
LG TV logging filenames from network folders - Amadou
http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/
======
noonespecial
The implications are troubling. Your TV collects and broadcasts for the
permanent record of anyone who can snoop the cleartext (your neighbors, your
ISP, whatever the NSA looks like in your country, etc) all the media it can
find on your network.

We used to need firewalls at the edges of our home networks to keep bad actors
out. Now we need firewalls that point the other direction to keep the bad
actors on our networks _in_.

~~~
ams6110
Good firewalls should always block unwanted traffic whether it's inbound or
outbound. This is not anything new, but you're right that most people trust
the devices they own. Not anymore.

~~~
mmagin
Good luck making that easy for the end-user to configure.

~~~
mbillie1
Yep you've basically refuted the idea of personal security due to a vague
insinuation of how "most people" trust their electronics. Or did you have
anything constructive to add?

~~~
mmagin
Sorry, I should have said:

"Historically it's been very difficult to make detailed firewall configuration
user-friendly. As a result, we've lived with the simplistic compromise of
'allow outgoing connections, don't allow incoming connections'. It seems like
it's going to require some incredible new firewall configuration interface if
we hope to make it possible for the ordinary clueless computer user to
properly configure outgoing firewall rules."

------
Amadou
Can anyone recommend a consumer grade router that has a good GUI for tracking
outgoing connections in real-time and setting up rules to control them?

I am imagining some kind of add-on to DD-WRT or derivatives that will put up a
real-time graph of devices on my home network and draw lines representing
outgoing TCP and UDP connections while also logging them in a tabular format.
Both forms would be clickable to drill down for more details (including
session packet captures if enabled) as well as set policies like a per device
white-list of acceptable IP addresses to connect with.

I know all of this is possible with individual tools like tcpdump or wireshark
and ip-tables configs, but that is too painful. I'm looking for a robust GUI
on top of all that.

~~~
cdjk
I'm a fan of pfsense:

[http://pfsense.org/](http://pfsense.org/)

It might be a little more complicated than a standard consumer-grade router,
but it's powerful enough to do almost anything. It's based on FreeBSD and has
a reasonably pretty GUI on top of pf.

I've used it on alix embedded hardware before, and have it currently running
on an atom supermicro board - both work great.

~~~
jzawodn
pfSense is awesome. It won't help a lot with this specific problem (without a
lot of manual work). But it's still a great solution. I've been using its
multi-WAN capabilities on a Soekris box for a few years now.

~~~
Ecio78
You can use Squid on PFsense (available as package):

[https://doc.pfsense.org/index.php/Setup_Squid_as_a_Transpare...](https://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy)

but I don't think it would be trivial to configure for an end-user

------
sdfjkl
Seems it's time to put your closed-source consumer devices into a DMZ, with
carefully limited access to both the internet and your home network.

~~~
avar
Using "DMZ" in this context is very confusing, in common usage it means the
exact opposite of what you intended.

A lot of home routers have a "DMZ" feature that gives the device you put in
the DMZ full access to the outside internet, but restricts their access to
other hosts on the local network.

It's typically used for gaming machines when you can't be bothered to forward
a lot of ports individually, I have a gaming console in a "DMZ" on my network
so I can play games online without fuss.

~~~
alexwright
This is what _sdfjkl_ is intending I think. Have the TVs/Whatever on the other
side so they can't scan your network shares to get the information to send
back the HQ.

I would be much more effective, straightforward and ultimately more useful
though, to firewall the TVs from the internet outbound so they can collect
data all they like and never send it home.

~~~
sdfjkl
Both actually. They might need access to your internal network to access your
file shares and whatnot, but you'll want to make sure they can access only the
parts you want them to, and nothing else, so they can't for example log onto
your unsecured printer and collect a list of most recent print jobs, including
filenames.

And they might need to access the internet to download firmware updates and
stream video, but you don't want them to "LG phone home" and report your
midget porn viewing habits, so you'll block that.

Of course all that requires quite a bit of knowledge, time and equipment to
set up and is therefore quite unrealistic, so you're better off just hooking
up your laptop via HDMI and putting the damn TV into monitor mode, "smart" be
damned.

------
birger
The dutch website tweakers.net contacted LG and confronted them with this
behaviour. They replied that it was a left over from some functionality that
was never fully implemented and it will be removed in an update.

Most of the commenters there don't buy that story, just like here. Full story
(dutch): [http://tweakers.net/nieuws/92747/lg-erkent-versturen-
privacy...](http://tweakers.net/nieuws/92747/lg-erkent-versturen-
privacygevoelige-data-smart-tv-en-belooft-firmware-fix.html)

------
cientifico
The only possible way to fix this in some way, is having Open alternatives.

Will love that when you buy a tv, you buy just the monitor. Without the
tunning hardware or the crappy ooss. Like when you do with projectors.

Then you buy any chromecast, raspberrypi, or something that you can hack.

I can see for 2014/15 having a lot of startups creating small devices to
connect to monitors only that tune internet in the same way they tune digital-
tv.

