Slashdot Mirror

← Back to Stories (view on slashdot.org)

About 90% of Smart TVs Vulnerable To Remote Hacking Via Rogue TV Signals (bleepingcomputer.com)

Posted by BeauHD on from the remote-control dept.

An anonymous reader quotes a report from Bleeping Computer: A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting -- Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. The attack, developed by Rafael Scheel, a security researcher working for Swiss cyber security consulting company Oneconsult, is unique and much more dangerous than previous smart TV hacks. Scheel's method, which he recently presented at a security conference, is different because the attacker can execute it from a remote location, without user interaction, and runs in the TV's background processes, meaning users won't notice when an attacker compromises their TVs. The researcher told Bleeping Computer via email that he developed this technique without knowing about the CIA's Weeping Angel toolkit, which makes his work even more impressing. Furthermore, Scheel says that "about 90% of the TVs sold in the last years are potential victims of similar attacks," highlighting a major flaw in the infrastructure surrounding smart TVs all over the globe. At the center of Scheel's attack is Hybrid Broadcast Broadband TV (HbbTV), an industry standard supported by most cable providers and smart TV makers that "harmonizes" classic broadcast, IPTV, and broadband delivery systems. TV transmission signal technologies like DVB-T, DVB-C, or IPTV all support HbbTV. Scheel says that anyone can set up a custom DVB-T transmitter with equipment priced between $50-$150, and start broadcasting a DVB-T signal.

76 comments

  1. Daddy was Right by turkeydance · · Score: 3, Insightful

    the TV is watching you

    1. Re:Daddy was Right by Tablizer · · Score: 1

      the TV is watching you

      "1984"

      --
      Table-ized A.I.
  2. It's as if the IoT was a really bad idea by WillAffleckUW · · Score: 2, Insightful

    And almost as if the actual people who created the Internet had told you it was a bad idea, but you ignored them.

    Are you happy now?

    --
    -- Tigger warning: This post may contain tiggers! --
    1. Re:It's as if the IoT was a really bad idea by irving47 · · Score: 1

      This is worse than that... Just because I bought a smart tv didn't mean I had to have it hooked to the internet via ethernet or wifi...

      --
      I had a sucky sig.
    2. Re:It's as if the IoT was a really bad idea by Anonymous Coward · · Score: 0

      I guess you might have to yank out the wifi bits because it might search for an open network.

    3. Re:It's as if the IoT was a really bad idea by Anonymous Coward · · Score: 0

      Heck yeah! I got a new TV for it's picture quality, etc. I didn't hook it up to jack sh1t, and ensured my wifi was heavily Pworded.
      Now it's like a functioning sculpture which I can change its artwork with the click of a button.

      And on family movie night it's almost as if I have a theater is in my home!
      *gap & realization*

      See, it CAN function perfectly well as just a screen!

      *bonks own forehead wondering why people connect them to any network ever).

  3. 100% are vunerable to the shmucks that sold them by gurps_npc · · Score: 4, Insightful

    When someone wants to put an always on microphone in your home, the proper response is "How much will you pay me for the privilege of spying on me?"

    Any other response is just stupid.

    --
    excitingthingstodo.blogspot.com
  4. 90% is high by Anonymous Coward · · Score: 0

    I don't recall seeing a smart TV with an antenna, around here they are only used to view cable TV or internet content.

    1. Re:90% is high by Anonymous Coward · · Score: 0

      If the white van in the street broadcasts a strong enough signal, you don't need an external antenna for the set to pick it up. If the set is scanning for broadcast using a background process, you don't need to be tuning in. Once the set is rooted, that's all she wrote. Pure speculation on my part; but since these things aren't known for their security it wouldn't surprise me if the over-the-air receiver is active even when you don't use it.

    2. Re:90% is high by known_coward_69 · · Score: 1

      so this hack only works when the hacker spends a lot of his own money for no payback? how do i make money off this?

    3. Re:90% is high by TWX · · Score: 1

      We don't subscribe to cable TV, so ours is connected to the antenna.

      But it's not connected to the Internet. That seemed like a terrible idea.

      --
      Do not look into laser with remaining eye.
    4. Re: 90% is high by Anonymous Coward · · Score: 0

      Make a botnet. Rent it out for DDoS attacks. There's a lot of kids who suck at online games and have access to their parents' credit cards.

    5. Re:90% is high by Mike+Frett · · Score: 2

      It's built inside of the TV. Just like Mobile Phones have their Antenna on the inside now.

