Smart TVs take snapshots of what you watch multiple times per second

melroy@kbin.melroy.org to Technology@lemmy.world – 1469 points –

By Jeremy Hsu on September 24, 2024


Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.

Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.

“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.

Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.

They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.

The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.

By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.

Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.

“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.

https://www.newscientist.com/article/2449198-smart-tvs-take-snapshots-of-what-you-watch-multiple-times-per-second/ (paywall!!)

440

LOL "if it was opt-in, no one would do it!"

no fucking shit. there is nothing worth watching that i would buy a smart tv for

One issue that has come up recently in discussions on here is that it's hard to get dumb TVs or computer monitors in large format in 2024.

Not impossible, but surprisingly difficult. I went looking for a large computer monitor for some user who wanted a large one. I eventually found an older one on Amazon still for sale, but it's not that easy to get large computer monitors, which I think is part of what drives people to use smart TVs as computer monitors.

You can get projectors, but that's not what everyone's after.

A smart tv without an internet connection is usually close enough to a dumb TV. It's not like your TV needs regular security updates so leaving it off your home network is fine.

I do not know how true it is, but I've heard that some of them will create a mesh network if your neighbor has the same brand and it's connected to the internet.

I've always meant to look into it but I have big dumb TVs that work for now.

Open the tv and rip out the antenna. Y'all already forgot the classic secret agent trope of checking the hotel room for bugs? Now we all get to play that game!

Nowadays the antenna is often embedded into the pcb, so no way to rip it out other than scraping off the traces

Google part numbers (if they aren't scratched off/lasered off/ epoxied). Once you've found the ethernet controller, you can short out the pins, or yeet it off the board.

"mechanical malfunction, please contact support" as a big red warning that you cannot dismiss

Would love to know how true this is as I wouldn't put it past manufacturers

There's another reply further down that goes into specifics. I ain't the one because I didn't come with receipts and I'm just a drunk.

It's called wardriving, a practise Samsung TVs are infamous for.

I never put that together with wardriving but that's exactly what it is. Thank you for that.

Unrelated story: ~20 years ago I was in the military and broke as hell. I went wardriving in my neighborhood looking for open wifi and found a business not too far away that had it. So I built an antenna out of a coffee can, mounted it up just outside my window, and got free wifi for months.

1 more...
1 more...
1 more...

Smart TVs are only smart when they are connected to the internet.

As mentioned by others, they sometimes network with nearby devices such as your neigbor's TV or an unsecured wifi.

1 more...

if it was opt-in, no one would do it!

Which should be telling them that not only does no one want it, but maybe just maybe we already paid for your fucking TV. Either raise the price or stop being so fucking goddamn greedy to the point that you force us to make the government force you to stop.

Of course the bought and paid for US government won't, but hopefully EU governments will.

If they raise the price, then they only get money once. If they sell your data, now they have an income stream.

1 more...

These are criminal violations of the Computer Fraud and Abuse Act. Jail the motherfucking felon CEOs!

But the supreme court ruled to save the conviction for the election.

Worse than that, they have gave free speech to corporations, and now that includes doing nearly anything involving communication or spending money.

2 more...
2 more...

So LG and Samsung likely have tons of illegal (copyright) content on their servers then? Ownership is 9/10ths of the law so they say. That’s gotta be exabytes

Most likely yes.. And other privacy sensitive information like banking details, passwords and more.

3 more...

For example, it might record if people are browsing for baby products or other personal items.

Don't mind baby products and dildos or whatever.

They could see bank activity and even login credentials when someone is temporarily displaying their own passwords.

This basically ignores all security measures regarding everything. Sensitive communication, company secrets and so on.

That's fucking seriously huge. What the fuck?!

Right? But we've been convinced the Chinese government spying on us through Huawei is a problem.

Every major tech major brands and business, even cars like BMW and now also TVs like Samsung or LG are all spying on their customers. And why isn't this forbidden by lawn already?

even if it was forbidden by lawn, most people with smart TVs keep them inside the house.

And why isn’t this forbidden by lawn already?

Money & Corruption, the movie.

Because that’s a chinese corporation making money.

It’s fine when a US one does it

1 more...
3 more...

I know right!?? I connected my htpc to my Samsung tv. Omg!

5 more...

Actual paper here.

https://arxiv.org/html/2409.06203v1

It is not sending full screenshots as anybody technical would already have guessed. It's a few KB over an hour, so it's content recognition hashes.

Opt out anyway. Their study shows the opt out option does indeed opt you out of it.

This shouldn't be opt-out. This is the digital equivalent of some fucking pervert showing up at your window and taking pictures of your TV and then letting a bunch of other perverts pay to find out what you were watching so they can use that info to manipulate you, multiplied by however many millions of TVs they've sold. Even if the punishment for that crime was just a single week in jail, the people responsible should be facing several hundredthousand years behind bars when you add it all up.

It shouldn't be opt in or out tbh. This shit should just be illegal.

The whole adverspying industry needs to be reined the fuck in and slowly turned to mulch.

The first step to that is letting us see what the advertiser has in our hidden "profiles" and let us modify and/or wipe them out.

This kinda stuff should be opt-IN, not opt-OUT. Just think of how many people don't even know this is happening, or that there even is an opt-out.

