Category: TV

Do You Trust Your TV? It Could be Spying on You.

Well if you have a new Samsung TV then perhaps you should think twice before answering that question.  Their new generation of Smart TVs have a voice activation feature that allows you to switch on and off, change channels and stuff like that, but it’s possible that this comes at a significant cost.

 

An eagle eyed EFF activist called Parker Higgins, took the time to read the privacy policy of these TVs and discovered a rather alarming paragraph which stated –

Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

So let’s just have a think about this, if you enable the voice recognition function on your shiny new Samsung Smart TV, the bloody thing will not only listen to all your conversations it will also transmit them to a myriad of  third party companies.  Your TV would actually be sitting in the corner of your room spying on you!

Now putting aside my personal dislike of all voice enabled devices, I mean why is talking to an inanimate device preferable to pushing a button, this is a seriously worrying threat to people’s privacy.  For a start you’d have to be permanently on your guard, who knows where your conversations are going to – just some spotty Samsung technical geek  or more likely a selection of marketing companies?   Secondly, it’s not only spying on you the owner of the TV but anyone who happens to be in the room – have they given their permission ?  Should anyone entering your living room be given a disclaimer and need to sign a consent form !!

Samsung have now modified the wording in their policy insisting that the TV doesn’t in fact listen to ordinary conversations.  This is however rather difficult to believe after the initial policy wording,  I mean you’d never put that down in writing if it wasn’t in some way true.  There is obviously little thought being put into the design of these devices, as far as privacy goes – relying on stuffing a few sentences deep in the TVs documentation (which it probably thought nobody would read).

There are other aspects to the technology which makes it even more unlikely that conversations can’t be monitored by the device.  For start the TV is capable apparently of recognising complex requests like –

‘recommend a good Sci-Fi Movie’ or ‘open BBC iPlayer

I mean a TV would have to listen to pretty much everything to pick up and filter requests like that, this is beyond someone like me shouting OFF  in his stupid accent.

What is more that the TV doesn’t have a single microphone, you can’t just huddle in the corner away from the TV whispering – there’s another in the damn remote control.   Cunning move, the TV remote in my house for example it is the singlest most difficult to find device by far.  It routinely turns up in all sorts of obscure locations and I’m sure my children are on some sort of retainer to hide it every time they’ve finished watching.

Well I for one, will not be purchasing one of these things, however unfortunately it will also involve me upgrading my general level of paranoia.  I foresee a future of creeping around electronic stores or checking the backs of friends TV sets when I enter their house  (and of course enquiring about the location of the remote).

Does anyone really need this rubbish !!

Lessons from the Internet of Things – Do you Trust Your Fridge?

The ‘Internet of Things‘ is one of the most discussed topics on technical forums at the moment. The idea that you can enable all sorts of devices with a network card and a bit of memory to attach it online obviously has many benefits. It reminds me of the excitement of the ‘Trojan Room Coffee Machine which was a live video stream of a coffee machine hooked up in Cambridge University, via MPLS and an Acorn Archimedes (remember them!) in 1993. Sure it was just a coffee machine, certainly the picture rarely changed – it was either full, empty or half empty – but the realisation that you could check on it in real time without leaving your chair was kind of exciting at the time. The web cam was switched off in 2001, but many of us can still recall checking that the geeks in Cambridge had enough coffee.

isyourfridge-spamming

Nowadays of course, our devices are increasingly network aware, printers were of course, the logical first piece of equipment to stick online, it saved having them hooked up to computers and people could use them remotely. However it didn’t take long for hackers to target the first network enabled printers to infiltrate networks, distribute malware or just muck about by sending huge print jobs to them.

A story has broken this week in the security press which adds a strange twist with the first reported Spam attack by a fridge. The report released by the security firm, Proofpoint claims that a fridge took part in sending 750,000 email messages in a wide bot enabled Spam attack. It’s actually a little late as there have been similar reports as early as 2013 of this new vocation of our kitchen appliances, however it’s still rather disturbing.

Many of us, will perhaps question the need for kitchen appliances to have access to the internet. I for one can happily live without my fridge tweeting me that I’m out of milk, in fact being nagged by my fridge doesn’t appeal at all!! Manufacturers will point to the fact that internet access will provide a host of other benefits like fault finding and notifying manufacturer of potential problems. Again, the old school method of the fridge simply stopping working seems more than adequate. Imagine getting a call from a Samsung customer representative who has just been notified that your fridge light is not working by your erm fridge. It’s an internet horror story and the benefits negligible at best and in reality pretty much pointless.

Enabling these devices means there’s another headache you are responsible for, you’ll need to configure your fridge to connect, ensure it’s got a strong password and it’s behaving itself online.  How do you connect to your fridge, could you compromise other logins, should you use a VPN to connect?  Coming down in the morning and finding your fridge cornered by the FBI might seem far fetched but it’s not as ridiculous as it might seem.   Using these devices in botnets to attack other machines, send out spam or as proxies to attack other machines is perfectly feasible and it’s actually happening now.

Network security on these enabled devices is normally an after thought, it’s often much easier to hack into a network enabled device than a laptop or computer.   For example how many people would log onto their fridge after purchase to change the default password – but if you’ve bought  a fancy internet enabled smart fridge it’s something you really should do.   Already hackers have demonstrated how to to steal your google login from a Samsung fridge, at this years DefCon conference.  The fridge ran a flawed implementation of  SSL which failed to check false certificates making it vulnerable to MiTM attacks.

