By Jeremy Hsu on September 24, 2024
Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.
Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.
“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.
Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.
They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.
The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.
By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.
Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.
“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.
THIS is piracy. Along with all the other personal data selling.
Mine isn’t connected to the internet. Too bad so sad greedy fucks
Don’t let your TV connect to the internet. I have mine on my wifi so I can control them using Home Assistant, but they’re on an isolated VLAN with no internet access.
Edit: Of course, this only works if you use an external box for streaming, like an Nvidia Shield, Apple TV, Google Chromecast TV or whatever they call it now, etc.
Buy a computer monitor, a projector or a commercial display instead, they tend to be dumb.
Alternatively, don’t connect your TV to the internet (bear in mind some are wireless). Unplug it from the wall when not in use.
As if Microsoft’s Recall wasn’t enough…
yep, never allow them to connect to the internet
I don’t think my TV has ever been connected to the internet. As a safe guard to ensure that it never is I banned its wired and wireless MAC address from my network. So even if someone did plug it in…nothing.
A lot of shit makes a new, random MAC address for every new connection to an access point now
There is usually two types of MAC randomization and they both apply to wireless. One is pre-auth and is part of the IEEE 802.11aq Pre-Association Service Discovery spec. It makes it harder to track a user just because they got in range of an AP.
The other is when they actually connect to an SSID. Win10 and mobile OS’s started supporting this but it maintains a relationship between a MAC/SSID pairing otherwise you would have all kinds of network/auth weirdness if it didn’t.
Regardless if I noticed a device on my network behaving poorly by randomizing its MAC on every connection then I’d swap my network over to a grant list of MAC addresses and it can happily knock itself offline as much as it wants. Utilize a guest networks for visitors to avoid the headache of list management when a friend stops by and wants WiFi.
I can say I’ve never seen that behavior across all my devices though.
I’ve jokingly said this before, but just wait until manufacturers start adding 4G/5G to TVs explicitly for ads and telemetry…
Just like modern cars… I wish there was some kind legislation that would limit phone-home telemetry to emergency service telecommunication frequencies, and be opt-in only. That way any OEM operating under commercial cellular frequencies would thus be unlicensed, and subject to FCC violations and import bans. Like what OnStar was originally pitched as; only auto dialing to 911, and 911 only, if you were unresponsive after airbags deployed. OEM couldn’t use the telecommunication frequencies for anything other than networking with emergency service endpoints on the same VLAN.
Anything recorded by the vehicle would be required to stay on the vehicle due privacy regulations, like the black box recorder for warranted forensic investigations. OTA updates could also be distributed offline for users to download and flash via USB, like any motherboard bios, so transactions would be write only.
deleted by creator
No matter how much they ask
That means they’re violating HDCP (High definition copy protection)? Do streaming services such as Netflix and Disney, as well as movie studios such as Universal, know this?
Did you go beyond the headline?
They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.
So an HDMI connected device that is streaming Netflix is getting screenshot?
I mean, even if it wasn’t a streaming service, but let’s say, video game content, or a blu ray, that is still a violation, and of course, if I’m playing content I made, then it’s violating my copyright.
Does it means that it broadcast my chrome browser if connected through HDMI? If I check for a password in the password manager in chrome, it fucking sends my password to Samsung?
Yes and no. Supposedly the resolution is not in 4K or even 1080p, but something much lower that is still enough to identify content, like shows, movies and ads, but not enough to make out minute detail.
Because your laptop cannot have Netflix, or a DRM enabled browser?
It may be them either not trespassing their territory (as a part of a deal or as a precaution) or TV apps sharing\telegraphing that info without the need of screen cap analysis as they work on TV itself and may as well be special modified apks. At least, they differed
Laptop sends only it’s video and audio outputs, apps’ code executes at it’s hardware, so TV needs a workaround to know what you are watching. And as it’s incapable of such analysis itself, it channels that data to it’s real owner.
