Investigation finds major security flaws with smart TVs
Sandra Hermiston and Ross McLaughlin , CTV Vancouver
Published Wednesday, February 14, 2018 6:00AM PST
Last Updated Wednesday, February 14, 2018 7:20PM PST
Could your TV be controlled by hackers? A new investigation has found millions of smart TVs don’t do enough to protect your security.
Consumer Reports has found millions of smart TVs from major manufacturers can be controlled by hackers exploiting easy to-find security vulnerabilities.
The problems affect Samsung televisions along with TV models made by TCL and other brands that use the Roku TV platform.
“While evaluating smart TVs for data privacy and security, CR came across a vulnerability in some smart TVs that can be exploited by a hacker, who could write code to control the TV without the user’s permission,” said Maria Rerecich, Consumer Reports electronics testing.
A hacker could potentially take over your TV and change channels, play offensive content, or turn the volume up to full blast, all without your control.
“This happens because many smart TVs have a programming interface, called an API, that lets you use for smartphone or tablet as a remote control over wifi. In some cases, we found that this API was not properly secured,” explained Rerecich.
Other tests have found smart TVs can track what consumers watch and collect data on their viewing habits. And don’t forget about built in cameras for things like Skype.
“Anytime we have a camera that is pointed into our home be careful. Mark Zuckerberg with Facebook covers his camera, you may want to too,” warned technology analyst Carmi Levy,.
While Roku denied there was a security risk using its platform, Samsun said it will address the security issues “in a 2018 update, as soon as technically feasible.”
So what can you do to protect yourself? The problem is when you tighten security you also lose a lot of your TV’s functionality.
But you can reset your TV to factory settings. Then, as you go through the setup process, say yes to the most basic privacy policies. But don’t agree to the collection of viewing data.
You can also turn off your ACR settings. They’re typically buried three or four menus deep.
If you can’t figure it out call the manufacturer’s customer support and make them walk you through it.