The Present and Future of TV Surveillance

wiredog • August 27, 2024 8:56 AM

“Some TVs remove basic features like Internet connectivity if you don’t let them track you.”

At least for now, my TV works fine as a TV without being connected to the internet.

Aaron • August 27, 2024 10:15 AM

Just another Black Mirror episode accurately predicting an aspect of the future (S1.E2)

Steve Friedl • August 27, 2024 11:19 AM

We have a nice smart TV but have never connected it to our network: it gets its signal strictly from the cable box, or from attached HDMI doodads (Amazon Fire stick, etc.), and in this respect we can keep our television from spying on us to the extent we’re not watching Amazon.

I guess the next step in the arms race are televisions that will simply not function without an internet connection, which will require more shenanigans to get around.

b tyson • August 27, 2024 11:44 AM

what’s happening in the world of television surveillance

This is specifically about televisions surveilling their users—bad, but only the tip of the iceberg. Also, avoidable by using computer monitors and digital signage displays. Yeah, I know they cost more and are not as easy to get, particularly in large sizes, but it’s up to you to decide how much your privacy is worth. I grew up with a 20-inch television as my main set, and later a 27-incher—often using smaller ones when the main one was occupied—so I don’t quite get why people think it’s crazy to have anything less than 40 or 50.

(I don’t put much stock in the common advice of “just don’t connect it to your wi-fi”. It may work for now, but the data’s probably still accumulating on the device with no way to wipe it, set to be leaked when you get rid of it or when a kid or guest connects it to be “helpful” because your Netflix button wasn’t working. Eventually, manufacturers may just make the devices scan for open wi-fi, or make deals to use Xfinity and the like. Also, data-only cellular devices and plans are so cheap—like 7 USD each in bulk for chips, and a similar amount for 10 years of service—that it’s hard to believe the manufacturers haven’t considered them.)

20-25 years ago, nobody knew what you were watching. Well, sometimes I did, when I saw 4 dark apartments flashing in the same way and flicked through the channels to match it, or when someone simply left their curtains open. But a broadcaster wouldn’t know what channel you were tuned to (unless you chosen by Neilson, kept an accurate log, and sent it in); a cable company wouldn’t know. Nobody was collecting bulk data without consent.

That changed with digital cable. Now, not only does a subscriber have to wait hundreds or thousands of milliseconds to tune a channel, their box has to request the channel from the provider. So, assuming the cable-network has stopped running analog signals, they know exactly what everyone’s watching. Do you think they’re passing up that income? Internet-based streaming makes that even more obvious: everything’s by specific request only, and for shows rather than channels. Netflix was already suspected to be in violation of the Video Privacy Protection Act in 2009, and the law was amended and I guess Netflix changed some things, but there are new providers all the time—often located in other countries than their users. I expect the illegal-data-sharing wrist-slap cycle to continue.

Paranoid? • August 27, 2024 11:47 AM

The article just states the obvious.

What i seldom see connected is the Orwellian Telescreen concept of joining smartphone under-screen camera technology and smart TVs.

Clive Robinson • August 28, 2024 3:57 AM

@ b tyson, ALL,

Re : You don’t need eyes to see.

For quire sometime now I’ve been warning about “Smart-meters” and their ability by “power signature” to know what you are doing.

Your,

“20-25 years ago, nobody knew what you were watching. Well, sometimes I did, when I saw 4 dark apartments flashing in the same way and flicked through the channels to match it”

Can be done by any smart-meter in any home and “signal it back” to the Power Grid utility monitoring center (or elsewhere with GSM modems built in).

The reason it can be done, is the more “power efficient” a flat screen TV or even computer is the more information it conveys through the Switch Mode PSU to the wiring in your home.

Thus the “low frequency” of screen background changes –at frame rate– gets easily seen. The only question is how many seconds does it need to identify which channel you are watching of “live broadcast” or “broadcast streaming” or identify the film from “on demand” or even DVD/BlueRay?