No, the point here is that if you use the “smart” features, which includes running apps from their appstore, like Netflix or Disney+, it will not send the data. But if you connect your laptop via HDMI and then play Netflix in your browser, it will, because it’s not smart enough to recognize and differentiafe video and audio data coming in through that port. I don’t think it matters if it’s a DRM enabled browser or not. It should be acting as a second monitor only in those cases, nothing more.
so? we aren’t allowed to take netflix screenshots at all
Says who?
You are allowed to take screenshots of Netflix, even under the DMCA on DRM protected material. You are not allowed to use it commercially though. Personal use only.
No… they only record on HDMI.
Exactly. HDMI contains HDCP when HDMI is streaming something copyrighted, such as Netflix app/in-browser. While they allegedly don’t record Netflix app on TV, they’ll be recording Netflix if it’s been streamed from computer via HDMI.
“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,”
But if you never connected the TV to the internet, it’s not able to upload anything right?
Correct
Thing is, it’s getting pretty cheap to build radios into devices, and companies are doing that and bridging them to whatever Internet connectivity they can reach, not just your own. You don’t necessarily have to personally plug something into an Ethernet socket to make a device Internet-connected.
From back when Amazon Sidewalk was rolling out:
https://www.statuscake.com/blog/what-is-amazon-mesh/
This time, however, the big news is Amazon mesh, a network to connect users and their devices. The tech giants have called this project Amazon Sidewalk+ with the idea first being made public back in 2019 where they announced they wanted to extend and expand the connectivity of their customers.
Why did Amazon do this?
According to Amazon, the main reason was to provide a better service for their customers whilst using their devices. Although there has been some backlash by those in the safety and security space, the idea seems to be very safe and simple.
How will Amazon mesh work?
The Sidewalk project will create a network mesh between all the connected devices so it can increase the connection field around the devices. It will be able to do this by using Low-energy Bluetooth and 900MHz radio signals to pass data with the connected compatible devices. By doing this, the network can extend the reach of the signal and thus it will be able to cover a larger area to allow devices to connect.
Here is an example of how this will work: imagine if you have a compatible device at the end of your garden such as a light which you normally can’t control with your phone. With the extended network, that light could connect to a neighbour’s device and by doing this it will be connected to the network, and you will have the ability to then use your phone to control the light.
There has been some concern regarding how much data the network will use for those who agree to be part of it and Amazon have estimated that the data usage could be around 400-500mbps a month. For most people, this is such a small amount that it won’t even be noticeable.
How can the mesh network be used?
Another use for this mesh is for users around the network to connect and possibly use the mesh to perform other tasks such as a Ring doorbell (Amazon-owned) to be installed in the part of the house where the usual Wi-Fi signal doesn’t reach. This provides customers with a great alternative to the far more expensive Wi-Fi extender mesh products on the market.
As is normal in situations like this, many users are concerned about the security of this project. According to what Amazon has released regarding how it will work so far, there will not be any security concerns as the connections will not identify which device was connected meaning that if your Ring doorbell extends the network to a nearby device, the system will not mention that this device was connected to that particular Ring doorbell. However, people need to be aware that Amazon itself can collect this data and the way the users interact with the network.
The feature works by creating a low-bandwidth network using smart home devices such as Amazon Echoes and Ring security cameras. At its simplest, it means that a new Echo can set itself up using a neighbour’s wifi, or a security camera can continue to send motion alerts even if its connection to the internet is disrupted, by piggybacking on the connection of another camera across the street.
But the company’s plans have caused alarm among observers. Ashkan Soltani, a former chief technology officer of the US Federal Trade Commission, told the tech site Ars Technica: “In addition to capturing everyone’s shopping habits (from amazon.com) and their internet activity (as AWS is one of the most dominant web hosting services) … now they are also effectively becoming a global ISP with a flick of a switch, all without even having to lay a single foot of fiber”. The feature may also break the terms and conditions of users’ internet connections, which do not allow such resharing, warned Lydia Leong, an analyst at Gartner.
