Carlotta Tagliaro (TU Wien)

Smart TVs enable the integration of the traditional broadcast signal with services offered by the Internet. Specifically, the Hybrid Broadcast Broadband TV (HbbTV) protocol allows broadcasters to offer consumers additional features via the Internet (e.g., quizzes and the ability to restart programs), enriching their viewing experience. HbbTV works using standard web technologies as transparent overlays over a TV channel. Despite the increasing adoption of HbbTV worldwide, studies on its privacy are scarce.

In this study, we show how we tested a range of 36 channels across five European countries and what challenges we faced; specifically, every country adopts different ways of delivering the broadcast signal to the TVs. Thus, we identified a common experimental setup and instructions adopted in each country to assess the channels' privacy level. We also show how the extracted URLs pointing to the HbbTV application can foster further replicability and studies. Finally, we delve into how we measured users' awareness of HbbTV security and privacy risks and how we avoided bias in our results.

Speaker's Biography

Carlotta Tagliaro is a second year PhD student at TU Wien (Vienna, Austria). She has a great interest in Internet of Things security, especially in what concerns application-layer messaging protocols adopted by everyday users. She obtained her double master's degree in cyber security from the University of Trento (Italy) and the University of Twente (the Netherlands). She has worked as a junior researcher at the Fondazione Bruno Kessler - FBK in Trento, Italy on the security of the MQTT protocol.

View More Papers

Evasion Attacks and Defenses on Smart Home Physical Event...

Muslum Ozgur Ozmen (Purdue University), Ruoyu Song (Purdue University), Habiba Farrukh (Purdue University), Z. Berkay Celik (Purdue University)

Read More

Post-GDPR Threat Hunting on Android Phones: Dissecting OS-level Safeguards...

Mark Huasong Meng (National University of Singapore), Qing Zhang (ByteDance), Guangshuai Xia (ByteDance), Yuwei Zheng (ByteDance), Yanjun Zhang (The University of Queensland), Guangdong Bai (The University of Queensland), Zhi Liu (ByteDance), Sin G. Teo (Agency for Science, Technology and Research), Jin Song Dong (National University of Singapore)

Read More

RCABench: Open Benchmarking Platform for Root Cause Analysis

Keisuke Nishimura, Yuichi Sugiyama, Yuki Koike, Masaya Motoda, Tomoya Kitagawa, Toshiki Takatera, Yuma Kurogome (Ricerca Security, Inc.)

Read More

DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement...

Seongil Wi (KAIST), Trung Tin Nguyen (CISPA Helmholtz Center for Information Security, Saarland University), Jihwan Kim (KAIST), Ben Stock (CISPA Helmholtz Center for Information Security), Sooel Son (KAIST)

Read More