So the data is still captured every 500ms. But it batches the data together and indeed only send data of around 8kb every minute back to the centralized server. But 8kb can not be full screenshots of MBs of course, so this is some kind of meta / fingerprint data. The original author (Jeremy Hsu) is misleading here with the term "screenshot every 500ms".

the remaining scenarios exhibit consistent peak values occurring every minute, accompanied by additional smaller traffic one minute following each peak. Samsung’s official documentation (Canada, 2022a) mentions that its ACR captures the frames every 500ms, suggesting that Samsung batches the captures as well and sends the fingerprints every minute. The differences in ACR capture frequency explains the different network behavior across the two brands.

Yeah, it'll grab a few frame, crunch them up, post back something like "ac8c986ffcb770d460151b20c1cfe628612247ac2d284c780761af3b544bfea7" to the servers and from there it likely gets binned as "not recognised" but might match a segment from Star Wars 4K77.

It sounds like the sort of thing that should be off by default (and it probably is, I haven't bought a new one for years), but what we've learnt since GDPR is that if a big box comes up over what you're trying to do and it has an "Accept" button, people will generally click it and read nothing just to get back to another riveting episode of America's Deadliest Home Shootouts or something.

America’s Deadliest Home Shootouts

Does that come on before or after "Ow! My Balls!"?

Right after "People Falling Down And Suffering Serious Injuries: Oops! All slide Whistles Edition!"

But before Merica's Deadliest School Shootings

1 more...
1 more...

The original author (Jeremy Hsu) is misleading here with the term “screenshot every 500ms”.

"meta tags every 500ms" might be more accurate, but the end result is the same. The device is monitoring what you consume in order to aggregate data on your household.

How can I turn this input into an intrusion vector and exfiltrate all their IP to public social media and then corrupt all their servers and backups and make their IT Dept autodefenestrate ?

1 more...
1 more...

THIS is piracy. Along with all the other personal data selling.

Imagine the amount of bandwidth and energy saved, if they didn’t do any of this bullshit.

They are essentially using someone else’s money to get themselves more money. Fuck these people!

3 more...

You hear that? It's a whisper.... It's a multinational multibillion dollar class action lawsuit coming after Samsung and LG. WTF!

Okay. So how do we turn it off!? I’ve read nothing in my Samsung manuals about this “feature” and here no instructions for turning it off.

Just don't hook it up to your wifi. Don't use any of its included apps. If you must stream get a separate device to do it.

This is the correct answer. I actually disabled LG's version of it when I first heard about it. A few months later it had been reactivated in an update, so I just factory reset it and connected an old laptop.

You can't trust anyone — corporation or government — to protect or respect your privacy. Ever. If it's not open source and E2EE, assume that a criminal is going to view and process it for profit.

No it is not the correct answer! The correct answer is to put the CEOs who perpetrate this criminal shit in prison for millions of counts of hacking and stalking!

Merely shrugging and implementing a technological workaround is not an appropriate response to someone perpetrating a felony against you!

3 more...
3 more...

I have a Samsung smart TV that is not connected to any networks, and every few days it will display a 'detecting device' loading screen when switching to my input that fails after 30 seconds or until I cancel it (canceling does not seem to impact its functioning)

I have no evidence but I strongly suspect this to be related to attempting to record and send device data to a remote server.

I have noticed this too, I have to press the 'back' button on the remote to get the computer output.

Question, what separate device is best and most privacy focused? I just imagine getting a firestick, google Chromecast, etc would also give away data?

There are some open-source systems for media PCs.

Kodi seems to me to be popular, though I don't use a media PC myself.

You'll need to have the technical knowledge to install it yourself.

Again your media PC (or HTPC) is still connected to a smart TV. And the problem is with the TV recording HDMI data. In fact, if you read correctly, the Smart TV does no record data from the built-in apps like Netflix.

It still can connect to untrusted wifi access point (without password protection). So also try to go to: Settings Menu -> General & Privacy -> Terms & Privacy -> And there is a whole list of privacy setting. Try to find the option to: Do not agree with all. Or you need to manually disallow each privacy option.. Good luck!

4 more...

No Internet for the device

They have been known to connect automatically to nearby compatible devices or unsecured wifi.

Use Pi-hole and block their domains

Do you know where I can source the domains?

Pihole will log DNS requests. The requests come.from the TV. So when it pops up, Block it.

1 more...

Disable internet.

You'll have to insulate your home from any outside unsecured wifi and compatible devices to stop some of them from networking.

Since it can also connect to untrusted wifi access point (eg. without password). You need to live in a Faraday cage ..

I got an LG because despite how it looks, you can just refuse to agree to a bunch of their privacy agreements and be fine. It's not perfect, but it's a hell of a lot better than it would be otherwise, and miles ahead of Samsung's lack of options.

I have come to realize this and have declined all the T&Cs except for like 3 that you just have to accept to make it function.

Yep, same. Works fine for me, I never wanted the features that disables.

If there are open wifi networks near your TV that you can't lockdown, you'll want to confirm it your make/model is known to automatically connect to those, and then take whatever mitigation steps are justified for your own use case.

For example, if you have multiple TVs, maybe you can swap models around based on their capabilities and location, or look up the schematic for the TV and see if it's easy to block it's internal antennas.

