Forgot your password?
typodupeerror
Television Bug Privacy Security Hardware

Eavesdropping With a Smart TV 93

Posted by Soulskill
from the i'll-stick-with-a-dumb-tv,-thanks dept.
An anonymous reader writes "A article on The Register titled talks about a demo that was given in London last month by NCC Group where they turned a modern TV into an audio bug. 'The devices contain microphones and cameras that can be utilized by applications — Skype and similar apps being good examples. The TV has a fairly large amount of storage, so would be able to hold more than 30 seconds of audio – we only captured short snippets for demonstrations purposes. A more sophisticated attack could store more audio locally and only upload it at certain times, or could even stream it directly to a server, bypassing the need to use any of the device’s storage.' Given the Snowden revelations and what we've seen previously about older tech being deprecated, how can we protect ourselves with the modern devices (other than not connecting them to the Internet)?"
This discussion has been archived. No new comments can be posted.

Eavesdropping With a Smart TV

Comments Filter:
  • by mbone (558574) on Saturday May 10, 2014 @05:02PM (#46969003)

    Well, duh, don't connect them to the Internet. Unplug them from the wall when they are not in use, and cover over camera lenses with tape. But you should do that already.

    • by ShieldW0lf (601553) on Saturday May 10, 2014 @05:21PM (#46969073) Journal

      That won't work.

      There's a good breakdown on infowars about why it won't work:

      http://www.infowars.com/91497/ [infowars.com]

      But you can't just take what's on infowars without a grain of salt, so here's a video on intel's website where they substantiate everything, but with a positive spin

      http://www.intel.com/content/w... [intel.com]

      We need open hardware. The hardware being made in the factories is not trustworthy.

      For the majority who won't click links and read articles, the gist is, there's a 3G radio antenna and a special dedicated processor inside of your CPU, and it can be used to either take complete control of your device, or to destroy it. All the details are there in Intel's marketing material.

      • by profplump (309017)

        Yes. Wake-on-LAN and power management. Super scary stuff there. Thanks for the warning.

      • I'm pretty sure that that won't work if you follow the grandparent post's advice, "unplug them from the wall when they are not in use." I did not see anything in those links you posted about those chips working when there was no electricity to the device.
        • by geekmux (1040042)

          I'm pretty sure that that won't work if you follow the grandparent post's advice, "unplug them from the wall when they are not in use." I did not see anything in those links you posted about those chips working when there was no electricity to the device.

          Speaking of "grandparents", take a look at those around today. Those happened to be the last generation of people who actually powered electronic devices off, and knew what it was like to walk around without the electronic leash of social media shoved up their ass 24 hours a day.

          Therefore, that "advice" to power shit off when "not in use" is rather meaningless, especially as more and more people shift entertainment to a cellular device that never powers off or leaves their side.

          • Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.
            • by geekmux (1040042)

              Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.

              Today's generation is so lazy they have remote controls for laptops.

              This laziness was so powerful in fact that the industry response was not to find ways to get people more active. No, instead they invented smart power strips so people can turn their shit on and off with their cell phone.

              Needless to say, the advice is yet again, meaningless and the example not without irony.

            • Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.

              Are you aware that if you take an old television apart and go poking your fingers around in there, you'll very likely be killed, even if the television has been unplugged for over a year. They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

              You really think something they designed in these types of capabilities for espionage, but are going to be stymied by you unplugging the thing?

              The US government controls what hardware is contained in those televisions. They

              • They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

                You should be fine. Your various aluminum foil bits will protect you handily.

              • by Ol Olsoc (1175323) on Saturday May 10, 2014 @11:32PM (#46970577)

                Are you aware that if you take an old television apart and go poking your fingers around in there, you'll very likely be killed, even if the television has been unplugged for over a year. They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

                Which is a non sequitar. If you are going into the television, you discharge the capacitor. The closest thing I can come up with is that you are sying the cap is a power source. Won't work.

