What the HEC - Security Implications of HDMI Ethernet Channel and Other Related Protocols
Offered By: 44CON Information Security Conference via YouTube
Course Description
Overview
Explore the security implications of HDMI Ethernet Channel and related protocols in this 49-minute conference talk from 44CON Information Security Conference. Delve into the evolution from VGA to HDMI and the additional capabilities this transition brings. Examine the EDID protocol's security, which enables displays to communicate with hosts via HDMI and VGA interfaces. Investigate the Consumer Electronics Control (CEC) and HDMI Ethernet Channel (HEC) protocols, discussing their impact on consumer network security and corporate environments. Learn about CECSTeR, a CEC security testing tool, and its applications. Analyze supported CEC commands, protocol details, and fuzzing techniques. Explore HEC's features, including Capability Discovery and Control (CDC), network loop prevention, and queue control. Uncover potential security risks such as endpoint protection circumvention and unauthorized network extension. Gain insights into testing methodologies for HDMI Ethernet Channel and other corporate HDMI security concerns.
Syllabus
Intro
Why am I talking about video interfaces?
HDMI is an output isn't it?
Supported CEC commands
The CEC protocol
Can we fuzz CEC?
What are the fuzzer results?
HEC - HDMI Ethernet Channel
CDC (Capability Discovery and Control)
Network loop prevention
Queue control
Endpoint Protection Circumvent
Unauthorised Network Extensio
Testing HDMI Ethernet Channel
Another corporate HDMI security risk
Taught by
44CON Information Security Conference
Related Courses
Supply Chain Unchained - How To Be A Bad SaaS44CON Information Security Conference via YouTube Aviation Security 101
44CON Information Security Conference via YouTube The Anti-Checklist Manifesto
44CON Information Security Conference via YouTube Why Are We Still Doing Authentication Wrong?
44CON Information Security Conference via YouTube What Do Hackers See When They Look at the Clouds
44CON Information Security Conference via YouTube