Roku jailbreak gives users control over what channels they install
Roku has responded, saying the RootMyRoku vulnerabilities are now mitigated in its v9.4 software
What Hi-Fi Magazine via Getty Images
Obviously this is useful for enthusiasts wanting more control of their box, but it does present some security issues, and on the Github page, the developer pleads with Roku to follow the lead of other companies in creating a bug bounty program. That would pay people who find these exploits, giving them more of a reason to find and highlight them so they can be fixed, rather than enabling any kind of nefarious activity.
Update (5/18): Roku has replied with a statement, noting that customer data has not been exposed and the company also says it has mitigated the vulnerabilities in devices running Roku OS 9.4 as well.
As part of our continuous monitoring, the Roku security team identified and addressed vulnerabilities in the Roku OS – though these vulnerabilities did not expose customer data and we did not identify any malicious activity. We always want to do everything we can to maintain a secure environment for Roku, our partners, and our users, and we therefore mitigated the vulnerabilities and updated Roku OS 9.4 with no impact to the end user experience.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget
© 2021 Verizon Media Inc.