Hacker News new | past | comments | ask | show | jobs | submit login

Some TVs use the network via your HDMI connected devices (ex: the roku or whatever stick) or do searches for open wifi networks that you may have no control over to get their sweet, sweet surveillance fix.

Do you have evidence for that though?

I've heard that repeated but never seen anyone actually test it and it would be shocking if true.

It seems more likely that in these cases, a family member or friend connected to the WiFi instead, without the owner being aware.

And if it were actually true and verifiable then surely journalists would have written articles on it by now.

Ethernet over HDMI is definitely a real thing. Someone else would have to comment on whether it's enabled by default on various devices, and which devices are capable of acting as a gateway vs client.

I don't own a smart TV and I, too, am skeptical that your grandparent is correct that TV makers are surreptitiously using other devices as network bridges with HDMI, etc.

BUT ... since we're talking about it ... are the network lines on HDMI reserved for that purpose such that you could create an "HDMI condom" ? I have USB condoms that I use to charge phones with, etc., and wonder if the same concept works with HDMI ...

It looks like HDMI uses separate pins from the video signal for Ethernet and Audio Return Channel. I originally thought it was using a shared packetized bus for HEC, but it's actually kind of clever -- differential mode signal on those two pins is HEC, common mode signal is ARC.

HEAC utilizes two lines from the connector: the previously unused Reserved pin (called HEAC+) and the Hot Plug Detect pin (called HEAC−).

- https://en.wikipedia.org/wiki/HDMI#HDMI_Ethernet_and_Audio_R...

So if you don't need ARC, it should be possible to make a simple filter that blocks both HEC and ARC. Older HDMI cables that might not connect the Reserved pin might also block HEC+ARC. And it also seems like you can get ARC-only by disconnecting the Reserved pin.

I'd guess HEC is most commonly going to be used in situations where you'd also want ARC -- to provide network access from an A/V receiver to a smart TV, and then get the audio back into the receiver.

HDMI Enhanced Audio Return Channel (eARC) uses the two Ethernet pins.

It's a spec, I've yet to see a device that implements the spec.

Even so, the TV somehow configuring the connected device to bridge its network adapters is a bit of a stretch.

That sounds quite shocking. Basically the tv manufacturer is invading your home. I don't understand how that can be legal. Maybe it's just illegal on such a tiny scale, nobody cases.

"To use this TV, agree or it's a paperweight"

Seems like a clear violation of the CFAA.

Soon they will come with LTE modems, like cars do.

I will put my goddamn tv room in a faraday cage if it comes to that.

I hope there’s some way to blast it with localized radio noise to block the 5G for just that purpose.

Really just need to make the dark patterns illegal or costly though.

Jamming is usually illegal, probably even in your home. For good reason: it's unlikely you can prevent the effect of the jammer from leaking outside.

But shielding is just fine and is mentioned elsewhere in this thread.

But hopefully less than a whole room of shielding.

Disconnect, cut, or desolder the antenna.

Samsung is using bluetooth for their new remotes. Desolder the antenna and you cannot use the TV anymore.

They probably use different antennas though so you could cut the cellular modems antenna connection without impacting the remotes.

Different antenna?

Smartphones only have one antenna as far as I know. Why should it be different for TVs?

The Xbox One S for example has two separate Mediatek radios. One for networking the other for the controller.

There's another option: Buy and hook up a dumb hdmi converter to the panel. Taobao has these (low latency, niche gamer market)

The Xbox is doing it that way because they need the lowest input latency possible for the controllers. Blocking the antenna for network operations delays the user input. A TV doesn't have that problem and certainly won't have two antennas.

We are effectively helpless against those tinier and tinier SoCs and the only option is not to buy.

Smartphones typically have four (or more) antennas. 2 for cell (main and diversity), one for wifi/bluetooth, one for GPS. Some phones compress that down to 2, but lose signal strength by doing so.

Actually, it's 5G, which is like wifi for advertisers/data capitalists.

I don't think this comment deserves downvotes. The arrival of 5G, and with it devices that can make their own external wireless connections, is a significant risk to consumer privacy. How it is used and regulated over the next few years could establish what is considered an acceptable standard for privacy for a long time afterwards, and it's clear which way a lot of device manufacturers are going to be pushing.

Affordable, embeddable 2g modems have existed for many years and have perpetrated some of the problems you're concerned about.

5G offers greater throughput but I don't think that tracking applications are only now enabled by 5G. Most 5G deployments are small cells in ultra dense areas and most snooping manufacturers would prefer the range of LTE.

I'm more concerned about the near-to-mid future in this respect.

It is still quite unusual to have embedded LTE modems and the like in consumer devices. Outside of a few relatively expensive product types, like cars and of course phones/tablets, I think most people would be surprised to find independent wireless connectivity in their consumer products and a lot of people would probably ask why it was there if it had no obvious purpose.

With 5G looking like it's going to be mainstream in most developed countries within a few years and promoted extensively as a technology for connected devices and applications using inter-device communication, it feels much more credible that both the infrastructure networks and the component manufacturers involved could offer pricing models that make incorporating connectivity cheaply into any device you feel like a realistic outcome.

My concern is that we drift into a situation where including local network communications, possibly sensors, and independent remote communications all in the same devices becomes routine, without anything close to adequate protections for security and privacy to go with it. Given that governments around here (UK/Europe in my case) are only just beginning to act on issues like right to repair and online privacy and have barely touched numerous other issues raised by modern tech and its capabilities, I'm extremely wary of a relatively uninformed public accepting a lot of hostile measures because they either don't know any better or (possibly correctly) assume that by that point there is nothing they can do about those measures even if they don't like them.

I believe the point was that the types of ads or surveillance we are talking about here doesn’t strictly require 5G. It can work perfectly well with existing 4G/LTE networks and infrastructure. You could send a pretty good signature of what someone is watching by SMS if you really wanted to. The components to add that connectivity to consumer electronics is not that difficult or expensive to add from a BOM perspective.

I think the reason why we haven’t seen more of this vector being used isn’t because it is technologically unfeasible, but rather that there are easier ways to get a device connected.

I think the reason why we haven’t seen more of this vector being used isn’t because it is technologically unfeasible, but rather that there are easier ways to get a device connected.

This is true, but it's also something that right now consumers can at least do something about if they are well-informed, as noted by many commenters here referring to not allowing "smart" devices access to home WiFi networks and the like. I think the danger with 5G, and I'm including the surrounding culture and marketing under that umbrella here, is that the channel for remote communication becomes independent and so potentially impossible for consumers to detect, monitor or prevent, even if they are otherwise relatively well-informed about the technology.

This is why I want to push for a right to 'networking off switch'. It's so simple on it's face and so hard to argue against, and so cheap to implement, so it's a good initial legislative baby step.

Hardware switches are a step in the right direction, but not enough. Some devices need network access to do their jobs, and there has to be a way to deter abusing that access for purposes that are user-hostile at the same time.

I doubt device manufacturers consider 5G to be a prerequisite for snarfing tracking data out of said devices and vomiting ads into them.

Which TV can access the network via a roku?

Any device that is connected via a hdmi with ethernet, If both devices supports it.

And then the endpoint has to also provide a NAT, DHCP server etc? Or at least a bridge/ARP proxy? And it has to know that it should be configured as an upstream device, providing those services and not depending on them.

Can anyone cite a user manual or something official that talks about this feature?

Which is none of them, right? So this is a lie?

I thought this was the case! A commenter on a previous thread said this was really unlikely [0], but I really believe it happens. Not sure how to prove it though.


Why do you believe it happens in the absence of evidence?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact