Eavesdropping With a Smart TV

An anonymous reader writes "A article on The Register titled talks about a demo that was given in London last month by NCC Group where they turned a modern TV into an audio bug. 'The devices contain microphones and cameras that can be utilized by applications — Skype and similar apps being good examples. The TV has a fairly large amount of storage, so would be able to hold more than 30 seconds of audio – we only captured short snippets for demonstrations purposes. A more sophisticated attack could store more audio locally and only upload it at certain times, or could even stream it directly to a server, bypassing the need to use any of the device’s storage.' Given the Snowden revelations and what we've seen previously about older tech being deprecated, how can we protect ourselves with the modern devices (other than not connecting them to the Internet)?"

Don't connect them to the Internet

[mbone]

Well, duh, don't connect them to the Internet. Unplug them from the wall when they are not in use, and cover over camera lenses with tape. But you should do that already.

Re:Don't connect them to the Internet

[ShieldW0lf]

That won't work.

There's a good breakdown on infowars about why it won't work:

http://www.infowars.com/91497/ [infowars.com]

But you can't just take what's on infowars without a grain of salt, so here's a video on intel's website where they substantiate everything, but with a positive spin

http://www.intel.com/content/w... [intel.com]

We need open hardware. The hardware being made in the factories is not trustworthy.

For the majority who won't click links and read articles, the gist is, there's a 3G radio antenna and a special dedicated processor inside of your CPU, and it can be used to either take complete control of your device, or to destroy it. All the details are there in Intel's marketing material.

Re:

[Anonymous Coward]

If you can't be bothered to, at least, read the fucking comment... holy fucking christ on a cracker. fuck you. I bet you comment on submissions without even reading the fucking summary, much less the article. Come on, dipshit.... RTF* or GTFO.

Re:

[ShieldW0lf]

No, idiot, I can't even tell what his argument is because he never states it in his fucking post. Just a link to info wars, which no sane person will bother clicking. The intel video is meaningless without knowing what his fucking point is.

Perhaps you should Read His Last Fucking Sentence then, dipshit.

Pretty goddamn pathetic when he summarized his point mere words later and you couldn't even be bothered to finish reading it.

You get that he's being paid to pollute this forum with this type of confusion, right? This is his 9-5 job.

Re:

[The Grim Reefer]

You get that he's being paid to pollute this forum with this type of confusion, right? This is his 9-5 job.

So you think that this is two different ACs? I was kinda leaning toward it being one with multiple personality disorder.

Re:Don't connect them to the Internet

[ShieldW0lf]

Never attribute to stupidity what is easily explained by malice. The enemy is active, intelligent, malicious and not easily pinned down.

For example, there's a whole host of conversation going on these days about "Why does the NSA fail to implement basic security measures that could have prevented Snowden from doing what he did."

The answer is to act just as they do, and look at the metadata. Don't try to put your finger on who exactly did this or that, but try to understand their nature, goals and motivations... to define them in the abstract, and act against them in the abstract.

Who is served by an easily compromised NSA? Organized crime? Multinational corporations? Israeli intelligence? Doesn't matter exactly who, if you understand their nature, you can fuck with their agenda without ever knowing who they are.

Re:

[dbIII]

Who is served by an easily compromised NSA?

Even uncompromised they requested an allied foreign intelligence agency to spy on an Indonesian cigarette manufacturer to uncover trade secrets. Such an odd incident appears to indicate that they are serving a US tobacco company. The full story would be interesting - how much does it cost to hire the NSA to spy on a competitor?

Re:

[profplump]

Yes. Wake-on-LAN and power management. Super scary stuff there. Thanks for the warning.

Re:

[Attila Dimedici]

I'm pretty sure that that won't work if you follow the grandparent post's advice, "unplug them from the wall when they are not in use." I did not see anything in those links you posted about those chips working when there was no electricity to the device.

Re:

[geekmux]

I'm pretty sure that that won't work if you follow the grandparent post's advice, "unplug them from the wall when they are not in use." I did not see anything in those links you posted about those chips working when there was no electricity to the device.

Speaking of "grandparents", take a look at those around today. Those happened to be the last generation of people who actually powered electronic devices off, and knew what it was like to walk around without the electronic leash of social media shoved up their ass 24 hours a day.

Therefore, that "advice" to power shit off when "not in use" is rather meaningless, especially as more and more people shift entertainment to a cellular device that never powers off or leaves their side.

Re:

[Attila Dimedici]

Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.

Re:

[geekmux]

Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.

Today's generation is so lazy they have remote controls for laptops.

This laziness was so powerful in fact that the industry response was not to find ways to get people more active. No, instead they invented smart power strips so people can turn their shit on and off with their cell phone.