                You really think something they designed in these types of capabilities for espionage, but are going to be stymied by you unplugging the thing?

                The US government controls what hardware is contained in those televisions. They forced the issue when they were moving away from free-to-air television. If you've been coming to slashdot for a long time, you read all about it.

                So, what evidence do you have of this? How is the "snooping" device powered? What frequencies does it operate on? All this is very simple stuff. You can't hide power sources, you can't hide RF. You can't power unpowered things. I could open the back of a smart TV and find the needed components pretty quickly. You'd need a battery, an RF transmitter, and antenna. Looking, and a multimeter, and a cheap radio (I'd use a spectrum analyzer) are all you need. I forgot - a screwdriver. But trivial to find. Can't change the laws of physics, no matter how advanced the paranoia.

                • by AmiMoJo (196126) *

                  Any TV made after the 1960s should have a bleeder resistor to discharge any dangerous capacitors.

              • I was a television repairman in another life (before disposable TVs) and the only place that carries enough voltage and amperage to kill you is the high voltage transformer. To discharge, simply attach a ground to a screwdriver, insert under the tube connection point.(the wire from the top of the transformer to the side of the tube, notable for a large round rubber connector.) If there is a charge you hear a snap and it's discharged. If you hear nothing, there was no charge.

                Works like a charm.
          • by dbIII (701233)
            You've just made everyone over 40 feel old.
          • by RockDoctor (15477)

            especially as more and more people shift entertainment to a cellular device that never powers off or leaves their side.

            Just because lots of people do it doesn't mean that it's a sensible thing to do.

        • Well exactly. If you had that kind of capability would you be shouting it from the rooft0| $..., ,
          no carrier

      • There's a good breakdown on infowars about why it won't work:

        http://www.infowars.com/91497/ [infowars.com]

        Most Intel's hardware doesn't ship with vPro, so it's unlikely to be much of a problem. Also, most smart-TVs and the likes still ship with ARM-chips, not Intel.

        • by AmiMoJo (196126) *

          In addition, 3G is unlikely to work inside a metal PC case with the teeny-tiny antenna that would fit on a CPU substrate. The technology seems to be aimed at portable devices and requires an external antenna connection to have any hope of getting a connection.

      • by ewieling (90662)
        Where in the Intel video you posted a link to does it mention "3G" or "wireless". It infers "wireless" but I don't see anymore than that. Which standards do these "3G" chips support? EVDO? UMTS? Also, what frequency bands?

        IPMI can do many of the management things Intel is crowing about in the video. Including powering on the server when it is powered off and getting KVM sessions.

        Extraordinary claims require extraordinary evidence.

        Do you have any evidence other than the web site of a known conspirac
        • From the Intel website [intel.com]:

          Previous versions of Intel Anti-Theft Technology enabled authorized IT or service personnel to send a coded "poison pill" over the Internet to completely disable a lost or stolen computer and help prevent access to its encrypted data and deter theft. New Intel AT 3.0 enables the poison pill to be sent as an encrypted, authenticated SMS message by an authorized administrator over a 3G cellular network as well within moments after a missing laptop is turned on. When recovered, the PC can be similarly re-activated with another message. Its new Locator Beacon capability gives authorities the ability to pinpoint a missing laptop using GPS technology on select 3G modems.

          Presumably this 3G radio can transmit as well as receive. I tried to find more informative datasheets but Intel's website sucks and I couldn't find more on it.

      • by dbIII (701233)

        there's a 3G radio antenna and a special dedicated processor inside of your CPU

        Unless you've got a plastic case the signal would suck even before the problem of a small antenna kicks in.

        • by fnj (64210)

          And it would have to somehow magically get a signal through the metal cap (and the heat sink on top) even it there was such a thing inside the CPU chip.

      • We need open hardware. The hardware being made in the factories is not trustworthy.

        True. But in the meantime, you can install a $0.50 switch in one of the wires to the microphone, and put a post-it note over the camera.

