48-page report citing Ars Technica urges FTC, FCC investigate connected TV data harvesting. Gen AI, potentially racially discrimniatory practices head concerns.
pi-hole ftw. the vast majority of my pi-hole’s DNS drops are from various Roku and Roku-like devices. Also, put all your IoT stuff onto a guest network, or if your gear supports it, on its own VLAN.
See, I just don’t connect it to the network. It complained when I set it up but now it just works as a screen.
I’ve got a raspberry pi steaming my desktop to it with gamestream/sunshine/moonlight, and it’s now as smart as my computer. It can even stream from different computers no matter where they are in the house, watch anything with stremio, and play games from them too. It’s way better than using the youtube or netflix button on the TV, most of the services it offers I don’t use anyway.
But actually pihole does sound like a good idea and maybe I should get that set up one of these days.
So with all the recent drama I learned that some TVs look for other open networks or other same brand TVs in range, and if found will join those networks and still share data.
So not connecting it isn’t enough in all cases.
A pihole wouldn’t solve this either if it was smart enough to know it’s blocked and look elsewhere.
In the not so distant future, people will begin turning their houses into faraday cages to ensure nothing can access the outside unless given proper permission.
You could set up a dummy LAN with no internet access for the tv. Unless it actually has more than one network card, it would need to be able to have the ability to virtualize network interfaces to connect elsewhere, and I really doubt these TVs are that smart.
I’d be interested to see more information on that. I don’t doubt companies would do that, but some good information on when it happens and how to prevent it would be useful.
So I did some looking, and as far as I can tell, there’s no definitive proof of someone testing this and reporting on it. It might just be all rumors and speculation.
Thanks, I hope they don’t do it. I would expect the security community to be able to find something like this, since it’s not hard to hook up some devices and do packet sniffing to detect if they’re talking to each other.
This would be an excellent use case for LTT’s faraday cage room for instance.
I recently picked up a GL-iNet Flint 2 because it’s a powerhouse and one of the easiest routers to flash Open-WRT onto. If you don’t want to mess with firnware flashing, it comes stock with their fork of Open-WRT. So, either way, you have a ton of control over your router, including setting up VLANs and running AdGuard.
Thank you for the reply - you’ve offered a great opportunity to ask another question 😂
I was looking at adguard. Is this something worth the subscription? I was looking at it because it seems to handle a lot of ads, including those on mobile games and stuff. But in my cursory glance, people are saying it’s not safe…
I’ll look at the GL-iNet because a) I want a powerhouse and b) I want nothing to do with flashing firmware haha
AdGuard as a service is alright, but it’s essentially just a pihole that you don’t have any control over. It does DNS level blocking, which means the ads get blocked before they even load on your network.
The issue is that since you’re routing all of your DNS traffic through AdGuard, you’re directly telling AdGuard which sites you are using. So there are concerns that you are just shifting the data collection from the ad companies to AdGuard instead, but AdGuard has the ability to be way more invasive in how the collect data.
Just set up dual piholes (one for your primary DNS, and one for your secondary DNS) instead. You get the exact same end result, without any of the data collection worry.
I have the Ubiquiti Edgerouter X. I got it mostly because at the time it was on sale 😂 but it seems to have decent support. Note that you will have to get a wireless AP as the Edgerouter is a pure router without WiFi function. Lots of people also like Mikrotik products.
Mikrotik are really aimed at advanced users, ubiquiti brand themselves as prosumer products. I found the Ubiquiti interface a complete mess - but it could just be me.
If it can run OpenWRT I’d suggest taking that path (if you like to tinker / the device supports it). My Google WiFi hubs are still humming away after all these years - now with way more features and a usable interface!
For consumer grade gear, Ubiquiti is probably the best bet. Unless you want to get into the commercial side of things, but that’s prohibitively expensive for the average person.
Personally I run a GL.iNet system. I like it being completely open source, and the Flint 2 is a workhorse of a router. But as far as ease of use and config, Ubiquiti is certainly more straightforward.
This might be my ignorance, but the Ubiquiti stuff I’m finding seems to be all commercial. I ended up getting a good price on the Flint 2 and it should be here next Friday. I’m hoping to chunk out some time setting it up on the 20th
So lucky my smart thermostat and door/window sensor are connected via DECT-ULE to my router/modem combo (for those interested AVM Fritzbox) and I can poll those via home assistant.
And I don’t think they could phone home (and I hope AVM doesnt do bs).
pi-hole ftw. the vast majority of my pi-hole’s DNS drops are from various Roku and Roku-like devices. Also, put all your IoT stuff onto a guest network, or if your gear supports it, on its own VLAN.