Needless to say, the advice is yet again, meaningless and the example not without irony.

Re:

[ShieldW0lf]

Except that the advice was not to "power it off" when not in use. The advice was to unplug them from the wall.

Are you aware that if you take an old television apart and go poking your fingers around in there, you'll very likely be killed, even if the television has been unplugged for over a year. They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

You really think something they designed in these types of capabilities for espionage, but are going to be stymied by you unplugging the thing?

The US government controls what hardware is contained in those televisions. They

Re:

[ColdWetDog]

They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

You should be fine. Your various aluminum foil bits will protect you handily.

Re:Don't connect them to the Internet

[Ol Olsoc]

Are you aware that if you take an old television apart and go poking your fingers around in there, you'll very likely be killed, even if the television has been unplugged for over a year. They contain capacitors that will hold a deadly charge for a very long time after you unplug them.

Which is a non sequitar. If you are going into the television, you discharge the capacitor. The closest thing I can come up with is that you are sying the cap is a power source. Won't work.

You really think something they designed in these types of capabilities for espionage, but are going to be stymied by you unplugging the thing?

The US government controls what hardware is contained in those televisions. They forced the issue when they were moving away from free-to-air television. If you've been coming to slashdot for a long time, you read all about it.

So, what evidence do you have of this? How is the "snooping" device powered? What frequencies does it operate on? All this is very simple stuff. You can't hide power sources, you can't hide RF. You can't power unpowered things. I could open the back of a smart TV and find the needed components pretty quickly. You'd need a battery, an RF transmitter, and antenna. Looking, and a multimeter, and a cheap radio (I'd use a spectrum analyzer) are all you need. I forgot - a screwdriver. But trivial to find. Can't change the laws of physics, no matter how advanced the paranoia.

Re:

[Ol Olsoc]

Don't bother trying to argue with tinfoil hat nutters. "Physically impossible? Hah! They(tm) reverse engineered this from technology They(tm) found in the crashed UFO!!1!one"

Which brings the conversation into the territory of Why exactly people believe some of the crazy stuff they believe.

The idea of a television with internet access being able to spy on you is one thing - not a technological issue in that at all, the belief that the television still does this after there is no energy to do this any more is somewhat bizzare.

But that's what we live in these days. People who utterly reject science, the NutterWhackers - But they will immediately take up with nonsense like this

Re:

[AmiMoJo]

Any TV made after the 1960s should have a bleeder resistor to discharge any dangerous capacitors.

Re:

[pslytely psycho]

I was a television repairman in another life (before disposable TVs) and the only place that carries enough voltage and amperage to kill you is the high voltage transformer. To discharge, simply attach a ground to a screwdriver, insert under the tube connection point.(the wire from the top of the transformer to the side of the tube, notable for a large round rubber connector.) If there is a charge you hear a snap and it's discharged. If you hear nothing, there was no charge.

Works like a charm.

Re:

[dbIII]

You've just made everyone over 40 feel old.

Re:

[the eric conspiracy]

Meh. I'm 63 and so long as I can get ED meds I am NOT going to feel old!

Re:

[RockDoctor]

especially as more and more people shift entertainment to a cellular device that never powers off or leaves their side.

Just because lots of people do it doesn't mean that it's a sensible thing to do.

Re:

[Hognoxious]

Well exactly. If you had that kind of capability would you be shouting it from the rooft0| $..., ,
no carrier

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[AmiMoJo]

In addition, 3G is unlikely to work inside a metal PC case with the teeny-tiny antenna that would fit on a CPU substrate. The technology seems to be aimed at portable devices and requires an external antenna connection to have any hope of getting a connection.

Re:

[ewieling]

Where in the Intel video you posted a link to does it mention "3G" or "wireless". It infers "wireless" but I don't see anymore than that. Which standards do these "3G" chips support? EVDO? UMTS? Also, what frequency bands?

IPMI can do many of the management things Intel is crowing about in the video. Including powering on the server when it is powered off and getting KVM sessions.

Extraordinary claims require extraordinary evidence.

Do you have any evidence other than the web site of a known conspirac

Re:

[wiredlogic]

From the Intel website [intel.com]:

Previous versions of Intel Anti-Theft Technology enabled authorized IT or service personnel to send a coded "poison pill" over the Internet to completely disable a lost or stolen computer and help prevent access to its encrypted data and deter theft. New Intel AT 3.0 enables the poison pill to be sent as an encrypted, authenticated SMS message by an authorized administrator over a 3G cellular network as well within moments after a missing laptop is turned on. When recovered, the PC can be similarly re-activated with another message. Its new Locator Beacon capability gives authorities the ability to pinpoint a missing laptop using GPS technology on select 3G modems.