    6. Re:90% is high by Anonymous Coward · · Score: 0

      You mean their wifi/Bluetooth antenna is built in, sure.

      But no, TV's still require external VHF/UHF antenna connected to the tuner (coax connector on rear) to receive terrestrial signals. If you don't have an external antenna connected for off-air local TV watching, the TV's tuner would not receive the signal. Disable the TV from your router and use a more secure streaming device. No internet, no method to transmit anything back even if it did have a hacker in control of the TV.

      With the TV not connected to the internet and not receiving terrestrial signals, this would be defeated. Granted, I would assume in urban areas there are high concentrations of susceptible TV sets in a small area to make it worth trying for a bad guy.

      *Technician who works for TV manufacturer.

    7. Re:90% is high by Anonymous Coward · · Score: 0

      Jokes on you buddy, maybe it's just that I live less than a mile from the only broadcast channel around me, but my reception with only the coaxial stump is just fine.

      *Customer who owns a television

  5. Hypothetically speaking... by Daetrin · · Score: 4, Interesting

    I am certainly not advocating that anyone do this, because it would be illegal! But in _theory_ could you use this hack to brick susceptible TVs or in some other way interfere with their normal functionality rather than secretly using it to spy on the owner or add it to a botnet?

    And if you (in theory!) did that, would the manufacturer then have to "repair" the suddenly "malfunctioning" TV under the standard warranty since the issue wasn't due to anything the consumer did?

    And if this happened (hypothetically!) to enough TVs, between the repair costs and the bad publicity wouldn't the TV manufacturers have to start taking security seriously instead of fobbing the risks of insecure devices off onto the commons as they currently do?

    --
    This Space Intentionally Left Blank
    1. Re:Hypothetically speaking... by Anonymous Coward · · Score: 0

      And if this happened (hypothetically!) to enough TVs

      the FBI would get involved and you'd end up with various (very concrete!) cybercrime charges.

    2. Re:Hypothetically speaking... by vtcodger · · Score: 1

      Good questions. Based on prior experience, the answers are:

      1,. YES, you can use this vulnerability to brick a TV
      2. YES, the manufacturer is legally liable
      3. NO, the manufacturers will not have to take security seriously. There is no force in the known universe capable of forcing a typical IOT vendor to take security seriously.

      --
      You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
    3. Re:Hypothetically speaking... by vlad30 · · Score: 1

      There is no force in the known universe capable of forcing a typical IOT vendor to take security seriously.

      Except the bottom line companies will do anything to keep those numbers positive even start testing their products e.g. samsung

      --
      Your'e all thinking it, I just said it for you
    4. Re:Hypothetically speaking... by Anonymous Coward · · Score: 0

      The old trick was to open up the plug, disconnect the live wire or at least loosen it, then take it back to the store and say the TV was no longer working.

    5. Re:Hypothetically speaking... by Anonymous Coward · · Score: 0

      And it couldn't possibly be the case that some unscrupulous TV manufacturer would surreptitiously pay some hacker to do this to other manufacturer's TVs in order to drive up maintenance costs and put the opposition at a competitive disadvantage? No, that's would never happen.

    6. Re:Hypothetically speaking... by Anonymous Coward · · Score: 0

      And one might even get a free replacement. Also if the original is out of stock, one may even be obliged to accept a new one with better picture quality & everything!
      Hmmm... where's my digital Macgyver kit...

  6. Re:100% are vunerable to the shmucks that sold the by NoNonAlphaCharsHere · · Score: 1

    Any other response is just stupid.

    I don't think that's quite true. As alternatives, keelhauling and/or drawing and quartering spring to mind.

  7. No mention of ATSC by Fly+Swatter · · Score: 1

    I'm not saying US sold tvs are safe, but this is 90 percent of european DVB-T/C based sets. So not really 90 percent of the 'smart tv' market. The summary also adds the advertisers' delightful 'potential' qualifier. So basically it's like the 'save up to 90 percent' type lie^^^^^h logic.

    1. Re:No mention of ATSC by DewDude · · Score: 4, Informative

      Nope. This attack relies on some functions in the "Hybrid Broadcast Broadband TV" standard; which I don't think we're going to adopt. I don't see anything in ATSC 3.0 that seems like similar features. Not to mention I've not seen (or really looked) for ATSC transmission equipment; and the technology is new enough that decommissioned stuff isn't "out there" yet. When 3.0 goes live...there's a chance of seeing some of that stuff come out; but even then this type of attack wouldn't be possible. Plus the people who live in locations where the 8VSB signals perform very poorly would have an external signal source, being immune anyway.