Or maybe that seems like too much of a hassle and you just say fuck it, and don't worry about it. Which is always an option, because given how much data already gets sucked up by surveillance capitalism, my evening TV viewing habits have to be some of the lowest value data points, as I already block ads and avoid all ad supported services.

I love my Samsung because I never gave it the wifi credentials.

Dumb TV is better. My PS5 can do everything I want and I already give all my metrics to them just playing it

Hello 8th person I've had to explain this to: they still connect to stuff. Even if you disable WiFi on the Samsung TV they can mesh network with other TVs in your neighborhood or with your phone (Samsung is particularly pushy about wanting you to install and connect your phone).

1 more...
1 more...

Its real tricky to get into and overwrite some of the SoC processors and ARM chipsets, but pretty earlyon the hacker crowd was turning Samsungs Smart TVs dumb.

They've acrually got some great resistance to screen burn.

You can go to Settings Menu -> General & Privacy -> Terms & Privacy -> And there is a whole list of privacy setting you automatically agreed with (which you didn't). However, you should find an option for: Do not agree with all. Or you need to manually disallow each privacy option.. Good luck!

10 more...

Yeah. My Samsung claws my firewall like a squirrel trapped in a box. It intensifies on certain hours of the day. I'm quite sure it also tries to send what devices are connected and what filenames are in attached memory sticks. Maybe also some media file checksums.

Do your firewall rules allow you to block your tv's telemetry, while allowing you to still use the internet on it? If so, would you mind sharing how you did it?

You should look into PiHole, if you're half-savvy with computers. They should be able to block all the destinations smart TVs are trying to connect to

10 more...
10 more...
10 more...

This is why our "smart" TV is not allowed to be connected to the internet.

But can you really be sure that it doesn't connect to another network? i have to check again but if i recall correctly there are TVs that try to connect to other open networks or even look for other TVs from the same manufacturer and connect through those to the internet. I have to double check this again, so take this with a grain of salt

If that's true - lan for your own content with network isolation and ripping out the WiFi antenna, I guess?? I hate this

There is such a thing called HDMI Ethernet. If you connect some sort of Android box to your TV it might establish an Ethernet connection with it and thus connect to the internet.

If you use an Android TV system you don't get to complain about your video output device tracking.

I have searched for alternatives. There are none that I am aware of. I just want a streaming box that can run jellyfin with a simple remote. I really don't want to use a keyboard in bed.

If anyone knows a simple setup that boots straight into jellyfin with a remote, I would love to hear about it.

1 more...
1 more...
2 more...

A smart TV is not allowed on my property.

I am a bit puzzled about the "even when your laptop is connected" part.

I have a small android box connected to it and am not using apps on the TV so it should have no chance of sending screenshot out even if it takes them.

The TV itself is not connected

what kind of Android box do you have? anything you recommend? (looking to have some sort of streaming client)

Nvidia Shield. The bigger one.

Yes, it's a couple of years old at this point, but it's still the best device of its kind.

Not to mention the remote is FANTASTIC.

2 more...

Sorry for being paranoid but can the TV piggyback the connection used by the the streaming device/android box to send data back to the TV OEM?

6 more...
9 more...
11 more...

Something doesn't add up. How can a TV take 100 Screenshots of 4k content per second? No wifi has that bandwidth. No embedded processor has that capacity.

It doesn't need a 4K screenshot. It needs enough data/metrics from any given single frame to run it through analytics and an algorithm to tailor ads. Backend surveillance like this isn't interested in fidelity to the human viewing experience. It needs identifying data. That can be had through a combination of low quality data scrapes done numerous times.

"Screenshot" is more like a metaphor here. Sort of like how your Apple or Google photos are "private," but the data and analytics taken from them you've given away. It's like if you told me I could look at all the photos on your phone and take as many notes and subject them to as much analysis as I wanted, but I promised not to actually physically keep your phone/photos. Probably makes you feel like your photos are securely still in your possession, but I got what I wanted. Your data is technically private, but my data about your data is mine.

Totally agree. It sounds like something was lost in translation here by the final edit of potentially some run though a llm for proof reading to dumb it down enough to either just make it more consumable, more clickbait or realistic both.

My guess is the actual research reported that it was 100s of packets per second (not screenshots) which is still a lot more than you would expect even for spyware. Either way it’s been well known that smart tvs are spyware ridden, I don’t need a paywalled service to tell me that.

I'm the OP, but not the author of this article posted.

After I dove deep into the study, the study said it records data at 500ms. And then it batches the data together, and only sent data once per minute back to Samsung. Between 8kB and 9kB of data per minute. So definitely not 4K screenshots.

  1. it doesn't necessarily take full resolution images

  2. just because it can capture images a few hundred milliseconds apart doesn't mean it's continuously capturing images. It could be several in short bursts with a delay between groups of images.

3 more...

I'm pretty familiar with how one particular brand of TV works, and you're right, it's absolutely not screenshots. It's a handful of single pixels across the screen. By matching these pixels against known content it's possible to identify what was being watched. Not too different than how Shazam can identify a song.

That's not to say all TV manufacturers work that way.

I'm with you, I think it's probably BS. But I suppose it could be taking highly compressed low resolution snapshots.

I agree. I'm the OP, but not the author of this article. I do believe this author doesn't know what he is talking about. After looking at the study, it seems it does record data at 500ms interval. However, only in intervals of 1 time per minute 8kB of data is sent back, meaning its only some kind of meta data.

Plenty of embedded processors have that capacity, but I generally agree about the bandwidth.

It may be snapping multiple in a small period of time, everyonce in a while. Compressing them in the background then trickling them back out.

Probably a data snapshot, not an actual screenshot.

360p is probably enough. And that's "up to" per second, average is probably far far far less.

It doesn't say the screenshot must be full resolution and it doesn't say the screenshot is immediately uploaded. A couple seconds to downscale and compress would work the same as far as content identification is concerned

Yea I don't believe it, that's some processor intensive streaming. My security camera feeds can't even do that. 100fps is crazy for streaming. Are we sure these "screenshots" aren't just anonymous metric gatherings like video codecs and resolution?

4 more...

LG by now will have several weeks of footage of me scrolling through streaming services and failing to find anything to watch.

Diagnosis: ADHD. Display ads for stimulants.

Probably won’t happen as I’m not in the US, however if it does start to show ads it will be very quickly disconnected from the internet and relegated to being solely a display for the PS5. It’s not far off that anyway.

prediction if this becomes widespread: soon they will have their own wireless internet connection just so they wont have to rely on your network to spy on you lel😎

You joke but that's literally what they did with the cars. I remember when that was an upsell, now you getting that modem you asked for it or not and it will ping the merchant when it detects that you are fucking your mistress in the back seat.

Welcome to to today's America peasants

Not sure how ads for medications are legal anywhere.

2 more...
2 more...

Do not connect your Smart TVs to network people, seriously. Just a bad idea. Use a media center PC or some other device that allows you to stream content, and make sure the TV itself is just a big monitor, nothing more.

I hear but have not verified that they will connect to an open network without letting you know.

I have definitely had to forget networks, then have them connect to that network weeks later at random, then having to forget the network again. Don't know how that's legal.

Forgetting a network is only when your wifi is password protected. If the TV can find an open wifi access point, it could just automatically connect to the internet. "Forgetting" a network doesn't help here..! Since there is nothing to forget (there are wifi points without password). But it should be forbidden IMO to automatically connect to these kind of access points. But even your mobile phone might do the same thing.

Yep, it was my personal, password-protected network. Either someone reconnected it (unlikely, I live with my gf who doesn't use the TV) or it just cached the password until it decided to spy on my again 🙃

1 more...
11 more...

Theoretically I could display highly illegal stuff and they would distribute it making them complicit?

Can the API be hacked to flood their servers with petabytes of cat pictures?

What is happening with the data? Where are the data savers?

2 more...

Friendly reminder that gaming console monitors, computer monitors, projectors, dumb TVs, and commercial displays exist.

Yes, I could hack a smart TV to disable its networking capabilities. (Merely withholding my wifi password is not reliable.) But that would still be showing the manufacturers that I find spyware TVs acceptable, and supporting the production of those models.

Also, this would be a good time to pressure our legislators into criminalizing this nonsense.

dumb TVs

Only one company makes Dumb TVs anymore, Sceptre, and the quality is very hit or miss due to the way they acquire their screens.

It's also harder to find them in larger sizes any more, even for the few for which sell them at all, so if you want a larger one, you may not have much by way of options.

https://assetbasedlife.com/dumb-tvs-are-a-dying-breed/

This lists Insignia, which is a Best Buy store brand.

This has a couple, at least as of last year:

https://www.tomsguide.com/features/dumb-tvs-heres-why-you-cant-find-them-anymore

Your best bet of grabbing one is to head over to Best Buy and look out for the Insignia brand of TVs. There you can find a 43-inch dumb TV for around $169 or a 32-inch model for $69 . (Links to Best Buy.)

On Amazon, you can simply search for dumb TV and you should be able to find a few options from manufacturers like Westinghouse, RCA or Sceptre. (Links to Amazon.)

It's also possible to buy a used TV, but obviously, as with getting used cars to avoid monitoring stuff in newer cars, the pool of those will only be around for so long, and you can't take advantage of any technological advances subsequent to them.

Plenty of companies make display TVs that only display commercial content. You see them all the time displaying menus in fast food restaurants.

These can also have all smart tech turned off because some companies also use them as digital whiteboards to display proprietary or confidential information.

2 more...
2 more...

Why is withholding the WiFi password not enough? Could they somehow piggyback off a different device or something?

I've heard that some of them will connect to any wifi available. So if your neighbor does not have a password on their network. The tv will connect and upload the data.

Yes. It could talk to another smart device and ask it to send its packages. You could be careful and connect none of the smart crap in your house to your network, but the smart fridge in your upstairs neighbor's kitchen could still be helping with smuggling your data out. Or your devices could be connected to some unsecured network around.

In any case, the only surefire way to stop your data from getting smuggled out is to physically kill all the wireless connectivity capabilities of the device. Disconnect antennae, desolder chips, scrape out pcb traces. Otherwise you're just hoping the firmware is not doing anything funny. Fortunately I think these are all hypotheticals that have not (yet) been observed in real smart home products.

