Even the Dumbest Ransomware Is Almost Unremovable On Smart TVs

An anonymous reader writes: Apparently even the easiest-to-remove ransomware is painfully hard to uninstall from smart TVs, if they're running on the Android TV platform, and many are. This didn't happen in a real-world scenario (yet), and was only a PoC test by Symantec. The researcher managed to remove the ransomware only because he enabled the Android ADB tool beforehand, knowing he would infect the TV with the ransomware. "Without this option enabled, and if I was less experienced user, I'd probably still be locked out of my smart TV, making it a large and expensive paper weight," said the researcher.

"Reset to factory settings" button

[ZorinLynx]

Why the heck don't these devices have a "Reset to factory settings" button?

Flash memory is cheap. Have a permanent, unmodifiable copy of the firmware the device ships with. If you power it on while holding the button, copy that firmware over as the active firmware, clear out the user data area, and restart. Boom! TV is back to normal.

This sort of thing is ludicrously easy to implement and would save the companies money on warranty repairs.

I have a JBL speaker that I had to ship back to the manufacturer to be replaced because of a bad firmware update. A simple reset button like the one I described would have saved me a ton of pain and saved JBL money on shipping the speaker both ways. WHY isn't this sort of thing universal?

Re:"Reset to factory settings" button

[Irate+Engineer]

I have a JBL speaker that I had to ship back to the manufacturer to be replaced because of a bad firmware update. A simple reset button like the one I described would have saved me a ton of pain and saved JBL money on shipping the speaker both ways. WHY isn't this sort of thing universal?

Because, for every person like you, there are 10 that would just say "Speaker not work. Must buy new speaker." Repair options do not spur new sales.

Re:"Reset to factory settings" button

[gstoddart]

Because companies are lay, cheap, overly optimistic, and not really interested in designing robust products which can be maintained over their lifecycle.

Extra money spent up-front cuts into profitability, adds cost and complexity, and would have to be done by an organization which is cautious and makes long-term plans.

Do you think the marketing guys screeching to get the product out before Christmas give a crap about any of this stuff?

Sure, lots of things can be designed robustly. But increasingly, nobody gives a damn. They just figure you'll just buy another TV.

Consumer electronics aren't exactly being designed to the highest engineering standards known to man. They're being put out the door as cheaply as possible.

Re:"Reset to factory settings" button

[gstoddart]

I find it hard to believe anyone would give up on a $400 speaker that quickly, unless they are rich and $400 is nothing to them.

I find it hard to believe a damned speaker needs firmware upgrades.

Oh, but wait, it's controllable by an app, has Bluetooth and wifi, and connects to the internet, right?

Yeah ... me, I don't want speakers which do that stuff. Precisely because time and time again companies demonstrate they're terrible at it, and you end up with a product with a MUCH shorter lifecycle -- because it's focused on 10 things besides being a good speaker.

My guess, if it needs firmware updates, it's really a $100 speaker with a bunch of extra crap slapped onto it.

These days, digital pretty much means disposable.

Re:"Reset to factory settings" button

The premise is that somebody bought a crappy speaker for $400. In addition to that, they bought a computer that runs software that they can't maintain. And then they decided to give that unmaintainable computer Internet access.

What makes you predict they're suddenly going to start making rational, safe or cost-effective decisions?

What you call "hard to believe" I call "follows as being 100% consistent with the mentality that person has already demonstrated."

Re:"Reset to factory settings" button

[Noah+Haders]

i had to upgrade the firmware on my wireless powered speakers, and it was a pain. next time, i'm getting a pair of passive speakers and an integrated amp.

Re:"Reset to factory settings" button

[gstoddart]

Define "good speaker".

And there's the rub ... if you ever describe the sound of your speakers as "moist, peaty, and with chocolate overtones" ... well, I have no idea what you consider to be a "good" speaker. I sure as hell can't hear what you claim to be able to.

I currently own four of these, and highly recommend them.

They still use old-fashioned head-phone jacks, can be daisy chained, have hours of battery life and can be charged from USB ... utterly compatible with everything from an original Walkman to an iPhone, because everything still uses that headphone jack. There's no app or custom software, just a little 3.5mm jack. There's also no firmware updates.

Those little suckers have traveled with me for the last 4 years ... they've been in hotels, in tropical resorts, in my backyard, poolside ... all four of them weigh in at less than a pound and take up very little space. Two of them have traveled with me everywhere I have flown since I got them, the other two are much newer but give me a little more flexibility.

Being small little speakers, they have the benefit that in a relatively short distance you can't hear them at all. Which means the wife and I can have music that people 30 feet away can't even hear -- which is a bonus when you're in the back yard or lounging by a pool and don't want to disturb other people.

I have literally hundreds if not thousands of hours on the damned things. I consider them awesome speakers, mostly because of their utility and portability.

I'm with you, for overall utility and convenience, I define "good" as "good enough". But they completely eschew any form of network or wireless technology, because they don't need it.

smart tvs are not smart

[The-Ixian]

Is there any "smart" TV that actually works well?

I have owned a few and I always end up hooking up the Roku because it just works.

Seems like this is another reason not to hook up your smart TV to the Internet.

Re:smart tvs are not smart

[UnknowingFool]

Well there's also the other problem that the software works fine for a while. But often they get few updates if any. So the features, UI, etc remain stuck for years. Take Netflix, for example, which has changed their interface and added more features. Most likely a smart TV's Netflix app will never see them. Little changes like changing the search alphabet layout, prominently displaying what you were watching last when it opens, etc. make a big difference.

Re:Smart TVs Are Not Smart

[sudon't]

Right. Here's what I worry about - the next time I need a new TV, (or any other appliance), am I gonna be able to buy a "normal" one? Really, I fear manufacturers and app developers more than I fear actual malware. As it is, my TV is basically a monitor, and that's how I like it.
The less shit connected to the internet, the better, as far as I'm concerned, and I don't use wireless for any device except my phone.