Samsung & Roku TVs have security vulnerabilities, Consumer Reports finds

08 Feb 2018 | Rasmus Larsen |

Consumer Reports tested five Smart TVs, running five different software platforms, and found that Samsung TVs as well as Rokus TVs and players are vulnerable to hackers. It also found that all of the TVs collect very detailed user information through ACR.

Vulnerable Smart TVs

The TVs tested were Samsung MU8000 (Tizen platform), LG UJ7700 (webOS platform), TCL P series (Roku platform), Sony X80E (Android TV platform), and Vizio P series (SmartCast/Chromecast platform).

- “Consumer Reports has found that millions of smart TVs can be controlled by hackers exploiting easy-to-find security flaws,” the report said. “The problems affect Samsung televisions, along with models made by TCL and other brands that use the Roku TV smart-TV platform, as well as streaming devices such as the Roku Ultra.”

Consumer Reports claims that “a relatively unsophisticated hacker could change channels, play offensive content, or crank up the volume” remotely over the web. However, a hacker could not extract personal information. It found Roku TVs to be the most vulnerable to this kind of attack and pointed out that the flaw had been discussed on forums since 2015.

Samsung has responded by saying that it will evaluate the issue. It will also fix other issues that CR uncovered in a “2018 update, [with timing] to be determined”. Roku has released a statement saying that “Consumer Reports got it wrong” and that “there is no security risk to our customers’ accounts or the Roku platform with the use of this API”.


Consumer Reports TV testing


Your TV knows you

Consumer Reports further explains that all of the Smart TVs are using ACR, or automatic content recognition, to identify every show that you watch. This information is used for targeted advertisement, recommendations, marketing, and other purposes. Your data is also shared with third parties.

- ”The testing also found that all these TVs raised privacy concerns by collecting very detailed information on their users. Consumers can limit the data collection. But they have to give up a lot of the TVs’ functionality—and know the right buttons to click and settings to look for,” Consumer Reports said.

Vizio settled a case with FTC in 2017 for this type of data collection without the user’s consent. The report notes that all TV manufacturers require you to opt in but that if you do not, the TV’s features will be limited in various ways. The Sony TV, based on Google’s Android TV platform, was the “only one that required you to agree to a privacy policy and terms of service to complete the setup of the TV”. Sony responded by saying that the internal tuners still work even if the TV has been disconnected from the internet. This applies to all Android TVs.

Also read: Roku TVs will track what you watch to serve recommendations, target ads

The test was based on the so-called Digital Standard, developed in collaboration with cybersecurity and privacy organizations.

The report is the latest in a long string of reports to call out security issues and questionable data collection practices. Most recently, the New York Times reported that smartphone apps use audio recognition to track what you are watching on your TV.

How can you avoid this? Follow the steps in our guide here.

- Source: Consumer Reports



Share on:


Latest news

UEFA.tv

UEFA debuts free streaming service UEFA.tv

14 Jun 2019 | Rasmus Larsen |
Sony A9G OLED

Sony A9G OLED wins 'King of TV' at 2019 TV Shootout

13 Jun 2019 | Rasmus Larsen |
The Wall Luxury

Samsung will launch 'The Wall Luxury' microLED displays in July

13 Jun 2019 | Rasmus Larsen |
Xbox

Next-gen Xbox console will have a disc drive

12 Jun 2019 | Rasmus Larsen |
Sony A8G

Sony 2019 A9G and A8G OLED TVs now available

11 Jun 2019 | Rasmus Larsen |
Iron Man

All Marvel Cinematic Universe films will be remastered in 4K

10 Jun 2019 | Rasmus Larsen |
Project Scarlett

Next-gen Xbox: 8K graphics, 120fps, SSD & ray-tracing - launching in 2020

10 Jun 2019 | Rasmus Larsen |
Batman

WarnerMedia streaming service likely to be more expensive than Netflix, Disney+

07 Jun 2019 | Rasmus Larsen |