Presumably this 3G radio can transmit as well as receive. I tried to find more informative datasheets but Intel's website sucks and I couldn't find more on it.

Re:

[fnj]

Mod parent up. The 3G-inside-CPU-chip hysteria is just that.

Re:

[dbIII]

there's a 3G radio antenna and a special dedicated processor inside of your CPU

Unless you've got a plastic case the signal would suck even before the problem of a small antenna kicks in.

Re:

[fnj]

And it would have to somehow magically get a signal through the metal cap (and the heat sink on top) even it there was such a thing inside the CPU chip.

Re:

[Jane Q. Public]

We need open hardware. The hardware being made in the factories is not trustworthy.

True. But in the meantime, you can install a $0.50 switch in one of the wires to the microphone, and put a post-it note over the camera.

Re:

[JoeMerchant]

How putting black tape over a camera lens won't work is a little beyond me. I can see how audio mics might get past simple muffling techniques, but the camera?

Re:

[JoeMerchant]

As to embedded 3G antennae, I can barely get a signal out on my cell phone through a metal roof, seems like a tinfoil hat would be quite effective here.

Re:

[Anonymous Brave Guy]

Or just don't buy a TV that comes right out of 1984 with a camera and mic included. If you want to Skype, get separate (probably better...) inputs, and connect them up via a system you control and trust.

I'm rapidly coming around to the view that it should be legally required for anything you buy to declare all sensors it includes (camera, mic, GPS, WiFi receiver, etc.) and all networking capabilities (wired or wireless) prominently on the packaging, and to provide a hardwired switch to disable these facilit

Re:

[Anonymous Brave Guy]

Actually, I'm in the UK, and I'm reasonably sure my MP does lurk on Slashdot. :-)

Re:

[m00sh]

Well, duh, don't connect them to the Internet. Unplug them from the wall when they are not in use, and cover over camera lenses with tape. But you should do that already.

Most smartTVs use wireless connection. Even if you disable it, it can be hacked to work while looking like it is disabled.

Re:

[davester666]

Yes, but they don't come 'hacked' from the factory, so if you don't ever configure it for your network, nobody can connect to it to hack it...

Re:

[the eric conspiracy]

Not if you have a decent router.

Re:

[antdude]

What about mic(rophone)? :P

Re:

[Anonymous Coward]

Not so easy, my friend found out the Samsung TV is still connected to the internet through ...... the HDMI cable..

It is setup in some zero config auto detect crap built into windows

no u

[Anonymous Coward]

we must band together and build wooden robots and wooden devices powered by steam. together we will help stop the flow of electrical current and put an end to this modern day madness!

No "Telescreen" Tag?

[Anonymous Coward]

Seriously, this is precisely what Orwell predicted in 1984. I am going to find everyone I ever accused of being a tinfoil hat paranoic and apologize to them in bended knee...

1984 v 2014

[Anonymous Brave Guy]

1984: A cautionary tale about the power of the state and the dangers of ubiquitous surveillance.

2014: A real life documentary in which everyone carries around a mobile phone, everyone's car includes trackers with automatic remote location capabilities, major population centres are observed by numerous cameras logging to central databases under government control and backed by technology doing everything from facial recognition to gait analysis, even the privacy of your own home isn't private because there are literally cameras tucked away on your TV, and lots of people are OK with this as long as the pizza is still hot when it gets delivered and arrives in time for tonight's reality TV show.

Re:

[JoeMerchant]

If you study the eastern philosophies, you will find that hot pizza is more important to happiness than whether or not someone else knows what you are doing.

It would be the height of conceit to believe that what you do in your living room is interesting enough for anyone important or in-power to care about. I worked at a company that had "listening bug" phones on every desk in every office - we still talked openly in front of the phones, openly disparaging the leadership, their policies, their personal hab

Re:

[BitZtream]

The problem is that it no longer requires someone to car about what you do.

Computers can analyze the happenings far faster than humans can, and on a far larger scale, and so all they have to do is tell them to look for something interesting, like your drinking habit or having sex with your neighbor. Then they can be notified about things they otherwise wouldn't have time or money to put the effort into finding.

Re: No "Telescreen" Tag?

[ComputersKai]

Hey you there! Comrade! Stop right there and raise your arms, facing the door.

Simple

[ArcadeMan]

Buy a plain, regular computer LCD display. Connect Apple TV to display via HDMI, connect Apple TV to audio with optical output.

There, no physical spying inside your house.

Re:

[Nethead]

Computer LCD screen, old Core2 box running Mint Linux, set of old speakers with sub-woofer, VLC, thepiratebay for content. Has served our house well for the last two years.

