Samsung Smart TVs Don't Encrypt the Voice Data They Collect

← Back to Stories (view on slashdot.org)

Samsung Smart TVs Don't Encrypt the Voice Data They Collect

Posted by samzenpus on Wednesday February 18, 2015 @08:08PM from the even-worse dept.

itwbennett writes A week ago, the revelation that Samsung collects words spoken by consumers when they use the voice recognition feature in their smart TVs enraged privacy advocates, since according to Samsung's own privacy policy those words can in some cases include personal or sensitive information. Following the incident, David Lodge, a researcher with a U.K.-based security firm called Pen Test Partners, intercepted and analyzed the Internet traffic generated by a Samsung smart TV and found that Samsung does send captured voice data to a remote server using a connection on port 443, a port typically associated with encrypted HTTPS, but that the data was not encrypted. "It's not even HTTP data, it's a mix of XML and some custom binary data packet," said Lodge in a blog post.

26 of 153 comments (clear)

Min score:

Reason:

Sort:

... and this is surprising how? by Selur · 2015-02-18 20:12 · Score: 5, Insightful

Come on, it would have been surprised if they did encrypt the data in a decent way,...
1. Re:... and this is surprising how? by Dutch+Gun · 2015-02-18 21:30 · Score: 4, Interesting
  
  Yeah, same here... pretty much called it in the last article about this. It's sort of unbelievable, though, in some way, that no one stops to think of security and privacy ramifications of these things though. Yet it happens time after time after time.
  I wonder if it's perhaps an engineer-type mentality that gets so focused on building cool new things, they just don't stop to think about how those new things can be abused or exploited to do bad things. Like when Microsoft decided to embed scripting-type functionality in all their Office documents, and now *whee*, we've got document-based trojans. Then they had to clamp down on all that scripting. Or how Adobe turned on scripting functionality by default in PDFs, giving us a crapload of exploits for a feature very few people ever used. Result - you have to turn off scripting to stay safe when reading PDFs, and eventually browsers took it upon themselves to do it safely for you. I guess engineers don't typically think like baddies, figuring out how to use technology to hurt people or steal from them.
  This is not privacy-related data they're exploiting on purpose, because it doesn't do any good from a marketing standpoint. The only other explanation is that it's just an oversight. It's not the first time, and it probably won't be the last. On the other hand, given the fact that the NSA still collects all of our traffic, and US Citizens aren't up in arms about it, maybe they're correct in calculating that most people just don't give a damn about that sort of thing outside of a vocal minority.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
2. Re:... and this is surprising how? by Carewolf · 2015-02-18 22:37 · Score: 2
  
  Come on, it would have been surprised if they did encrypt the data in a decent way,...
  What is the point of encrypting private data when you are secretely violating someone's privacy?
3. Re:... and this is surprising how? by gstoddart · 2015-02-19 01:05 · Score: 4, Insightful
  
  It's sort of unbelievable, though, in some way, that no one stops to think of security and privacy ramifications of these things though. Yet it happens time after time after time.
  Laziness. Incompetence. Greed. Lack of penalties.
  The lack of penalties pretty much guarantees the other three.
  When companies carry actual penalties for doing a terrible job of security, they might try harder. Until then, not a chance.
  If all they have to do is say "oh, gee, we're not really sorry" and have no consequences, this will keep happening.
  Which is precisely why you should assume any piece of consumer electronics which wants to connect to the internet was pushed out the door by lazy, incompetent, greedy bastards who bear no legal penalty for screwing up on security and privacy.
  Because the reality is, that's probably exactly what happened.
  Bring in real privacy and data security laws, or just straight up assume the product doesn't give a crap about you.
  
  --
  Lost at C:>. Found at C.
4. Re:... and this is surprising how? by putaro · 2015-02-19 01:46 · Score: 2
  
  If the security sucks, the product usually still works. That's the basic problem.
5. Re:... and this is surprising how? by gstoddart · 2015-02-19 02:05 · Score: 3, Insightful
  
  But it's not a secret. You know when you buy one of these your voice is going to be transmitted over the internets for analysis.
  Does your average TV owner know this? Is it explicitly marked on the package?
  Because until they announced they might be sending your voice to third parties, I'm betting your average consumer had no frickin' idea that was happening.
  
  The only potential violation of privacy here would be the ability for a third party to intercept the unencrypted data on someone
  Well, first they broadcast it in the clear, and then they're giving it to a third party to do the work.
  Everything about this system, from end to end, is more or less designed to violate your privacy.
  Because the "security" is pretty much non-existent.
  Corporations need to have huge penalties for implementing "security" like a bunch of lazy chimps. If they aren't, then people should be well informed that the security of their product was, in fact, written by a bunch of lazy, indifferent chimps.
  
