Samsung & Roku TVs have security vulnerabilities, Consumer Reports finds

08 Feb 2018 | Rasmus Larsen |

Consumer Reports tested five Smart TVs, running five different software platforms, and found that Samsung TVs as well as Rokus TVs and players are vulnerable to hackers. It also found that all of the TVs collect very detailed user information through ACR.

Vulnerable Smart TVs

The TVs tested were Samsung MU8000 (Tizen platform), LG UJ7700 (webOS platform), TCL P series (Roku platform), Sony X80E (Android TV platform), and Vizio P series (SmartCast/Chromecast platform).

- “Consumer Reports has found that millions of smart TVs can be controlled by hackers exploiting easy-to-find security flaws,” the report said. “The problems affect Samsung televisions, along with models made by TCL and other brands that use the Roku TV smart-TV platform, as well as streaming devices such as the Roku Ultra.”

Consumer Reports claims that “a relatively unsophisticated hacker could change channels, play offensive content, or crank up the volume” remotely over the web. However, a hacker could not extract personal information. It found Roku TVs to be the most vulnerable to this kind of attack and pointed out that the flaw had been discussed on forums since 2015.

Samsung has responded by saying that it will evaluate the issue. It will also fix other issues that CR uncovered in a “2018 update, [with timing] to be determined”. Roku has released a statement saying that “Consumer Reports got it wrong” and that “there is no security risk to our customers’ accounts or the Roku platform with the use of this API”.


Consumer Reports TV testing


Your TV knows you

Consumer Reports further explains that all of the Smart TVs are using ACR, or automatic content recognition, to identify every show that you watch. This information is used for targeted advertisement, recommendations, marketing, and other purposes. Your data is also shared with third parties.

- ”The testing also found that all these TVs raised privacy concerns by collecting very detailed information on their users. Consumers can limit the data collection. But they have to give up a lot of the TVs’ functionality—and know the right buttons to click and settings to look for,” Consumer Reports said.

Vizio settled a case with FTC in 2017 for this type of data collection without the user’s consent. The report notes that all TV manufacturers require you to opt in but that if you do not, the TV’s features will be limited in various ways. The Sony TV, based on Google’s Android TV platform, was the “only one that required you to agree to a privacy policy and terms of service to complete the setup of the TV”. Sony responded by saying that the internal tuners still work even if the TV has been disconnected from the internet. This applies to all Android TVs.

Also read: Roku TVs will track what you watch to serve recommendations, target ads

The test was based on the so-called Digital Standard, developed in collaboration with cybersecurity and privacy organizations.

The report is the latest in a long string of reports to call out security issues and questionable data collection practices. Most recently, the New York Times reported that smartphone apps use audio recognition to track what you are watching on your TV.

How can you avoid this? Follow the steps in our guide here.

- Source: Consumer Reports



Share on:


Latest news

LaLiga Ronaldo

LaLiga planning to launch streaming service this summer

19 Feb 2018 | Rasmus Larsen |
Sony A8F OLED

Sony 2018 TV line-up - full overview

16 Feb 2018 | Rasmus Larsen |
Alexa on Vizio

Vizio adds Alexa support to 2016 & 2017 SmartCast TVs

15 Feb 2018 | Rasmus Larsen |
Sony XF75

Sony unveils new mid-range LCD TVs for 2018

15 Feb 2018 | Rasmus Larsen |
Dolby Vision

LG fixes Dolby Vision "raised black" bug on 2017 OLEDs

15 Feb 2018 | Rasmus Larsen |
Soyn X700

Sony launches X700 UHD BD player - Dolby Vision coming later

14 Feb 2018 | Rasmus Larsen |
Sony X900F

Sony X900F (XF90) received

14 Feb 2018 | Torben Rasmussen |
Panasonic 2018 LCD

Panasonic's 2018 LCDs feature HDR10+ & glass design

13 Feb 2018 | Rasmus Larsen |