One way to get Congress to act on this would be to remind them of how Robert Bork’s video rental history got released. They very quickly realized that they all had the same sleazy movies on their rental list and passed a law making it illegal to share them.
Call your Congressmen and tell them that their smart TV is sending screenshots of whatever they’re watching back to home base, including stuff that’s not streamed, and there might be swift action.
Better yet, hack Samsung and leak it to the press. That’ll definitely light a fire under them.
I blocked my two TVs from phoning home via my pihole. They are the two noisiest devices on my network, by leaps and bounds.
On a day of heavy usage, my phone and desktop may get ~2000 blocked requests combined. That’s high, but not unheard of. It just means I did a lot of browsing, with a lot of blocked ad requests. My TVs average somewhere around 7500 blocked requests per day, on days that I haven’t even turned them on. That’s an attempt to phone home every ~12 seconds. And it is much worse on days that I actually use them.
To be clear though, that’s largely because it is just repeating the same request over and over as it times out and retries. They’re a lot less noisy when they actually connect successfully, though it is still undesirable for them to do so.
Is it encrypted?
I got a 42" 4k computer monitor instead
How many times the cost of a comparably-sized Trojan TV did that run you?
1.2x
I also use it as a computer monitor though.
Jesus dude, what brand TV do you have?
My LG issues a few hundred blocked requests throughout the day with heavy usage. I’ve never seen it wake up and phone home (my Nintendo Switch does it every hour for some stupid reason)
One is a Samsung, and the other is a Roku. The Roku is a little bit noisier, but not by much.
Maybe i’m stupid, but why would a TV even do that? All it’s know is what you’re watching today, right? How is that information useful? If you’re living with other people, the TV couldn’t even know who’s watching, that would make the data useless.
Data mining. They know what you watch, when you don’t and any other habits you have.
If you have a microphone on your remote or tv, then they also send that data over.
Knowing the distribution of what entire households watch is very useful. It’s not about spying on you personally.
…seems rather personal to me.
And what other devices are on the network, and what they’re chattering about
It is also about spying on you personally, to build targeted advertising profiles.
my TV incurred my wrath by having the gall to show me a banner ad while I was in the middle of a game.
so I promptly cut its balls off. (disabled the internet entirely). now it is a dumb TV. and it behaves like a TV. and not an ad machine.
But what device do you use to stream? That’s the dilemma I’m in, streaming sticks and devices are all so spammy.
I just run an old PC plugged in to my TV. It’s been running Windows, but I’m strongly considering switching it to linux now that it seems HDR on linux is getting stable. I might even use SteamOS directly since it’s got a nice interface for controller use.
Google “Rii i6”
You’ll thank me later.
Looks like a nice little device. I’ve already got a similar Logitech keyboard that’s a bit bigger and is missing the IR remote, but I’m still able to turn on my TV via an HDMI CEC command.
I didn’t realize Valve released SteamOS to be installed on other devices, that’s killer! I just threw mint on a 15 year old laptop a few weeks ago and VNC into it from my phone to control it as my streaming box.
I’m using a N100 mini-PC with Kodi as a Media/TV Box and it works pretty much as a dedicated device would with one of these remotes.
I seldom have to actually access it with a keyboard and mouse, though that machine also works as my home server so I do regularly access it remotelly for stuff that has nothing to do with using it as a media box.
Oh that remote is not a bad idea, does it do mouse input via the circle d pad? Or is it keyboard only?
There’s a button there to enable/disable air-mouse functionality (basically the tilting of the remote moves the mouse pointer), though it’s awkward to use compared to a normal mouse.
The keyboard on the back is also awkward to use, not just because the keys are small and not quite in standard positions but also because Shift and Alt are both “press to enable, press to disable”, with no notification lights (so, say, your keyboard might be in “Alt mode” and you’re trying to used it and it’s just doing weird stuff).
