Codex Hacked a Samsung TV

Original Article ↗ Hacker News Discussion ↗

Perceived significance of the Codex TV hack

  • Many see it as impressive but note the “cheat”: Codex had the firmware source, plus an existing browser foothold on the TV.
  • Some argue the hardest part of a real-world exploit is gaining that initial foothold, which Codex did not do here.
  • Others highlight that even with constraints, this shows how an experienced human plus an LLM can reach exploitation with relatively few “steering” inputs.

Capabilities and limits of LLMs for exploitation

  • LLMs can reason about source and disassembly, but pure machine code analysis is still unreliable; best practice is disassemble → have LLM reconstruct C-like code → analyze that.
  • With tool access (Ghidra, MIDI/PNG parsers, custom scripts), models can synthesize parsers, reverse firmware structures, and derive undocumented protocols.
  • Some say this is more “smart grep” or automation than autonomous hacking; others see it as a real qualitative shift in capability and accessibility.

Tooling, routers, and IoT hacking

  • Multiple anecdotes: LLMs helped reverse TP-Link router APIs, weird encryption schemes, and vendor mobile-app protocols, turning locked-down hardware into scriptable, metric-exporting devices.
  • People describe workflows combining packet captures, HAR files, headless browsers, SSH tunnels, and decompilers, with the LLM orchestrating code and analysis.
  • Similar stories for Bluetooth gadgets, endpoint management software, and DRM-like ebook systems.

Embedded firmware, BSPs, and industry practices

  • Embedded products often stack vendor BSPs, rushed drivers, and hardware workarounds with minimal security review.
  • This “frankenstein” ecosystem is blamed for trivially exploitable bugs that LLMs can now help find.
  • GPL-based components are frequently shipped without proper source releases.

Closed vs open source and access levels

  • Some argue closed source doesn’t materially protect against AI-assisted discovery, but note big differences between: having source, having binaries, and having neither.
  • Example: a device where only encrypted firmware is available; Codex planned to leverage a known SSH daemon CVE to gain shell access and recover decryption keys.

Legal, ethical, and safety concerns

  • DMCA-style laws can chill sharing of techniques, even for owners hacking their own gear.
  • Users note LLM safety filters sometimes resist helping when the target might not clearly belong to the user.
  • Debate over whether AI-driven exploitation is “just brute force at scale” or genuine reasoning built on human-learned patterns; consensus is that it dramatically lowers the skill/time barrier, which is both empowering and worrying.

Smart TVs and “de-smarting”

  • Strong desire to root or otherwise neuter smart TVs (Samsung, LG, Sony) to remove ads, bloat, tracking, and unreliable OS layers.
  • Some report success rooting older LG webOS sets; others are stuck with unstable or locked-down firmware that effectively turns still-good panels into e-waste.
  • Hope that LLMs will help “take back control” of enshittified consumer devices, but concern this may also reduce the number of expert humans doing deep original RE.