    2. Re:No mention of ATSC by Anonymous Coward · · Score: 0

      The US is less than 5% of the world and I would expect many if not most TVs sold in the US to also support DVB standards.

    3. Re:No mention of ATSC by jabuzz · · Score: 1

      Five seconds on google, first hit is a worldwide tuner chips from Silicon Labs for ATSC/QAM, DVB-T2/C2/T/C, ISDB-T/C, DTMB

      http://www.silabs.com/products...

      Even in the last days of analogue there was no such thing as an NTSC only tuner chip. They all did PAL as well. Anyway none of the chips on that web page do ATSC and or NTSC only.

  8. Vulnerable Devices? by Chrontius · · Score: 1

    Is there a list of what's compromised by this attack? Or perhaps, a list of things known to be unaffected?

    1. Re: Vulnerable Devices? by UnknowingFool · · Score: 2

      Well if his claims are true, a shorter list would be TVs that aren't vulnerable. This attack is through the digital TV signal if I read it right which mean almost all TVs sold in the last 5 years. Older analog TVs should not be affected.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
    2. Re: Vulnerable Devices? by zippthorne · · Score: 2

      A list of TV's that are known not to be vulnerable, or a list of TVs whose vulnerability is not yet known? The first list is pretty easy. The Smart TVs that are definitely not vulnerable to hacking:

      --
      Can you be Even More Awesome?!
    3. Re: Vulnerable Devices? by green1 · · Score: 1

      Well that makes those TVs perfectly safe around here, because it's been at least 10 years since I've met someone who used the tuner function of their TV. If you're lucky, you'll pick up 3 stations over the air, and if you're using cable of any form you're using their box fed in to your HDMI or Component connections.

  9. not 1984. worse. by Anonymous Coward · · Score: 0

    celing cat.

    by the way. this 2257 notice means you are entertained and owe me mooonies.

  10. Re:100% are vunerable to the shmucks that sold the by PPH · · Score: 2

    Only members of the Inner Party can turn their telescreens off.

    --
    Have gnu, will travel.
  11. Paging George Orwell by sehlat · · Score: 1

    We have built your Telescreen! You failed, however, to predict that people would willingly PAY for them.

    1. Re:Paging George Orwell by Anonymous Coward · · Score: 0

      Actually, I reread it recently and it says (somewhere, I can't find the page) that the reason the proles don't have them is because they can't afford them. So apparently the outer party members are coerced to paying themselves the same way they're required to spend their "free" time at weird meetings.

      Next time you take out your cellphone, look at it and think "They pay for their own telescreens..."

    2. Re:Paging George Orwell by kimvette · · Score: 1

      Except, the idiots willingly attend their two minute hate, er, I mean, trump rallies.

      --
      The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
  12. All the more reason by Anonymous Coward · · Score: 0

    All the more reason to cut the cord.

  13. US TVs protected by Roger+W+Moore · · Score: 3, Funny

    I'm not saying US sold tvs are safe

    US TVs are protected by US TV stations which are so appallingly bad the only way to use TVs there is via Netflix or an equivalent service.

  14. Translation by Anonymous Coward · · Score: 2, Insightful

    Translation: About 90% of smart TVs can be reclaimed by their owners. There's a way to get root and remove the vendor-installed malware.

  15. Hmmmm by Anonymous Coward · · Score: 0

    1) My TV doesn't receive terrestrial signals.
    2) My TV isn't connected to the network.
    3) My TV doesn't care about your hax.

  16. Thats what i was thinking by MrLint · · Score: 1

    I wonder if this can be leveraged to somehow update the OS in my now abanndonware TV

  17. Can we please stop calling them smart tvs... by Anonymous Coward · · Score: 0

    as they are obviously designed for retards.

  18. Glad I dont own a smart TV by jonwil · · Score: 1

    Every time I see some new report about smart TVs being hacked or spying on people or otherwise having problems, it makes me glad that my TV is a nice dumb 32" Samsung LCD.

  19. "Editors" by fyngyrz · · Score: 2, Informative

    FTFS:

    ...which makes his work even more impressing.

    ...which makes his work even more impressive.

    Slashdot, would you people please hire someone competent to write/edit English summaries?

    Thank you.