Re:

[silas_moeckel]

Give XBMC or Plex a go a bit nicer interface. Plex client on a Ras PI is dirt cheap low power and still gives you something your in control of.

Re:

[CheshireDragon]

I've done this and it works quite well! I have a Ras Pi on every TV and all linked to a central NAS. Start a movie in the living room and finish it in the bedroom or up stairs in my office.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Anonymous Coward]

Computer LCD screen, old Core2 box running Mint Linux, set of old speakers with sub-woofer, VLC, thepiratebay for content. Has served our house well for the last two years.

So, your counterargument for the suspicion of illegal spying is felony theft.

Great advice there, genius.

Re:

[BrianPRabbit]

I think You have missed a key piece of the views on "piracy" by Many on /., which is summarized nicely by Randall Munroe here [xkcd.com].

Re:

[Nethead]

Exactly. Show me another way I can watch Masterchef Australia in the US (which is produced by Murdock's wife's company, Shine, but still the best of the Masterchef shows.) Most of our viewing is BBC, CBC or PBS. I could get my PBS with an antenna (I donate each year) and if I put up another high gain yagi pointing northwestish I should be able to pull in CBC from Victoria to grab Doc Zone, but why bother? The few US show that I watch are streamed anyway so I'm just saving them bandwidth.

You could bust me

Re:

[wkk2]

Watch out for Ethernet over HDMI bridging one device that has network access to another that you think doesn't have access.

Re:

[Charliemopps]

Buy a plain, regular computer LCD display. Connect Apple TV to display via HDMI, connect Apple TV to audio with optical output.

There, no physical spying inside your house.

Except, you know, Apple, who was one of the first corporations on the NSA's list.

The best way to prevent the NSA from spying on you is to vote for people that intend to disband the agency.

Re:

[ArcadeMan]

There, no physical spying inside your house.

The Apple TV has no camera or microphone.

Re:

[BrianPRabbit]

Except, you know, Apple, who was one of the first corporations on the NSA's list.

No, Apple was actually one of the last corporations on the list according to this [theguardian.com]. Have any evidence to the contrary?

Re:

[AmiMoJo]

Did you see those slides where GCHQ and the NSA talk about intercepting hardware as it is being shipped to you and installing bugs? Dumb TVs are not safe either.

It isn't necessary to forego smart TVs completely, just get one without a camera or microphone. It would be about as safe as a dumb TV then.

Eavesdropping With a Smart TV

[LookIntoTheFuture]

How about removable microphone and camera modules? Is there any way for this to happen for devices that are large enough to have them?

I won't get one...

[CheshireDragon]

I've never bought and I will never buy a Snart TV. My current TV does have a RJ-45 if I care to hook it up to the network, but I have never used that port ONCE in the 2½yrs I have owned the TV. Nor does it have a mic and camera in it. However, if they become like the Snart phone then I will be forced to buy one as the 'dumb' ones will be fewer and fewer. If so, I will just open it up and physically cut out the camera and mic. Problem solved. Of course, I do believe there will be manufacturers out there that will still make TVs without a camera and mic for many years to come. Probably even long after I am gone.

Re:

[Hognoxious]

There'll probably be some sort of physical intrusion detector that'll flag you up as a tairst if you do that.

Or worse, it'll invalidate your guarantee.

So we had the name wrong all along?

[TigerPlish]

So we've been calling it "television" but it turns out the real name is Televisor, isn't it.

Future's so bright I need to wear shades, indeed.

Re:

[EmagGeek]

In fact, in Spanish, the word for a TV set is "televisor."

Not just Soviet Russia?

[Wootery]

All these comments, and not even a nod?

*Ahem*

In Soviet Russia, TV watches you.

English or Bingo?

[Kangburra]

A article? Really? No-one even reads these before they get posted anymore?

Why Limit Yourself To A TV?

[IonOtter]

I bought a LCD projector, and high-end computer speakers, years ago when I was on a ship. Everyone else on board bought nice LCD screens, and the moment we hit heavy weather, I could hear all those nice LCD screens falling all over the place.

My projector was strapped down, and never moved. By using a bed sheet, I had the largest "TV" of anyone on the ship. All with the footprint of two boxes of Ritz crackers.

It migrated with me to my current home, and it works perfectly against the wall, again, giving me

I don't normally do this, but

[denmarkw00t]

A article

Re:

[EmagGeek]

But, but, that would require government getting involved, and the libertarian narrative won't allow that. The free market will dictate that these safeguards exist if they are supposed to exist. Right?

1984

[Dabido]

Bees the size of rats, suck on rats the size of cats

Beware the savage door, Of 1984