
Smart TVs Track More Than What’s on Tonight - sologoub
https://mobile.nytimes.com/2018/07/05/business/media/tv-viewer-tracking.html
======
AdmiralAsshat
I try to tell everyone I know--family, friends, etc.--to _never_ use any of
the online features of their "Smart" TV for this reason. Use a set-top box.
Use a Roku, a Chromecast, a Fire Stick, your old game console--literally
_anything_ that you can connect to the TV to watch Netflix on will be better
for your privacy than the TV itself.

I haven't updated my Samsung 40" TV in about 7 years for this reason. It's
damn near impossible to just find a high quality "dumb" TV.

~~~
bootlooped
I'm pretty sure you can make a smart tv relatively dumb again by just not
connecting it to your network though.

~~~
bhauer
I worry about the near future where cell connectivity (ala Kindle Whispernet)
is cheap enough for these companies to not even bother using your network to
exfiltrate data.

~~~
bootlooped
Yes, that is a possibility, but is the percentage of people who don't connect
their smart TV going to be high enough to warrant that? I imagine the vast
majority of people let their TVs connect, because they want to use Netflix and
the other streaming services.

------
calvinbhai
Bought a Vizio in 2017 (because 5 HDMI ports, 4K HDR, dolby vision), and I
just couldn't find one non-smart TV that was 4K HDR.

So I resorted to use it with Apple TV only (its great that Apple TV also has
Dolby Vision support, so DV content looks stunning on this display).

I thought I was smart in not connecting the TV to the internets. Once I did
connect it for a few days, later at some point Vizio forced me to connect it
because, they changed the physical remote, sent it to me for free, and then
the UI was blocked until I setup the new remote, which needed internet. For a
moment, I thought of returning the TV to Costco saying "it is not working".
But I didn't have the patience to do that :-/

So technically, Vizio or any smart TV can prevent you from using the TV after
you start using it, if you refuse to update the firmware, remote etc.

I'm willing to pay 2x the price I paid for Vizio, if Apple comes out with a
display, because thats the only brand I trust for privacy. But only problem in
that case, will be HDMI ports. I doubt an Apple Display would have more than 1
or 2 HDMI ports (looking at how they are port unfriendly on Macbooks :)

~~~
kitsunesoba
I recently bought a Sony 900F. Great TV, but I’m not connecting it to the
internet and the Android “smart” portion may as well not exist. There’s no
reason to use it when the Apple TV 4K, PS4, etc all do the smart bits better.

I too would pay a sizable premium for a high quality mid-high tier dumb TV
just to never have to worry about the associated privacy implications. I’d
guess most folks who have any kind of serious media center setups would also
agree. Perhaps it’s time for a few boutique TV companies to enter the scene?

~~~
photojosh
Hopefully for that premium you’d also get a TV that powers-on close to
instantly (or at least faster than whatever box you’re using it with), gives
you a control over display settings per-HDMI input, lets you use Bluetooth
headphones (the ATV can do this, it’s great).

Unfortunately it would be niche indeed, as it’d be a very hard sell to push a
“non-smart” TV at a premium, and I can’t see how the economies of scale could
ever work. :(

~~~
kitsunesoba
A sharp, clean, timeless HUD design and FOSS reflashable firmware would a nice
plus too.

I would assume the biggest cost would be that big display panel, but have no
experience with manufacturing/supply chain to back that up. How does one
research such a thing I wonder...

------
iammiles
I'm actually going to be in the market for a new television later this year.
My only use is to watch Netflix, some Blu-rays, and dock my Nintendo Switch to
it. Are there any recommended high definition (4k+) televisions that aren't
Smart TV's?

~~~
nfoz
They’re hard to look up but you need to check “commercial” series. I bought a
55” 4k LG dumb tv a year ago and I’m quite happy with it. Simple remote, no
hassle. The downsides are that it only has two HDMI inputs and afaik no
antenna for over-the-air channels. Also it doesn’t do HDR and I don’t know if
they have a “commercial series” dumb-tv that does.

I’ll link you to the model when I’m back at my desktop.

