Samsung & Roku TVs have security vulnerabilities, Consumer Reports finds

08 Feb 2018 | Rasmus Larsen |

Consumer Reports tested five Smart TVs, running five different software platforms, and found that Samsung TVs as well as Rokus TVs and players are vulnerable to hackers. It also found that all of the TVs collect very detailed user information through ACR.

Vulnerable Smart TVs

The TVs tested were Samsung MU8000 (Tizen platform), LG UJ7700 (webOS platform), TCL P series (Roku platform), Sony X80E (Android TV platform), and Vizio P series (SmartCast/Chromecast platform).

- “Consumer Reports has found that millions of smart TVs can be controlled by hackers exploiting easy-to-find security flaws,” the report said. “The problems affect Samsung televisions, along with models made by TCL and other brands that use the Roku TV smart-TV platform, as well as streaming devices such as the Roku Ultra.”

Consumer Reports claims that “a relatively unsophisticated hacker could change channels, play offensive content, or crank up the volume” remotely over the web. However, a hacker could not extract personal information. It found Roku TVs to be the most vulnerable to this kind of attack and pointed out that the flaw had been discussed on forums since 2015.

Samsung has responded by saying that it will evaluate the issue. It will also fix other issues that CR uncovered in a “2018 update, [with timing] to be determined”. Roku has released a statement saying that “Consumer Reports got it wrong” and that “there is no security risk to our customers’ accounts or the Roku platform with the use of this API”.


Consumer Reports TV testing


Your TV knows you

Consumer Reports further explains that all of the Smart TVs are using ACR, or automatic content recognition, to identify every show that you watch. This information is used for targeted advertisement, recommendations, marketing, and other purposes. Your data is also shared with third parties.

- ”The testing also found that all these TVs raised privacy concerns by collecting very detailed information on their users. Consumers can limit the data collection. But they have to give up a lot of the TVs’ functionality—and know the right buttons to click and settings to look for,” Consumer Reports said.

Vizio settled a case with FTC in 2017 for this type of data collection without the user’s consent. The report notes that all TV manufacturers require you to opt in but that if you do not, the TV’s features will be limited in various ways. The Sony TV, based on Google’s Android TV platform, was the “only one that required you to agree to a privacy policy and terms of service to complete the setup of the TV”. Sony responded by saying that the internal tuners still work even if the TV has been disconnected from the internet. This applies to all Android TVs.

Also read: Roku TVs will track what you watch to serve recommendations, target ads

The test was based on the so-called Digital Standard, developed in collaboration with cybersecurity and privacy organizations.

The report is the latest in a long string of reports to call out security issues and questionable data collection practices. Most recently, the New York Times reported that smartphone apps use audio recognition to track what you are watching on your TV.

How can you avoid this? Follow the steps in our guide here.

- Source: Consumer Reports



Share on:


Latest news

Netflix 2018 TV

Netflix introduces redesigned TV user interface with sidebar

20 Jul 2018 | Rasmus Larsen |
Samsung Q8DN

Samsung Q8 (FALD) received

20 Jul 2018 | Rasmus Larsen |
BeoPlay V1

Bang & Olufsen is phasing out its 'B&O Play' sub-brand

18 Jul 2018 | Rasmus Larsen |
Roku TV Wireless Speakers

Roku unveils wireless speakers "made exclusively for Roku TV"

17 Jul 2018 | Rasmus Larsen |
HDTVTest 2018 TV Shootout

HDTVTest 2018 TV Shootout winners announced

16 Jul 2018 | Rasmus Larsen |
Sony Channel Editor

Sony releases tool to edit your TV channel list via a PC

16 Jul 2018 | Rasmus Larsen |
Smart TV spy

How Smart TVs can track everything you're watching

13 Jul 2018 | Rasmus Larsen |
The Crown

Netflix ends HBO's 17-year Emmy nominations streak

13 Jul 2018 | Rasmus Larsen |