There was another thread with a paywalled article, but here’s the actual study that found that smart TVs use “automatic content recognition” to build an ad profile for you based on what’s on your screen… including HDMI content streamed from a laptop, game console, etc. Yikes.
At a high level, ACR works by periodically capturing the content displayed on a TV’s screen and matching it against a content library to detect the content being viewed on the TV. It is essentially a Shazam-like technology for audio/video content on the smart TV [38]. ACR is implemented by all major smart TV manufacturers, including Samsung [9] and LG [55 ].
Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI; (2) opt-out mecha- nisms stop ACR traffic; (3) ACR works differently in the UK as com- pared to the US.
So it seems like you’re opted-in by default, but you can stop ACR traffic by simply configuring six different options on Samsung, or eleven different options on LG.
Oh, and this doesn’t seem to happen when you’re using native streaming apps like Netflix or Disney+, because hey, they wouldn’t want to infringe on those companies’ rights by spying on them, right?
Table 1 describes the settings that you need to configure on LG and Samsung TVs to stop ACR behavior.
Those shouldn’t exist at all, and if they have to, the settings should be expressly asked about as part of the initial setup, not buried in a menu that nobody goes to unless they’re specifically looking for the options.
Or scattered across many menus in this case
This why I go out of my way to manually block all traffic from my televisions to my router.
I just don’t connect it to the network.
It’s what most of us do, sure. This is more on the off-chance there’s a software update is required for fixing a design problem with a product. (Had to with an older smart television) So theres a lot of people who already have theirs connected but don’t realize it’s even an easy option, router-side.
not sure about others, but my samsung can update from an usb drive.
I just block at firewall since I need lan access to control the tv with automation.
Control the tv with automations? Now in curious; what automations would you set up on a tv?
But I use netflix
Get a Google TV. Sure, they father days, but at least you don’t connect the TV online, which also sends screenshots of what you’re watching to the producer…
I have a Google TV.
Time for a lawsuit.
Since the presence of a TV in your house is a commercial benefit for the companies who make them, AND you do not actually have control over them, it is clear that the ‘sales contract’ was fraudulent and part of a bad-faith act on the manufacturers’ part.
So I say a class-action lawsuit is in order: Each person who bought (say) an LG TV gets back 100% of their purchase price, plus some reimbursement for being spied on - probably a per-month amount. Then LG has to pay a punitive fee on top of their payouts to customers.
I know that everyone is screaming “that will never work!” and “They’ll go bankrupt!” I don’t care - SOMETHING has to change to remind these evil fuckers that they need our business, or the abuse will just ramp up.
Bankrupt them all. Tear down the entire industry. Tear down the entire economy and start again from scratch if that’s what it takes.
If they can’t be reined in legally, then it will happen illegally - and probably violently.
Yeah I feel that way sometimes too. They won’t even go bankrupt, they’ll just have to settle for less line go up.
Shit like this is why my smart tv has never been given internet access.
The software on my Samsung is so fucked that if I physically switch HDMI connections between inputs, it puts up a screen saying “switching source” despite my new source already being visible on the screen for 3-5 seconds before the tv claims to switch it. One of these days it will piss me off enough to softmod it, but right now I’m too stubborn to spend a day reading how and taking the time to do it.
That’s why my TV doesn’t have internet access. I just bought a cheap laptop and plugged it in. It’s probably cheaper and runs software better than the cheap ass hardware they put into TVs.
Lot of people saying they don’t give internet access to their TVs.
Fine, but that doesn’t work for cord-cutters who opted out of cable to go with streaming. And if you keep your TV away from internet but have a cable box, it will be doing all the tracking in this paper (and worse) then sending it to the cable provider.
So short of sticking with DVD/Bluray (unconnected) or over-the-air broadcast TV, there’s no way to stop from getting tracked.
The paper also lists domains where the data is being sent. You could always try blocking the destination addresses at the router level.
how about cutting the cord, making the tv dumb and just your own foss software? like some hdmi stick or tv box with kodi etc…
better than just blocking some domains for an overall scammy device.
AFAICT, keeping the TV offline (i.e. not connected to any wifi) and plugging in a laptop/Chromecast/etc. via HDMI would eliminate both sides of the problem. You can still use streaming services on the laptop, but the TV would be unable to phone home.
There’s always the yar har option as well, which is also effectively implemented with a laptop.
And the domains would require maintenance. When new ones are added or changed or whatever.
This should be illegal, though. One can dream.
I find this difficult to read. What would have been useful is a per country/state and manufacturer overview that shows where I have to worry about what with whom. Nevertheless this is very alarming and a good reminder to never connect your TV to the internet.
Yeah, someone should definitely do that. I think this is written from the perspective of a security researcher communicating with others in the security world about a discovery they made, so it’s a) dense to read, and b) not thorough as a consumer guide.
Hopefully someone follows up with a resource like you describe.
Yeah fair enough we’re not really the target audience and the main message came through anyway.
