There’s good news for anyone who thinks Chromecast suffers from a severe lack of Rick Astley, although it’s bad news for anyone concerned about the security of Google’s TV stick. Word’s spreading about a Raspberry Pi–based gadget that can seize control of the device, making it relatively easy to Rickroll Chromecast users.
See also: 5 Cool Chromecast Hacks And Workarounds
Created by security researcher Dan Petro of Bishop Fox, the appropriately dubbed Rickmote Controller takes its name from the popular Web prank, which involves getting unsuspecting users to click a link that plays Astley’s “Never Gonna Give You Up” music video. Petro first unveiled this project last October at San Diego’s ToorCon hacker convention, but the hack has recently gotten a new boost of attention thanks to a recent mention on the Raspberry Pi blog.
In this case, the Rickmote can take over a Chromecast and send those luscious baritone notes to a nearby Chromecast-connected TV. Here’s how.
Chromecast, All Your Streams Are Belong To Us. XO, Rickmote
The Rickmote gizmo works by sending a flurry of “DEAUTH” commands to the Chromecast, which effectively knocks it off the network and puts it into configuration mode.
While in this default setup mode, Chromecast broadcasts its own Wi-Fi signal, making it easy for the Rickmote to connect and direct the TV stick to do its bidding—like blasting an iconic 80s pop song to an unwitting group of pals.
Petro concocted the Rickmote to prove a point—that he could compromise Chromecast’s security with a few easily gotten tools. He cobbled together a Raspberry Pi (a credit card–sized mini computer), a couple of Wi-Fi radios, a touch display and Aircrack, an open-source Wi-Fi cracking application. End result: A Rickmote that, he says, can discover any nearby Chromecast, push it off its network, and pipe those sweet pop vocals (or anything else you want) to other people’s TV screens.
It’s a hilarious scenario, but there’s a serious issue here, too. The vulnerability that makes Rickcasting possible may not be unique to Chromecast. It seems logical that any gadget with a simplified setup that broadcasts its own Wi-Fi signal without a password, as Chromecast does, may also be vulnerable to this exploit.
See also: Until We Fix Our Connected Homes, Hackers Will Keep Screaming At Babies
And you just know that things will take a turn for the creepy once some jerk sends adult material to a room full of kiddies.
How Big A Flaw Is This, Really?
Even worse, Petro told Wired recently that he thinks the bug might let Chromecast attackers extract the owner’s Wi-Fi credentials, which would compromise a user’s entire network. “It would be a nice way of scraping out the password to a lot of people’s networks,” he said. That would be an enormous flaw, though, and he stops short of confirming it.
My sources tell me that level of security breach isn’t possible with this hack. And it’s worth remembering that this particular Chromecast-hijack can only be performed when the Rickmote and Chromecast are in close proximity, which limits the damage potential by far-flung strangers.
If you want to hack together your own Rickmote (or ColdPlaymote or Minajmote, et al.)—because, you know, science—Petro outlines the process pretty clearly in the following video and even offers a GitHub repository for the source code here.
Google wouldn’t comment on this story for ReadWrite. But when Petro alerted the company, he said the tech giant basically shrugged. The company told him it was a key part of Chromecast’s easy setup, he said, and Google seemed reluctant to monkey around with—i.e., fix—that.
Meanwhile, elsewhere on the Web, Rick Astley’s music video apparently did give up. The original YouTube viral video was just pulled down for unspecified reasons. But take heart, pranksters: Vevo posted it on YouTube in 2009, and that version, with its near-85 million views, is still here for your Rickrolling pleasure.