1 more...
2 more...

Not putting your WiFi password in would absolutely be reliable. I’d love to hear your ideas on how they’d remotely break into your WiFi Network

Not putting your WiFi password in would absolutely be reliable.

No, it would not.

I’d love to hear your ideas on how they’d remotely break into your WiFi Network

They wouldn't, of course, nor did I say they would.

(But since you brought it up, we have already seen internet providers quietly using their CPE to create special-purpose wireless networks surrounding customers' homes. These could obviously be made available to any company that paid the ISP for access, just as cellular networks have been made available to companies like OnStar. So a TV could do this with a business deal rather than breaking in to your normal WiFi.)

However, your network is not the only network in the world, and WiFi is not the only kind of link. Neighbors exist. Open guest networks exist. Drive-by and fly-by networks exist. Mesh networks exist (and are already created by devices like Amazon Echo). Power line networking exists. Bluetooth, LoRa, cellular, etc. etc. etc. Maybe you live on an isolated mountain top where these things are unlikely to reach you (at least until satellite links become a little smaller and cheaper) but even that is not absolute, and most of us don't.

Unless you disassemble your TV and examine all the components within, and know what they do, it could have any number of these capabilities.

Also, partly due to how prevalent multi-network support is becoming in electronics integration, it is not unusual for related functionality to be dormant at first yet possible to activate later.

I'd love for you not to be adversarial, and to learn more about a topic before making bold claims about it in absolute terms.

To add to this, often, even if you turn off Bluetooth, your devices can still communicate via Bluetooth Low Energy, something that's separate from classic Bluetooth and typically (to my knowledge) cannot be turned off. As an example, I've heard that Google uses it to send ad targeting info between devices.

If you have a samsung phone in the house, it can connect to the TV and give it a hotspot of sorts. This is a hypothetical, not real (yet!)

2 more...
6 more...

Btw, is there a firmware hacking/flashing scene for smart TVs?

Yes there is, believe it or not. It just depends on the kind of TV you have.

I setup my LG to be “jailbroken” so I could have it inject a python script into a PS4 to mod that.

https://youtu.be/zYoesrUsIj8?feature=shared

Interesting stuff.

The other option is to setup a PiHole and find the telemetry they are using to send the info off and blocking that.

I would love to able to able to put a different OS that does nothing but what I actually tell it to so on my smart TV...

Buy a commercial TV. It's a plain jane TV. I put one in as a SCADA, but it's just a tv with no frills. When I saw what it was, I knew when I'd need to purchase a tv this would be the type I wanted.

4 more...

So what do we do when smart TVs force us to connect to the Internet, and refuse to work until we do?

This is exhausting. We're speeding towards a horrible, privacy-less future.

We own a few TVs but nobody actually watches them. If we're all out in the living room there's four phones out with four people watching four different things.

7 more...

The question now is, even if I don’t connect the TV to Internet, what TV brand should I buy? Currently I have LG, but no way I’m supporting that even without Internet connection.

Well thing is, they all track you to some point.

Specs wise, LG still makes some of the best TVs. You want 4k 120Hz, they've got you. But if you feel morally unable to support a company that has opt-out tracking like this, you're a bit more limited. I thought maybe Sony's better, but nope. There's instructions on how to disable ACR on their TVs too. Philips comes with Roku or Google TV, both of which snoop on you, but I don't know if they do the automatic content recognition thing.

Dumb TVs exist, but good luck finding one with a decent resolution AND price.

good luck finding one with a decent resolution AND price.

That raises the question: is there one that has decent resolution and privacy, but is expensive? Those of us who can afford it should surely go for the privacy friendly option regardless of price. Boycotting the surveillance society that's in full development is worth a lot.

1 more...
2 more...
12 more...

"They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device."

The world is owned by a big club, and you're not in it.

The only sensible way to operate these TVs is with no internet connection. We run our entertainment through an AppleTV. If that ever starts showing ads at rest, I’ll replace it with a Mac mini or a NUC. Fuck these companies and their race to the bottom.

They collect all this data and then still cancel the most watched/best shows.

Morons.

So they are allowed to pirate content actually? Even if it’s not Netflix or YouTube they take screenshots of potentially copyrighted content

Did you actually read the article? They don’t upload screenshots; they recognise content and upload the identification of that content.

The blurb above says that the TVs uploads screenshots when viewing antenna and hdmi input sources, which is what most people are reacting to here. The actual article is paywalled.

However other articles go into more detail and note that only a few KB of data per hour is actually uploaded, so the TV must be doing image analysis locally and uploading metadata only.

The original author that is indeed behind a paywall doesn't know what he is talking about. I dove into the official study and it seems to be 500ms interval data gathering. But only 1 time per minute batches together 8KB data sent back to Samsung.

Right, but 480K per hour clearly isn't going to contain a bunch of 4K screenshots, so it must be doing local analysis.

1 more...
1 more...
1 more...
2 more...
2 more...

Use a pihole people, don't go barebacking the internet

Doesn't help if the device has a baked in DNS address and just ignores your settings tho. Amazon and Google devices seem prone to that. After blocking everything on the common DNS ports except the PiHole, some of my devices have been acting kinda sluggish.

Easy to block that - though not with pihole exclusively.

