Popular Articles
Today Week Month Year


Latest Consumer Reports study identifies most hackable Smart TVs
By David Williams // Mar 01, 2018

There is a saying in the information security (infosec) industry that anything connected to a network can be hacked. Now, new data from Consumer Reports (CR) reveals that internet-connected Smart TVs can serve as prime examples, since millions of them can be controlled quite easily by hackers who can exploit a number of easy-to-find security flaws.

Brighteon.TV

This is based on the results of a series of tests conducted to find out which smart TVs are vulnerable to security attacks. According to CR, the problems they found affect smart TVs from Samsung, TCL, and a few other brands that run a third-party smart TV platform from Roku TV. Streaming devices like the Roku Ultra were also noted as vulnerable.

How exactly did CR arrive at their conclusions? First, they looked at the historical data available on smart TVs. For a number of years, it seemed like smart TV manufacturers kept running into one type of trouble after another regarding security and vulnerability to hacking, as well as routine violations of user privacy.

All in all, CR tested a total of five different smart TVs from the most widely sold TV brands in the U.S., which they sourced through regular retail outlets. This means that the results they gathered at the end of their tests apply to every single retail unit available on the market – which could end up in your home.

In order to conduct their tests, CR used their new Digital Standard, which they co-developed with partner cybersecurity and privacy firms with the aim of setting expectations for how manufacturers ought to handle digital rights, privacy, and security concerns. The goal, according to CR, is to educate consumers on their privacy and security options as well as to influence manufacturers to take the identified issues into consideration when they develop their products.

According to Maria Rerecich, who is tasked with overseeing electronics testing at the CR offices, CR's methods are applicable to all sorts of electronic digital appliances. "The Digital Standard can be used to evaluate many products that collect data and connect to the Internet," she said. "But smart TVs were a natural place to start. These sets are growing in popularity, and they can transmit a remarkable amount of information about their users back to the TV manufacturers and their business partners."

Rerecich made it clear that in conducting their security tests, they merely wanted to see if basic security practices were covered by the TV manufacturers. "We were just looking for good security practices," she explained. "Encryption of personal or sensitive data, protection from common vulnerabilities, that sort of thing."

What they found was that current models of Samsung and TCL smart TVs are vulnerable to remote hacking attacks that could turn the volume up or down, change the channels at will, open pretty much any video on YouTube, or even remove them from Wi-Fi networks they are connected to. Although none of them are supposed to happen, they are mainly annoying instead of seriously harmful.

CR noted in its report that the exploits they uncovered didn't allow the extraction of information from the smart TVs or even check out what kind of content was being played on them in real time. They likened the way they accessed the smart TV features through the exploits as "like someone using a remote control with their eyes closed." However, to people using the smart TVs unable to understand what's happening, it might be rather creepy, "as though an intruder were lurking nearby or spying on you through the set," said CR.

The report just scratches the surface of how vulnerable network-connected smart TVs can be. CR pointed to the pre-installed application programming interfaces (APIs) used in the TV sets – particularly those running Roku TV's smart TV platform – as the reason why the exploits were possible. As Eason Goodale, a software engineer involved in the project, notes, "Roku devices have a totally unsecured remote control API enabled by default." It could be fixed through a simple software update, as Samsung intends to do, but it's something that isn't supposed to happen in the first place.

Catch other ways your privacy and security may be at risk in PrivacyWatch.news.

Sources include:

ConsumerReports.org

DailyMail.co.uk



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.