      • How putting black tape over a camera lens won't work is a little beyond me. I can see how audio mics might get past simple muffling techniques, but the camera?

      • As to embedded 3G antennae, I can barely get a signal out on my cell phone through a metal roof, seems like a tinfoil hat would be quite effective here.

    • Or just don't buy a TV that comes right out of 1984 with a camera and mic included. If you want to Skype, get separate (probably better...) inputs, and connect them up via a system you control and trust.

      I'm rapidly coming around to the view that it should be legally required for anything you buy to declare all sensors it includes (camera, mic, GPS, WiFi receiver, etc.) and all networking capabilities (wired or wireless) prominently on the packaging, and to provide a hardwired switch to disable these facilit

    • by m00sh (2538182)

      Well, duh, don't connect them to the Internet. Unplug them from the wall when they are not in use, and cover over camera lenses with tape. But you should do that already.

      Most smartTVs use wireless connection. Even if you disable it, it can be hacked to work while looking like it is disabled.

    • by antdude (79039)

      What about mic(rophone)? :P

    • by Anonymous Coward

      Not so easy, my friend found out the Samsung TV is still connected to the internet through ...... the HDMI cable..

      It is setup in some zero config auto detect crap built into windows

  • no u (Score:4, Funny)

    by Anonymous Coward on Saturday May 10, 2014 @05:03PM (#46969005)

    we must band together and build wooden robots and wooden devices powered by steam. together we will help stop the flow of electrical current and put an end to this modern day madness!

  • No "Telescreen" Tag? (Score:3, Interesting)

    by Anonymous Coward on Saturday May 10, 2014 @05:07PM (#46969027)

    Seriously, this is precisely what Orwell predicted in 1984. I am going to find everyone I ever accused of being a tinfoil hat paranoic and apologize to them in bended knee...

    • 1984 v 2014 (Score:5, Insightful)

      by Anonymous Brave Guy (457657) on Saturday May 10, 2014 @05:31PM (#46969137)

      1984: A cautionary tale about the power of the state and the dangers of ubiquitous surveillance.

      2014: A real life documentary in which everyone carries around a mobile phone, everyone's car includes trackers with automatic remote location capabilities, major population centres are observed by numerous cameras logging to central databases under government control and backed by technology doing everything from facial recognition to gait analysis, even the privacy of your own home isn't private because there are literally cameras tucked away on your TV, and lots of people are OK with this as long as the pizza is still hot when it gets delivered and arrives in time for tonight's reality TV show.

      • If you study the eastern philosophies, you will find that hot pizza is more important to happiness than whether or not someone else knows what you are doing.

        It would be the height of conceit to believe that what you do in your living room is interesting enough for anyone important or in-power to care about. I worked at a company that had "listening bug" phones on every desk in every office - we still talked openly in front of the phones, openly disparaging the leadership, their policies, their personal hab

        • by BitZtream (692029)

          The problem is that it no longer requires someone to car about what you do.

          Computers can analyze the happenings far faster than humans can, and on a far larger scale, and so all they have to do is tell them to look for something interesting, like your drinking habit or having sex with your neighbor. Then they can be notified about things they otherwise wouldn't have time or money to put the effort into finding.

    • Hey you there! Comrade! Stop right there and raise your arms, facing the door.
  • Simple (Score:4, Insightful)

    by ArcadeMan (2766669) on Saturday May 10, 2014 @05:11PM (#46969041)

    Buy a plain, regular computer LCD display. Connect Apple TV to display via HDMI, connect Apple TV to audio with optical output.

    There, no physical spying inside your house.

    • by Nethead (1563)

      Computer LCD screen, old Core2 box running Mint Linux, set of old speakers with sub-woofer, VLC, thepiratebay for content. Has served our house well for the last two years.

      • Give XBMC or Plex a go a bit nicer interface. Plex client on a Ras PI is dirt cheap low power and still gives you something your in control of.

