this post was submitted on 26 Sep 2024
185 points (98.9% liked)

Privacy

31800 readers
348 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

The researchers have discovered that automatic content recognition (ACR) tracking is active most of the time, even when TVs are used as “dumb” HDMI devices. In other words, the TV manufacturers are monitoring your private moments as well. There’s apparently no monitoring of streaming content in the UK, but there is in the US.

The only good news is that these TVs can seemingly be configured to disable ACR, provided the owners know this activity is taking place and are able to find the right settings. (I recently looked at the configuration of our TVs again, and understanding the various settings was far from easy.)

all 43 comments
sorted by: hot top controversial new old
[–] [email protected] 59 points 1 month ago (1 children)

Another thing, just like the LG TV screensaver ads from the other thread, that would be a felony if a natural person did it.

Why are we tolerating this criminal behavior by corporations?

[–] [email protected] 13 points 1 month ago* (last edited 1 month ago)

Why are we tolerating this criminal behavior by corporations?

Because it's done in the open and it's accepted as part of the cost of the device. This is an expected consequence of our adtech surveillance economy where devices are now subsidized because they can harvest data about you, your usage and your behavior to sell on an ongoing basis. We've been screaming about these sorts of practices since the late 90s and consumers have just blithered right along with every new and creepy intrusion because they get cheap things and don't think about the real costs or consequences. And so ... Here we are.

[–] [email protected] 30 points 1 month ago (1 children)

Do not connect this device to the internet, no matter how much it begs.

[–] [email protected] 6 points 1 month ago (1 children)

Unfortunately, that's no guarantee. I believe some devices have been found to scan for any open WiFi and join silently so they can phone home.

[–] [email protected] 2 points 1 month ago

Yep. In fact, Amazon devices can connect to other Amazon devices over their Sidewalk meshnet and get the wifi password that way. I'm never getting anything from Amazon more complicated than a screwdriver.

[–] [email protected] 22 points 1 month ago (2 children)

What if I just never connected it to the internet?

[–] [email protected] 49 points 1 month ago (4 children)

If it is a Samsung tv, they have been automatically connecting to any open wifi, maybe your neighbor has one. And there goes the data.

Avoid Samsung.

[–] [email protected] 12 points 1 month ago (1 children)

Ha, the nearest house to mine is a quarter mile away, good luck Samsung.

[–] [email protected] 6 points 1 month ago (1 children)

Where is the info about this?

[–] [email protected] 7 points 1 month ago (1 children)

A random hacker news comment. I'm in EU, where this kind of tracking is not legal, so I cannot validate...

[–] [email protected] 2 points 1 month ago

I can't find anything about it. Claim seems sus tbh

[–] [email protected] 4 points 1 month ago (1 children)

Does it apply to Samsung PC monitors as well? Any way to check?

[–] [email protected] 3 points 1 month ago (2 children)

You have wifi / ethernet in your PC monitor?

[–] [email protected] 13 points 1 month ago (1 children)

Samsung in particular has “smart” monitors, so for some of them the answer is unironically yes

[–] [email protected] 1 points 1 month ago

Dear god, I do vaguely remember their launch (not my portfolio while working in PC component procurement) but had completely pushed that from my head.

Looks like LG have the same thing going on too, what a waste of silicon.

[–] [email protected] 2 points 3 weeks ago

After investigation, it turned out that it only has ethernet adapter (that's not in use), but no Wi-Fi or Bluetooth. Also, as a sidenote, if Max Power Saving is on, ethernet adapter is disabled.

We're talking about this monitor, bought 2 years ago: Samsung S34A650UXU - S65UA Series - LED monitor - curved - 34", LS34A650UXUXEN

[–] [email protected] 1 points 1 month ago (1 children)
[–] [email protected] 2 points 1 month ago

Sort of alarming how many upvotes this has without anybody providing any reference at all. We have enough privacy problems to worry about without people posting unsubstantiated claims :/

[–] [email protected] 4 points 1 month ago

You'll have to desolder the WiFi card inside. Check teardowns of TVs from now when deciding to buy a new one

[–] [email protected] 21 points 1 month ago (2 children)

If you're concerned about this, you may want to consider buying a commercial display, which is basically just a giant monitor. They're meant for businesses and hospitals, so they're going to be expensive. Many brands such as LG and Samsung sell commercial displays.

