[josephg]

It’s worse than that. Imagine a TV ad which sends malicious code that gets executed to your television, which profiles the hardware in your TV and sends information about your viewing habits (tied to a unique ID) back to the advertiser.

In any other context we would call this a security vulnerability. I think that label also applies here.

[Spooky23]

You don’t need to, it happens already. Many TVs do screen grabs and send everything you do to the manufacturer or partners.

[zeta0134]

My Vizio's built-in software tries to do that. There's a reason it's not allowed to connect to wifi.

[DCoder]

When you say "it's not allowed", do you trust its own settings? Are you sure it's not doing something like [0]? How do you even protect against that?

[0]: https://www.reddit.com/r/privacy/comments/bpr6xs/if_you_choo...

[zeta0134]

I bought a new wifi router and never told the Vizio the new credentials. If it manages to somehow figure out how to log onto the new router, and transmit the data about how I don't own cable service and mostly use it to play retro games? I'm going to be kindof impressed really; at that point, Vizio can have the data.

[islon]

My wifi router has an interface that shows every connected device and I can blacklist them based on their physical address.

[DCoder]

In the post I linked to, the TV in a similar situation was happily connecting to someone else's (open) WiFi network nearby. You can't really block those…

[ammar2]

Let it connect to your network and then black-hole it?

But that's assuming it doesn't try to connect elsewhere if it detects it doesn't have internet.

[nerdponx]

And this safely outside the scope of what most people know how to do with their routers.

Imagine having to take countermeasures like this to prevent things you've purchased from spying on you!

[SmellyGeekBoy]

Don't buy a "smart" TV?

[cerebellum42]

Isn't every decent TV these days a smart TV? Not exactly practical advice

[neop1x]

don't connect smartTV to the internet, juse use the DP/HDMI inout ;)

[anoncake]

WPA?

[jacobush]

I guess with GDPR.