By Jeremy Hsu on September 24, 2024
Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.
Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.
“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.
Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.
They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.
The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.
By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.
Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.
“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.
this is why you get a separate apple tv/android box and not connect your tv to the internet
Connect it to a Linux PC for optimal privacy.
Again, Samsung and LG is sniffing the HDMI port… So especially if you use another device like an Apple TV or Android or HTPC running Linux, only then Samsung & LG will record this data and sent back to HQ.
If you use a PC, there is no need to connect the TV to your WiFi, which means it won’t send any data.
Correct. Assuming your TV doesn’t connect to open wifi access points.
And assuming you never want to use any of the smart features or apps.
Like those things aren’t capable of the same shit?
anythings capable of it, but the companies behind the (premium) boxes have less of an incentive. While theyre all capable, its a matter if you have trust in them. At least for the Shield TV for example, go download a shield tv rom if you really don’t trust Nvidia. If you are paranoid that they all can do it, than any smart device can do it because its connected to the internet.
Friendly reminder that gaming console monitors, computer monitors, projectors, dumb TVs, and commercial displays exist.
Yes, I could hack a smart TV to disable its networking capabilities. (Merely withholding my wifi password is not reliable.) But that would still be showing the manufacturers that I find spyware TVs acceptable, and supporting the production of those models.
Also, this would be a good time to pressure our legislators into criminalizing this nonsense.
Not putting your WiFi password in would absolutely be reliable. I’d love to hear your ideas on how they’d remotely break into your WiFi Network
Not putting your WiFi password in would absolutely be reliable.
No, it would not.
I’d love to hear your ideas on how they’d remotely break into your WiFi Network
They wouldn’t, of course.
However, your network is not the only network in the world, and WiFi is not the only transport in the world. Neighbors exist. Open guest networks exist. Drive-by and fly-by networks exist. Mesh networks exist. Bluetooth, LoRa, cellular, etc. etc. etc. Maybe you live on an isolated mountain top where these things are unlikely to reach you (at least until satellite network links become smaller and cheaper), but even that is not absolute, and most of us don’t.
Unless you disassemble your TV and examine all the components within, and know what they do, it could have any of these capabilities.
Also, given how prevalent multi-network support is becoming in electronics integration, it is not unusual at all for hardware functionality to be dormant at first but available for activation later.
I’d love for you not to be adversarial.
To add to this, often, even if you turn off Bluetooth, your devices can still communicate via Bluetooth Low Energy, something that’s separate from classic Bluetooth and typically (to my knowledge) cannot be turned off. As an example, I’ve heard that Google uses it to send ad targeting info between devices.
If you have a samsung phone in the house, it can connect to the TV and give it a hotspot of sorts. This is a hypothetical, not real (yet!)
Remember how Comcast routers made that ghost mesh network?
Any link to news? This is my first time heard of this.
Sounds standard for Comcast or whoever they are now. Couldn’t find anything though. Curious
I don’t have a link but Comcast offered a get WiFi anywhere option for their customers where they could use anyone’s combination modem/router from Comcast to get online with their company credentials. This was (is?) impossible to disable.
And Amazon sidewalk.
Why is withholding the WiFi password not enough? Could they somehow piggyback off a different device or something?
I’ve heard that some of them will connect to any wifi available. So if your neighbor does not have a password on their network. The tv will connect and upload the data.
Good question. Please see my follow-up comment.
Yes. It could talk to another smart device and ask it to send its packages. You could be careful and connect none of the smart crap in your house to your network, but the smart fridge in your upstairs neighbor’s kitchen could still be helping with smuggling your data out. Or your devices could be connected to some unsecured network around.
In any case, the only surefire way to stop your data from getting smuggled out is to physically kill all the wireless connectivity capabilities of the device. Disconnect antennae, desolder chips, scrape out pcb traces. Otherwise you’re just hoping the firmware is not doing anything funny. Fortunately I think these are all hypotheticals that have not (yet) been observed in real smart home products.
but the smart fridge in your upstairs neighbor’s kitchen could still be helping with smuggling your data out
I can understand that if you have a Samsung TV and a Samsung fridge, they can talk with each other. But will it work if you have a fridge from a different OEM? (I’m assuming the OEMs haven’t formed a cartel for illegal data smuggling)
dumb TVs
Only one company makes Dumb TVs anymore, Sceptre, and the quality is very hit or miss due to the way they acquire their screens.
Plenty of companies make display TVs that only display commercial content. You see them all the time displaying menus in fast food restaurants.
These can also have all smart tech turned off because some companies also use them as digital whiteboards to display proprietary or confidential information.
Those typically come at commercial pricing, which is insane.
