Samsung & Roku Smart TV's Vulnerable to Hacking

Topic

New Reply

https://www.consumerreports.org/televisions/samsung-roku-smart-tvs-vulnerable-to-hacking-consumer-reports-finds/. I saw this yesterday, but it clicked when I was scanning the Connected Home/IoT forum. CR tested 5 smart TV’s based on its new Digital Standard. Their focus was on Security & Privacy; please read the article for a lot of good information & advice. Their Bottom Line to prevent any security problems & data collection: Buy a ‘dumb’ TV or make the Smart TV ‘dumb’ by turning off the TV’s WiFi connection. Problem, IMHO: CR rated nearly 200 Midsized & Large TV’s in 2017 & only 16 were ‘dumb’ (can’t connect to internet & stream). They expect less than that in 2018. They have advice to restrict data collection whether you are looking to buy a smart TV or already have one.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

5 users thanked author for this post.

Microfix, HiFlyer, Ascaris, Elly, Bill C.

Reply | Quote

Replies

There are a couple of caveats to the idea of turning off the wifi and making the item “dumb.”

I read reports years ago of a TV (a Vizio?  Not sure) that, if you did not supply it with credentials to log into an access point, would decide on its own to look for open APs and associate with any that it found.  Just what I need… a TV that decides to quietly steal my neighbor’s internet bandwidth!

The other one was reported by The Register a few weeks ago, where smart devices and other IoT things would come with cellular network connectivity that could not be switched off; the service would be paid for by the vendor in some kind of bulk deal with the cellular provider, so that any efforts to stop the phoning home become a lot more complicated.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

3 users thanked author for this post.

HiFlyer, WildBill, Elly

Reply | Quote

We bought a smart TV about a year ago. The first thing I did was to disable all connectivity functionality; I then set it to not even prompt for a password for my local wifi. In other words, it appears that I was successful in making it a “dumb” TV.

If I would not have been able to disable the connectivity functionality, I would have brought it back and asked for a refund. This is one of the reasons I usually go to Walmart for stuff like this – they are really good at giving you your money back with no questions asked.

In truth, a company which engages in this sort of spying needs to get hit with a massive class-action lawsuit. When I say “massive”, I mean “multi billion dollar”. The only way this is going to stop is if the price for doing it is intolerable.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

2 users thanked author for this post.

Microfix, Elly

Reply | Quote

Smart users are getting harder to come by these days

Our only smart device is a Samsung 3D DVD player which has never seen a wifi connection or an RJ45  cable, nor is it likely to.

I prefer dumb devices where WE have the control, although SWMBO keeps misplacing the remote controls but. that’s another story..

Windows - commercial by definition and now function...

Reply | Quote

Both of those are scary; poaching WiFi if not directly connected & having cellular connectivity (at least 3G) to phone data home to the vendor. Links to any verifiable stories are welcome. As for Visio, the CR story links to an FTC blog entry relating that Visio got caught collecting viewing data without consumer consent. Visio not only collected data without consent, but sold viewing histories to advertisers & others. If the FTC & New Jersey’s Attorney General’s office hadn’t caught Visio, there probably wouldn’t be any data privacy standards, IMHO. Visio settled with the FTC & NJ AG for cash, &:

“agreed to stop unauthorized tracking, to prominently disclose its TV viewing collection practices, and to get consumers’ express consent before collecting and sharing viewing information. In addition, the company must delete most of the data it collected and put a privacy program in place that evaluates Vizio’s practices and its partners.”

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

2 users thanked author for this post.

Elly, HiFlyer

Reply | Quote

Yes I often wonder if Samsung, Sony, LG and television manufactures were or are doing this? That fine Vizio received seems puny, maybe it should have been that 2.2 million plus the profits they made by selling that data.

Reply | Quote

There is a market for “dumb” 4k televisions! I suppose folks could buy a quality 4k computer monitor if they do not want to use over the air transmissions and have an existing audio setup. Yeah reading that second sentence, looks silly doesn’t it?

Reply | Quote

The smart way to have a “smart TV” is to turn off all connectivity functionality in the TV, then set up a computer next to it, and plug in the TV as an external monitor for the computer.

Then get yourself a wireless keyboard and mouse.

Now you can sit on the sofa, put the keyboard, mouse, and remote control on your coffee table, and have a smart “smart TV”.

It is a lot safer to get on line with your computer than with your TV. That’s why I recommend that the TV be an external monitor, nothing more.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

WildBill

Reply | Quote

Not sure my laptop would use the 43″ UHD Samsung smart tv- would that damage the graphics card in laptop? nvidia gforce mx150 2gb vram.

Also, I haven’t seen any mention of problems w/ security if hardwired? Cant seem to find on/off for wifi…its either asking for wi fi ssid /password or ethernet wired.

 

Reply | Quote

If your laptop/desktop has a HDMI port & the “Smart” TV does too, you should be able to purchase a HDMI cable long enough to connect both. I can’t speak about any effects on graphics cards; I expect the HDMI connection bypasses it. There should be people here with experience about that. As for turning the WiFi connection on or off, & knowing or setting up your SSID/password, information should be in the TV’s User Manual, either printed or online. If you want to make the Smart TV “dumb”, don’t connect it to your Internet router/modem. If you must have it connected to the Internet, again, there are probably people here with the necessary experience to help.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

WildBill wrote:

I can’t speak about any effects on graphics cards; I expect the HDMI connection bypasses it.

Or the HDMI connection could be wired directly to it.

HDMI is pretty well cross-compatible and isn’t supposed to damage things even if they can’t match display modes… unless broken in ways that short overvoltage into it or something, but that’s the same for everything with any electronic signaling.

Also surprisingly low-powered old devices have been able to drive UHD screens over HDMI.

MrJimPhelps wrote:

That’s why I recommend that the TV be an external monitor, nothing more.

Well, maybe an audio and USB hub too, driven from the same computer. Connect a separate USB camera when and if you need one for remote meetings or something and disconnect afterwards.

Reply | Quote