[userbinator]

One thing you have to understand is that these internet-connected Blu-ray players in question are programmed to log their activities and send copies of this information to Samsung.

In some ways, this is even more disturbing than the bricking.

Only corporate greed can create a media player that watches you and needs constant firmware updates.

I have a VCR and DVD player which still work, and things like this are the reason I'm not buying any newer standalone players.

It reminds me of this old meme (I'm not aware of a Blu-ray version): https://files-cdn.sharenator.com/pirate-dvds-s800x825-43988....

[Johnny555]

It's worse than you think - it's not just your DVD player that's spying on you, but your TV is too -- many TV's use Automated Content Recognition to detect what you're watching regardless of source (DVD, over the air, streaming app, etc). They even detect commercials, and which language you're listening to.

https://www.adexchanger.com/ad-exchange-news/the-marketers-g...

[mimimi31]

"The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."

[kwhitefoot]

> except in darkness,

With modern cameras even darkness is no guarantee.

[hatenberg]

Clearly missed out on infrared ;)

[virtue3]

I worked for a company that used ACR to put interactive ads on your TV when the ad that it went with came on.

I pressed the meta data company manager we were working with about how they could make such accurate predictions about who was viewing based off just zip code and the content and he replied with "you would be amazed at what people will tell you about themselves for 5$ off netflix".

My productivity dropped and I had a hard time coming into work after that. (This was around the Snowden era).

LG got busted shortly after for not actually stopping the screen grabbing once a second and uploading it to a server even if you turned the option off in the UK. Not surprised.

[Mandatum]

Unfortunately piracy is often a good answer to this type of issue. If your smart TV is not connected to the internet, or you're not browsing on a licensed platform riddled with DRM and tracking agents, there's no chance of that data leaving your house.

[mirimir]

That's my answer. I'll never own a "smart TV", just decent gaming graphics with a large monitor.

[Exmoor]

It's essentially impossible to buy a consumer TV that's not "smart" these days. There are commercial TV's/monitors, but those are both expensive and also typically not focused on image quality.

Best solution is to "air gap" your TV by not connecting it your wifi or ethernet.

[ElFitz]

I remember reading somewhere that some of them still tried to connect to any "open" WiFi network they could find

[kd5bjo]

> Best solution is to "air gap" your TV by not connecting it your wifi or ethernet.

How long will it be before TVs embed a cellular modem with manufacturer-paid service to keep the smart features connected? “No setup, works straight out of the box” has to have at least some marketing value, after all.

[jablan]

That's exactly the point of 5G, if I understand it correctly.

[RealStickman_]

That's the point where you install a wifi jammer in your house and do cable only.

[Mandatum]

This might work in the US, units sold in the EU would be litigated out of production. Who knows, maybe we'll see a homebrew market for EU-built apps for US TV's.

[mirimir]

Why do I need a TV? Arbitrarily large monitors are available for gaming.

[m-p-3]

And those manufacturers will double-down by scanning for an open wireless network and send the data stream without you knowing, or embed a cellular modem to bypass all that.

It's a truly disgusting trend.

[speedgoose]

TVs are much much more larger. But you don't need a TV obviously.

[pjmlp]

There are still plenty of options in Europe, it is a matter of being picky.

As for image quality it is miles ahead of crufty CRT displays, Sony Triniton or the like.

[pdimitar]

Can you point me at an EU marketplace where I can pick a non-smart TV with modern good display? I've been desperate to find something like that for months.

[mirimir]

Huh, I thought that gamers also like high quality images.

[jl6]

Please tell me there is a blacklist published somewhere that allows me to avoid ever purchasing a device which includes ACR?

[dylan604]

How do you think manufactures can afford to sell these large screens at such cheap prices. They continue to make money off of you long after the initial sale. I'm surprised they just don't give them away (except it would probably raise too many questions).

Your digital cable boxes have been doing this for even longer.

[superhuzza]

>How do you think manufactures can afford to sell these large screens at such cheap prices.

TV prices have been falling for decades[1], long before manufacturers could truly benefit from the data provided by smart TVs. So other factors are probably much more important - such as cheaper materials, automated production, economies of scale etc.

Also, ad revenue wouldn't explain why "stupid" computer monitor prices have also fallen greatly during the same time period.

[1] https://u.osu.edu/zagorsky.1/2014/05/18/why-are-television-s...

[megablast]

They aren't getting much back from selling the data. Maybe $20 off.