  --
  Lost at C:>. Found at C.
6. Re:... and this is surprising how? by dimeglio · 2015-02-19 02:29 · Score: 3, Insightful
  
  your voice is going to be transmitted over the internets for analysis.
  Why would a normal consumer assume that? He's talking to the TV, not chatting with someone using Skype.
  
  --
  Views expressed do not necessarily reflect those of the author.
7. Re:... and this is surprising how? by Charliemopps · 2015-02-19 03:37 · Score: 3, Insightful
  
  There is no legal obligation to encrypt.
  There is no culpability if the data is lost.
  It costs time and money to secure it.
  Why would they bother?
No Trust by thegarbz · 2015-02-18 20:15 · Score: 4, Insightful

Doesn't encryption imply some level of trust in the other party? I.e. you know who you are sending sensitive data to?
If you don't trust Samsung to receive your personal data (as I'm sure few people do) is it relevant that it's not encrypted?
1. Re:No Trust by Neil+Boekend · 2015-02-18 20:27 · Score: 4, Insightful
  
  I like to limit the amount of people I send my private data to. Preferably to 0, but to add random hackers to it is not the right way to go.
  
  --
  Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
2. Re:No Trust by gweihir · 2015-02-18 22:50 · Score: 2
  
  That is exactly the point. The problem is the date being sent in the fist place. A likely application is a nice speech-sample database that can then be used to identify people where other means do not work. Even if Samsung itself did not intend that, the NSA and others will steal that database, it is just to appealing.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
3. Re:No Trust by tburkhol · 2015-02-19 01:37 · Score: 2
  
  The problem is the date being sent in the fist place. A likely application is a nice speech-sample database that can then be used to identify people where other means do not work.
  
  You have a microphone in people's living room, broadcasting every conversation they have, and the application you come up with is voice-print identification? Not listening for people reciting strings of numbers like account or social security. Not people discussing passwords, drug deals, or plots to blow up the Capitol. Not people talking about a new car, a new pregnancy, or an imminent wedding. The content of these conversations is (presumably) being sent home at least to do Siri-like speech to text, so even Samsung clearly has the processing power to generate transcripts for all of those conversations, easily searchable, tied to a specific consumer, and salable to marketing or security services.
New term by SuperKendall · 2015-02-18 20:16 · Score: 3, Funny

I think we need a new term for something like this - security through stupidity.
Obscurity means that something is non-obvious enough that it takes work to uncover it.
Stupidity is where the way something is done is so stupid it makes you keep checking for something else going on.
To be fair though, if he just knows the speech captured is a blob of binary data sent but not the format how does he know THAT's not encrypted?

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:New term by SuperKendall · 2015-02-18 20:43 · Score: 3, Insightful
  
  Forget the NSA, this can be super handy for the garden variety creep or stalker. Many remotes these days use some kind of wireless connection - so if I had a sniffer listening to network traffic from the house I could remotely trigger the remote's microphone key even from outside fire up listen mode...
  
  --
  "There is more worth loving than we have strength to love." - Brian Jay Stanley
Good enough by Anonymous Coward · 2015-02-18 20:18 · Score: 4, Funny

"It's not even HTTP data, it's a mix of XML and some custom binary data packet,"
Well, XML is more or less unreadable. That is as close to a one way encryption any commercial company will get.
Out Sonying Sony? by EzInKy · 2015-02-18 20:33 · Score: 3, Insightful

Is this really what Samsung wants to do? I've been steering everyone I know away from Sony products for more than a decade now, and what I suggest when they ask what brand they can trust I have always told them Samsung. I ask you, is there any major brand who are on the side of consumer/customer privacy out there anymore?

--
Time is what keeps everything from happening all at once.
1. Re:Out Sonying Sony? by hcs_$reboot · 2015-02-18 21:08 · Score: 4, Funny
  
  is there any major brand who are on the side of consumer/customer privacy out there anymore?
  Google.
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
2. Re:Out Sonying Sony? by sectokia · 2015-02-18 21:54 · Score: 3, Informative
  
  I'd actually say apple. Security failures are a pretty big deal for them. They make money though a walled system and hardware. Everything is encrypted. Heck... when my mac boots up off its firmware and goes to download the operating system from apple, even that is encrypted https.
3. Re:Out Sonying Sony? by ledow · 2015-02-18 22:07 · Score: 2
  
  Using basic encryption to authenticate a download of an operating system is to an official server is what I'd class as absolute bare basics.
  Does it check hash values or signed packages? I would hope the answer's yes for anything made in the last ten years.
  That's not a "killer feature". That's basic expectation.
  On the Apple front - they do this by removing much of your control of the device. There are as many rogue apps on the iTunes store as anywhere else. There are also security problems that were left alone for just as long as everyone else:
  http://arstechnica.com/securit...
  (Note: published after 90 days past initial notification, the article says two were definitely still unpatched. Apple are no different to any other large company in this regard, so saying it's "a pretty big deal for them" is probably hyperbole).
  I'd also say, just if they're making their money from hardware there's little incentive to fix software - at least compared to companies that just or primarily sell software.
Re:Terms by amalcolm · 2015-02-18 22:02 · Score: 2

So you are changing channels when your wife comes in screaming at you 'cos she just discovered you have a girlfriend? Not too hard to imaging scenarios where embarassing stuff gets transmitted.

