By Jeremy Hsu on September 24, 2024


Popular smart TV models made by Samsung and LG can take multiple snapshots of what you are watching every second – even when they are being used as external displays for your laptop or video game console.

Smart TV manufacturers use these frequent screenshots, as well as audio recordings, in their automatic content recognition systems, which track viewing habits in order to target people with specific advertising. But researchers showed this tracking by some of the world’s most popular smart TV brands – Samsung TVs can take screenshots every 500 milliseconds and LG TVs every 10 milliseconds – can occur when people least expect it.

“When a user connects their laptop via HDMI just to browse stuff on their laptop on a bigger screen by using the TV as a ‘dumb’ display, they are unsuspecting of their activity being screenshotted,” says Yash Vekaria at the University of California, Davis. Samsung and LG did not respond to a request for comment.

Vekaria and his colleagues connected smart TVs from Samsung and LG to their own computer server. Their server, which was equipped with software for analysing network traffic, acted as a middleman to see what visual snapshots or audio data the TVs were uploading.

They found the smart TVs did not appear to upload any screenshots or audio data when streaming from Netflix or other third-party apps, mirroring YouTube content streamed on a separate phone or laptop or when sitting idle. But the smart TVs did upload snapshots when showing broadcasts from the TV antenna or content from an HDMI-connected device.

The researchers also discovered country-specific differences when users streamed the free ad-supported TV channel provided by Samsung or LG platforms. Such user activities were uploaded when the TV was operating in the US but not in the UK.

By recording user activity even when it’s coming from connected laptops, smart TVs might capture sensitive data, says Vekaria. For example, it might record if people are browsing for baby products or other personal items.

Customers can opt out of such tracking for Samsung and LG TVs. But the process requires customers to either enable or disable between six and 11 different options in the TV settings.

“This is the sort of privacy-intrusive technology that should require people to opt into sharing their data with clear language explaining exactly what they’re agreeing to, not baked into initial setup agreements that people tend to speed through,” says Thorin Klosowski at the Electronic Frontier Foundation, a digital privacy non-profit based in California.

https://www.newscientist.com/article/2449198-smart-tvs-take-snapshots-of-what-you-watch-multiple-times-per-second/ (paywall!!)

  • ByteOnBikes@slrpnk.net
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    3 months ago

    Wait what? Is there a blog or article on how to do this?

    Because I can’t picture how this works in my head for my setup. It needs internet to go to Hulu/Netflix/etc.

    • dan@upvote.au
      link
      fedilink
      English
      arrow-up
      9
      ·
      3 months ago

      Oh sorry, I completely forgot to mention that. I’m using an Nvidia Shield for all my streaming.

      Another approach is to connect the TV to the internet but block all LG/Samsung/whatever stuff, for example by using a firewall on your router.

        • dan@upvote.au
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          3 months ago

          Some newer TVs are starting to have hard-coded DNS servers, which means they’ll bypass most PiHole configurations.

          You could try configure your router to redirect all DNS traffic (UDP port 53) to your PiHole server, but that won’t work if they’re using DoH (DNS over HTTPS) which is becoming more and more common.

          • wewbull@feddit.uk
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            Just remember to allow your pi-hole DNS request through the firewall. Otherwise nothing works.

            Unfortunately there’s also DNS over HTTPS

            A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver.

            Translated, “man in the middle attack” means “Pihole or similar”. Devices with hard coded addresses for this phone home, or don’t work.

    • WarMarshalEmu@lemm.ee
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      3 months ago

      The TV itself wouldn’t be able to reach Hulu/Netflix/etc. they’re likely using another device for that. Like a media computer or something else.

      • Sl00k@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        3 months ago

        Like a apple TV / Roku which then… Reports everything you’re watching and or viewing. We truly live in the day and age where nothing you do digitally is private, and it’s almost turned into privacy via aggregation imo now since the PBs of raw data isn’t really worth it for major corporations.

        Obvs if you’re the .0001% I’m sure the NSA can tap into it and you’re still gonna be fucked that way, but that can be said for pretty much any digital device.

    • melroy@kbin.melroy.orgOP
      link
      fedilink
      arrow-up
      5
      ·
      3 months ago

      Yes you can build your own HTPC, and connect it to the TV, that is what I’ve been doing for the past 8 years.

      • bizarroland@fedia.io
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        You can also find a cheap laptop with like a 7th gen Intel or newer processor and use that with a wireless keyboard and mouse and an HDMI cable.

        Bang for your buck it’ll be the best deal for you