Recently one of the market-leading wireless HDMI systems was discovered to have a security vulnerability flaw that enabled hackers to intercept the wireless transmissions from the Barco ClickShare button on an unauthorized device – and watch the presentation content. This generated a great deal of news coverage as the thought of unauthorized employees or hackers gaining access to highly confidential information such as salary reviews, undisclosed financial data, or confidential product road maps could have a substantial impact on any enterprise.
According to Futuresource, button-based wireless HDMI systems are the most popular way of wirelessly sharing a display, with BenQ and Barco being two highly popular systems in Europe and North America. As with any company that takes security seriously, BenQ is well aware of the various methods hackers can use to attack – and want to assure our customers that the BenQ InstaShow is not vulnerable to this type of attack that hackers accomplished with the ClickShare.
The risk of unauthorized viewing was one of the reasons that all BenQ InstaShow transmissions are encrypted – and also why BenQ has both an HDMI and a USB cable that are separate. In the Barco system, the content is sent over the USB cable to the button – and it was the USB interface that was used to intercept the encryption keys. The BenQ InstaShow WDC-10 only uses the USB port for power – and no data is sent or received over the USB port.
The other security difference is that InstaShow does not require the use of proprietary software apps that are common in other wireless HDMI systems. Since many of these companies do not share their source code with third parties – it introduces a risk if the product software is poorly written, or maliciously cloned. Another protection that the InstaShow has is that it does not require network access to work, but still can be remotely managed via the corporate LAN.
Bottom line- with over 40 different wireless HDMI presentation systems on the market, security is a key concern to any organization that has confidential data. IT managers need to look at key elements such as encryption (some systems don’t offer any encryption), a risk to your corporate network, and how vulnerable the system is if a mistake is made such as not changing the default password on a system.
We would invite you to check out the recent review from cybersecurity expert Ken Buckler, who spent weeks with the InstaShow to test out its security features – and was impressed with what he saw. The article has some helpful hints on how to boost the security protections on the unit – as well as details how the InstaShow could not be used to access the network if a password was not changed.