The thing does work as a combo of media player remote + mouse + keyboard, but it’s not very practical for the last 2. Also that specific model seems to have problems with the remote buttons not working if the remote is tilted (which shouldn’t be at all a problem given that’s a wireless remote).
The idea is good, the implementation could be better. There are other models like that around. Just avoid the “Google” remotes as that’s Android-locked and for voice recognition (plus it comes pre-enshittified with only a handful of buttons which only start apps such as Netflix).
Even with the quirks of the remote, whilst using that setup I often find myself altogether forgetting that what I’m using there is a PC with Linux.
I think they still haven’t officially released it, despite promising years ago. There are community projects like HoloISO
They did release it but the latest iteration that’s on steam deck is still steam deck only, or shared via community projects like the one you mentioned
Louis Rossman has a video about goes Netflix will not play 4K content on Linux. For some reason they limited the video resolution to 720.
Not sure if it’s still an issue. Also I had my brothers login for peacock and it didn’t run on Linux at all.
Now I’m just using a mibox, and it’s pretty good and doesn’t feel spammy.
Yes, there’s issues with playing DRM content on linux. Only certain browsers support the encryption decoding extension.
Since most of my viewing is on YouTube and media I have saved on Plex, it’s not really an issue.
Honestly, the apple TV is the least spammy by a long shot. I also hear great things about the Nvidia shield, but it is pretty ancient by now. Or use a computer, but of course that’s got its own annoyances. Of course these are all the most expensive options, apparently for a reason.
It’s ancient, but in a way I respect Nvidia for not milking it by releasing a new version every year.
Its still a perfect decive. Fast, streams absolutely everything, amazing remote. I seriously don’t know what I would want from a new version
Apple TV has been reliable for many years. Don’t even have an iPhone or iPad anymore but the OS gets the fuck outta the way and it probably has the least spyware of all the commercial options.
Building your own with like, a Pi or a PC is the best option if you mainly have pirated content… If you stream anything that option isn’t great because your device won’t pass all the DRM checks to play higher definition/4k stuff. (Someone correct me but last I looked into it this was still true)
I bought an Apple TV after I had some smart tv related issues with my Samsung. I’m happy with it and it supports any app you’d want.
Join the darkside, and run something like a Raspberry Pi with Kodi, and/or Plex, etc.
The dark side is warm!
LibreELEC is basically a Linux distro with Kodi and installing it in one of those (or quite a number of supported similar boards, such as Orange Pis) should be the easiest way to “join the darkside”.
Old laptop connected to tv through hdmi + cheapest wireless mouse I could find. If you want to get fancy you can also get a wireless keyboard but screen keyboard does a good enough job
My TV has always been run without the “smarts” ever since I bought it.
That said, recently I’ve replaced my TV Box and Media Box with a N100 Mini PC running Linux and Kodi plus a wireless remote and in addition to that the thing even works as my home server with additional functionality than just that of the devices it replaced.
For a cheaper/easier option try LibreELEC on top one of the devices they support (check the downloads page or the Wiki for the list). It’s basically a Linux distro with Kodi, so open and with none of the privacy intrusion risks of Android. The same kind of wireless remote (example - note that you don’t actually need to use the keyboard on the back or the air mouse) also works here since it just relies on standard shortcut keys of media programs like Kodi so works everywhere (even Android).
However what all these privacy-protecting non-enshittified options have in common is that they’re not fully configured solutions that you just buy and use - as you’ve noticed, if you just buy a streaming stick or device it will likely be at the least “spammy” - and you do have to do some of the work to get them working.
Something like LibreELEC on a mini PC should be the simplest to put together as the hardware comes preconfigured in an actual box and all that’s needed is to install the LibreELEC image from a bootable USB stick, but if you have a bit more technical know-how (not really that much needed, mind you) you can get something like one of the supported Orange Pi boards along with a box for it and it will cost you less than half as much as even a basic Mini PC - those boards are basically using the same chips as Android TV media boxes so you get the same performance without the “spammyness”.