This ‘internet of things’ basically sounds like a huge pain, introducing fairly pointless benefits at the cost of loads of hassle and vulnerabilities.  Of course for things like printers and using my Smart TV to access online entertainment then it makes sense.  However I for one will not be upgrading my fridge anytime soon.

The Netflix Throttling Mystery – The VPN Solution?

There is of course a big problem with the most popular sites on the internet, and that’s the amount of  traffic they generate.  As our use of media sites like Netflix, BBC iPlayer and Hulu which stream video across the net increase then so do the costs for the people who have to carry that traffic – the ISP.

IS Netflix Being Throttled

It’s kind of tough when you think about it, each time someone subscribes to Netflix, the ISP of that customer will see their traffic usage sky rocket.  Combine this with some users downloading hundreds of Gigabytes a week from BitTorrent sites and you can see there problem.  Each customer will cost more and more to support, while these other companies effectively transmit their service over your infrastructure.   If all ISPs charged a bandwidth costs, that wouldn’t matter much – but the current status is that due to competition most offer unmetered access.

The big telecoms giants in America seem to have come up with a solution, although it’s not a terribly popular one.  Comcast and Verizon are being increasingly suspected of throttling traffic to these sites, especially to the vastly popular Netflix.  This effectively means that your data is un-metered normally but the speed will be capped when you access specific sites or transmit certain data like streaming video or accessing BBC iPlayer, Netflix or Hulu for example.

On the whole, this behavior is generally denied, it’s commercially bad news to admit that you will cripple the speed of some of the world’s most popular sites.  It’s of course, extremely annoying to watch a film and wait every ten minutes for it to buffer!

The evidence is mounting and some users on Comcast and Verizon have discovered that if they stream video over a VPN connection then they see huge speed increases.  A virtual private network of course shouldn’t increase your speed at all, you are adding another hop to the journey of your data, plus a layer of encryption too.  Although the fastest VPN providers like . will normally see minimal performance impact you wouldn’t expect to see a huge speed boost.

Speeding Up Netflix Yet this is what seems to be happening to many – stream direct from Netflix and your connection will struggle.   Fire up a VPN connection and stream through that some people are getting 10 or 20 times the throughput.  This increase has been reported by many people who have repeated the test using different sites and VPNs.

There are some other potential explanations, one of the most plausible is that some network pipes are simply becoming saturated.  If Netflix traffic is normally travelling down specific links to reach these big telecom providers, then there’s going to be a huge amount of traffic there.   Watching Netflix in the USA over a VPN will provide an alternate route, perhaps one with little congestion – hence the speed boost.

The jury’s out at the moment, both these scenarios could be true.  It’s definitely the case that using a VPN not only allows you access to the different language variants of sites like Netflix (Canadian or UK users can get US Netflix for example) but also boosts speed significantly.

Using DNS to Fightback

There’s a lot of information on this site, about the various methods used to filter, block and deny access to specific websites. Content filters, geo-blocking and firewalls now form part of the internet’s infrastructure rather than existing in isolation to protect genuinely secure networks. Of course, there have always been ways around them and in reality if you had something like the portable version of Identity Cloaker stored on a USB drive, you were normally able to bypass them. But in reality most people wouldn’t want to get involved in the world of proxies, VPNs and encryption because basically they just wanted to watch stuff online.

After all if you’re faced with a big shiny flat screen Smart TV, and you find you can’t watch a video on YouTube or The Simpsons on Hulu – then downloading PC software is not going to get your far. The reality is that we access the internet in so many different ways nowadays and via a computer is just one of these. In my home just for an example, the devices capable of browsing the internet include computers, tablets, phones, TVs, an Xbox and a WiiU and probably more. The challenge is to enable those devices to have unrestricted access to specific websites, not just the computers.

There in lies the difficulty, you can’t install PC based software on your phone, TV and Games console. The most you’ll be able to control is the device’s network settings from some generic menu like this –

wiiu-networksettings

This will be the same for your phone, Smart TV and tablet – most devices will allow you access to these settings somehow. Although there are some which don’t – the annoying Roku won’t let you manually change all these network settings for some reason ( Geek Note : although you can remotely assign them through DHCP).

Fortunately now this is all it takes is to use Smart DNS – which you can see from this video demonstrating the procedure on an iPad.

So to bypass all but the most fiendish network blocks all you need to do is to be able to manually alter the DNS settings. Unlock BBC iPlayer, Hulu, Pandora and Netflix on any electronic device you need, just by using Smart DNS.

It’s a wonderful piece of technology, designed to bypass the commercialism and control that corporations are seeking to impose on the internet user. It’s simple to use, cheap and doesn’t impact your connection, so I thoroughly recommend it. Remember the video above – Change DNS iPad settings enables Smart DNS on the tablet but it works the same on any internet enabled device, just find those network settings and change your DNS server to a Smart one.

No Politics – But Ninja Videos Ok

Is this right?

Fuck…I hope not….
The Dead Kennedy’s shocked in my youth – some thirty years ago..,,,,still pretty hard core…..

Awesome video 🙂

Original video got canned – this one is nearly as good though, enjoy.