Once you have competition in that market, you can start thinking in security.

~~~
Nursie
You can already do all of that if you want. It's not a 2014/15 thing, it's a
2011 thing.

There are a variety of USB-powered android-on-a-stick-with-hdmi solutions out
there. You can also buy separate tv tuner boxes pretty cheap. And many tvs run
some form of FOSS and are hackable/flashable already.

------
munger
Here is the list of domains from the original doctor beets post linked in the
this story to block on your router to stop this:

ad.lgappstv.com

yumenetworks.com

smartclip.net

smartclip.com

smartshare.lgtvsdp.com

ibis.lgappstv.com

~~~
Cameron_D
Thanks, was looking for a list like this. I've blocked them all via DNS,
hopefully doesn't break anything too important.

~~~
JakeSc
What sort of communication between your TV and these domains would you feel is
important?

~~~
josephlord
I don't specifically know the services the TV expects from those domains but:

You may want to receive software updates for the TV.

You may also want to access services that the are launched by the LG apps.
Those services may only run correctly when the appropriate pre-roll
advertising (quite possibly from Smartclip) are allowed to play.

------
kenrose
Previous discussion from the original DoctorBleet finding:

[https://news.ycombinator.com/item?id=6759426](https://news.ycombinator.com/item?id=6759426)

------
vijucat
Also, my LG TV's WiFi password text box doesn't accept anything other than
letters and numbers and not more than 8 chars long. What is this? A 10th grade
programming assignment?!

Having to change my router's password to something insecure just to
accommodate LG's retarded software sealed the deal : I will never buy anything
LG again.

------
Wingman4l7
The dangerous precedent set here is inclusion of Terms & Conditions on
multipurpose electronic _hardware_.

------
rak
Genuine, question. How does one actually go about sniffing traffic from a
device like this? This is really interesting stuff.

~~~
josephlord
1) Install Wireshark

2) Connect laptop to Wifi network

3) Connect TV to laptop's Ethernet port (and set TV to use wired Ethernet)

4) "Share" your wifi connection with devices on the Ethernet port.

5) Run Wireshark and start a capture session on your [edit: Ethernet] port.

Edit: recommend capturing from Ethernet port as there will be less other
traffic.

~~~
chmars
… or use
[http://fritz.box/html/capture.html](http://fritz.box/html/capture.html) if
you have a Fritz!Box router – it's a great device anyway but especially useful
for capturing your own LAN and WAN traffic.

~~~
LongLurker
WOW! I have a fritz box and never knew it could do that.......... mind blown!

------
nemik
This was only found because LG was stupid enough to use plain HTTP instead of
HTTPS. I wonder how many devices use SSL/TLS for this same thing that just
haven't been caught yet.

~~~
skyebook
Unless they offer a way to accept certificates and use a proxy server. Neither
are particularly uncommon, and something like Charles[1] makes this laughably
easy.

[1] [http://www.charlesproxy.com](http://www.charlesproxy.com)

~~~
msoad
Can you self sign other people packages with Charles? That's crazy!

~~~
Nursie
Not really, you can do that with any decent SSL tool. Getting the client to
accept your trusted certificate is all that is needed. Once you have that you
have the keys to the kingdom. I've written similar software myself.

Now on a closed device it can be very difficult to add root certificates to
the store, but it's often possible.

For instance when the PS3 firmware was first cracked I took the opportunity to
flash mine with a firmware I made that contained my root authority
certificate. Then I wrote a python program to intercept and MITM all the
traffic.

Result? I found out that on boot your PS3 tells Sony every game (or other
thing) you run on the ps3, what times you run them and how long for.

------
fat0wl
reminds me of the old sony rootkit cd stuff.

But i think a lot of these companies know that it would be legally hairy to
get into vigilante DRM justice, so instead they just surreptitiously collect
data that will let them plot their next move. maybe that's paranoid, but
comeon in this day & age everything is logged. Even if they are serving 404s,
it's trivial to log that data anyway (as was pointed out) or maybe it goes
straight to server logs and someone in LG analytics says in the future "well,
that data is there somewhere... we may as well use it"

it's hard for me to imagine someone at a corporation standing up and going
"NO! that's violating our users' privacy". they pretty much consider any info
they can get to hit their servers to be their property no questions asked

------
salient
Isn't Windows 8.1 logging local filenames, too, thanks to the integrated Bing
search and advertising platform, so then it can serve you ads based on your
local files?

------
nathan_long
"Dear LG,

I've really enjoyed using my LG TV/network informant. I'm wondering whether LG
has any other exciting products I could use.

Do you happen to sell a camera that monitors my location? What about a vacuum
that phones home with my fingerprints? Or perhaps a washing machine that
steals my dreams?

Thanks for developing the products of The Future!"

~~~
mjolk
I cut my finger on this edge.

------
nathan_long
What is this even supposed to be doing? Monitoring the user's watching habits
is evil but unsurprising. But why do they even want your filenames?

------
ris
So who's going to be the first to start sending bogus data to LG's endpoints?

Could do some very fun things to their statistics.

------
dredwerker
Coming soon to an episode of CSI

------
philthesong
Great work by Samsung!

------
shmerl
Did anyone think DRMed systems can ever be trusted? If you are using one,
expect stuff like this by default.

