We're Apparently Scanning Our TVs For Viruses Now
from the internet-of-broken-things dept
We've noted for many years that (like so many "internet of things" devices) modern smart televisions have the security protection equivalent of damp cardboard. Not only are they often easily hacked (something intelligence agencies are super excited about since it gives them audio access to targets), but the companies that make them have been busted repeatedly for hoovering up user usage data (and even audio from your living room), and then failing to adequately secure it.
This week, Samsung took a bit of heat for urging the company's TV customers to, for the first time, occasionally run an antivirus scan on their television sets. The Tweet was online online briefly before Samsung deleted it, apparently realizing it only advertised the fact that you shouldn't be getting viruses on your TV set in the first place:
That's amusing for several reasons. One, because customers wouldn't be getting viruses on their television sets if these products had even the most basic security protections, something TV vendors have failed at for years. Two, because it highlights how many modern televisions have become insanely complicated. Not because consumers necessarily want them to be insanely complicated, but because most TV vendors want you using their embedded streaming platforms and as opposed to a third-party streaming device (like Roku, Chromecast, or a game console).
And of course they want you using their streaming platforms because they want to monetize your viewing and other profitable data. As a Vizio executive recently acknowledged, this can help subsidize the cost of cheaper TV sets. That creates a dilemma whereby the consumer is forced to pay a premium if they want a TV set that simply displays a god-damned image and doesn't hoover up their personal data:
This is a real "privacy as a luxury product" dilemma: you can get a great 55-inch inch TV for $500, but it's full of ads that subsidize the price over time and create stable revenue for the manufacturers. Would you buy a dumb TV with the same specs for $1500?
— nilay patel (@reckless) June 17, 2019
The problem is if you've shopped for a TV lately, it's effectively impossible to find a "dumb" television that simply passes on signal from other devices. As in: they're simply not available at any meaningful scale, even if you were willing to pay a significant premium for them. Many people certainly are; most embedded TV OS platforms are kind of terrible, and users would rather buy a new streaming box (Roku, Chromecast, Apple TV) every few years than be forced to buy an entirely new TV set because the embedded streaming hardware becomes outdated (something TV vendors clearly would benefit from).
While some set vendors might argue that dumb televisions don't exist because there's no market demand for them, the fact is they haven't even bothered to try. And they haven't bothered to try because they're fixated on accelerating the TV upgrade cycle and collecting and selling your personal usage data to a universe of partners. Which again, might not be quite as bad if these companies had done a good job actually securing and encrypting this data, or designing television OS' that didn't feel like they were barfed up from the bowels of 1992 GUI design hell.
It's all kind of a silly circle dysfunction but pretty standard operating procedure in the internet of broken things era, where an endless list of companies now sell over-hyped internet-connected appliances, gleefully collect and monetize your data, but can't be bothered to adequately secure that data or provide consumers with clear options to avoid data collection entirely.
Filed Under: computer security, iot, security, smart tvs, viruses
Companies: samsung