April 16, 2026
Your TV just got schooled
Codex Hacked a Samsung TV
AI sneaks into a Samsung TV—commenters split between “old news” and “oh no”
TLDR: Codex, an AI assistant, was given a head start on a Samsung TV and ended up with full control, proving smart devices can be easier to bend than we think. Commenters are split between “this is old news with Samsung,” “you gave it the answers,” and “is this even Codex,” fueling both laughs and dread.
An AI assistant named Codex just took a guided tour through a Samsung smart TV and came back with the keys to the whole house—aka full control. The team behind it, Calif, handed Codex a starting foothold inside the TV’s web browser and the TV’s own software code, then asked, “Can you get to boss level?” It did. And the comment section lost its mind.
The loudest chorus? The “meh, Samsung TVs are basically made of Swiss cheese” crowd. One user shrugged that even an old model (yes, they said GPT-2) could have done it if given a browser. Another camp cried “assist! they gave the AI the playbook,” pointing out that supplying the TV’s firmware (the device’s operating software) made the whole thing way easier. Meanwhile, model-nerds went full CSI: some questioned whether it was truly OpenAI’s Codex, name-dropping rival models and “token limits” like sports stats.
Still, the vibe wasn’t all doom. There were jokes about TVs getting PTSD from being rebooted by a robot and a delightfully confused “What double s?” that became the thread’s accidental meme. Bottom line: big flex, real worry. If AI can go from “hello TV browser” to “I own this box,” what else in your living room is up for grabs?
Key Points
- •Researchers, partnering with OpenAI, used Codex to escalate a Samsung TV’s browser-level foothold to root in a controlled experiment.
- •The device ran Samsung’s KantS2 firmware; matching source code was available, enabling kernel driver auditing against a live target.
- •Interaction occurred via a tmux-driven shell, with commands injected and outputs parsed from logs rather than an interactive terminal.
- •Tizen’s Unauthorized Execution Prevention blocked unsigned binaries from disk; execution was achieved via an in-memory (memfd) wrapper and static ARMv7 builds.
- •Codex iteratively enumerated the device, narrowed attack surface, validated a physical-memory primitive, and achieved root on a real device without disclosing an exploit recipe.