Should you worry about malware on your DIRECTV Gemini?

One of the things I love about this blog is that I get the questions no one else gets. Here’s one that came across my desk recently:

You said that Gemini uses the Android TV operating systems. I read a lot of warnings not to buy anything with Android TV because they say it can be loaded up with viruses and such. Why would DIRECTV do this?

I set out to answer this question in a way that (hopefully) no one else has.

About the Android TV operating system​


Android TV is a version of the same Android operating system that runs the majority of phones all over the world. It’s a very open, customizable system and that’s led to problems with malware in the past. One of the unique features about Android that its primary competitor, Apple’s iOS and TvOS, doesn’t have, is the ability to load apps right on the phone without any sort of safety check. For those who really want to, it’s a fairly good way to spread all sorts of bad stuff.

I’ve recently become aware of a large number of cheap boxes sold as “retro gaming systems” that are based on Android TV and some of them have a scary amount of malware on them.

However, that doesn’t mean that every Android system is a threat. Just like responsible manufacturers like Samsung have ways of securing their phones, there are ways to secure the Android TV operating system too. The way DIRECTV has implemented Gemini, it’s not only secure, it’s one of the most secure Android implementations that I’ve ever seen.

You might have heard of “rooting”​


“Rooting” (also known in some cases as “jailbreaking”) is a common hacking technique for Android. You use an app that goes deep into the operating system. This app changes permissions for the “root” folder and adds the ability to use the system as a “super user.” (These aren’t my terms, I didn’t make them up. They’re left over from Linux, which shares a lot of architecture with Android.)

Once you have rooted your Android device, you can load anything you want onto it. This is how the bad guys work. It’s why Google and Samsung, both responsible manufacturers, work so hard to secure their hardware and services.

It’s also possible to “root” any standard Android TV box. And so, armed with this knowledge, I set out to try to do it to a Gemini. I did this with permission, and I was well aware of the consequences.

I’m not going to tell you how but…​


After a certain amount of time spent in some sketchy places, I found an app that would let me “sideload” programs onto any Android TV box. Then I found another one that claimed it would let me “root” any Android TV box. This also involved putting the Gemini into something called “developer mode” which is a feature of nearly any Android or Android TV device.

Here’s what happened.

Immediately, the Gemini froze. It froze HARD. I couldn’t use it at all. So I rebooted it with the reset button. It looked like everything was going to work, but then I got a message on the screen with Error 218. This list tells me that the box knew it was in developer mode and wouldn’t go any further.

At that point I wasn’t able to use any apps or watch live TV. My Gemini had become useless. So I tried to factory reset it. I pressed the reset button and held it down for 30 seconds. This has the effect of taking the Gemini back to its factory state. I had to go through all the setup steps again. When I should have gotten to the point where I could watch live TV, I got the Error 218 again. I tried to circumvent it in order to disable developer mode but I wasn’t able to.

I’m not claiming to be the world’s best hacker here.​


I have a feeling that someone somewhere could hack a Gemini if they tried. (Please don’t take that as a challenge.) But as a fairly savvy and experienced individual, I couldn’t do it. Not only that, I sacrificed a perfectly good Gemini in the process. I was able to replace it, but I’ve been told that the error was logged on DIRECTV’s systems and if I hadn’t gotten permission from some high level folks early on, it could have been a problem.

What this all tells me is that DIRECTV’s Android implementation is pretty secure. They seem to have to done a pretty good job locking the front door. Even more importantly, the system seems to do a good job knowing if it’s been hacked and at that point it just stops working.

None of that means an experienced hacker couldn’t decode and recode everything about the Gemini and find a way to hack it. (As I said, that’s not a challenge.) It’s just not something you, as a regular person, need to worry about. There’s no reason to think that bringing a Gemini into your house is going to introduce any sort of security risk.

Did I convince you to upgrade your DIRECTV system?​


If you’re ready to get the latest and greatest from DIRECTV, work with the experts! We have over 20 years helping DIRECTV customers just like you. We’re DIRECTV dealers ourselves and have access to the same computer systems and the same deals that DIRECTV’s call centers have. When you’re ready for the best customer service, call the folks at Signal Connect. We’re here for you during East Coast business hours. If it’s after hours, fill out the form below and we’ll get right back to you!


The post Should you worry about malware on your DIRECTV Gemini? appeared first on The Solid Signal Blog.

Continue reading...
 
I bet you wrote this because I asked about Gemini sideloading back in November, right? LOL
 
How is making the device "useless" a desirable solution?

What critical personal information is likely to be lodged on your Gemini such that it is a serious security risk to you and your family?
 
A malware-infested zombie device sitting on your home network can do a lot of damage above and beyond the Gemini, just like how they say not to use public wifi without a VPN because certain bad actors can do malicious things once you're on the same network.
 

Podcast #563: Does the Super Bowl even matter anymore?

Ken Reid and Henry Normal

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)