--
Time for bed, said Zebedee - boing
Re:Terms by Anonymous Coward · 2015-02-18 22:39 · Score: 3, Insightful

> To be fair, what kind of words are likely to be sent [...]
I think you don't know how this works. If it is similar to Siri and however its Android twin is called, there ain't remotely enough processing oomph (and memory) in the TV's embedded to make any sense of your mumblings and map them to commands like "put channel 11". So anything going on in the room is packed up and sent to "Teh Cloud" to make any sense of it. Being your dog whining, your husband yelling at you or your daughter phoning the boyfriend.
How anyone thinks *that* is a good idea escapes me, but well -- there are folks which buy a dedicated machine for that. I repeat: the spied-upon are paying hard-earned cash for this. I can't wrap my little head around that.
Re:So turn the mic off.. by Racemaniac · 2015-02-18 22:43 · Score: 5, Informative

It's even better than this, the mic apparantly is only on when you press the voice command button to make the tv listen to a voice command. The mic is only on for a short period when you ask it explicitly. Then it sends whatever you said to the speech recognition server (just like every other speech recognition system atm), and the tv will get an answer as to what it's supposed to do.
The reason they have this in their terms and conditions is because the tv doesn't know what it'll send when you push that button, so it could be personal information. They're just covering their asses. And i would never use such a system, but i'm wondering what the big value is of encrypting data that would probably just contain someone saying "channel 77" or whatever the voice commands like that are.
This is just a lot of fuss about nothing, and a lot of people complaining because the summary makes it sound far worse than it actually is...
The first article was ridiculous. Ofcourse the voice commands get sent to a third party service. That's also how siri and whatever other such systems exist work. And it's not always on, you have to request it via the remote. So there's no privacy implication at all... It's just covering their asses.
And now it's that this data, which is very very unlikely to be sensitive isn't encrypted. If the hackers want to hear people name channels and other commands from the users of said tv's... good for them.
Re:What? by gweihir · 2015-02-18 22:51 · Score: 2

Sounds like some first year CS students with big egos and small skills. I remember quire a few of those.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Oh for fucks sake, people. by wiredog · 2015-02-18 23:51 · Score: 4, Interesting

The microphone on the TV stays off until you command it to listen. You do that by pressing a large VOICE button on the remote.

--

Best Slashdot Co
Incompetence and cost/benefit by sjbe · 2015-02-19 02:12 · Score: 2

I wonder if it's perhaps an engineer-type mentality that gets so focused on building cool new things, they just don't stop to think about how those new things can be abused or exploited to do bad things.
It's partly that. It's also very likely to be a significant amount of incompetence. I am an engineer and run a contract manufacturing company. We build wire harnesses and our customers provide the technical details for the product to be built. I've been doing this for many years now and I can count on my fingers the number of drawings that I've received that could be built solely from the documentation provided. This means that a LOT of engineers are wildly incompetent at writing engineering documentations which is >50% of their job for most of them.

I guess engineers don't typically think like baddies, figuring out how to use technology to hurt people or steal from them.
Not only do they not think like baddies, they often don't bother to consult with those who do. Furthermore even if they did think about it it wouldn't surprise me if a cost/benefit analysis was done which drove the engineers and/or management to not bother. Encryption done right is hard and it doesn't result in a single additional sale for most products. Nobody buys a TV wondering how good the encryption on it is. Maybe now they will but it just hasn't been on anyone's radar to this point so why would we expect the companies making the products to worry about it even if they should have?
Actions not words by sjbe · 2015-02-19 03:05 · Score: 2

If all they have to do is say "oh, gee, we're not really sorry" and have no consequences, this will keep happening.
This is something that has come up in our culture lately. It seems no mater how bad the offense, all the media wants is some sort of apology and somehow that makes it acceptable. There are no further consequences which boggles my mind. Sometimes an apology is not sufficient. What we should really care about is what did they DO to make things right. I could give a shit whether they apologize or not. Fix it and I'll forgive. What is said means nothing.

Which is precisely why you should assume any piece of consumer electronics which wants to connect to the internet was pushed out the door by lazy, incompetent, greedy bastards who bear no legal penalty for screwing up on security and privacy.
Preach on brother. This is absolutely correct.