Anothet alternative is to buy a projector. Projectors offer a much more "cinematic" experience, and they can be cheaper in comparison to commercial displays. Although there are a few projectors that have smart (anti-)features, most of them lack these. For a projector, I recommend the BenQ HT2060. It's confirmed to have no smart features, and supports HDR.

[–] [email protected] 9 points 1 month ago (1 children)

Another alternative is don’t connect your TV to the internet.

[–] [email protected] 6 points 1 month ago

I've always wondered if smart TVs have some other way to phone home with your info in lieu of a WiFi connection like SIM cards or LoRa solutions.

[–] [email protected] 7 points 1 month ago (1 children)
[–] [email protected] 3 points 1 month ago
[–] [email protected] 20 points 1 month ago

Automatic Content Recognition (ACR) [42] is widely used for second-party tracking in smart TVs. As shown in Figure 1, ACR periodically captures frames (and/or audio), builds a fingerprint of the content, and then shares it with an ACR server for matching it against a database of known content (e.g., movies, ads, live feed). When the fingerprint matches, ACR server can determine exactly what piece of content is being watched on the smart TV.

https://arxiv.org/abs/2409.06203

[–] [email protected] 19 points 1 month ago (2 children)

I seem to remember a book where TVs watching people was a core element of the setting. Ah well

[–] [email protected] 3 points 1 month ago

A doubleplusgood book.

[–] [email protected] 1 points 1 month ago

Ah (Or)well

[–] [email protected] 17 points 1 month ago

My TV is connected to my WiFi but I blocked its internet access via router and it only has the jellyfin app which of course runs through a local server on the same network☺

[–] [email protected] 13 points 1 month ago

In capitalist America, TV watches you!

[–] [email protected] 12 points 1 month ago (3 children)

Is it possible to open the TV up and just break the wifi module?

[–] [email protected] 8 points 1 month ago (1 children)

I'm just waiting for them to add a sideband channel to some LoRa network so they can exfiltrate data even when their devices are "offline"

[–] [email protected] 3 points 1 month ago

Amazon Sidewalk?

[–] [email protected] 2 points 1 month ago (1 children)

It's a bit difficult, you'll need be good with your solder.

[–] [email protected] 1 points 1 month ago

I dunno. I was able to open my wife's Sony Xperia to DIY battery swap, and then break (and fail to resolder) the antenna in the process. Can't be that hard on a smart TV.

[–] [email protected] 1 points 1 month ago (1 children)

Just give it the wrong wifi password.

[–] [email protected] 1 points 1 month ago

I have been thinking more on this. Seems like a spare router with no Internet should suffice. Gives it a connection with no Internet so it can't go anywhere and since it has a connection it shouldn't be hunting for open networks

[–] [email protected] 9 points 1 month ago

Thanks for sharing, turned it off on my tv and shared it

[–] [email protected] 4 points 1 month ago
[–] [email protected] 3 points 1 month ago (2 children)

Would it work to block outgoing traffic at the router?

[–] [email protected] 1 points 1 month ago

If you block ALL traffic from it? Sure. It's possible but more involved and requires the right hardware to block their tracking domains while leaving streaming apps working.

It's best not to use smart TVs as well smart TVs. The apps they have are almost always slower or inferior in some way to the versions you get on streaming devices, updated less often, etc. I recommend pairing a TV with a quality streaming device like an Nvidia shield (or shield pro) or an AppleTV*. Alternatively if you want something a little cheaper in Androidtv space there is the Walmart brand Onn 4k pro.

*warning with Apple is while they're pretty good on privacy (meh, there are no excellent choices that support streaming apps in 1080p quality) and don't have ads their app-store is a bit more locked down. They have all the major streaming services but if you do high seas type stuff it will be more involved and difficult. Though if you have a local media collection (source your own discs or high seas) and run Plex or Jellyfin they have apps for both of those that work great as well as Infuse which usually requires a subscription unless you don't need 4k or any proprietary audio codecs like dolby for any of your media. I personally can say I enjoy my AppleTV 4K and I think it's a great device but I run my own media-server and have some common streaming services I pay for.

[–] [email protected] 1 points 1 month ago

No. You need to request your Netflix video, you need to ACK the segments of it you receive and a lot more.
At the very least you'll need to maintain a detailed whitelist of allowed domains and especially for the manufacturer some packets might he OK, like checking for updates, while others you'll wanna block.

It's likely a lot easier to just get a dumb screen and have the smart in a device you control.