If you want customization and the ability to sideload apps, get an Nvidia Shield. There are custom OSes you can load which remove a lot of the spammy ad BS that the Shield’s default OS has baked in.
If you want ease of use and setup, get an Apple TV. It won’t natively run all of your pirated hentai apps, but it at least has Plex so you can stream custom content from a server if you set one up.
You don’t even need a custom OS, just a custom launcher. I’m using FLauncher on mine. You can use
adb
to disable the built-in launcher.
deleted by creator
I rooted my (Android TV based) smart TV, removed all the tracking (verified with PCAPDroid), and I use Stremio and SmartTube to stream everything. I also use AFWall as a firewall to whitelist only apps that I install to access the internet only through my VPN. I set my DNS to 0.0.0.0 to block all traffic outside of my DNS if my firewall ever fails because Android TV doesn’t have that option unlike regular Android.
I have a Hisense TV if you’re curious. You can also get a TV box that is supported by LineageOS and do the same thing on there.
Whenever Android 10 gets super outdated, I’m hoping that Plasma Bigscreen will be advanced enough to be able to replace it, then I will just use my laptop for TV activities instead. I also would need Linux to get better HDR support (currently it only supports HDR10 and not HDR10+ or Dolby Vision) and for AMD drivers to gain HDMI 2.1 support (which is being blocked by the HDMI forum for stupid reasons. The code has been ready for a while, but AMD isn’t allowed to release it)
I’ve been using a Chromecast for years. I cast whatever I want from my phone. It plays media and that’s it.
The newer Chromecasts won’t even let you use your own DNS.
Buy an old used one off ebay or something, then. By the time they go so far out of support they stop working, I’m sure there’ll be a replacement.
It wasn’t out of support at the time, and I bought it before they gimped it. Google is actively preventing the use of Pihole or AdGuard by disabling the device if you redirect DNS queries away from their servers to your own.
I haven’t experienced this. I have the Chromecast with Google TV dongle and use a DST Nat to redirect all traffic from 8.8.8.8 and 8.8.4.4 to my own DNS server.
I also did this with my old Chromecast only from phone version
Maybe I should have specifically mentioned that it’s the ultras.
https://www.reddit.com/r/Chromecast/comments/pmt4cw/chromecast_ultra_just_updated_and_now_wont_work/
https://xdaforums.com/t/chromecast-ultra-issue-with-custom-dns.4396853/
https://discourse.pi-hole.net/t/custom-dns-group-for-chromecast/50996
It’s a bit of niche arrangement, so finding out what happened when it suddenly stopped working was a challenge.
I wouldn’t bet on one of the biggest data harvesters not using a smart device to harvest data.
Nvidia shield with a custom launcher. Google updated their Android TV home which made 60% and More of the dashboard just ads so I added projectify as my launcher. There are now only 2 apps being shown on my screen. Plex and Google Play (for updating apps).
Nvidia Shield
deleted by creator
Or Flauncher
I’ve never given a tv my wifi password.
I’m not any techier than the average millennial. Maybe my trust issues are worse than average. I don’t regret my actions.
Also - my xbox one s may have streamed more video content than provided rocket leaguery…until I tripped on a cord…
Laptop now. Learning how to utilize these new capabilities.
If only our fucking government would do something about this and actually regulate these evil bastards.
but then the market would be ever so slightly less free. the horror!
First you’d need to ban money from politics and change the voting system to better represent the people living there instead of wealthy elites, but that would just be the start.
Whenever wealthy elites have even a tiny bit of power (as they do in any capitalist system, including social democracies like what the Nordic countries have), they will seize as much control as possible. We saw this happen many times.
Nico Semsrott (Kabarettist and member of the EU parliament. Yes, both) proposed in jest sponsoring placement on the jackets of the political members that got donations by companies.
The jackets should then look like the race overalls from Formula 1 or (not US) football players.And I am fully supporting this.