Users can disable Sidewalk in the settings section of the Alexa or Ring apps, but have until 8 June to do so. After that, if they have taken no action, the network will be turned on and their devices will become “Sidewalk Bridges”.
Amazon is not the first company to look to create such a network. Apple has taken a similar approach with the company’s range of AirTag item trackers, which can connect to the internet through any compatible iPhone they come into contact with, not simply their owner’s. And BT, through a long-term partnership with Fon, ran a service from 2007 until 2020 that allowed broadband customers to share spare bandwidth in a public wifi network.
When you have companies creating their own radio networks, they can use someone else’s Internet connection to move data.
For expensive devices, like cars, it also makes economic sense to have a dedicated cell modem and service phoning data home. But it’s not the only route.
Point is, you don’t have a monopoly over granting your devices Internet access any more.
Cellular modems with lifetime contracts from a telco are also increasingly common.
SDRs like the Hackrf Portapack are, as well.
Well. That’s it. Get the flamethrowers. Time to burn down the Amazon.
No. Not the one that’s already burning. The other one.
Yeah I remember when they rolled that out… it does not give me hope for the future of privacy.
Canada needs to really ramp up our privacy laws, I’m not crazy about GDPR specifically, but there needs to be something more substantial here.
I’m not really gung-ho about mandatory approaches either, like with licensing, but for an optional approach:
-
I have to be able to assess a device and its drawbacks with a reasonable amount of knowledge and time spent researching it.
-
There has to be at least one option on the market that does what I want.
For cars, at least, we’re really getting to the point where it’s not practical to get a new car without a cell data link that phones home.
And trying to stay atop of the privacy issues for all classes of device out there can’t be a full-time job, or it’s not reasonable to expect people to make informed purchasing decisions. Like, I should just be able to say that I don’t want a device that broadcasts any persistent unique IDs in plaintext over a radio, not have to research whether the current crop of smart automobile tire pressure valves has a protocol that exposes that information or not…
I’d like to avoid Europe’s prescription-heavy regulatory route, but the way things are now in the US isn’t my ideal either.
My hot air station has a reeeealllly long cable.
So long. It’s the best. Unlike my…
-
Hahah my friends made fun of me for buying some cheap as fuck “smart” TV instead of an expensive LG one like them, my TV can barely run a web browser, no chance in hell that things spying on me.
LOL “if it was opt-in, no one would do it!”
no fucking shit. there is nothing worth watching that i would buy a smart tv for
One issue that has come up recently in discussions on here is that it’s hard to get dumb TVs or computer monitors in large format in 2024.
Not impossible, but surprisingly difficult. I went looking for a large computer monitor for some user who wanted a large one. I eventually found an older one on Amazon still for sale, but it’s not that easy to get large computer monitors, which I think is part of what drives people to use smart TVs as computer monitors.
You can get projectors, but that’s not what everyone’s after.
A smart tv without an internet connection is usually close enough to a dumb TV. It’s not like your TV needs regular security updates so leaving it off your home network is fine.
I do not know how true it is, but I’ve heard that some of them will create a mesh network if your neighbor has the same brand and it’s connected to the internet.
I’ve always meant to look into it but I have big dumb TVs that work for now.
Open the tv and rip out the antenna. Y’all already forgot the classic secret agent trope of checking the hotel room for bugs? Now we all get to play that game!
Nowadays the antenna is often embedded into the pcb, so no way to rip it out other than scraping off the traces
Google part numbers (if they aren’t scratched off/lasered off/ epoxied). Once you’ve found the ethernet controller, you can short out the pins, or yeet it off the board.
“mechanical malfunction, please contact support” as a big red warning that you cannot dismiss
Would love to know how true this is as I wouldn’t put it past manufacturers
There’s another reply further down that goes into specifics. I ain’t the one because I didn’t come with receipts and I’m just a drunk.
It’s called wardriving, a practise Samsung TVs are infamous for.
