Many years of use of televisions, monitors and projectors have given us the condition to consider these as normal peripherals whose wires carry only video. A VGA cable may have an i2c interface for monitor detection, but otherwise it presents a slight security risk. An HDMI interface, on the other hand, could carry a growing number of more capable ports, meaning that it simply jumped from a signal cable to a connector stuffed with a rogue attack vector. Is it time for an HDMI firewall? [King Kévin] So think, because he made one.
This is a surprisingly simple device, since the non-signal capabilities of HDMI depend on a set of conductors that are simply not connected. This, of course, disconnects the on-board EEPROM on the connected device, so to replace it, the firewall board has an EEPROM that must be programmed with the information on the device in question.
The basis of HDMI as an attack surface is a valid one, and we are sure that there will be attacks that can take place on weak displays that could potentially do naughty things to anything that connects to them. The main value here is probably the main value for most readers though in the introduction it gives something of what goes into the HDMI interface and there in terms of accessing the i2c interface.
It’s surprising to realize that HDMI has moved closer to the age of 20, so it’s hardly surprising that it has a substantial history of hacking.