|
|
|
|
|
|
by anfractuosity
614 days ago
|
|
|
There isn't any way to allow certain streaming services via a firewall whitelist, but block all the extraneous connections a TV might make is there? (As the TV manufacturer might use the same CDNs/IP ranges as legitimate services?), ideally without hacking about with the TV itself. Or would it be best just to never connect the TV to a network and use a computer to access streaming services. |
|
|
As content providers consolidate on shared infrastructure (AWS, gcp, etc) the chances of good and bad actors using the same IP increases. This decreases the effectiveness of firewalls that operate on ip:port matching. Most firewalls do this.
Realistically, what you probably want as a tech savvy consumer is home network level DNS blacklist. It is not a firewall and it doesn't technically block traffic. It does prevent traffic from leaving the device if the DNS the device wants to send to is blacklisted. This exists (pihole) and can be added to a network fairly quickly. Bad actors could bypass your DNS or use known ips directly. Whitelisting dns would also work with the caveat that you'll need to update the list frequently and I don't think pihole was designed for this.
All of that is fairly complicated. A wireless keyboard and mouse and HDMI cable are cheap and laptops are plentiful. You will have the same adversarial content provider issues with a laptop, though. Scriptsafe and ublock can help. Laptops actually shut down when you tell them to. Your tv is probably on even when the screen is off.
I made this decision recently when I inherited a Sony TV with a house. It has not been connected to a network and I use a laptop to stream. I also run pihole, scriptsafe, ublock, and I pay for most of my streaming providers. They're still getting data on me, but less than most people.