I never put that together with wardriving but that’s exactly what it is. Thank you for that.
Unrelated story: ~20 years ago I was in the military and broke as hell. I went wardriving in my neighborhood looking for open wifi and found a business not too far away that had it. So I built an antenna out of a coffee can, mounted it up just outside my window, and got free wifi for months.
To me, Wardriving is back in the day when you used to drive around town with a laptop and a program that catalogues all the open wifi networks in range.
I will not give them the satisfaction.
Smart TVs are only smart when they are connected to the internet.
As mentioned by others, they sometimes network with nearby devices such as your neigbor’s TV or an unsecured wifi.
if it was opt-in, no one would do it!
Which should be telling them that not only does no one want it, but maybe just maybe we already paid for your fucking TV. Either raise the price or stop being so fucking goddamn greedy to the point that you force us to make the government force you to stop.
Of course the bought and paid for US government won’t, but hopefully EU governments will.
If they raise the price, then they only get money once. If they sell your data, now they have an income stream.
These are criminal violations of the Computer Fraud and Abuse Act. Jail the motherfucking felon CEOs!
But the supreme court ruled to save the conviction for the election.
Worse than that, they
havegave free speech to corporations, and now that includes doing nearly anything involving communication or spending money.You know what’s really fucked up? The concept of “corporate personhood” that Citizens United depends upon was invented wholesale by a goddamn clerk! The Santa Clara County v. Southern Pacific Railroad Co. decision itself didn’t actually address the issue; the clerk just wrote a headnote “assuming” that the Equal Protection Clause of the 14th Amendment applied to corporations for ~reasons~ and subsequent courts treated as if it were gospel.
I’ll believe corporations are people the moment Texas executes ones.
On politics itself no less.
So LG and Samsung likely have tons of illegal (copyright) content on their servers then? Ownership is 9/10ths of the law so they say. That’s gotta be exabytes
Most likely yes… And other privacy sensitive information like banking details, passwords and more.
Well, then you should sue them.
awful ethics aside what a disgusting waste of processing power. software already barely runs
now you know why
Screenshotting every 500ms is insane.
Even a 0.30$ ch32v003 could handle this tiny amount of data. It’s not a resource limit
I was curious enough to check and with 2KB SRAM that thing doesn’t have anywhere enough memory to process a 320x200 RGB image much less 1080p or 4K.
Further you definitelly don’t want to send 2 images per-second down to a server in uncompressed format (even 1080p RGB with an encoding that loses a bit of color fidelity to just use two bytes per pixel, adds up to 4MB uncompressed per image), so its either using something with hardware compression or its using processing cycles for that.
My expectation is that it’s not the snapshoting itself that would eat CPU cycles, it’s the compression.
That said, I think you make a good point, just with the wrong example - I would’ve gone with: a thing capable of handling video decoding at 50 fps - i.e. one frame per 20ms - (even if it’s actually using hardware video decoding) can probably handle compressing and sending over the network two frames per second, though performance might suffer if they’re using a chip without hardware compression support and are using complex compression methods like JPEG instead of something simpler like LZW or similar.
I don’t think they will compress the screenshot and send them but run content in a tensorflow lite model or even just hash a few of the pixels to try for an ID match
Well that makes sense but might even be more processor intensive unless they’re using an SOC that includes an NFU or similar.
I doubt it’s a straight forward hash because a hash database for video which includes all manner of small clips and has to somehow be able to match something missing over 90% of frames (if indeed the thing is sampling it at 2 fps, then it only sees 2 frames out of every 25) would be huge.
A rough calculation for a system of hashes for groups of 13 frames in a row (so that at least one would be hit if sampling at 2 fps on a 25 fps system) storing just one block of 13 frame hashes per minute in a 5 byte value (so large enough to have 5 trillion distinctive values) would in 1GB store enough hashes for 136k 2h movies in hashes alone so it would be maybe feasible if the system had 2GB+ of main memory, though even then I’m not so sure the CPU speed would be enough to search it every 500ms (though if the hashes are ordered by value in a long array and there’s a matching array of clip IDs, it might be doable since there are some pretty good algorithms for that).