    --
    I've fallen off your lawn, and I can't get up.
    1. Re:"Editors" by msauve · · Score: 2

      I also find it surprising that this attack on DVB-T based TVs makes "about 90% of Smart TVs Vulnerable." Do China (which uses DTMB), the US, Canada (which use ATSC), Japan and South America (ISDB) and others who don't use DVB but represent over 25% of the world's population, only have 10% of the world's smart TVs?

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    2. Re: "Editors" by fred6666 · · Score: 1

      and aren't most tvs not connected to an over the air antenna anyway? Lots of people on cable, satellite, or Netflix

    3. Re: "Editors" by msauve · · Score: 1

      BeauHD is the new timothy.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
  20. Why Buy a TV Anymore? by BoRegardless · · Score: 1

    Come on now. We can drive large screens & run entirely off of an Internet connection.

    We know computers can be hacked, but they can also be turned off & various tools can tell us if suspicious data is going out of our computer and stop it.

    Seems like we need to simplify our data devices.

    1. Re:Why Buy a TV Anymore? by Anonymous Coward · · Score: 0

      Seems like we need to simplify our data devices.

      I agree and all, but to your question, TVs are bought by many because the price per unit of screen area is drastically lower than a "dumb" computer monitor. And there is an upper size limit beyond which monitors becoming extremely expensive.

      It was OK before TVs became spy devices.

    2. Re:Why Buy a TV Anymore? by AHuxley · · Score: 1

      The CIA likes the idea.
      A smart TV that did not need network access to place the code.
      Re "suspicious data is going out of our computer"
      A person would have to enter the room, access and alter the smart TV, wait for a recoding, a person to collect the data later. No need for the data collected to be networked out later. No network code litter to alter the smart TV, no code litter left in the smart tv later, no changes to any network.
      The idea been no network had to be entered to alter the smart TV. No code litter on any network, no need for very strange listening devices in the room.
      What new methods could offer is the room change issue. Alter all rooms smart TV's? Just the guests expected to have interesting conversations?
      The ability to quickly alter a smart TV in a room that was an unexpected meeting place?
      Too late for a human to enter and alter the smart TV, any network code litter might expose the entry attempt, but a new way exists to alter all smart TV's if needed.
      The part the CIA liked was the "they can also be turned off " did not work. The smart TV seemed like it was powered off but it was an always on live mic.
      CIA Chief: We’ll Spy on You Through Your Dishwasher (03.15.12)
      https://www.wired.com/2012/03/...

      --
      Domestic spying is now "Benign Information Gathering"
    3. Re:Why Buy a TV Anymore? by green1 · · Score: 1

      43" 4K TV $379.99 (by the way, 43" was actually the smallest TV I could find at the major electronics retailer)
      43" 4K Monitor $999.99 (same store, 2 aisles over)
      Both of these are the cheapest I could find, average for the 43" TVs was about $430, Most of the 4K monitors were much smaller but even the 30" ones were $999.99 - $1749.99

      yeah... no wonder people buy TVs instead of monitors!

    4. Re:Why Buy a TV Anymore? by green1 · · Score: 1

      Of course there's nothing saying that you need to connect it to the internet (or in this case to broadcast TV signals)

    5. Re:Why Buy a TV Anymore? by Anonymous Coward · · Score: 0

      Toshiba briefly entered the HD market with a 3D 48" TV. These were being sold at discount as a promotion with retailers at around £360. Which is a bargain considering a 4K monitor from a computer store is at least £800

  21. Author is high by TiggertheMad · · Score: 2

    While the article is a little short of details (Did I miss a link to the whitepaper?), the 90% seems like misleading sensationalism. TFA mentioned that the attack is carried out via HbbTV signals and I think the intent was that 90% of TVs sold in recent history support this method of data transmission, hence the '90% vulnerable' claim. Of course, the author is probably aware that inflated and hysterical claims generate more traffic.

    That doesn't mean that 90% of tvs are carrying 0 day vulnerabilities, but given the state of IoT security, I wouldn't be surprised if they all had some forms of bugs that could be exploited. I would think that this problem could be mitigated by simply disabling HbbTV capabilities and plugging into coax. I am not a TV technician, if you are, please jump all over this post and call me stupid for suggestion such a silly idea.

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
  22. Maybe a dumb questions, but... by Anonymous Coward · · Score: 0

    I see all these articles about how are smart devices could likely be hacked and used for nefarious purposes. Whether TVs like this article points out or Smart Thermostats, Smart Lighting systems and other IOT devices.

