
Tracking systems of TV streaming devices - godelmachine
https://blog.acolyer.org/2020/02/10/watching-you-watch/
======
colechristensen
I knew this was the case but the reminder is just more motivation to revert
back to purchasing optical media, ripping it, and using mpv on a computer.

I don't want my entertainment to be tied up with advertising. I don't want my
whole life to be subject to metrics.

~~~
chr1
Advertisement works because most people do not feel this way and are ok with
metrics and adds as long as they get something back. Is that ok, or is there a
rational argument why everyone should feel bad about being subject to metrics?

~~~
TeMPOraL
Advertising works because people have little choice in the matter. It's
exploiting that people value "consumption with ads" more than "no consumption
at all", and most are not skilled enough to remove the ads themselves.

(It's not like they wouldn't do it if they knew how; remember the popularity
of VCRs? Their main use case was that on a recorded show, you could fast-
forward through ads.)

People are not OK with metrics; most population has no understanding about the
extent to which they're being surveilled or measured. There's also a growing
feeling of helplessness, because the more the snooping is becoming known, the
more apparent it seems that it's the same as with advertising - unless you're
a tech-savvy person, you have _no_ choice at all.

EDIT:

A big part of the problems are the constant lies of omission. I believe much
fewer people would be willing to connect their TVs to the Internet if on the
box, next to "you can watch Netflix from your couch", there would be text
saying "we'll spy on you as much as we can, and this data might wind up at
your insurance provider". Or an asterisk next to "Netflix" explaining that
"the service will work until we get bored or they change their API, i.e. for
about two to three years".

~~~
stevenicr
Indeed. I had planned to purchase a few Roku devices for me and someone else.
Then I stumbled upon an article describing the amount of third party data
sharing and how it varies by channel. Stopped me from purchasing. And this is
after a bit of research on streaming devices and plans and all that!

People in one of the online neighbor groups routinely ask about options for
this channel or that channel and such as the lineup out here with some
services seems to change regularly and lots of people are moving.. invariably
someone squeeks about how great their Roku device is...

I ask them how they like the device sharing info about what is being watched
and when with multiple third parties, If they knew that before purchasing, and
if they tell other people who use it... every time the answer has been 'this
is the first I've heard of this"

~~~
jasonjayr
Cable companies to this too with their STB. OTA or pirating content is the
only way to maintain privacy.

------
baq
money quotes

> Running with a Pi-hole helps, but still misses about 27% of A ID leaks, and
> 45% of serial number leaks.

and

> Our measurements showed that tracking is prevalent on the OTT platforms we
> studied, with traffic to known trackers present on 69% of Roku channels and
> 89% of Amazon Fire TV channels… Our analysis of the available privacy
> countermeasures showed that they are ineffective at preventing tracking.

the fact that pihole is ineffective is troublesome.

~~~
lostlogin
You can improve that stat. If you have a router that allows it, make a rule
that allows port 53 out if it’s from the Pihole, and redirects it back to the
Pihole if it isn’t. You’ll catch more of the sneaky crap that way.

~~~
samoa42
dot/doh is here, pihole is becoming irelevant

~~~
iso947
Quite, effectively your device VPNs to the internet on port 443 to a non
descript IP. You can either block it completely or allow everything through.

The only hope is that device manufacturers are terrible, don’t implement
certificate checks, and you can MITM everything by redirecting port 443
through a proxy.

~~~
silon42
The only choice is to block it.

~~~
ubercow13
Block https?

~~~
aembleton
Could just block it from that device.

------
c54
Surprised that apple TV isn't included in this analysis at all. I'd be
interested to see that, especially using a short list of the 'most common'
apple TV apps -- eg Netflix, Youtube, Hulu, HBO.

------
OnlineHeaven
I have a Roku and it's a targeted advertising machine. Great if you're a
marketer but kinda iffy if you're just an ordinary consumer. I see ads for
debit card purchases within a matter of hours. I don't mind because I'm into
marketing and might leverage the adtech at some point. But if you're concerned
about privacy, stay far away.

------
jaimex2
Surprised it doesn't recommend Kodi in the 'What can you do about it'

It's basically the OpenWRT equivalent of streaming devices.

------
uptown
Presumably an AppleTV is only as good as the apps you choose to run on it. I'd
love to see some analysis of YouTubeTV. I recently saw a stat which claimed
YouTubeTV only had 2M subscribers, which seemed critically low to me.

------
trekrich
That’s a handy list of domains to put into pi-hole for them to be blocked.

~~~
donclark
I did not see a list of domains on that site. I thought they talk about using
a pihole in general. If you saw, or recommend specific lists - please do - and
thank you in advance.

~~~
spydum
It was in the table (image):
[https://adriancolyer.files.wordpress.com/2020/02/ott-
table-2...](https://adriancolyer.files.wordpress.com/2020/02/ott-
table-2.jpeg?w=326&zoom=2)

------
jammygit
Here’s a question: when my old tv dies, where can I even get a new non-smart
tv? I haven’t seen a new one sold in years now

~~~
RandomBacon
Walmart and Amazon. They even sell 4k "dumb" TVs.

[https://www.walmart.com/browse/electronics/sceptre-
tvs/3944_...](https://www.walmart.com/browse/electronics/sceptre-
tvs/3944_1060825_1939756_5735890)

This link used to have better results, but Amazon must have changed something:
[https://www.amazon.com/s?k=4k+-smart&rh=n%3A1266092011](https://www.amazon.com/s?k=4k+-smart&rh=n%3A1266092011)

------
sdan
After reading this, I think if everyone setup a Tor node just for TV, that’s
be great (harder to identify who is watching what).

~~~
Bnshsysjab
Did you actually read it? It literally says identifiers were sent irrespective
of tracking settings. Tor only masks IP and that was never the intent of the
Tor network and using it that way is a is a complete waste of resources that
doesn’t solve anything.

~~~
cameronbrown
> Tor only masks IP and that was never the intent of the Tor network and using
> it that way is a is a complete waste of resources that doesn’t solve
> anything

More garbage traffic on Tor isn't necessarily a bad thing. It keeps others
safe who actually do need it.

~~~
Bnshsysjab
I don’t know a great deal about tor so maybe that’s true, but suggesting
people use some convoluted routing in the name of privacy (which it doesn’t
solve) isn’t the way to go about it.

If smashing TOR with bandwidth actually helps anonymise real users, then TOR
should get in contact with BitTorrent client developers and get them to creat
clients that split traffic over tor and non tor routes. That way they can
create sanely manageable traffic from a very large volume of nodes, helping
mask tor users far more than what a few obscurely routed tvs ever would.

------
tinus_hn
So what about Apple TV?

------
bostonvaulter2
What is a Roku channel? Is it like an app on your phone?

~~~
e40
Yes. There are apps for Netflix, Amazon, etc.