We use another tool at our network edge to block all 53/853 traffic and redirect all port 53 traffic to our internal DNS resolver (works much like pihole).

Then we also block all DoH.

Only two devices have failed using this strategy: Chromecast - which refuses to work if it can’t access googles DNS. And Philips Hue bridges. Both lie and say “internet offline”. Every other device - even some of the questionable ones on a special VLAN for devices we don’t trust - work just fine and fall back to the router-specified DNS.

6 more...
6 more...
6 more...

I run a pi hole and it blocks 1000 attempts per minute from a single Samsung TV, then it outright denies requests from the tv. Duck those douches.

DNS sinks can often cause elevated traffic numbers because the client is constantly failing and retrying.

I bet if you enabled it to test the numbers would drop dramatically.

1 more...

Those are just dns lookups.

It's not just DNS. I have this rule in my firewall:

udp dport 15600 counter drop comment "Block Samsung TV shenanigans"

So far, it has blocked 20575 packets (constituting 1304695 bytes) in 6 days and 20 hours.

2 more...
2 more...
3 more...

I've said it before and I'll say it again, corporations treat you like a product. Whether you buy something from them or not. People are becoming the product that they sell.

I usually don't care very much until it starts to affect pricing for stuff based on some algorithms impression of how desperate you are. That algorithm started with travel (airlines, online booking fees for hotels and stuff) and has expanded.

If I need a new computer because mine isn't working, I don't really care that advertisers come at me with ads for their computer products. I need one, they want me to buy one, it's marketing. No worries.

If I need a new computer and suddenly all the prices for new systems goes up by $100 because it thinks I'm desperate enough to pay that, now I have a problem.

I still don't like them selling my data, and I'll do what I can to avoid it, but marketing is going to do marketing things.

The problem is, you don't get a say in the matter. If the marketing company sells on your data, you don't get to say no.

If Ford wants telemetry on your car (and they do) and they sell it to your insurance company who raises your rates because you don't drive in a manner approved by corporate, you don't get to say no.

If you search for wigs and antinausea meds, and Google sells that to health insurance who guesses you've got cancer and are a financial liability, you don't get to say no, and you don't get to argue that you were planning for a party.

If you're a fifteen year old kid and your browser starts showing gay dating ads to your extremely homophobic parents, you'd better hope they don't put it together because you don't get to stop any of it.

You can control how your data is gathered, but you have ZERO say in how it's distributed and interpreted.

1 more...
1 more...

Don't let your TV connect to the internet. I have mine on my wifi so I can control them using Home Assistant, but they're on an isolated VLAN with no internet access.

Edit: Of course, this only works if you use an external box for streaming, like an Nvidia Shield, Apple TV, Google Chromecast TV or whatever they call it now, etc.

I just never gave my TV access to the Internet and use my home theater PC to watch stuff. Never seen a need for more.

Wait what? Is there a blog or article on how to do this?

Because I can't picture how this works in my head for my setup. It needs internet to go to Hulu/Netflix/etc.

Oh sorry, I completely forgot to mention that. I'm using an Nvidia Shield for all my streaming.

Another approach is to connect the TV to the internet but block all LG/Samsung/whatever stuff, for example by using a firewall on your router.

2 more...

The TV itself wouldn't be able to reach Hulu/Netflix/etc. they're likely using another device for that. Like a media computer or something else.

Like a apple TV / Roku which then... Reports everything you're watching and or viewing. We truly live in the day and age where nothing you do digitally is private, and it's almost turned into privacy via aggregation imo now since the PBs of raw data isn't really worth it for major corporations.

Obvs if you're the .0001% I'm sure the NSA can tap into it and you're still gonna be fucked that way, but that can be said for pretty much any digital device.

Yes you can build your own HTPC, and connect it to the TV, that is what I've been doing for the past 8 years.

1 more...
3 more...
3 more...

The amount of effort i had to put into buying a dumb tv the last time it was new tv time is positively infuriating.

Yup. When we went to buy a TV I knew this was happening because the smart TVs with wifi and extra hardware and software were cheaper than the dumb TVs. Nothing is free, I knew they had to be doing this shit.

Cool. I've already got more books than I'll be able to finish before I die. Might as well get back into reading. Fuck those bastards.

I couldn't even find one last time

1 more...

Buy a computer monitor, a projector or a commercial display instead, they tend to be dumb.

Alternatively, don't connect your TV to the internet (bear in mind some are wireless). Unplug it from the wall when not in use.

As if Microsoft's Recall wasn't enough...

Alternatively, don't connect your TV to the internet

Until the first use menu gauntlet requires an internet connection to complete setup and enable the device for normal usage.

2 more...

Samsung monitors now include all the smart TV crap and need a remote to set them up

The Samsung monitors we get at the office still appear to be just dumb screens. No remote or anything like that. But that's from their business lineup of monitors. Wouldn't surprise me too much if their consumer/gamer lineup would be different.

Yes this is on their Odyssey line of gaming monitors. Their curved ultra wide is great in the office once you get through the menus

3 more...

My pi-hole blocks SO MUCH traffic from my Rokus. Never buying another Roku again.

Got a recipe for the rest of us?

I'm sure if you search the internet there are quite a few pie hole block lists that are very easy to add.

