STOP Buying ANDROID TV Boxes!

Linus Tech Tips

13 Apr 202310:20

Summary

TLDRIn this video, the host examines cheap Android-based streaming boxes sold online, revealing their security risks, including pre-installed malware and backdoors. Despite their low cost and tempting promises of free content, these boxes often come with hidden dangers like unauthorized data collection and potential network vulnerabilities. The host compares these devices to safer, more reliable alternatives like Chromecast and Nvidia Shield, highlighting the importance of practicing safe computing and avoiding the risks associated with shady tech. The video ends with a sponsor segment for iFixit, promoting their battery replacement kits.

Takeaways

😀 Streaming services are becoming as expensive as cable subscriptions, prompting people to seek alternative methods for accessing content.
🖥️ Some Android set-top boxes, such as the T95, offer inexpensive or even free access to copyrighted content, but come with significant risks.
🚨 These boxes often contain pre-installed backdoors, potentially exposing users to malware and data breaches.
🔍 When investigating these devices, signs of malware such as attempts to contact suspicious URLs and malware-related directories were found.
📉 The malware, such as CopyCat, can compromise the device, steal ad revenue, and even control the device's network activity, making it a serious security threat.
💻 Many of these devices use modified versions of Android, including one called 'BigdroidOS,' which raises concerns about their legitimacy and origins.
⚠️ Even devices that don’t immediately show suspicious activity could still harbor dangerous remnants of malware.
🔒 The presence of alternative app stores and rebranded apps like Kodi increases the likelihood of these devices being compromised with additional malware.
🔧 While attempts to install clean firmware failed, the devices still carry risks such as persistent malware and the potential for data theft or network attacks.
📺 The advertised features of these boxes, like 4K support and 4GB of RAM, often turn out to be misleading, with many devices offering significantly lower performance.
🛑 Despite their low cost, these devices often pose significant security risks, making them a poor choice compared to safer alternatives like Chromecast or Nvidia Shield, which offer legitimate streaming features without the malware concerns.

Q & A

What is the main concern about cheap Android set-top boxes like the T95?
-The main concern is that these devices often come pre-installed with malware, backdoors, and privacy risks, posing potential threats to users' personal data and network security.
Why is the T95 set-top box considered dangerous?
-The T95 is considered dangerous because it has a pre-installed backdoor that can allow malicious actors to exploit the device, potentially infecting it with malware like CopyCat, which can steal ad revenue and even root the device.
How does the T95 box try to communicate with external servers?
-Upon startup, the T95 box attempts to ping an external server with the F-O-T-A (Firmware-Over-The-Air) URL, which is potentially linked to servers in China, where the firmware may be unreliable or contain malicious code.
What is the CopyCat malware, and why is it relevant to these devices?
-CopyCat is an Android malware that originally infected millions of devices. It can root a device, inject itself into apps, and control network activity, making it capable of stealing credentials and performing other malicious activities.
What did the researchers discover when inspecting multiple Android set-top boxes?
-The researchers found that almost half of the boxes had a 'Core Java' folder and open preferences file, suggesting the presence of malware, and some devices contained remnants of malware that had been removed or altered.
What is the issue with the 'BigdroidOS' operating system found on some devices?
-'BigdroidOS' appears to be a modified version of Android, possibly developed internally for use in these devices. However, it lacks online presence and could indicate that the devices are not from independent manufacturers, but possibly rebranded or counterfeit.
Why are these devices considered e-waste for most users?
-These devices are considered e-waste because they often come pre-rooted, with insecure firmware, unreliable functionality, and potential security threats. They are not reliable for regular use without advanced technical skills, making them risky for most users.
What makes these cheap Android set-top boxes a poor choice compared to alternatives like the Chromecast or Nvidia Shield?
-These devices are often loaded with malware, lack consistent software updates, and offer false claims about their capabilities (e.g., 4K output). In contrast, alternatives like the Chromecast and Nvidia Shield offer more reliable performance, security, and better support.
What steps did the researchers attempt to take to make these boxes more secure?
-The researchers attempted to install clean ROMs to replace the stock operating systems, but faced difficulties due to expired or unreliable firmware files. Ultimately, they found it nearly impossible to completely clean these devices or prevent them from engaging in malicious activities.
What is the advice for people considering buying one of these cheap Android boxes?
-The advice is to avoid buying these devices unless you have the technical knowledge to ensure the firmware is clean and secure. These boxes pose significant risks to privacy and network security, and the cost often matches or exceeds more reliable alternatives.