[dylan604]

And that is based on what data? BigCorps tend to not continue doing something if it's not going to bring them much return.

[Fezzik]

Somewhat tangential, but Facebook’s average revenue per user was less than $9 in 2019. I can’t imagine TV manufacturers can eek out nearly that much revenue from the data they collect. Especially considering that almost everyone is streaming or using cable and all of that data is going to Hulu/Netflix/Cable providers and then passed on to advertisers anyway.

[dylan604]

FB has 1.5B+ daily users. $9 * 1.5B = A LOT OF CASH. Is that per month, per year? Plus Insta, plus WhatsApp

TV Manufactures may not sell 1B units (maybe they do), but it's still a large enough number that it will not be unnoticed in a balance sheet

[nl]

> How do you think manufactures can afford to sell these large screens at such cheap prices.

Screens are actually that cheap. Take a look at the monitor size/resolution price curve (for non-gaming monitors) and you'll see TVs fit perfectly on it.

Here's a random 55 inch LG panel available on Alibaba. $145 each for a minimum order of 15. That was just the first I found - I'm sure you can get cheaper (especially in bulk!)

Things like high refresh rate, GSync etc add to the cost of the monitor.

https://www.alibaba.com/product-detail/LG-full-color-FHD-mod...

[godzillabrennus]

Yup.

I bought a 75” 4K TV with HDR for $750 recently. I paid that much for my first 15” LCD computer monitor.

If I connect it to the internet I know it’s spying on me.

[bgwhn]

I'm with you, and I prefer "dumb" devices, but you can still buy these blu-ray players and not connect them to the internet.

The internet connectivity is sold as an additional feature so that you can use your blu-ray player to watch Netflix. I agree that I don't want logging on a device like this, but if I was going to connect one of these to the internet, I would at least want regular security updates.

[RandomBacon]

Vote with your wallet. Don't buy these internet devices.

All it takes is for a visiting family member or friend who wants to watch Netflix while you're in another room/asleep/etc to click okay.

[chrisBob]

That’s what my in-laws did. “For some reason you hadn’t connected your smart TV to the internet; instead of using your Apple TV, we gave TCL your WiFi password. Aren’t you proud we figured it out on our own?”

[RealStickman_]

Better be sure and block the TV from wifi then.

[untog]

Easier said than done. It’s increasingly difficult to find a “dumb” TV these days. Almost all have smart functionality.

(and besides, most TVs have other ways of watching Netflix that ought to be more convenient for a visitor. A $30 Roku stick is all you need)

[amiga-workbench]

Don't buy a TV then, buy a monitor. https://www.dell.com/en-uk/work/shop/dell-55-4k-conference-r...

[RandomBacon]

In the US, you can get a 55 inch dumb 4K TV for less than half the price.

https://www.walmart.com/ip/Sceptre-55-Class-4K-UHD-LED-TV-HD...

[ekianjo]

Is there any difference in display quality between a monitor and a TV with roughly the same specs?

[amiga-workbench]

I really doubt it. My 2015 Sony bravia has a similar 4K VA panel that I'm largely happy with. I absolutely hate that TV for reasons besides it's panel. And I regret blowing £850 on it.

You're not going to find IPS or OLED panels on those large form factor monitors for a sensible price, so do consider that.

Also keep an eye open for NEC digital signage displays on eBay, they're quite common coming from liquidated businesses. I bought a few of them for the office on the cheap and they're solid as long as you avoid the really old plasma models.

[userbinator]

Traditionally, a computer monitor would be superior in quality since they are used at a closer distance where things like dead pixels are much more noticeable, in contrast to a TV that's mainly used for video at a longer distance.

With LCD monitors being available in sizes as large as TVs and with the same resolutions, I suspect there won't be much difference but perhaps panels intended for TVs may still have more allowable defects.

[RandomBacon]

Sceptre makes 4K dumb TVs (Walmart).

You can also find other brand 4K dumb TVs on Amazon.

A guest might not see it plugged in and not know to try all the HDMI inputs before selecting the easy, built-in option on the TV.

[dreamcompiler]

Wow. I hadn't thought of this vulnerability. Time to set up MAC address blacklists on my router.

[13of40]

If you're going to that sort of length, maybe just filter DNS requests from the TV to whitelist Netflix and Amazon Prime Video, etc. but block everything else. A custom router might go one step further and only whitelist outbound traffic to IP addresses that were previously resolved through DNS.