The answer is surprisingly little where there is for instance dialogue and the camera switches from face to face and the backgrounds change with it, or there is a slow pan or street scene with vehicles moving.

And because it’s “low frequency data” –integrated over ten frames or so– the amount of storage required for the signature for a two hour move is really quite small (say 72,000 bytes).

This data can be further compressed in ways that assist rapid sync/match.

ResearcherZero • August 28, 2024 5:08 AM

“LG, for example, started sharing data gathered from its TVs with Nielsen, giving the data and market measurement firm “the largest ACR data footprint in the industry,” according to an October announcement.”

The real power of surveillance lays in the ability to understand relationships between inputs. The ability to recognise text and images and the relationships between them.

The automated ability to decipher meaning from large data sets using models.

Below are instructions for turning off ACR in the major smart TV platforms:

https://www.consumerreports.org/electronics/privacy/how-to-turn-off-smart-tv-snooping-features-a4840102036/

Bob Paddock • August 28, 2024 8:38 AM

“I guess the next step in the arms race are televisions that will simply not function without an internet connection…”

We’ve already lost that part of the arms race.

I needed a small HDMI monitor. Bought a small Samsung TV at Big Box store.
I returned it because it would not get past the first power up screen without being connected to Internet.

b tyson • August 28, 2024 10:05 PM

Clive, how theoretical is that? It sound a bit like the “television detection vans” in the U.K., which seem to be considered maybe possible in theory, but a bogus intimidation tactic—akin to “lie detectors”—in practice.

I believe you that the hardware could in principle do it. But would power companies, or those who illicitly hack them, actually have sufficient low-level access to the meters to add that code? Has any company shown any interest in such things? Usually these bad ideas are preceded by patents, and once actually implemented we’d learn of data-buyers and sellers. Has anyone even done a proof-of-concept demonstration that worked in anything approximating real-world conditions?

I’m much more worried about denial-of-service attacks with such meters. The ability to shut off someone’s power for non-payment seems much too tempting to have been excluded as a feature. Which is to say that the feature probably exists, even if dormant. Ransomware is an obvious threat: the only alternative to paying would be to send techs to every meter in a dark city, which could take weeks. And what would happen to the grid if millions of homes could be shut off at exactly the same time? It’d be nice to see a power-meter-network set up for penetration testing at a hacker conference; some people claim to have tested them, but with authorization and I guess non-disclosure agreements—so the published material lacks detail.

Thinking along those lines: if a television is sending data to “the cloud”, it’s almost certainly receiving data too. I doubt they’re using UDP packets and just hoping they end up at the proper place. Even if it’s receiving just enough to negotiate TLS, that’s a non-negligible attack surface. And the article notes that people don’t tend to replace these things very often, which means it’s an attack surface on dated software. I’m surprised we haven’t already seen a major group of televisions subverted with ransomware, Viagra ads, or the like.

(By the way, I’m in Ontario, Canada, where the smart meter situation is quite silly. The government “upgraded” everyone to those meters about 15 years ago—getting rid of millions of perfectly good mechanical meters—and moved us all to time-of-use billing. And then a few years ago, a different government decided that any subscriber could choose move to non-time-of-use “tiered” billing; effectively what we had before, but with a higher rate after using X kilowatt-hours in a billing period. Which technically requires a meter that can group usage by month—except, many people never exceed that “X”, in which case it doesn’t matter at all.

Anyway, it’s nearly impossible to save money with time-of-use billing—it only works if one’s using something like 80% of one’s power overnight, like to charge an electric car or maybe a full-home battery. I did an experiment across one billing period, where I sat cold and hungry every day till the off-peak hours came and I could heat my home and cook; time-of-use was still about a dollar more. I suspect the smart-meter program was just a ruse, to fire the meter-readers under the guise of environmentalism.)

Leave a comment

All comments are now being held for moderation. For details, see this blog post.