"Researchers from Dickweed University's Network Security Lab discovered a flaw affecting nearly every TV on the planet. The flaw allows a radio-frequency attacker with a low budget to take control over tens of thousands of TVs in a single attack, forcing the TVs to turn on or off, or switch channels. The attack works by equipping a drone with a powerful universal remote, sending commands to all TVs in a broad range." It's even scarier like this!
That is not how this attack actually works. The attack has nothing to do with the remote and references to it and the "red button" have derailed things. This is an attack on the broadcast television signal. As you recall, broadcast TV was switched from an analog signal to digital. In Europe the protocol for this signal is DVB and in the US it is ATSC. Within these digital broadcasts is a protocol called the HbbTV standard which allows additional interactive data, features, etc. to be embedded to provide a hybrid viewing experience. For example during a baseball game they might embed an HTML page with the stats for the current batter. The exploit is that this embedded data is not protected in any way so anyone can inject a malicious payload into the signal. This could allow such attacks as session hijacking, etc. In the demonstration the researchers are attacking smartTVs in the neighborhood by rebroadcasting a local channel with the extra packets added to the stream. That approach is limited of course to the extend to which you can override the regular broadcast signal. A much broader impact would be if you could inject the packets at the broadcast source, for example on the network between the broadcast station and the actual transmitter station. In that case your attack would reach entire greater metropolitan areas.
What I am interested in is how much, if any, of this HbbTV information gets through when local channels are carried on other transmission media such as satellite or cable.