Edit:
Like this:
But their
constituentscorporate donors would not profit as much. Won’t someone think about my profits? 🙃
The situation is really bad for consumers. Even with a Pi-Hole and a dumb TV and something like a Fire TV stick (they tend to send lots of telemetry too and apps like Toggo will nag you to oblivion to consent to data mining - if an app asks at all that is).
I’m slowly building up a Jellyfin library and yeah I jumped the hoops to find a non-smart TV. Wrote about it at https://beko.famkos.net/2022/11/27/on-non-smart-tvs/ and settled with a https://www.homex.eu/u55nt1000.html that ticked all my boxes:
☑
cheapaffordable ☑ 4k (UHD) ☑dumbnon-Smart ☑ HDMI ☑ 55″No idea about it’s tuner though[1] alas it’s not really any longer available in any market space today and I hope it will not die on us any time soon or the quest to find a new one starts again 🤓
[1] We’ve a decent external receiver that does all the work and HDMI juggling but even that thing is on the WiFi for software updates and in-house streaming but from what I can tell it behaves at least, which is probably just because it’s old by now.
I’m more than happy to buy a TV that uses post-purchase monetization, because I am never going to connect that fucker to the internet. It’s a display. I shall use it as a display. I do not care that it can replace my streaming box. I fully control my streaming box, and I will use that.
If I catch it doing any sketchy shit like trying to use unsecured/Comcast/etc WiFi to phone home, it’ll be time to pull out the screwdriver, though.
What happens when it no longer needs your WiFi and uses something like LoRa to phone home with your data and location? It may not know who you are exactly but it’ll have a good guess.
Screwdriver.
on whom?
The entire board
What happens when it no longer needs your WiFi and uses something like LoRa to phone home with your data and location? It may not know who you are exactly but it’ll have a good guess.
I mean…what happens when it becomes sentient, sprouts legs and you catch it sleeping with your spouse?
Let’s deal with the here and now.
You know LoRa hardware is getting cheaper and the reliability of these TVs are just terrible. This is likely to happen sooner rather than later. For now just don’t plug it in to WiFi unless you’re willing to go further and desolder its module? I don’t think we can do much via legislation other than write to our congressional reps.
you catch it sleeping with your spouse?
Streaming content right there - monetize it!
What’s Lora?
https://en.wikipedia.org/wiki/LoRa (Long Range)
It’s a low power, large range connection technology, working a bit like a mesh network. It can achieve data rates between 0.3 kbit/s and 27 kbit/s and enables geolocation services. According to the LoRa Development Portal, the range provided by LoRa can be up to 3 miles (4.8 km) in urban areas, and up to 10 miles (16 km) or more in rural areas (line of sight).
As soon as your LoRa-Device is in range of another LoRa-Device, it will probably be able to phone home.
https://en.m.wikipedia.org/wiki/LoRa
Long-range radio protocol
Why do we continue to be ok with this? Where is the outrage and call for change?
the overwhelming bulk of humanity cant be fucked to care about shit like this… until it personally affects them.
Then they will wail like banshees about the great injustice of it all, and how could anyone let it happen to them.
It’s there, but people forget about it when they can get a 4" bigger TV for 100 bucks less.
Because it works and provides a use case. Most “simpletons” do not want to invest any more time in than putting some Account Data and start watching netflix or whatever. “We” (e.g. the people that care about data privacy and stuff) never have been okay with that shit…
Simpletons LOL get a grip
For example, Amazon Web Services and ad-tech company TripleLift are working with proprietary models and machine learning for dynamic product placement in streamed TV shows. The report, citing a 2021 AWS case study, says that “new scenes featuring product exposure can be inserted in real-time ‘without interrupting the viewing experience.’”
Peacock is also working with TripleLift to develop “In-Scene” Peacock ads that owner NBCUniversal says it’s currently testing:
When a user plays episodic content, your brand’s product or message is dynamically placed in the frame of targeted scenes, creating a non-interruptive ad experience that aligns the programming with your campaign theme/goals.