~~~
TheCapn
How was cost comparison? Did you save anything significant going with this
line over a SmartTV? My future solution is to simply not plug the SmartTV into
the network and if it means paying the same why not?

~~~
VLM
My dumb TV boots up from power button to pix in about 2 to 3 seconds. My MiL's
smart TV takes about 20-30 seconds from flipping the power strip on. So
"smart" costs about ten times latency in two anecdotes of data. My MiL is very
jealous of my dumb TV, no one likes a slow UI.

My MiL doesn't have wifi internet; possibly the TV wastes a lot of time at
boot trying to connect as punishment for people who don't allow it to spy, I
don't know.

~~~
cptskippy
Smart TVs usually have a full blown operating system they have to boot. It's
similar to booting a Roku, Apple TV, or your Smartphone.

------
greggarious
So what is the justification for this being acceptable behavior (beyond the
usual "read the 20 page, graduate-reading-level privacy policy)?

Sites like Google and Facebook provide free services in exchange for ads.

Personally I think it is ludicrous that a company thinks it OK to use _my
personal information_ to enrich themselves, via a device that _I paid for_.

~~~
djrogers
If you think Google and Facebook are the only companies doing this on the
internet, you're in a for a huge shock. There are tons of companies that do
this without providing any service for _you_.

Recall a recent story on HN about Exactis leaking data on 100s of millions of
people? That's just one of them, and until the breach almost nobody had ever
heard of them.

~~~
TeMPOraL
True. Basically, every time you get an annoying GDPR popup, you've found
someone complicit.

~~~
cblock811
That's a stretch. I worked on GDPR compliance and it wasn't because of
anything underhanded or nefarious. Just had to comply with new regulations.

~~~
chopin
If you need a popup you are complicit. In that case it's very likely you are
spewing my personal data to third parties.

~~~
cblock811
It's the law! I'm not sure how you don't get that. People have to get explicit
consent to Terms of Service and marketing. If you don't understand that times
change and companies have to adapt to follow the law (with a popup modal of
all things _gasp_ ) then I'm not sure what to tell ya. Good luck with that
mindset.

------
medlazik
Eradicating Samba TV from my Sony Android TV was quite a fight. I ended up
with a local Pi-hole server blocking everything the TV was trying to access
except Netflix. Not optimal but better than nothing...

~~~
move-on-by
A Pi-hole is the only real solution for this as far as I can tell if you still
want to use apps on your TV like Netflix. I use a Pi-hole as well with several
block list sources, my favorite being Steven Black's hosts:
[https://github.com/StevenBlack/hosts](https://github.com/StevenBlack/hosts)

~~~
creeble
Thanks for that link!

I haven't added a custom block list to my Pi-hole before, this looks more
complicated than I would have hoped.

~~~
creeble
Okay, I see. Just use _his_ hosts file to extend Pi-hole. Not so hard.

------
loriverkutya
Luckily, we have GDPR in the EU. And they are going to be fined if they are
doing the opt-in this way.

------
logfromblammo
This is explicitly why the last TV I bought was a dumb TV. One less privacy
nightmare to worry about. Of course, that just shifts the problem to the black
box on the other side of the HDMI cable, but I can watch as much over-the-air
TV as I want without anyone harvesting my viewing habits.

What we need as consumers are laws that would allow the owners of smart
televisions, network-connected devices, and any other physical products with
included software, to more easily control the behavior of the hardware that
they own, without resorting to rooting and jailbreaking to "pwn ur own"
property. (Including refusal to honor DRM restrictions.) I don't know why "you
can't have your cake, and eat it too" is not an actual legal principle, but
you can't sell a hardware device to the consumer and still control what they
can or cannot do with it.

------
arrty88
I never connect my smart TVs to wifi. Problem solved

------
LinuxBender
Smart TV's are Dumb IoT's. I have found they lack proper implementations of
DNS resolvers. They do not obey TTL's and will aggressively retry connections.
On the plus side, some of them don't check ssl certs, so you can snoop on the
data they gather. [0] You can use tc netem to rate limit the TV and add a lot
of packet loss and reordering so make mitm easier, as the TV will retry many
times.