I would hardly consider that pricing insane. Consumer TVs are massively subsidized by the smart tech built into them, in some cases by up to 60%. Plus, they are often fragile with cheaper components because they are expected to be mounted in “safe” places away from unusual conditions or extreme temperatures.
Considering the more robust construction (for commercial use) and lack of subsidization, I would consider those prices to be spot-on and rather reasonable.
Those commercial displays are nothing but heavily stripped down TVs with anything unnecessary to being a advertising display removed. and maybe a tiny, grossly overpriced and heavily cut down computer built into it to run the slideshows/menus/whatever.
also, TVs in a certain size range are generally cheap because manufacturing has gotten to the point that each mother can produce a ton of screens for it. and the reason that cheap range size has gone up over the years is because improvements in the printing technology and the size of the mother glass.
It’s also harder to find them in larger sizes any more, even for the few for which sell them at all, so if you want a larger one, you may not have much by way of options.
https://assetbasedlife.com/dumb-tvs-are-a-dying-breed/
This lists Insignia, which is a Best Buy store brand.
This has a couple, at least as of last year:
https://www.tomsguide.com/features/dumb-tvs-heres-why-you-cant-find-them-anymore
Your best bet of grabbing one is to head over to Best Buy and look out for the Insignia brand of TVs. There you can find a 43-inch dumb TV for around $169 or a 32-inch model for $69 . (Links to Best Buy.)
On Amazon, you can simply search for dumb TV and you should be able to find a few options from manufacturers like Westinghouse, RCA or Sceptre. (Links to Amazon.)
It’s also possible to buy a used TV, but obviously, as with getting used cars to avoid monitoring stuff in newer cars, the pool of those will only be around for so long, and you can’t take advantage of any technological advances subsequent to them.
These are criminal violations of the Computer Fraud and Abuse Act. Jail the motherfucking felon CEOs!
But the supreme court ruled to save the conviction for the election.
Worse than that, they have free speech to corporations, and now that includes doing nearly anything involving communication or spending money.
I’ll believe corporations are people the moment Texas executes ones.
You know what’s really fucked up? The concept of “corporate personhood” that Citizens United depends upon was invented wholesale by a goddamn clerk! The Santa Clara County v. Southern Pacific Railroad Co. decision itself didn’t actually address the issue; the clerk just wrote a headnote “assuming” that the Equal Protection Clause of the 14th Amendment applied to corporations for ~reasons~ and subsequent courts treated as if it were gospel.
On politics itself no less.
So LG and Samsung likely have tons of illegal (copyright) content on their servers then? Ownership is 9/10ths of the law so they say. That’s gotta be exabytes
Most likely yes… And other privacy sensitive information like banking details, passwords and more.
Would be nice if we could have some technological privacy laws written in this century.
We need all the boomers in Capitol Senior Care Home to vacate first
You have it backwards. You have to EVICT them.
They already tried Jan 6 ! The old geezers won’t go.
They already tried Jan 6 !
Nope. Those bootlickers were on the side of the corporate/billionaire enshitifiers, trying to make the enshitification MUCH worse.
Does it really matter who does the evicting ? After it’s done it’s anybody’s guess what will fill the power vacuum. All we know is they will wear black boots and carry guns.
Does it really matter who does the evicting ?
Yes.
After it’s done it’s anybody’s guess what will fill the power vacuum. All we know is they will wear black boots and carry guns.
And this is exactly why. In order to effect lasting, positive changes, it’s important to have builders, not to mention critical mass with the populace. “Ends-justify-the-means” thinking and ascribing friendship the the enemy of one’s enemy don’t lend themselves to establishing resilient and non-despotic results.
Until then just desolder the antennas good luck sending data with no way to connect to the internet.
Earlier this month I finally disconnected the wifi for my 7 year old Roku TV. I miss being able to turn it on w/ voice activation but I’ll trade that in for my privacy
So how do you all guys watch content on these “dumb TVs”?
If you connect e.g. android box, how is it any different than connecting the TV itself? Do you think producers of android boxes aren’t such pricks? This bugs my mind.
best way is a mini pc you can put an open source OS on
then you totally control it. they can be found cheap used and are usually upgradable
they are thrown out by schools and buisnesses all the time. it does not have to be very powerful by pc standards
it can also be your first home server if youre interested
But that is terrible to use. I can’t imagine my kids or wife to use this with TV…
no, not true you can put whatever you want on it. ours boots into a nice tv like ui and they open stremio with a remote and thats it
its up to you to make it nice and easy
the user experience is not radically different from a corporate experience except its faster and without ads or spying
I’ve said it before and I’ll say it again, corporations treat you like a product. Whether you buy something from them or not. People are becoming the product that they sell.
I usually don’t care very much until it starts to affect pricing for stuff based on some algorithms impression of how desperate you are. That algorithm started with travel (airlines, online booking fees for hotels and stuff) and has expanded.
