psayre23
Reputation: 3034
How do you mitigate man in the middle attacks against a Chromecast?
I'm working on a Chromecast custom receiver that shows private information on the TV. After building a prototype, we realized the client (web, phone, whatever) could connect to a rogue device acting as a Chromecast and intercept anything intended to be sent to our receiver. Is there a way to mitigate this kind of attack? Is there anything built into the platform we can use to get a secure connection between the client and the Chromecast?
Upvotes: 0
Views: 290
Answers (1)
Ali Naddaf
Reputation: 19094
First, the connection is secure (as long as it is done by Cast SDK) and secondly, cast SDK checks and validates that it is talking to a genuine Cast device.
Upvotes: 1
Related Questions
- How to make chromecast a dlna receiver/client (indirectly)
- How can I cast an HTML page with the Google Cast Chrome extension?
- Google Cast - Sample Android app not showing Cast icon if I change App ID
- Chromecast API Sender - Android Phone
- Arbitrary Sender (ex: Arduino) + Chromecast
- How can I find out what "LAUNCH_ERROR" means in Chromecast?
- Why does calling chrome.cast.initialize break the connection to the Chromecast device?