I'm sure there are dozens of not hundreds of options. But those won't salve the curiosity i have.

It's more interesting to actually learn from people and their experiences

No wonder these things operate slow as shit!

I had an issue with my 2016 Samsung TV where the interface slowed to a crawl and as soon as I disconnected the Ethernet cord it became responsive. I called Samsung customer service and they were able to reset my TV to factory settings without what I considered to be an adequate amount of authorization. I disconnected the TV again and banned it from my network and went with Apple TV.

Mine isn't connected to the internet. Too bad so sad greedy fucks

Watch next year's models have LTE modems...for your convenience of course

Not if you never connect your smart TV to the internet to complete the setup and instead use it as a dumb display (I hope)

1 more...

Sceptre still sells dumb TVs'. If you are in the US, Walmart sells them. I have one and it's pretty good. No frills.

I actually like mine. 4k on clearance for $300 for a 55" 3 uears ago. HD version was more. Menus suck and remote on/off is IR only, but I can make do.

That's both disturbing and completely expected. I've generally always preferred monitors over TVs tbh, this is just another reason for it lol

i genuinely do not understand how TVs are so corrupt and greedy. You just display pixels, that's it! The entire purpose is to convert 1s and 0s to pretty color

Imagine if your computer monitor just displayed ads on top of the hdmi signal

1 more...

“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,”

But if you never connected the TV to the internet, it's not able to upload anything right?

Correct

Thing is, it's getting pretty cheap to build radios into devices, and companies are doing that and bridging them to whatever Internet connectivity they can reach, not just your own. You don't necessarily have to personally plug something into an Ethernet socket to make a device Internet-connected.

From back when Amazon Sidewalk was rolling out:

https://www.statuscake.com/blog/what-is-amazon-mesh/

This time, however, the big news is Amazon mesh, a network to connect users and their devices. The tech giants have called this project Amazon Sidewalk+ with the idea first being made public back in 2019 where they announced they wanted to extend and expand the connectivity of their customers.

Why did Amazon do this?

According to Amazon, the main reason was to provide a better service for their customers whilst using their devices. Although there has been some backlash by those in the safety and security space, the idea seems to be very safe and simple. 

How will Amazon mesh work?

The Sidewalk project will create a network mesh between all the connected devices so it can increase the connection field around the devices. It will be able to do this by using Low-energy Bluetooth and 900MHz radio signals to pass data with the connected compatible devices. By doing this, the network can extend the reach of the signal and thus it will be able to cover a larger area to allow devices to connect. 

Here is an example of how this will work: imagine if you have a compatible device at the end of your garden such as a light which you normally can’t control with your phone. With the extended network, that light could connect to a neighbour’s device and by doing this it will be connected to the network, and you will have the ability to then use your phone to control the light.

There has been some concern regarding how much data the network will use for those who agree to be part of it and Amazon have estimated that the data usage could be around 400-500mbps a month. For most people, this is such a small amount that it won’t even be noticeable.

How can the mesh network be used?

Another use for this mesh is for users around the network to connect and possibly use the mesh to perform other tasks such as a Ring doorbell (Amazon-owned) to be installed in the part of the house where the usual Wi-Fi signal doesn’t reach. This provides customers with a great alternative to the far more expensive Wi-Fi extender mesh products on the market.

As is normal in situations like this, many users are concerned about the security of this project. According to what Amazon has released regarding how it will work so far, there will not be any security concerns as the connections will not identify which device was connected meaning that if your Ring doorbell extends the network to a nearby device, the system will not mention that this device was connected to that particular Ring doorbell. However, people need to be aware that Amazon itself can collect this data and the way the users interact with the network.

https://www.theguardian.com/technology/2021/jun/01/amazon-us-customers-given-one-week-to-opt-out-of-mass-wireless-sharing

The feature works by creating a low-bandwidth network using smart home devices such as Amazon Echoes and Ring security cameras. At its simplest, it means that a new Echo can set itself up using a neighbour’s wifi, or a security camera can continue to send motion alerts even if its connection to the internet is disrupted, by piggybacking on the connection of another camera across the street.

But the company’s plans have caused alarm among observers. Ashkan Soltani, a former chief technology officer of the US Federal Trade Commission, told the tech site Ars Technica: “In addition to capturing everyone’s shopping habits (from amazon.com) and their internet activity (as AWS is one of the most dominant web hosting services) … now they are also effectively becoming a global ISP with a flick of a switch, all without even having to lay a single foot of fiber”. The feature may also break the terms and conditions of users’ internet connections, which do not allow such resharing, warned Lydia Leong, an analyst at Gartner.

Users can disable Sidewalk in the settings section of the Alexa or Ring apps, but have until 8 June to do so. After that, if they have taken no action, the network will be turned on and their devices will become “Sidewalk Bridges”.

Amazon is not the first company to look to create such a network. Apple has taken a similar approach with the company’s range of AirTag item trackers, which can connect to the internet through any compatible iPhone they come into contact with, not simply their owner’s. And BT, through a long-term partnership with Fon, ran a service from 2007 until 2020 that allowed broadband customers to share spare bandwidth in a public wifi network.

When you have companies creating their own radio networks, they can use someone else's Internet connection to move data.

