Samsung TVs May Upload Screenshots for Automatic Content Recognition

[pluszero]

Maybe we should just ddos these endpoints, they don't deserve anything better.

[hanniabu]

Be careful, when you mess with corporate America you're basically going head on with momma bear US government.

[ficklepickle]

Assuming the aren't well programmed, it might be preferable to spoof them with junk data.

Is anyone MITM-ing and publishing the data these devices are sending? It would be nice to reverse engineer and document their APIs. Somebody needs to be watching the watchers.

[andrewksl]

I’m worried by how much I like this idea

[tome]

Interesting. Rather than restricting what is sent could one just spam them with garbage so they can't distinguish what's real from what's fake?

[twojacobtwo]

Would it note be relatively trivial for the manufacturer to just filter incoming requests by whitelist of registered ids of their appliances?

[larkeith]

Not really - either you send the ids unencrypted and they're trivial to falsify, or you send them securely, in which case it takes a lot more power to decrypt each request for filtering than it does for the attacker to send each new request.

DDoS protection is surprisingly challenging - usually it's relegated to a CDN provider, but that would be more difficult when the actual consumers are the same people most likely to be hosting botnets.