    In all these articles it never points out how an owner of these devices can find out if in fact their "smart" device(s) have been taken over and are being used against them and/or for other nefarious purposes.

            How does one find this out? I mean, I have 3 "smart" TVs and several other connected devices such as Printers, DVD players and Home Theater Stereos for which I have no idea if they have indeed been hijacked?

    Thanks for any positive feedback!

  23. Re: 100% are vunerable to the shmucks that sold th by Anonymous Coward · · Score: 0

    Jokes on them, I'm a mute.

  24. Smart *something* is vulnerable, rain is wet... by XSportSeeker · · Score: 1

    The CIA and the TV manufacturers are already watching you fap, why not open the priviledge to others?

  25. My smart TV was obsolete within months by HighPerformanceCoder · · Score: 1
    My smart TV was connected to the internet only during the first months of its operation. The manufacturer did not update any of the apps, and the ones supplied were not interesting. So I have now left the TV unplugged.

    So I bought a Chromecast, and plugged it into a spare HDMI socket. So for an extra $50, I had a true smart TV, one that works on WiFi leaving my ethernet cables I pulled through the walls obsolete. Now it looks like I dodged a bullet with respect to this security vulnerability.

    Chromecast is not the only option - there's a variety of similar products around. And if one gets dropped by it manufacturer and has a security vulnerability, its simple and cheap to replace with a competing product. No need to lay out big bucks buying another "smart" TV.

    1. Re:My smart TV was obsolete within months by 110010001000 · · Score: 1

      Pretty cool. Except now Google is spying on you and selling all your information. You only paid an extra $50 to get all that.

    2. Re:My smart TV was obsolete within months by Cramer · · Score: 1

      I keep mine disconnected because the idiots at Visio give you zero control over system updates. There's no way to check for an update. There's no way to say no to an update. You'll be watching TV and *poof* the TV reboots and takes for bloody ever to return to action.

    3. Re:My smart TV was obsolete within months by Anonymous Coward · · Score: 0

      Or even Mozilla. Firefox seems to want to set up a SSDP server in order to implement ChromeCast and compete against Google Chrome. It more important that they maintain market share and have ChromeCast built in than to have mobile users inconvenienced by having to configure security settings.

      https://bugzilla.mozilla.org/show_bug.cgi?id=1111967

  26. USB Tuners by Anonymous Coward · · Score: 0

    There are lots of DVB-C and DVB-T(2) USB tuners in this word. The next step is to compromise a computer with a TV transmitter, although exploiting DVB-C would require physical breaking in.

  27. My guess is this is done on purpose. by Nyder · · Score: 1

    My guess is this is done on purpose. It would of been a nice backdoor for some spy agency. I mean, who would think of using Digital Air TV to gain access to a tv? Well, besides the person who found it and shared it with the rest of us.

    --
    Be seeing you...
    1. Re: My guess is this is done on purpose. by cyber-vandal · · Score: 0

      Would have you fucking moron.

  28. Old news and counter measure are on their way by ElRabbit · · Score: 1

    This "super hack" was already demonstrated two years ago ... Look like someone is looking for fame here. DVB already finished and is on the way of publishing some specifications to mitigate this risk by signing all signalization tables and make this kind of "drive-by" attack via cheap devices impossible. Just have to convince TV maker to implement it now ...

  29. I'm good, thanks. by nospam007 · · Score: 1

    10%er here. My Samsung TV isn't connected to cable nor DVB-T nor the internet, just to my uTorrent machine.

    1. Re:I'm good, thanks. by Anonymous Coward · · Score: 0

      So you admit to being a terrorist. Not watching adds, not paying for the content. How can you live with yourself!

  30. Re:100% are vunerable to the shmucks that sold the by Anonymous Coward · · Score: 0

    Your answer doesn't make any sense

  31. Mitigations by The-Ixian · · Score: 1

    I am thinking that there may be nothing I can do to prevent the "smart" television's tuner from accepting a broadcast signal, but what about these ideas for mitigation:

    1. Uninstall web browser app if possible
    2. Whitelist Netflix or whatever streaming services and block all other web traffic to television
    3. Keep television unplugged from ethernet, don't configure wifi and just use an external streaming device

    --
    My eyes reflect the stars and a smile lights up my face.
  32. Post purchase mods by Anonymous Coward · · Score: 0

    How many wires and traces am I gonna have to cut to keep my TV from spying on me?

