Hisense, TCL, Sony & Samsung TV’s Can Be Easily Hacked Claim Consumer Group
Brands singled out include Hisense Sony and TCL along with Samsung made models.
According to the experts you don’t need to be an expert to work out how to get access to one of these smart TV’s.
The new study from the US Consumer Reports, has found that millions of popular smart TVs can be accessed in particular ones running Roku platforms, which are featured in televisions made by TCL and Hisense in some Countries.
Smart TV popularity is on the rise. Consumer Reports cited research that showed 69 percent of new TV sets that were shipped last year were internet capable. That percentage is supposed to rise this year, the report said.
The prevalence of the technology has grown so quickly that old-fashion TVs that cannot be connected to the internet are now hard to come by.
While smart TVs may allow for more convenience, that convenience comes at a cost, Consumer Reports warned.
All five of the TV brands tested by Consumer Report used different smart TV platforms. Models made by Samsung and LG featured platforms designed by their own companies, but the TCL, Sony and Hisense televisions the magazine tested used platforms made by outside companies and these were most at risk.
Consumer Reports found that the televisions made by Samsung and TCL were not secure, and the report described the flaws in the television sets.
Of particular concern were TV’s running the Roku platform which is used by Telstra on their Telstra TV boxes.
A Roku spokeswoman told Consumer Reports, ‘There is no security risk to our customers’ accounts or the Roku platform with use of this API [application programming interface],’ contradicting what the magazine had learned.
Samsung, on the other hand, said: ‘We appreciate Consumer Reports’ alerting us to their potential concern.’ It also said it is looking into the problem.
The Sony model featured in the study used Google’s Android TV platform, which was also vulnerable to attack.
Consumer Reports analysed two characteristics of the televisions featured in the study: their data collecting tendencies and hackers’ ability to access the machines.
‘Our security testing focused on whether basic security practices were being followed in the design of each television’s software,’ the report said.
It said: ‘They allowed researchers to pump the volume from a whisper to blaring levels, rapidly cycle through channels, open disturbing YouTube content or kick the TV off the WiFi network.
‘To a television viewer who didn’t know what was happening, it might feel creepy, as though an intruder were lurking nearby or spying on you through the set.’
However, the researchers were not able to discern what was being played on the television while they were hacking it. The process was compared to someone controlling a remote with closed eyes.
The problematic design was described as ‘totally unsecured’ in the report. Engineer Eason Goodale explained: ‘This means that even extremely unsophisticated hackers can take control of the Rokus OS.
‘It’s less of a locked door and more of a see-through curtain next to a neon “We’re open!” sign.’
Consumer Reports noted that it was not the first whistle blower to notice the problem. It has been discussed in forums since 2015.
The Samsung television’s vulnerability was not as obvious. Even so, hackers could access the product in a relatively easy fashion.
Goodale said: ‘Samsung smart TVs attempt to ensure that only authorized applications can control the television.
‘Unfortunately, the mechanism they use to ensure that applications have previously been authorized is flawed.
The Sony television that Consumer Reports researchers evaluated was one of the worst in terms of collecting users’ data, the new study said. If a user refuses to agree to Google agreements when setting up their new TV, basic functions disappear, making the point of investing in a ‘smart’ TV unclear.
The Sony television that Consumer Reports researchers evaluated was one of the worst in terms of collecting users’ data, the new study said. If a user refuses to agree to Google agreements when setting up their new TV, basic functions disappear, making the point of investing in a ‘smart’ TV unclear (file photo)
‘It’s as though once you unlocked your door, the door would never lock again.’
Samsung said: ‘We appreciate Consumer Reports’ alerting us to their potential concern.’ It also said it is looking into the problem.
Consumer Reports found that the Sony TV, using Google’s Android TV platform, was the most invasive in terms of privacy.
‘Consumers have to click yes to Google agreements, even if they don’t plan to connect to the internet. That could be a frustrating thing to discover only after you’d bought the big-screen TV at the store, lugged it home, and maybe mounted it to the wall.’
Sony told Consumer Reports: ‘If a customer has any concerns about sharing information with Google/Android [they] need not connect their smart TV to the Internet or to Android servers to use the device as a television.’
Consumer Reports found that the problem with turning down access to data collection is that many functions that make a television ‘smart’ disappear when you do so.
This can be irritating if you have paid for a TV based on its internet capability.