Any gadget sporting a chip and a few type of communications protocol might be hacked – that is virtually as sturdy a regulation as these governing gravity. And typically, threats come from the place you’d least suspect them. An electronics venture by consumer kingkevin – uploaded on supply code repository CuVoodoo git – now goals to assist shoppers and companies to guard themselves from an assault vector that is steadily forgotten: a easy HDMI port. Enter the HDMI Firewall.
The HDMI firewall is little greater than a bodily dongle that may be immediately linked to the HDMI port you need to safe. It really works by blocking all information that is not associated to video and audio streaming. One dongle is required per port to be protected, however they are often repurposed throughout totally different units with a bit of labor.
Whereas we might consider HDMI connectors as mere passthroughs for audio and video information, there are a selection of parallel protocols that transmit extra data than we would anticipate. One of many extra apparent ones is the addition of HDCP (Excessive-bandwidth Digital Content material Safety), a DRM (Digital Rights Administration) encryption resolution that ensures the transmitted feed is not copied because it travels in the direction of its vacation spot, and the principle perpetrator of HDMI-related complications.
Different important but often-forgotten HDMI options that are not particularly associated to video and audio embody HPD (Sizzling-Plug Detection) and CEC (Shopper Electronics Management), the later of which permits HDMI units to be managed through your distant management – simply to call a number of.
Apparently, HDMI additionally helps I2C – a synchronous, serial communication bus invented forty years in the past by Philips Semiconductors. This specific protocol has been proven – again and again – to be weak to intrusion. Programmable controller boards reminiscent of an Arduino or Raspberry Pi have been used as means to hack it. However within the HDMI Firewall, it is used to bolster your safety.
The HDMI Firewall must be programmed in line with the gadget it is being put in on. Customers might want to copy the Prolonged Show Identification Knowledge (EDID) data of the gear to guard, which incorporates data reminiscent of supported resolutions, for the passthrough to work. This information might be learn through the use of the I2C-based Show Knowledge Channel (DDC) interface from the gadget.
This EDID information is then written in the direction of the EEPROM of the HDMI firewall, which encompasses a breakable write-protection tab that locks the connector’s EEPROM from any additional writes. If the Firewall must be moved to a brand new gadget, customers can re-disable write safety by placing a solder blob throughout two pads on the gadget, rewrite it with the brand new units’ EDID information, after which re-enable safety by eradicating the solder connecting the 2 pads.
The unique submit by the creator encompasses a fairly simple description of the strategies used; and being in an open-source repository, customers can freely examine and fork the code. Wholesome dialogue on the subject can be happening at HackerNews, when you’re in search of additional particulars on the venture and the intricacies of HDMI vulnerabilities.