For expensive devices, like cars, it also makes economic sense to have a dedicated cell modem and service phoning data home. But it's not the only route.

Point is, you don't have a monopoly over granting your devices Internet access any more.

Well. That’s it. Get the flamethrowers. Time to burn down the Amazon.

No. Not the one that’s already burning. The other one.

4 more...
4 more...
4 more...

That means they're violating HDCP (High definition copy protection)? Do streaming services such as Netflix and Disney, as well as movie studios such as Universal, know this?

Did you go beyond the headline?

They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.

So an HDMI connected device that is streaming Netflix is getting screenshot?

I mean, even if it wasn't a streaming service, but let's say, video game content, or a blu ray, that is still a violation, and of course, if I'm playing content I made, then it's violating my copyright.

Does it means that it broadcast my chrome browser if connected through HDMI? If I check for a password in the password manager in chrome, it fucking sends my password to Samsung?

1 more...
6 more...

No... they only record on HDMI.

Exactly. HDMI contains HDCP when HDMI is streaming something copyrighted, such as Netflix app/in-browser. While they allegedly don't record Netflix app on TV, they'll be recording Netflix if it's been streamed from computer via HDMI.

6 more...

this is why you get a separate apple tv/android box and not connect your tv to the internet

Like those things aren't capable of the same shit?

anythings capable of it, but the companies behind the (premium) boxes have less of an incentive. While theyre all capable, its a matter if you have trust in them. At least for the Shield TV for example, go download a shield tv rom if you really don't trust Nvidia. If you are paranoid that they all can do it, than any smart device can do it because its connected to the internet.

4 more...

I'd rather pay for pretty much all products up-front with money at purchase time rather than pay with my data.

Not gonna tell other people what to do, but for myself, whether it's my car or television or search engine or whatever, I'd rather just pay the bill rather than having the manufacturer or service provider go data-mining my data to figure out how they can make money from it.

I think that YouTube is a great service. YouTube Premium, though, is ad-free. What I want isn't no-ad stuff, but no-log policies. And there aren't a lot of manufacturers selling privacy. And it's hard to compare services and products based on that.

I'll go one more step. I don't want to go read through privacy policies and figure out what the latest clever loophole is. We had to deal with that kind of legal stuff back prior to standardization around a few open-source licenses, and it sucked.

And I don't want to deal with privacy policies that change and maybe don't do what I want.

What I want to do is look for a privacy certification, and let the certification agency deal with that.

1 more...

I’m happy to see this, my wife and I were about to buy a smart TV. Now I’ll just get the dumb variant.

2 more...

So much more goatse and bathtube girl pictures along with porn are now gonna be on my tv

I wish I could go back in time to warn myself not to read this. The memory of receiving those (and other awful shit) is indelibly marked in my brain.

lol yeah! My friend where dicks and would set that to our screen savers or if we left our laptops open would go to meatspin.com and then lock your laptop. You got quite the surprise when you unlocked your computer lol

6 more...

Earlier this month I finally disconnected the wifi for my 7 year old Roku TV. I miss being able to turn it on w/ voice activation but I'll trade that in for my privacy

So how do you all guys watch content on these "dumb TVs"?

If you connect e.g. android box, how is it any different than connecting the TV itself? Do you think producers of android boxes aren't such pricks? This bugs my mind.

best way is a mini pc you can put an open source OS on

then you totally control it. they can be found cheap used and are usually upgradable

they are thrown out by schools and buisnesses all the time. it does not have to be very powerful by pc standards

it can also be your first home server if youre interested

2 more...
3 more...
3 more...

I never own a smart tv, but can you flash custom firmwares into it?

That would be sweet but I have never come across such a thing unfortunately!

2 more...

Ig it's time to buy a regular tv then

My pi-hole was getting hammered by an LG smart TV.(Phrasing)

That TV no longer gets internet privileges and I definitely won't be buying an LG again. I strayed from Sony and regretted it across the board.

If you have a smart device, someone is doing this with it. Best options to reduce their ability to access your devices: smart TV's - don't connect them to the internet unless you're updating the firmware. Use a streaming stick for streaming services, and then your privacy violations are minimized to the streaming stick that doesn't have a mic, or camera. Some controllers do have a mic, it's only a problem with who is making the tech. Other smart devices like fridge, microwave, oven, washer, etc, just never connect them to the internet, they likely will work fine their entire life without a network connection. Personal smart devices such as smart phones, remove google, and apple. Neither can truly be trusted, however apple does have a track record of keeping their snooping to themselves for what that's worth. For robots, they will likely need a network connection, I recommend supporting home automation projects that will allow us to replace the OS on our robot vacuums, and food delivery devices with one that connects to a home based server that doesn't need an internet connection. But never, ever, trust a smart device that is within hearing, seeing, or is touching you. It is a monitoring device, and it is being used that way by anyone with enough power.

I had to update my LG recently and it had to get approval for all sorts of weird shit. Oddly enough, it let me continue using just about everything even after I denied all the very invasive checkboxes. I guess even they can't deny use of your own tv if you reject the agreement lol

For future reference, you can update LG TVs via USB so you can avoid connecting it to a network.

mine would be getting only choppy static more than anything. where i live there is only sattelite available and it costs more than cable