[0] - [https://thehackernews.com/2017/05/cia-mitm-hacking-
tool.html](https://thehackernews.com/2017/05/cia-mitm-hacking-tool.html)

------
contingencies
A few months ago I bought a new TCL TV here in China. I was amazed when, using
it as an external monitor, an ad popped up over the screen which required
using the TV remote to dismiss. Never buying TCL again.

------
nogridbag
I bought an upper midrange dumb TV about 10 years ago (LED, full array
dimming) and it's still working flawlessly. The only downside is it has
massive bezels and is fairly thick.

It might seem silly, but I recently considered upgrading it purely for
aesthetic reasons and was ready to spend the money, but the smart TV aspect is
a major turnoff so I decided against it for now. Even if I don't use the smart
TV features there's still downsides like boot time.

------
codedokode
It is interesting how they hide important details in long terms and conditions
document. Cannot other industries learn from this Silicon Valley invention?
For example, a car dealer could hide a condition that they are only
temporarily lending a car instead of selling. There are people who don't read
the documents they sign carefully.

~~~
TeMPOraL
I don't think SV invented this. It's just that this hasn't been regulated out
of software industry yet.

------
codedokode
This is a perfect case where even if you pay you still are the product. Of
course this needs regulation.

------
stcredzero
I have a cheapie TCL Roku TV. If I hook up my laptop using HDMI and play
something along the lines of a movie Xvid file, a banner notification pops up
asking me if I'd like to watch the show on one streaming service of another.

~~~
crtasm
Yuck. How does it know what you're watching? HDMI doesn't expose file names
AFAIK.

~~~
stcredzero
Not sure. Subtle fingerprint encoded in the soundtrack? Fast Fourier analysis
fingerprint of a specific span of time near the beginning of the movie?

------
harveynick
One of my main reasons for sticking with an AppleTV instead of switching to a
Roku is that Roku also does this, but Apple has a stronger stand on privacy.

------
wilsonnb2
Can anybody give me a good reason why I should care if my TV watching habits
are tracked for the purpose of targeted advertisements?

------
SubiculumCode
Time to put the TV on the guest network.

~~~
noja
That won't stop it collecting data.

~~~
SubiculumCode
It would stop collection of data on other devices on network,but yeah.

~~~
TheVikingOwain
That depends on how the companies determine “the same network”. If it’s
external IP based then a guest network is of no use.

~~~
SubiculumCode
I own my own router and the guest network is isolated.

------
4029dlsdkld
LG has something similar called "Channel Plus" which is an app that has a
bunch of (frankly, mediocre) IPTV channels in exchange for you consenting to
data collection on everything you watch. I didn't read the TOS closely, but it
wasn't clear to me whether it collected data just when you were using the app,
or on all content viewed with the TV even in other apps, OTA, etc. I'm
suspicious because you have to consent and enable data collection in the
global settings for the TV.

~~~
dawnerd
Channel plus on my oled spams me with notifications even though it’s disabked.
Clearly lg doesn’t care.

------
sandworm101
(1) Who watches TV these days?

(2) Most all of the "smart" TVs in my area don't use any of their features.
They are all used as dumb monitors. They either take signal from a proprietary
cable box, a game device, or some other media player.

(3) I have yet to see a TV that requires an internet connection to function.
If you have one of these things, blacklist it on your network. At the
firewall, or just don't give it your wifi password.

~~~
diafygi
A lot of people watch physical TVs, even if they don't watch "TV". This is
about tracking what people are watching on the physical device, no matter the
source.

If I watch a Blu-ray or Netflix, my smart TV will still send a fingerprint of
that content to their servers for analytics.

As far as not connecting your TV you the Internet: (1) The default setup says
you need to, so most people will since they want to watch Netflix. (2) There's
so much free wifi around these days I wouldn't be surprised if TVs try to
connect to any open wifi for "automatic updates".

~~~
namibj
Can that be constructed as CFAA if they then bypass some agreement button or
so?