[HelloNurse]

Are Netflix, Amazon Prime Video, Youtube etc. IP addresses stable enough to be whitelisted, er, allowlisted without frequent updates?

[ptx]

If it's developed with the assumption that they can deliver rolling software updates, the software it ships with might be unusably buggy.

[Merad]

> you can still buy these blu-ray players and not connect them to the internet.

Unfortunately this is only a temporary solution IMO. Within the next decade I think you'll see these smart devices shipping with built in connectivity that's difficult or impossible to disable, especially if Starlink or other satellite based services really take off.

[wartijn_]

I don't think these kind ofdevices will use Starlink or an equivalent service any time soon. Starlink needs a "pizza box sized" satellite dish that constantly adjusts its position to stay in contact with the satellites. I assume they won't work inside, like other satellite based antennae.

If smart devices will have build in connectivity in the next decade, I think 5g will be a more likely candidate. But I don't see that happening either. Why would a company pay for the data of its users when most people will just connect it to their wifi?

I. Couldn't find a source on "pizza box sized", but I remember Elon Musk has said that. Also here is a picture of one of the antennae: https://www.reddit.com/r/Starlink/comments/hruzck/new_photo_...

[jonpurdy]

I have been wondering for the past two decades: when will media companies will realize that better quality == sales? This sort of happened with iTunes Store when they got rid of DRM on the audio tracks, and with streaming video services (though the quality is severely lacking compared to Blu-Ray/HQ ripped Blu-Ray).

You still get the best experience (and quality) going through BitTorrent.

[xg15]

Don't worry though, the players will only upload the logs, after you've granted consent...

... which you'll automatically give by approving a tome-sized privacy policy

... that you have to accept if you want to use any kind of internet feature, such as watching Netflix.

I love the world we're living in...

[notimetorelax]

This is the whole point of the GDPR.

[Abishek_Muthian]

You'll be surprised on how much crap Samsung packs into low-end & mid-end smartphones in India, especially since now the phones are made in India, available only in India(M-series).

The phones have major international data hoarder apps, their equivalent in India and their Samsung equivalent with its own app downloading services which masquerades as system updates to force the gullible into downloading Samsung apps even if you disable them.

The phones are very much subsidised for data hoarding.

[swiley]

I wouldn’t be surprised. I recently bought a low end android to use as a balloon tracker (which I didn’t realize was illegal until later) and had to wait around 10-20 minutes after connecting it to WiFi While it downloaded ~15 apps (some of which kept launching background services and crashing the phone because it would run out of memory.)

I used to think consumer PCs were bad but holy cow, the way android enables malware out of the box is insane! And in the name of protecting the user from malware they have no tools to deal with it.

[Abishek_Muthian]

>And in the name of protecting the user from malware they have no tools to deal with it

There are tools as the ecosystem is open and the community is extraordinarily talented, but it largely depends upon the device, whether the kernel source, driver blobs are available and boot loader can be unlocked; these were generally true for most devices from high profile manufacturers, but now things are changing as those manufacturers have ventured into $1000 smartphones and don't care for their enthusiast population.

Then again, new breed of pure Linux smartphones are available now. IMO, this should be the long term focus for any enthusiast wanting a free, open, secure mobile computing experience.

[swiley]

It depends on the device manufacturer which is the one installing malware in the first place. There is no hope for android unless something fundamentally changes.

[noisy_boy]

I just hope we have a clean option like Pinephone with flagship quality hardware soon.

[Abishek_Muthian]

True, but unfortunately PinePhone shipments have been stopped to India & Russia[1]. I assume that would be the case for many other brands shipping their handsets from China/HongKong to India.

So, these local manufacturers are going to have free run shipping crap embedded phones for a long time.

[1]https://www.pine64.org/2020/07/15/july-updatepmos-ce-pre-ord...

[spike021]

There are still "dumb" Blu-ray players. Bought one for my parents a few years back. It does have an ethernet port, but they've never needed to connect it to the Internet, works fine. I guess if you're watching a movie that has Internet-enabled extra features, then you would need an internet-connected one, but are there really that many anyway?

[duncan_bayne]

> Only corporate greed

Go read up about the Cheka, Mao, and the Stasi.

I use Fastmail, eschew most social media, and run a PinePhone. I'm not a fan of corporate surveillance.

But they're amateurs compared with the murderous surveillance states of years past.

