There was another thread with a paywalled article, but here’s the actual study that found that smart TVs use “automatic content recognition” to build an ad profile for you based on what’s on your screen… including HDMI content streamed from a laptop, game console, etc. Yikes.

At a high level, ACR works by periodically capturing the content displayed on a TV’s screen and matching it against a content library to detect the content being viewed on the TV. It is essentially a Shazam-like technology for audio/video content on the smart TV [38]. ACR is implemented by all major smart TV manufacturers, including Samsung [9] and LG [55 ].

Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI; (2) opt-out mecha- nisms stop ACR traffic; (3) ACR works differently in the UK as com- pared to the US.

So it seems like you’re opted-in by default, but you can stop ACR traffic by simply configuring six different options on Samsung, or eleven different options on LG.

Oh, and this doesn’t seem to happen when you’re using native streaming apps like Netflix or Disney+, because hey, they wouldn’t want to infringe on those companies’ rights by spying on them, right?

    • kent_eh@lemmy.ca
      link
      fedilink
      English
      arrow-up
      17
      ·
      edit-2
      2 months ago

      Those shouldn’t exist at all, and if they have to, the settings should be expressly asked about as part of the initial setup, not buried in a menu that nobody goes to unless they’re specifically looking for the options.

      • RustyShackleford@literature.cafe
        link
        fedilink
        English
        arrow-up
        12
        ·
        2 months ago

        It’s what most of us do, sure. This is more on the off-chance there’s a software update is required for fixing a design problem with a product. (Had to with an older smart television) So theres a lot of people who already have theirs connected but don’t realize it’s even an easy option, router-side.

      • Auli@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        I just block at firewall since I need lan access to control the tv with automation.

        • P1nkman@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Control the tv with automations? Now in curious; what automations would you set up on a tv?

        • P1nkman@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          2 months ago

          Get a Google TV. Sure, they father days, but at least you don’t connect the TV online, which also sends screenshots of what you’re watching to the producer…

  • Swordgeek@lemmy.ca
    link
    fedilink
    arrow-up
    20
    ·
    2 months ago

    Time for a lawsuit.

    Since the presence of a TV in your house is a commercial benefit for the companies who make them, AND you do not actually have control over them, it is clear that the ‘sales contract’ was fraudulent and part of a bad-faith act on the manufacturers’ part.

    So I say a class-action lawsuit is in order: Each person who bought (say) an LG TV gets back 100% of their purchase price, plus some reimbursement for being spied on - probably a per-month amount. Then LG has to pay a punitive fee on top of their payouts to customers.

    I know that everyone is screaming “that will never work!” and “They’ll go bankrupt!” I don’t care - SOMETHING has to change to remind these evil fuckers that they need our business, or the abuse will just ramp up.

    Bankrupt them all. Tear down the entire industry. Tear down the entire economy and start again from scratch if that’s what it takes.

    If they can’t be reined in legally, then it will happen illegally - and probably violently.

  • SirDankbud@lemmy.ca
    link
    fedilink
    arrow-up
    9
    ·
    2 months ago

    Shit like this is why my smart tv has never been given internet access.

    The software on my Samsung is so fucked that if I physically switch HDMI connections between inputs, it puts up a screen saying “switching source” despite my new source already being visible on the screen for 3-5 seconds before the tv claims to switch it. One of these days it will piss me off enough to softmod it, but right now I’m too stubborn to spend a day reading how and taking the time to do it.

  • TommySoda@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    2 months ago

    That’s why my TV doesn’t have internet access. I just bought a cheap laptop and plugged it in. It’s probably cheaper and runs software better than the cheap ass hardware they put into TVs.

  • fubarx@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    2 months ago

    Lot of people saying they don’t give internet access to their TVs.

    Fine, but that doesn’t work for cord-cutters who opted out of cable to go with streaming. And if you keep your TV away from internet but have a cable box, it will be doing all the tracking in this paper (and worse) then sending it to the cable provider.

    So short of sticking with DVD/Bluray (unconnected) or over-the-air broadcast TV, there’s no way to stop from getting tracked.

    The paper also lists domains where the data is being sent. You could always try blocking the destination addresses at the router level.

    • ᕙ(⇀‸↼‶)ᕗ@lemm.ee
      link
      fedilink
      arrow-up
      7
      ·
      2 months ago

      how about cutting the cord, making the tv dumb and just your own foss software? like some hdmi stick or tv box with kodi etc…

      better than just blocking some domains for an overall scammy device.

    • thanks_shakey_snake@lemmy.caOP
      link
      fedilink
      arrow-up
      3
      ·
      2 months ago

      AFAICT, keeping the TV offline (i.e. not connected to any wifi) and plugging in a laptop/Chromecast/etc. via HDMI would eliminate both sides of the problem. You can still use streaming services on the laptop, but the TV would be unable to phone home.

      There’s always the yar har option as well, which is also effectively implemented with a laptop.

    • yeehaw@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      And the domains would require maintenance. When new ones are added or changed or whatever.

      This should be illegal, though. One can dream.

  • shaserlark
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    I find this difficult to read. What would have been useful is a per country/state and manufacturer overview that shows where I have to worry about what with whom. Nevertheless this is very alarming and a good reminder to never connect your TV to the internet.

    • thanks_shakey_snake@lemmy.caOP
      link
      fedilink
      arrow-up
      2
      ·
      2 months ago

      Yeah, someone should definitely do that. I think this is written from the perspective of a security researcher communicating with others in the security world about a discovery they made, so it’s a) dense to read, and b) not thorough as a consumer guide.

      Hopefully someone follows up with a resource like you describe.

      • shaserlark
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        Yeah fair enough we’re not really the target audience and the main message came through anyway.