        • I've done this and it works quite well! I have a Ras Pi on every TV and all linked to a central NAS. Start a movie in the living room and finish it in the bedroom or up stairs in my office.
        • Re: (Score:2, Informative)

          by Gaygirlie (1657131)

          If you go with XBMC may I recommend setting Dirty Regions to 1 instead of the default of 3? It gives XBMC a nice speed boost and drops its CPU-usage a whole bunch. See http://wiki.xbmc.org/index.php... [xbmc.org] for details.

      • by Anonymous Coward

        Computer LCD screen, old Core2 box running Mint Linux, set of old speakers with sub-woofer, VLC, thepiratebay for content. Has served our house well for the last two years.

        So, your counterargument for the suspicion of illegal spying is felony theft.

        Great advice there, genius.

    • by wkk2 (808881)

      Watch out for Ethernet over HDMI bridging one device that has network access to another that you think doesn't have access.

    • Buy a plain, regular computer LCD display. Connect Apple TV to display via HDMI, connect Apple TV to audio with optical output.

      There, no physical spying inside your house.

      Except, you know, Apple, who was one of the first corporations on the NSA's list.

      The best way to prevent the NSA from spying on you is to vote for people that intend to disband the agency.

      • There, no physical spying inside your house.

        The Apple TV has no camera or microphone.

      • Except, you know, Apple, who was one of the first corporations on the NSA's list.

        No, Apple was actually one of the last corporations on the list according to this [theguardian.com]. Have any evidence to the contrary?

    • by AmiMoJo (196126) *

      Did you see those slides where GCHQ and the NSA talk about intercepting hardware as it is being shipped to you and installing bugs? Dumb TVs are not safe either.

      It isn't necessary to forego smart TVs completely, just get one without a camera or microphone. It would be about as safe as a dumb TV then.

  • How about removable microphone and camera modules? Is there any way for this to happen for devices that are large enough to have them?
  • by CheshireDragon (1183095) on Saturday May 10, 2014 @06:06PM (#46969289) Homepage
    I've never bought and I will never buy a Snart TV. My current TV does have a RJ-45 if I care to hook it up to the network, but I have never used that port ONCE in the 2½yrs I have owned the TV. Nor does it have a mic and camera in it. However, if they become like the Snart phone then I will be forced to buy one as the 'dumb' ones will be fewer and fewer. If so, I will just open it up and physically cut out the camera and mic. Problem solved. Of course, I do believe there will be manufacturers out there that will still make TVs without a camera and mic for many years to come. Probably even long after I am gone.
    • There'll probably be some sort of physical intrusion detector that'll flag you up as a tairst if you do that.

      Or worse, it'll invalidate your guarantee.

  • by TigerPlish (174064) on Saturday May 10, 2014 @07:02PM (#46969559)

    So we've been calling it "television" but it turns out the real name is Televisor, isn't it.

    Future's so bright I need to wear shades, indeed.

  • by Wootery (1087023) on Saturday May 10, 2014 @07:21PM (#46969653)

    All these comments, and not even a nod?

    *Ahem*

    In Soviet Russia, TV watches you.

  • A article? Really? No-one even reads these before they get posted anymore?

  • I bought a LCD projector, and high-end computer speakers, years ago when I was on a ship. Everyone else on board bought nice LCD screens, and the moment we hit heavy weather, I could hear all those nice LCD screens falling all over the place.

    My projector was strapped down, and never moved. By using a bed sheet, I had the largest "TV" of anyone on the ship. All with the footprint of two boxes of Ritz crackers.

    It migrated with me to my current home, and it works perfectly against the wall, again, giving me

  • by Dabido (802599)

    Bees the size of rats, suck on rats the size of cats

    Beware the savage door, Of 1984

Maternity pay? Now every Tom, Dick and Harry will get pregnant. -- Malcolm Smith

Working...