Hacker News new | ask | show | jobs
by graypegg 5 days ago
I have a smart TV that's never spoken to the internet after exiting the factory, but it's a pretty tenuous state of affairs. I have this fear that someone staying over is going to see the "Services unavailable, press [menu] to troubleshoot" toast that shows up overtop the HDMI feed for a few seconds and think they're helping me by connecting it. 4-5 years worth of firmware updates all at once... half a decade of watch data somehow extracated from the HDMI feed and stored for precisely this moment... ads everywhere. Even if it doesn't happen instantly, I can only assume there's some flag deep in the OS called makeEverythingWorse just waiting to be flipped on the femtosecond The Beast catches a whiff of a slightly-higher patch number; now content in it's doomed state after having fufilled it's one true purpose of telling someone at samsung my favourite show is HDMI2.

I have had to back my mother down from that precipice on her own TV so I know it's worth worrying about. The siren call of an entirely empty TV homescreen beckoning us with a struck-out radio tower icon. "We have Disney+ and CraveTV too... press [menu]... pay no attention to the sticky note your son put on the coffee table"
4 comments
dylan604 5 days ago
> I have this fear that someone staying over is going to

This happened to me. After they left, I tried a factory reset, but I don't have confidence there's not some code to remember previously saved wifi connections because my tinfoil hat is firmly in place. However, as you've said I only use the TV as an HDMI receiver. None of the TV's apps are used again. So I'm not sure how much they can detect from just the use of the HDMI port as the only thing being used. The games we play to get the subsidized pricing.

link
Eisenstein 5 days ago
HDMI is heavily used for ACR (automatic content recognition) in smart TVs:

"Our findings indicate that (1) ACR operates even when it is used as a “dumb” display via HDMI"

"For both LG (a) and Samsung (b)TVs, the scenarios with the highest ACR traffic are Linear and HDMI."

* https://dl.acm.org/doi/epdf/10.1145/3646547.3689013

link
tlavoie 5 days ago
Sure, but what can it do without a network?
link
Eisenstein 4 days ago
It can store the data until it connects to one, though that's not going to be as useful for anyone selling it. Real-time auctions are where the money is, from what I understand.
link
tlavoie 4 days ago
Maybe if it can start colluding with my other devices over HDMI!
link
randochatter 5 days ago
Can't you have your wifi/router blacklist the TV?
link
archerx 5 days ago
Find the TV’s MAC address and block it on your router. My brother home network had this system where your MAC address had to be whitelisted on the router to communicate with the network, as the days go by I see how in hindsight how this might be for the best in the end.
link
onesociety2022 5 days ago
I’m paranoid that actually blocking internet access to the TV will result in filling up the TV’s disk with all of this intrusive data they have collected waiting to be uploaded, eventually run out of space and brick the TV. This could be just bad software or actually malicious where they intentionally break something if it loses connectivity for too long and they can see you using it with other connected devices.

We really need normies to care enough about this to the point manufacturers will need to think they need to advertise on their TVs that they are privacy-friendly and don’t collect anything as a selling point. Until then, they don’t really care. I just wish someone like Apple made a TV with their Apple TV functionality baked in that I could trust.

link
elzbardico 5 days ago
Lot's of people do it and I haven't seen nobody reporting this. Given the miser hardware specs most smartvs have, if this was a problem, it wouldn't take years to fill up the small storage space most of those TVs come with.
link
hoherd 5 days ago
Allow list is the best approach. Soon TVs will randomize their MAC just like our phones do.
link
lozf 4 days ago
Indeed, but some scoundrel is probably scraping this page and having an LLM prepare their pitch as to how manufacturers could improve Ad / Data collection revenue by bypassing these suggestions :/
link
m3047 5 days ago
I split my network(s) into subnets (sharing the same wire, not to be confused with the actual subnets which don't share the same wire) which correspond to routability policies. This in turn involves firewall rules, routing table entries, and DHCP configs corresponding to those subnets.

I give away the software which does the following. I get this (and a lot more) for every host on my network, and I know what every host is.

    # peers upstairs-roku.m3047 +addr +serv
    dns.google [8.8.4.4]                                              domain [53]     
    dns.google [8.8.8.8]                                              domain [53]     
    athena.m3047 [10.0.0.220]                                         domain [53]     
    mediaservices.cdn-apple.com [23.46.228.133]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.134]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.135]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.137]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.138]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.139]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.140]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.142]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.143]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.144]                       https [443]     
    mediaservices.cdn-apple.com [23.46.228.145]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.169]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.176]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.178]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.185]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.186]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.187]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.188]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.193]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.196]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.201]                       https [443]     
    mediaservices.cdn-apple.com [23.213.34.203]                       https [443]     
    nrdp.push.prod.netflix.com [35.81.198.46]                         www [80]        
    ec2-35-86-100-253.us-west-2.compute.amazonaws.com [35.86.100.253] psbserver [2350]
    austin.logs.roku.com [35.212.27.142]                              https [443]     
    scribe.logs.roku.com [35.212.34.174]                              https [443]     
    austin.logs.roku.com [35.212.72.105]                              https [443]     
    austin.logs.roku.com [35.212.119.44]                              https [443]     
    display.ravm.tv [35.212.178.254]                                  https [443]     
    logs.netflix.com [44.226.179.188]                                 https [443]     
    logs.netflix.com [44.228.67.58]                                   https [443]     
    nrdp.push.prod.netflix.com [44.229.50.4]                          www [80]        
    logs.netflix.com [44.229.122.169]                                 https [443]     
    nrdp.push.prod.netflix.com [44.232.75.216]                        www [80]        
    api.roku.com [44.249.213.211]                                     https [443]     
    nrdp.prod.ftl.netflix.com [45.57.40.1]                            https [443]     
    nrdp.prod.ftl.netflix.com [45.57.41.1]                            https [443]     
    nrdp.push.prod.netflix.com [52.24.26.117]                         www [80]        
    logs.netflix.com [52.33.247.19]                                   https [443]     
    themes-service.sr.roku.com [54.200.214.141]                       https [443]     
    occ-0-1009-1007.1.nflxso.net [198.38.112.135]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.144]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.145]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.165]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.169]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.170]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.172]                     www [80]        
    occ-0-1009-1007.1.nflxso.net [198.38.112.178]                     www [80]        
    mdns.mcast.net [224.0.0.251]                                      mdns [5353]     
    239.255.255.250 [239.255.255.250]                                 ssdp [1900]
link
like_any_other 5 days ago
> after having fufilled it's one true purpose of telling someone at samsung my favourite show is HDMI2.

It is able to identify content directly from the pixels, they will know what you've watched even if it was from a pirated .mp4 served from your PC:

https://en.wikipedia.org/wiki/Automatic_content_recognition

link
dawnerd 5 days ago
I fear the same but made sure I block basically everything at the network level. First thing I do is hook the tv to the network and black hole its mac.
link
dreamcompiler 5 days ago
Or open up the TV and disable its wifi hardware.
link
rationalist 5 days ago
That is the only solution, otherwise there is no guarantee that someone just won't connect the TV to their phone's hotspot.
link