[slim]

strangely it seems more acceptable when an OEM ships its laptops with Windows 10 which does the same thing

[dastx]

> needs constant firmware updates

Firmware updates are good. They can patch security issues and they can improve different aspects of the device. The security being the best plus obviously.

Wholeheartedly agree that there is no reason for a company like Samsung to track your every move despite you paying them hundreds for said devive. I'd be very surprised if they don't make a hefty profit from such devices. So why then, do they need to track us in addition to making us fork over our money.

I understand Google tracking us. I don't agree with it, but I understand it. Same with Facebook. But Samsung? Apple? No. They're even going to certain lengths to prevent you from fully enjoying your devices (such locked bootloader, making it hard to repair etc).

[userbinator]

Firmware updates are good. They can patch security issues and they can improve different aspects of the device. The security being the best plus obviously.

The point is that there are no "security issues" in a dumb media player like the DVD player I have. Suppose an "attacker" (and that is stretching the definition a lot...) can create a disc that can overflow a buffer somewhere and crash the player or cause it to do something "interesting", and I have been somehow tricked into attempting to play this disc --- so what? It's not connected to the Internet, the firmware is read-only, there's literally nothing of value to attack. I'll just eject the disc (manually if necessary) and not play it again.

Instead this stupid "update culture" has created horribly buggy software that's barely functional "because we can always change it", and now we somehow need an Internet-connected media player,along with all the downsides --- including security --- that brings, just so they can (try to) silently attempt to fix some bugs that should never have gotten out in the first place? My experience tells me that they will fix one thing and break something else in the process, so there's overall no real improvement.

[jentist_retol]

>there are no "security issues" in a dumb media player

There is also no Netflix playback, which is a very common use case for consumers.

BTW, the internet connection can be used for key revocation as a way to combat piracy and consumer choice. So, it's "worse" than "just" tracking.

[grugagag]

I agree with the upgrade sentiment, it’s mostly a disaster and a step backwards for the consumer.

[slimsag]

> Firmware updates are good. They [[can]] patch security issues and they can improve different aspects of the device.

Emphasis mine - updates also remove features and introduce security issues. It's not cut-and-dry "updates are good"

I am pretty sure my Samsung fridge update removed 3 of the limited ~12 or so apps it had in the first place.

[grugagag]

If im not waiting for a big fix i avoid upgrades when possible for the reasons you mentioned above, thers nothing more annoying than an upgrade that downgrades features that were working just fine.

Im also doing some research before upgrading. Never the first to upgrade, i hate autoupdating software

[Wowfunhappy]

What security updates would you foresee being necessary for a traditional BluRay player? Perhaps I'm not being creative enough, but I can't think of what a hacker would accomplish.

Other than allowing the player to read pirated BluRays, I guess, but that's not the user's problem.

[reaperducer]

Maybe making the player part of a DDOS botnet? That's all I can think of.

The only consumer electronic in my house I allow to talk to the internet is the AppleTV. Nothing else is allowed on the router. Not the TV. Not the disc player. Not the refrigerator. Not even the "smart" thermostat.

[Wowfunhappy]

> Maybe making the player part of a DDOS botnet?

This only works if the player is connected to the internet, which shouldn't be necessary to begin with.

[asveikau]

I don't know about security per se (as others have mentioned a dumb player doesn't need internet), but I could very easily see a decoder bugfix or something to do with i/o error conditions or mishandling some particular kind of disc...

[zzo38computer]

Firmware updates can be good, but only the user with physical access should be able to install a firmware update. An example of how this might be done may be: There is a ROM firmware (always read-only) and EEPROM firmware (read-only except during firmware upgrade operations); the ROM firmware only checks a switch (which is a physical hardware switch can be set only by the user) and if set, will load the data on the DVD (or CD or CompactFlash or whatever other media it uses, but specifically not internet) as a firmware upgrade into the EEPROM; if the switch is not set, then the EEPROM is read-only and nothing can upgrade it, not even a custom firmware. (The user could also physically open it up and replace the EEPROM chip themself, if wanted, but this would normally be unnecessary.)

[jeffdubin]

This, but removable microSD card instead of EEPROM.

[glassneedles]

I can’t vouch for Samsung but Vizio have said in the past that they make very little profit off their TVs and this is offset by data that is collected from usage.

https://www.techdirt.com/articles/20190114/08084341384/vizio...

Now I’d imagine that Samsung are making a hefty profit on the 75” 4K all singing sets (and still spying on you) but the cheaper ones seem to be priced so there isn’t much profit.