See, I just don’t connect it to the network. It complained when I set it up but now it just works as a screen.
I’ve got a raspberry pi steaming my desktop to it with gamestream/sunshine/moonlight, and it’s now as smart as my computer. It can even stream from different computers no matter where they are in the house, watch anything with stremio, and play games from them too. It’s way better than using the youtube or netflix button on the TV, most of the services it offers I don’t use anyway.
But actually pihole does sound like a good idea and maybe I should get that set up one of these days.
So with all the recent drama I learned that some TVs look for other open networks or other same brand TVs in range, and if found will join those networks and still share data.
So not connecting it isn’t enough in all cases.
A pihole wouldn’t solve this either if it was smart enough to know it’s blocked and look elsewhere.
Gotcha, find its card and rip it out.
In the not so distant future, people will begin turning their houses into faraday cages to ensure nothing can access the outside unless given proper permission.
This is the way.
You could set up a dummy LAN with no internet access for the tv. Unless it actually has more than one network card, it would need to be able to have the ability to virtualize network interfaces to connect elsewhere, and I really doubt these TVs are that smart.
Ah, gotcha. That would seem like overkill if that’s what would be needed.
I’d be interested to see more information on that. I don’t doubt companies would do that, but some good information on when it happens and how to prevent it would be useful.
So I did some looking, and as far as I can tell, there’s no definitive proof of someone testing this and reporting on it. It might just be all rumors and speculation.
Thanks, I hope they don’t do it. I would expect the security community to be able to find something like this, since it’s not hard to hook up some devices and do packet sniffing to detect if they’re talking to each other.
This would be an excellent use case for LTT’s faraday cage room for instance.
can’t you set a password so it can’t join willy nilly?
That would only work until your neighbor leaves their guest WiFi open.
I need to replace my router as it’s coming to end of life. I want one with vlan so I can put all my iot on a separate lan. Any recommendations?
I went ubiquity with my entire network. Can recommend
Me too.
I’ll check it out - thanks!
I recently picked up a GL-iNet Flint 2 because it’s a powerhouse and one of the easiest routers to flash Open-WRT onto. If you don’t want to mess with firnware flashing, it comes stock with their fork of Open-WRT. So, either way, you have a ton of control over your router, including setting up VLANs and running AdGuard.
Thank you for the reply - you’ve offered a great opportunity to ask another question 😂
I was looking at adguard. Is this something worth the subscription? I was looking at it because it seems to handle a lot of ads, including those on mobile games and stuff. But in my cursory glance, people are saying it’s not safe…
I’ll look at the GL-iNet because a) I want a powerhouse and b) I want nothing to do with flashing firmware haha
AdGuard as a service is alright, but it’s essentially just a pihole that you don’t have any control over. It does DNS level blocking, which means the ads get blocked before they even load on your network.
The issue is that since you’re routing all of your DNS traffic through AdGuard, you’re directly telling AdGuard which sites you are using. So there are concerns that you are just shifting the data collection from the ad companies to AdGuard instead, but AdGuard has the ability to be way more invasive in how the collect data.
Just set up dual piholes (one for your primary DNS, and one for your secondary DNS) instead. You get the exact same end result, without any of the data collection worry.
Thank you for your detailed responses. Has adguard any track record of collecting data? Is there a way to know?
I have the Ubiquiti Edgerouter X. I got it mostly because at the time it was on sale 😂 but it seems to have decent support. Note that you will have to get a wireless AP as the Edgerouter is a pure router without WiFi function. Lots of people also like Mikrotik products.
I’ll check out mikrotik - thanks!
I don’t really understand the rest of what you said haha
Mikrotik are really aimed at advanced users, ubiquiti brand themselves as prosumer products. I found the Ubiquiti interface a complete mess - but it could just be me.
If it can run OpenWRT I’d suggest taking that path (if you like to tinker / the device supports it). My Google WiFi hubs are still humming away after all these years - now with way more features and a usable interface!
For consumer grade gear, Ubiquiti is probably the best bet. Unless you want to get into the commercial side of things, but that’s prohibitively expensive for the average person.
Personally I run a GL.iNet system. I like it being completely open source, and the Flint 2 is a workhorse of a router. But as far as ease of use and config, Ubiquiti is certainly more straightforward.
This might be my ignorance, but the Ubiquiti stuff I’m finding seems to be all commercial. I ended up getting a good price on the Flint 2 and it should be here next Friday. I’m hoping to chunk out some time setting it up on the 20th
So lucky my smart thermostat and door/window sensor are connected via DECT-ULE to my router/modem combo (for those interested AVM Fritzbox) and I can poll those via home assistant.
And I don’t think they could phone home (and I hope AVM doesnt do bs).