this post was submitted on 26 Sep 2024
1473 points (99.2% liked)

Technology

60101 readers
2051 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

By Jeremy Hsu on September 24, 2024


Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.

Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.

“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.

Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.

They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.

The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.

By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.

Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.

“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.

https://www.newscientist.com/article/2449198-smart-tvs-take-snapshots-of-what-you-watch-multiple-times-per-second/ (paywall!!)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 80 points 3 months ago (11 children)

Okay. So how do we turn it off!? I’ve read nothing in my Samsung manuals about this “feature” and here no instructions for turning it off.

[–] [email protected] 119 points 3 months ago (5 children)

Just don't hook it up to your wifi. Don't use any of its included apps. If you must stream get a separate device to do it.

[–] [email protected] 42 points 3 months ago* (last edited 3 months ago) (1 children)

This is the correct answer. I actually disabled LG's version of it when I first heard about it. A few months later it had been reactivated in an update, so I just factory reset it and connected an old laptop.

You can't trust anyone — corporation or government — to protect or respect your privacy. Ever. If it's not open source and E2EE, assume that a criminal is going to view and process it for profit.

[–] [email protected] 33 points 3 months ago* (last edited 3 months ago) (2 children)

No it is not the correct answer! The correct answer is to put the CEOs who perpetrate this criminal shit in prison for millions of counts of hacking and stalking!

Merely shrugging and implementing a technological workaround is not an appropriate response to someone perpetrating a felony against you!

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago)

Okay... Though I agree the system is run by criminals, I'm gonna continue protecting my data as best I can, and recommending everyone do the same, while you live in a magical fantasy land where we don't live in capitalist plutocracies and the rule of law applies to everyone, equally!

[–] anonymouse2 0 points 3 months ago (1 children)

The downvotes are because your "solution" is not based in the reality that the rest of us live in.

[–] [email protected] 3 points 3 months ago

There are no downvotes, so I'm not sure what point you think you're making.

[–] [email protected] 31 points 3 months ago (1 children)

I have a Samsung smart TV that is not connected to any networks, and every few days it will display a 'detecting device' loading screen when switching to my input that fails after 30 seconds or until I cancel it (canceling does not seem to impact its functioning)

I have no evidence but I strongly suspect this to be related to attempting to record and send device data to a remote server.

[–] [email protected] 5 points 3 months ago

I have noticed this too, I have to press the 'back' button on the remote to get the computer output.

[–] [email protected] 7 points 3 months ago (1 children)

Question, what separate device is best and most privacy focused? I just imagine getting a firestick, google Chromecast, etc would also give away data?

[–] [email protected] 9 points 3 months ago* (last edited 3 months ago) (1 children)

There are some open-source systems for media PCs.

Kodi seems to me to be popular, though I don't use a media PC myself.

You'll need to have the technical knowledge to install it yourself.

[–] [email protected] 2 points 3 months ago

Again your media PC (or HTPC) is still connected to a smart TV. And the problem is with the TV recording HDMI data. In fact, if you read correctly, the Smart TV does no record data from the built-in apps like Netflix.

[–] [email protected] 2 points 3 months ago

It still can connect to untrusted wifi access point (without password protection). So also try to go to: Settings Menu -> General & Privacy -> Terms & Privacy -> And there is a whole list of privacy setting. Try to find the option to: Do not agree with all. Or you need to manually disallow each privacy option.. Good luck!

[–] JohnDClay 1 points 2 months ago

Sometimes it requires Wi-Fi for setup. In that case, change the Wi-Fi password after you set it up.

[–] [email protected] 47 points 3 months ago (1 children)
[–] [email protected] 7 points 3 months ago

They have been known to connect automatically to nearby compatible devices or unsecured wifi.

[–] [email protected] 23 points 3 months ago (2 children)

Use Pi-hole and block their domains

[–] [email protected] 15 points 3 months ago (1 children)

They're getting smart to that and are starting to hard code server IPs, circumventing any DNS you have in place.

[–] [email protected] 8 points 3 months ago (1 children)

Joke's on them. Their telemetry server is in another ~~castle~~ VLAN.

[–] [email protected] 1 points 3 months ago

TV: mamma mia!

[–] [email protected] 5 points 3 months ago (2 children)

Do you know where I can source the domains?

[–] burrito 17 points 3 months ago (1 children)
[–] [email protected] 3 points 3 months ago

I use nextdns on my network and there’s a filter there for smart tvs. Samsung seems to want to call home the most.

[–] [email protected] 5 points 3 months ago

Pihole will log DNS requests. The requests come.from the TV. So when it pops up, Block it.

[–] [email protected] 17 points 3 months ago (1 children)
[–] [email protected] 7 points 3 months ago (1 children)

You'll have to insulate your home from any outside unsecured wifi and compatible devices to stop some of them from networking.

[–] [email protected] 3 points 3 months ago

Since it can also connect to untrusted wifi access point (eg. without password). You need to live in a Faraday cage ..

[–] [email protected] 14 points 3 months ago (1 children)

You know that part of the manual that tells you to connect the TV to the Internet?

Don't do that.

[–] [email protected] 3 points 3 months ago (1 children)

That sadly doesn't work well enough. They will connect to things on their own.

[–] [email protected] 1 points 3 months ago

That's some underhanded bs. I didn't know they started doing that. Damn.

[–] [email protected] 12 points 3 months ago (1 children)

I got an LG because despite how it looks, you can just refuse to agree to a bunch of their privacy agreements and be fine. It's not perfect, but it's a hell of a lot better than it would be otherwise, and miles ahead of Samsung's lack of options.

[–] [email protected] 6 points 3 months ago (1 children)

I have come to realize this and have declined all the T&Cs except for like 3 that you just have to accept to make it function.

[–] [email protected] 3 points 3 months ago

Yep, same. Works fine for me, I never wanted the features that disables.

[–] pandapoo 11 points 3 months ago

If there are open wifi networks near your TV that you can't lockdown, you'll want to confirm it your make/model is known to automatically connect to those, and then take whatever mitigation steps are justified for your own use case.

For example, if you have multiple TVs, maybe you can swap models around based on their capabilities and location, or look up the schematic for the TV and see if it's easy to block it's internal antennas.

Or maybe that seems like too much of a hassle and you just say fuck it, and don't worry about it. Which is always an option, because given how much data already gets sucked up by surveillance capitalism, my evening TV viewing habits have to be some of the lowest value data points, as I already block ads and avoid all ad supported services.

[–] [email protected] 11 points 3 months ago (1 children)

I love my Samsung because I never gave it the wifi credentials.

Dumb TV is better. My PS5 can do everything I want and I already give all my metrics to them just playing it

[–] [email protected] 8 points 3 months ago (1 children)

Hello 8th person I've had to explain this to: they still connect to stuff. Even if you disable WiFi on the Samsung TV they can mesh network with other TVs in your neighborhood or with your phone (Samsung is particularly pushy about wanting you to install and connect your phone).

[–] [email protected] 2 points 3 months ago

Ok I'll look into this. I have not witnessed any evidence of this behavior. What frequency would this be meshed on? Any 2.4GHz and 5Ghz I would have already seen.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago)

Its real tricky to get into and overwrite some of the SoC processors and ARM chipsets, but pretty earlyon the hacker crowd was turning Samsungs Smart TVs dumb.

They've acrually got some great resistance to screen burn.

[–] [email protected] 2 points 3 months ago

You can go to Settings Menu -> General & Privacy -> Terms & Privacy -> And there is a whole list of privacy setting you automatically agreed with (which you didn't). However, you should find an option for: Do not agree with all. Or you need to manually disallow each privacy option.. Good luck!