I would sample a few dozens equally space pixels out of the frame, then drop similar value frames, and send that with timestamp. In the cloud, you runs those few pixels in a content recognition model.
It doesn’t have to be especially accurate or know any niche content, the point is to make a psychomarketing profile of the customer like “car guy, watches tool reviews”.
Why think of it as a compression problem? Isn’t the spy device already getting compressed video form some source? That makes it a filtering problem. You would set it to grab and ship key frames (or equivalent term) if you wanted a human to be able to see the intel. But for content matching, maybe count some interval of key frames and then grab the smallest difference frame between the next two key frames. Gives a nice, premade small data chunk. A few of those in sequence starts looking like a hash function (on a dark foggy night).
Would want some way to sync up the frames that the spy device grabs and the ones grabbed when building the db to match against. Maybe resetting the key frame interval counter when some set of simple frames come through would be enough. Like anything with a uniform color across the whole image or something similar.
Just spitballing here. I like your impulse to math this.
We’re talking about fingerprinting stuff coming in via HDMI, not stuff being played by the “smart” part of the TV itself from some source.
You would probably not need to actually sample images if it’s the TV’s processor that’s playing something from a source, because there are probably smarter approaches for most sources (for example, for a TV channel you probably just need to know the setting of the tuner, location and the local time and then get the data from available Program Guide info (called EPG, if I remember it correctly).
The problem is that anything might be coming over HDMI and it’s not compressed, so if they want to figure out what that is, it’s a much bigger problem.
Your approach does sound like it would work if the Smart TV was playing some compressed video file, though.
Mind you, I too am just “thinking out loud” rather that actually knowing what they do (or what I’m talking about ;))
I assumed HDMI had some form of encoding, thanks for the correction. Looks like v 2.1 does.
I think the syncing idea between the spy device and db is still useful. The video itself has stuff to use for reducing the search space by making sure they puck the same instants to fingerprint and exfiltrate.
TVs I’ve come across are such displeasure to use, it’s incredible
Would be nice if we could have some technological privacy laws written in this century.
We need all the boomers in Capitol Senior Care Home to vacate first
You have it backwards. You have to EVICT them.
They already tried Jan 6 ! The old geezers won’t go.
They already tried Jan 6 !
Nope. Those bootlickers were on the side of the corporate/billionaire enshitifiers, trying to make the enshitification MUCH worse.
Does it really matter who does the evicting ? After it’s done it’s anybody’s guess what will fill the power vacuum. All we know is they will wear black boots and carry guns.
Does it really matter who does the evicting ?
Yes.
After it’s done it’s anybody’s guess what will fill the power vacuum. All we know is they will wear black boots and carry guns.
And this is exactly why. In order to effect lasting, positive changes, it’s important to have builders, not to mention critical mass with the populace. “Ends-justify-the-means” thinking and ascribing friendship the the enemy of one’s enemy don’t lend themselves to establishing resilient and non-despotic results.
Until then just desolder the antennas good luck sending data with no way to connect to the internet.
For example, it might record if people are browsing for baby products or other personal items.
Don’t mind baby products and dildos or whatever.
They could see bank activity and even login credentials when someone is temporarily displaying their own passwords.
This basically ignores all security measures regarding everything. Sensitive communication, company secrets and so on.
That’s fucking seriously huge. What the fuck?!
I’m so tired
Moi aussi. I am le tired.
Well, have a nap
THEN FIRE ZE SAMSUNG & LG CEOS!
Bout that time eh chaps?
… right-o.
Zen have a nap
Ich auch
Actual paper here.
https://arxiv.org/html/2409.06203v1
It is not sending full screenshots as anybody technical would already have guessed. It’s a few KB over an hour, so it’s content recognition hashes.
Opt out anyway. Their study shows the opt out option does indeed opt you out of it.
