely the consumer electronics industry, adopts a more literal interpretation of DoS attacks.

In his article, Don't Touch That Dial, he addresses the need for implementing security into electronic devices.  His industry frustration that "authentication and encryption often aren't even discussion points", is a complaint that we all know too well.  

He then goes on to talk about the unspeakable atrocity that occurred at this year's CES in Las Vegas.  Hopefully, most of you are aware of the tragic TV shut down incident (you've got to see the video), carried out by a highly trained assault team of Gizmodo bloggers and their lethal TV-B-Gones, during CES 2008 (our hearts go out to the vendors).  The problem I have with Mr. Wong's writing, is his referring to this TV prank as a denial of service attack (he uses a capital "O" in the acronym...DOS).  I take issue when a term, that the IT security industry has all but copyrighted, is misapplied to a technology that has no need for security. 

The TV-B-Gone, or "TV Hacking" device as it's portrayed, contains the powerful ability to turn off a TV.  It is simply a remote control that cycles through its database of TV manufacturers, emitting all the IR "Power" codes (on/off codes) until it successfully shuts off the victimized TV.  Technically, if you are watching TV, and someone were to use this device to shut it off, then one could argue that it has resulted in a denial (the brief interruption that occurs until you turn it back on) of service (your TV display, not your cable service).  But seriously, how can you call this a DoS (or DOS) attack.

Your TV is not being flooded with IR codes to the point of crashing; it is just responding to the correct sequence of IR pulses that corresponds to its make and model.  I honestly don't see a great need to authenticate ones remote control or encrypt its signal on the way to the TV's IR LED. 

Lastly, one must also be able to recognize the difference between an attack and a prank.  I may be wrong, but I think this one was obvious.  Currently, the only TV hacking that occurs in my house, is when my wife commandeers the remote control, and despite my years in hacking and security, I remain helpless. When IPTV becomes the norm and some hacker changes my watching of 24 to Blue's Clues, then that will be a vicious attack.

I do want to be clear that I'm an avid reader of Electronic Design and occasionally understand its' content; it's a great source for your electrical engineering fix.  Furthermore, Bill Wong is quite brilliant, and my comments here, come as a result of my regularly reading his work. 

So this blog was really intended to establish the industry wide meanings of DoS and DOS (neither of which to be confused with MS-DOS). Additionally, I want to clarify that, other than your PC or personal server, there's really no way (that I know of) for hackers to launch denial of service attacks against your home appliances. 

And don't think for a moment that this is some sort of plug for Gizmodo, an awesome site, which pulled off one of the funniest things to ever occur at a CES.

My TV is a '53 Philco T1854  17".   Turn it off at

• Security
• CES
• consumer electronics
• gizmodo
• hack
• Hacker
• hacking
• IR
• remote control
• security
• TV