This could be hilarious when your omegaverse softcore porn drama gets plastered with prune juice, old people pill adverts, and trump propaganda on everyone’s shirts, tattoos, jock straps, voice lines and whatever else the AI can scrounge up. “It totally fits with the narrative!”
Am I reading this wrong or are they literally hijacking a shot in the content by placing a product in there?
Sounds like they could literally go in there and replace the kid watching tele-shopping in a movie with watching a literal ad made to look like it’s genuinley in the movie.It’s exactly that. Detect where there are ads in a scene ( a panel for example) and replace the space with their own ads.
Tbh could be worse replacing an ad placement with another (say adidas to nike).
Personally actually be worse would be replacing an ad relevant to the movie (like an advertisement for the newest tool the protagonist always needed to progress)
Kind if reminds me of the scene in The Truman Show when they talk about the cereal to the hidden camera.
can we just ban online features from tvs, cars, printers, light bulbs etc.
Cars being online has some tangible benefits in that they can transmit location data to emergency services, especially if the driver is unresponsive. Might save someone from dying in a ditch in the middle of nowhere.
Arguably, some of the data collected while driving is also very useful for maintenance and development (e.g. if a lot of vehicles start having a similar issue after X miles).
That said, this data should be limited in scope and use (e.g. must not be sold, especially not to insurance companies), as well as anonymized as much as possible. Which is currently not the case, and that definitely needs regulation.
You don’t need a high bandwidth connection to do emergency notifications, and considering it might be in a remote area satellite would be better than LTE.
For the diagnostics you could log events internally and then collect them with OBD-II readers, though I’d like to force car makers to use open data formats so people can see for themselves what’s collected.
That said, this data should be limited in scope and use…
Yep, anonymized, limited, non-distributable, and secured, with severe penalties (on the order of tens of thousands of dollars per person, paid to the harmed party) for failure to adhere.
That ship, my friend, has already sailed.
Civilians used to own canons. For blowing up ships. And the occasional home invader. Doesn’t matter if it has sailed if we sink it. We should sink that ship.
Technical fixes only work for the technical and often it’s technically working against the law. We need the law on our side, not the corporations. So we need to engage with law as much as technology. Or we end having to break technologies like secure boot and laws.
Do you really think the lawmakers would listen to the poor instead of corporations?
We have wins before, via groups like EEF. There are Pirate Parties and all kind of Right To Repair and digital freedom groups. The corporations don’t want us to fight or even have a voice.
Wait until they hear about cell phones.
And cars, and smart thermostats and smart cameras and smart fridges and routers and literally every fucking thing in your house that is connected to the fucking internet. Every single thing in our homes is a data miner.
Not mine! But my hobby is making my own smart devices.
Also known as “hmm, what else can the ESP32 do?”.
Next stage - “What else can the same ESP32 do?”
Yeah. Samesies. Not all of us put up with this crap.
Edit: There are dozens of us!
How do you learn? I have some ESP32s that I’ve messed around a little bit with, and done some neat stuff…But I don’t have an electronics background at all and I often have trouble even figuring out how to power the damn things safely.
Using homeassistant and esphome is a good starting place unless you want to learn python or C
What if I’m already pretty good at Python and C? :)
There are dozens of us!
Dozens!
(They also last longer than the premade stuff, including the fairly dumb zigbee devices. Though just grabbing some ZigBee sensors is soooo much easier than cleaning up and painting small 3d printed housings…)
They also last longer than the premade stuff,
And they’re a much nicer experience. It’s funny how fast even minimum hardware performs when it’s doing what I ask it to, instead of spying on me.
Or the patent with a camera to make sure you’re watching the ad.
Please drink verification can.
Oh god, not again! I’ve already had like 8 Mtn Dews tonight!
Mountain Dew ® Dew it right! ™
So this is why my TV walked into the bathroom while I was dropping a deuce. 🤔
pi-hole ftw. the vast majority of my pi-hole’s DNS drops are from various Roku and Roku-like devices. Also, put all your IoT stuff onto a guest network, or if your gear supports it, on its own VLAN.