If I need a new computer because mine isn’t working, I don’t really care that advertisers come at me with ads for their computer products. I need one, they want me to buy one, it’s marketing. No worries.
If I need a new computer and suddenly all the prices for new systems goes up by $100 because it thinks I’m desperate enough to pay that, now I have a problem.
I still don’t like them selling my data, and I’ll do what I can to avoid it, but marketing is going to do marketing things.
yep, never allow them to connect to the internet
I don’t think my TV has ever been connected to the internet. As a safe guard to ensure that it never is I banned its wired and wireless MAC address from my network. So even if someone did plug it in…nothing.
I’ve jokingly said this before, but just wait until manufacturers start adding 4G/5G to TVs explicitly for ads and telemetry…
Just like modern cars… I wish there was some kind legislation that would limit phone-home telemetry to emergency service telecommunication frequencies, and be opt-in only. That way any OEM operating under commercial cellular frequencies would thus be unlicensed, and subject to FCC violations and import bans. Like what OnStar was originally pitched as; only auto dialing to 911, and 911 only, if you were unresponsive after airbags deployed. OEM couldn’t use the telecommunication frequencies for anything other than networking with emergency service endpoints on the same VLAN.
Anything recorded by the vehicle would be required to stay on the vehicle due privacy regulations, like the black box recorder for warranted forensic investigations. OTA updates could also be distributed offline for users to download and flash via USB, like any motherboard bios, so transactions would be write only.
A lot of shit makes a new, random MAC address for every new connection to an access point now
There is usually two types of MAC randomization and they both apply to wireless. One is pre-auth and is part of the IEEE 802.11aq Pre-Association Service Discovery spec. It makes it harder to track a user just because they got in range of an AP.
The other is when they actually connect to an SSID. Win10 and mobile OS’s started supporting this but it maintains a relationship between a MAC/SSID pairing otherwise you would have all kinds of network/auth weirdness if it didn’t.
Regardless if I noticed a device on my network behaving poorly by randomizing its MAC on every connection then I’d swap my network over to a grant list of MAC addresses and it can happily knock itself offline as much as it wants. Utilize a guest networks for visitors to avoid the headache of list management when a friend stops by and wants WiFi.
I can say I’ve never seen that behavior across all my devices though.
No matter how much they ask
I’d rather pay for pretty much all products up-front with money at purchase time rather than pay with my data.
Not gonna tell other people what to do, but for myself, whether it’s my car or television or search engine or whatever, I’d rather just pay the bill rather than having the manufacturer or service provider go data-mining my data to figure out how they can make money from it.
I think that YouTube is a great service. YouTube Premium, though, is ad-free. What I want isn’t no-ad stuff, but no-log policies. And there aren’t a lot of manufacturers selling privacy. And it’s hard to compare services and products based on that.
I’ll go one more step. I don’t want to go read through privacy policies and figure out what the latest clever loophole is. We had to deal with that kind of legal stuff back prior to standardization around a few open-source licenses, and it sucked.
And I don’t want to deal with privacy policies that change and maybe don’t do what I want.
What I want to do is look for a privacy certification, and let the certification agency deal with that.
Not if you never connect your smart TV to the internet to complete the setup and instead use it as a dumb display (I hope)
So what do we do when smart TVs force us to connect to the Internet, and refuse to work until we do?
This is exhausting. We’re speeding towards a horrible, privacy-less future.
We own a few TVs but nobody actually watches them. If we’re all out in the living room there’s four phones out with four people watching four different things.
Dystopian
Is it? I mean, 100 years ago you might all be reading different things, with either a record on or possibly the radio. Why is it terrible that now you’re all… reading different things together in one room?
Interwebs are too addicting. It’s like we are all in one room and are snorting coke by ourselves.
It’s one thing to read a newspaper or a book, different one to scroll social media stuck in an infinite loop of dopamine. Our lives may be longer than ever but in practice they are shorter than ever
That’s a easy solution, here are the steps:
Step 1: Do not purchase a smart TV
Step 2: Yay, you did it! You did all the steps. 🥳
Have you bought a TV in the last 5 years?
CRT is the way baby!
i would LOVE a crt but my dad really loves smart tvs :| any model recs? i have some free space in my room
No. Did you read step one?
That’s getting harder to find by the day
LG by now will have several weeks of footage of me scrolling through streaming services and failing to find anything to watch.
Diagnosis: ADHD. Display ads for stimulants.
Do they do that in EU too?
Use a pihole people, don’t go barebacking the internet
/song note emoji/I always feel like/end song note emoji/
So they are allowed to pirate content actually? Even if it’s not Netflix or YouTube they take screenshots of potentially copyrighted content
