Seven action steps to protect you against TV spy risk: Internet Scambusters #587
TV spying sounds like something out of science fiction, but that’s what one manufacturer was accused of doing — monitoring the viewing behavior of its customers.
Meanwhile, researchers have shown how hackers could take control of your smart TV and even operate its built-in camera.
In this week’s issue, we explain what’s at risk and what you can do to minimize the potential for your TV to be turned into a spy.
Now, here we go…
How to Prevent Your TV Spying on You
Is your smart TV spying on you? Probably not.
Could it? Probably.
There’s been quite a flurry of debate and concern during the past few months over the allegation that some smart TVs are not only capable of spying but were actually tracking viewers’ behavior and sending the details back to base.
How can that happen? Because smart TVs really are smart!
Most of this new generation of equipment have two key features that give them potential to become spies.
First, they have an operating system in the same way that a computer does, although radically different from a conventional PC or Mac. So, they’re capable of executing pre-programmed commands and running built-in apps.
Second, because they can be part of a network and access the Internet, they have an Internet address (or IP address as it’s called), which uniquely identifies it on your network, which is, in turn, uniquely identified on the web.
That means two more things: Smart TVs are capable of sending information over the Internet and, potentially, could be vulnerable to hackers.
We don’t want to scaremonger, so let’s just explain what’s happened so far.
Just over a year ago, a Maltese security company posted a video online, demonstrating — without showing how they did it — that a smart TV could be hacked to collect sensitive information and monitor usage.
Controlling Your Control
Then, last year, at a security conference in Las Vegas, two researchers showed how they could take control of a TV’s built-in camera as well as access to Facebook, Skype and other social media accounts.
The researchers told tech site Mashable: “Because the TV only has a single user, any type of compromise into an application or … the operating system — the smarts of the TV — has the same permission as every user, which is, you can do everything and anything.”
In other words, said Mashable, they have control of your remote.
But this was at a conference, not in the real world, and the manufacturer of the TV subsequently updated its TV operating systems to remove the vulnerability.
Finally, towards the end of 2013, another TV manufacturer was accused of collecting information about owners’ viewing habits via software built into its smart TVs.
This was supposedly so the manufacturer could use another smart feature — personalized, targeted advertising — by knowing how the TV was being used.
A blogger claimed that although it was supposedly possible to disable this information collection feature via a menu, the on/off function actually did not work.
Furthermore, he said that some information on USB flash drives that owners might plug into their sets could be sent back to the manufacturer.
Most worryingly, most people seemed to be totally unaware of these features, which were switched on by default.
Before long, several other people reported spotting the same activity on their own sets.
Once again, the manufacturer concerned subsequently issued an update to the TV’s operating system to rectify the problem.
It’s worth pointing out that there’s nothing new about companies knowing what you’re watching on TV. Cable and satellite companies can tell which station your TV box is connected to — that’s how they collect viewing data.
More sinister is the notion that a manufacturer or a hacker could remotely access and monitor your Internet usage on the TV, just like they can with a computer.
To add to the worries, the growing use of other devices in the home that connect to networks and the Internet opens up the possibility of new vulnerabilities or invasions of privacy.
As one of the Las Vegas researchers said: “From cars to kitchen appliances, to toilets, Internet access is becoming ubiquitous. While this allows for some really cool features … security is frequently an afterthought or will be fixed later after they beat a competitor to market.
“There appears to be a rush to bring network connectivity, or ‘smarts,’ to devices first and then figure out how to provide adequate security later.”
Seven Action Steps
So, while, at the time of writing, there have been no reported incidents of real-world smart TV hacking and only the one incident of alleged manufacturer “spying,” here are some things you should do or consider doing to safeguard your smart TV security:
- Make sure you understand all the functionality of your TV. Read the manual and any on-screen information, including the small print of any terms and conditions of usage.
- Know how to update the “smart” element of your TV and then make sure it’s always kept up to date.
- Use the same caution as you would on your PC by not visiting dubious websites.
- Regularly change passwords on any TV apps that require them.
- Be wary about using social media websites via your TV. Sticking with standard streaming services like Netflix should keep you relatively safe.
- If your smart TV has a built-in camera, mask it with a cover when not in use.
- If you don’t use any of the “connected” services on your TV, don’t connect it to (or disconnect it from) your network (apart from when you need to install updates).
PS: One other word of warning about TV-related dangers: malware that comes along with software for playing TV on your computer.
There are scores of programs that enable you to watch various TV channels on your PC. Most of them are highly-regarded and malware-free.
But some of the lesser-known and “free” programs also install spyware, ad-ware, troublesome toolbars or even viruses onto users’ PCs.
Do an Internet search on the name of the program before installing it. That will usually tell you if it’s a threat.
Even then, don’t install it automatically. Scan it with your Internet security software, if you can, and then opt for the “custom” installation so you get to choose what features it installs.
One way or another, TV spying and other malicious activity are here to stay and the onus is on you, the user, to protect yourself.
That’s it for today — we hope you enjoy your week!