See, I just don’t connect it to the network. It complained when I set it up but now it just works as a screen.
I’ve got a raspberry pi steaming my desktop to it with gamestream/sunshine/moonlight, and it’s now as smart as my computer. It can even stream from different computers no matter where they are in the house, watch anything with stremio, and play games from them too. It’s way better than using the youtube or netflix button on the TV, most of the services it offers I don’t use anyway.
But actually pihole does sound like a good idea and maybe I should get that set up one of these days.
So with all the recent drama I learned that some TVs look for other open networks or other same brand TVs in range, and if found will join those networks and still share data.
So not connecting it isn’t enough in all cases.
A pihole wouldn’t solve this either if it was smart enough to know it’s blocked and look elsewhere.
Gotcha, find its card and rip it out.
In the not so distant future, people will begin turning their houses into faraday cages to ensure nothing can access the outside unless given proper permission.
I’d be interested to see more information on that. I don’t doubt companies would do that, but some good information on when it happens and how to prevent it would be useful.
So I did some looking, and as far as I can tell, there’s no definitive proof of someone testing this and reporting on it. It might just be all rumors and speculation.
Thanks, I hope they don’t do it. I would expect the security community to be able to find something like this, since it’s not hard to hook up some devices and do packet sniffing to detect if they’re talking to each other.
This would be an excellent use case for LTT’s faraday cage room for instance.
can’t you set a password so it can’t join willy nilly?
That would only work until your neighbor leaves their guest WiFi open.
I need to replace my router as it’s coming to end of life. I want one with vlan so I can put all my iot on a separate lan. Any recommendations?
I recently picked up a GL-iNet Flint 2 because it’s a powerhouse and one of the easiest routers to flash Open-WRT onto. If you don’t want to mess with firnware flashing, it comes stock with their fork of Open-WRT. So, either way, you have a ton of control over your router, including setting up VLANs and running AdGuard.
Thank you for the reply - you’ve offered a great opportunity to ask another question 😂
I was looking at adguard. Is this something worth the subscription? I was looking at it because it seems to handle a lot of ads, including those on mobile games and stuff. But in my cursory glance, people are saying it’s not safe…
I’ll look at the GL-iNet because a) I want a powerhouse and b) I want nothing to do with flashing firmware haha
AdGuard as a service is alright, but it’s essentially just a pihole that you don’t have any control over. It does DNS level blocking, which means the ads get blocked before they even load on your network.
The issue is that since you’re routing all of your DNS traffic through AdGuard, you’re directly telling AdGuard which sites you are using. So there are concerns that you are just shifting the data collection from the ad companies to AdGuard instead, but AdGuard has the ability to be way more invasive in how the collect data.
Just set up dual piholes (one for your primary DNS, and one for your secondary DNS) instead. You get the exact same end result, without any of the data collection worry.
Thank you for your detailed responses. Has adguard any track record of collecting data? Is there a way to know?
For consumer grade gear, Ubiquiti is probably the best bet. Unless you want to get into the commercial side of things, but that’s prohibitively expensive for the average person.
Personally I run a GL.iNet system. I like it being completely open source, and the Flint 2 is a workhorse of a router. But as far as ease of use and config, Ubiquiti is certainly more straightforward.
This might be my ignorance, but the Ubiquiti stuff I’m finding seems to be all commercial. I ended up getting a good price on the Flint 2 and it should be here next Friday. I’m hoping to chunk out some time setting it up on the 20th
They called me crazy.
My current tv is a 42” I got in 2012. I would love to upgrade to a bigger one, but I don’t wanna get a lame smart tv.
I’m on the same boat 44" tv, from ages ago. Connected to my linux reinstalled asus chromebox. Freedom baby yeah!
You can get a smart TV and just not use any of the smart features. My TVs are on a separate VLAN with no internet access, so I can still control them via Home Assistant but they can’t reach out to the outside world. I use Nvidia Shields for streaming.