Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Photo: Jaap Arriens/NurPhoto via Getty Images
A glitch in software designed by Netflix in 2013, used in early versions of Google Chromecast and installed in several mid-decade televisions and other devices would allow an attacker to crash a TV, according to new research from security firm ForAllSecure.
The big picture: Netflix's DIAL software allowed people to broadcast video from a phone or computer onto their television and was an early component of Chromecast until Google moved that software in a different direction. Though the software is now obsolete, many TVs came preinstalled with DIAL.
The discovery was made by 2 interns at ForAllSecure completing an assignment to use the company's Mayhem automated security analysis software to analyze open source software.
- The interns turned the glitches over to Netflix through a "bug bounty" program, where Netflix offers cash rewards to researchers who uncover security flaws in its products. Netflix has now patched the bug.
- The interns will get to keep the bounty, co-founder and CEO David Brumley told Axios.
- “You’ve got to motivate interns to stay in security somehow,” he said.
Details: The DIAL glitch comes from an error in how data is stored in computer memory in a modified version of a coding library known as Mongoose.
- It’s not immediately clear if the glitch affects other products using Mongoose around the same time, noted Brumley.