  33. LG EULA by hAckz0r · · Score: 1
    I bought a LG TV a number of years ago and during a firmware upgrade I was presented with a EULA. Being curious as to why I needed to click-yes for anything I read through the "agreement" which was quickly rejected hands down. The wanted me to agree that they could watch and listen to us in the room and provide aggregated information back to companies collecting/compiling the ratings for shows. The TV has the ability to load programs for games and additional internet content which can not be used unless you buy into the anti-privacy police state utopia where anyone can tap into your life and find out what you are saying about the politics of the day.

    .
    Honestly, if Trump wants to know what I am saying about his performance he doesn't need to go talk to the Koreans (LG), he can just call me direct. I'm sure he has my number by now, due to the TV still sitting in my living room. I suspect the Government doesn't care about any EULA with the Koreans, and since my TV contacts LG periodically (over seas network connection) for updates, theoretically I'm already on the Government radar despite saying "no" to that EULA. Black tape over the lens, and epoxy in the microphone is all they will see and hear now days. If they want me to turn their "entertainment channel" again they will just need to ask nicely. Maybe I'll trade for one of those Russian channels they've got.

    1. Re:LG EULA by Blaskowicz · · Score: 1

      They asked, I guess.
      What if a household member or a random friend "accepts" the EULA, are you hosed forever? Can you take the consent back? (What if the TV was pre-owned?)
      Seen that happen with youtube sometimes asking you to "consent" to vague stuff, people will click through it even though they're not using their own computer, desktop session or internet.
      You can avoid or remove that consent window and still access videos, I don't know if anything different happens then.

      Your TV might be at the danger of "attack by acquaintance clicking on an EULA to get rid of it". Could even happen in a business or other setting where any random person who gets to hold the remote might click on it, be it an employee, contractor, customer, passers by.
      A conference room might have a cheap 65" TV or smaller they're using to cast documents to.

    2. Re:LG EULA by hAckz0r · · Score: 1

      What if a household member or a random friend "accepts" the EULA, are you hosed forever? Can you take the consent back? (What if the TV was pre-owned?)

      There is no telling if they even pay attention to whether you clicked through the EULA or not. The thing is, in order for their surveillance "feature" to work the TV needs access to the Internet. They need to stream the video and audio back to the mother ship for any voice-to-text or image recognition to figure out what you are doing during those commercials, etc. So the traffic would be quite evident on your network. Checking for software updates only takes a split second so the difference is many orders of magnitude.

      Economically the processing of this data can not be inside the TV proper because the set would cost more than the competitors, and they would win, so off-loading the processing would be necessary. This might be low fidelity audio and slow page frame video snapshots for simply detecting motion. In the case of the LG an adversary would only have to get you to install an App (aka Android type app) for someone else to divert that traffic flow to their own processors.

      Good luck with that. I have three routers, firewalls, and network monitoring to make sure nothing gets in/out I don't know about. I even have a DMZ for my voip. My TV is fed a single HDMI connector from a recording DVR which has full service to the network, but constrained to where even it can connect.

      Could even happen in a business or other setting where any random person who gets to hold the remote might click on it, be it an employee, contractor, customer, passers by. A conference room might have a cheap 65" TV or smaller they're using to cast documents to.

      Again, this depends on the internet access you provide to the device. Having onboard WiFi could be a very bad thing for a company, but most conference room monitors I know don't get direct access, but instead are controlled by a computer to display media/presentations. Its only as safe as the IT department is smart, so this gives a whole new meaning to having a Smart-TV?

  34. Unplug the Ethernet cable by jbrizz · · Score: 1

    If the TV isn't connected to the Internet then it doesn't matter because there's no way to get the private data off the TV. Another reason to disconnect your smart TV.

    1. Re:Unplug the Ethernet cable by Blaskowicz · · Score: 1

      You could be using a TV offline with the "old fashioned" broadcasts and USB media (drives and HDDs). This is pretty common, even on supposedly dumb TV - a dumb TV with H264 playback and recording etc. is a computer as well, see the original Raspberry Pi A for how their main chip might look like in terms of abilities.
      You might even use a 50-year-old TV if you wish, with a small receiver for the latest DVB-T or similar, that also has a USB port for file playback.

      Any of these might be hosed by broadcasts and write viruses to USB media.

  35. That's why I buy monitors by Anonymous Coward · · Score: 0

    not TVs. Only difference is a tuner I can add on after the fact anyway.