Skip to main content
  1. Home
  2. Audio / Video
  3. Features

To make your smart TV safe from spying, manufacturers need to up their game

By

Smart TV Makers Voice Security
Image used with permission by copyright holder
Comedian Yakov Smirnoff used to notoriously joke that “in Soviet Union, television watches you!”

It was a funny sound bite, and one that didn’t make literal sense at the time (at least in the West), but in this era of smart TVs, it’s entirely possible. Just like your laptop or cell phone, a smart TV is potentially a portal into your most private spaces, and an easy target for any ne’er-do-well with the inclination of hacking into your home … or even the companies that build them.

Evocative headlines recently alleged that Samsung’s smart TVs were spying on their owners — it turned out the truth was much less ominous, but once widespread media frenzy put smart TVs under the spotlight, there was no going back.

Even if manufacturers weren’t spying, it became clear that they aren’t doing enough to ensure that the eye in your living room isn’t watching you. And they have a lot of work ahead of them if they want to get there. Here’s what smart TV security looks like now, and what needs to be done to make it better.

Speaking in tongues

The Samsung scandal began with the notion, inspired by a line in its Terms & Conditions, that its smart TVs were always listening, recording, and uploading to the cloud. This simply isn’t the case, for Samsung’s smart TVs or any other brand’s.

Privacy policies like the one that put Samsung under the microscope don’t provide enough context.

A Smart TV has to be awakened with a set command before it actually records anything. When it does record your query, it sends that audio data to the cloud, over to a third-party for processing, and then back down to the user with the results. This is really no different than how Apple’s Siri or Google Now work, which is why you have to have an Internet connection for them to work.

So if lots of other products do the same thing – and have done so for quite some time — why did Samsung end up taking so much heat? Part of the problem is the process was never articulated well. The specific line that put Samsung under the microscope, in particular, didn’t provide enough context.

Spell it out … all of it

But perhaps the bigger issue at play here is one of expectation: People don’t expect to worry about the security of their TVs. They know to protect themselves when using devices like phones, tablets, and laptops, but passive devices like TVs don’t raise the same guard.

“A TV is for entertainment, so it shouldn’t become a device you have to manage by learning how to keep it secure and how to keep your personal content personal,” says Barbara Kraus, director of research at Parks Associates. “A TV manufacturer shouldn’t put a feature in that doesn’t have a customer benefit, and if it does, it should be designed with consumers’ privacy and security in mind, as opposed to that being an afterthought.”

LG Smart TV
Image used with permission by copyright holder

This means communicating what the benefit of the feature is, how it works, and what you can do if you don’t want to opt in. For instance, any voice recognition feature that might feel intrusive should be able to be turned off, even after you’ve already agreed to the terms in using it. Of course, doing so will block out other, related features, and which those are should be spelled out.

Consider LG’s privacy policy, for example, which states, “you do not have to agree to the Privacy Policy, but if you do not, not all Smart TV Services will be available to you.” While the overall distinction is clear, what’s actually being taken away isn’t explicitly noted or listed. In any case, it’s a good bet your Smart TV will get dumbed down.

“That can almost come across as punitive,” says Kraus. “If you don’t do this, we’ll take away that. You need to tell me how this is valuable to me, and don’t say it’s because I can target advertising to you. That may not necessarily be everybody’s idea of a benefit.”

Companies aren’t the only threats

Since Smart TVs are Internet-connected devices that pull data from outside a home network, they carry a potential risk for privacy leaks or security vulnerabilities. Hackers could conceivably use one as a backdoor into your home network and the other connected gadgets you have lying around.

The biggest threat to your data is by way of the manufacturer or third-party misconfiguring or mismanaging it. A 2013 iSEC Smart TV research report focused on remote attacks when the TV could be compromised through the browser, video chat applications, social-media applications, or malicious applications.

“These are the most likely paths for attackers, but it’s unlikely the general public will be targeted through their TVs because the market share and user base is still too small,” says Aaron Grattafiori, principal security analyst at iSEC Partners. “Existing attacks against other devices, such as laptops and home routers, are still too successful and easy for them to avert their attention.”

But if they do find holes, hackers may find them far slower to be plugged than on a computer. Grattafiori notes that since manufacturing teams creating these devices rarely undergo security audits, they may never fix vulnerabilities or holes located within them with patches, opting instead to simply go about fixing them in next year’s model.

Still, he says, you should try to stay updated. “As with any computer or ‘smart’ devices, always install your updates, disable or unplug features you’re not using, and be careful installing Smart TV applications,” Grattafiori says. “Finally, if you’re shopping for a new TV, and only really want to use it for Netflix, Amazon Prime, or something like that, pick up a Chromecast — and a dumb TV.”

That last idea is nice in theory, but unfortunately it’s nearly impossible to find a high-quality TV that isn’t smart. And to be frank, turning off certain features and being diligent about updates all sound like Band-Aid measures – literally, like sticking a bandage on your laptop’s built-in camera. There has to be a better way.

Trouble in the cloud

When your TV listens to you, it doesn’t figure out what you’re asking with a processor inside. It usually hands the recording to a third party in the cloud that processes the recording and spits back a translation — like Nuance Communications. The company powers many different voice-recognition systems behind the scenes, including Siri. Nuance declined to comment on how it manages voice data when contacted by Digital Trends for an interview. But we’ve recently learned what happens to what you say to your phone behind closed doors.

“You need to tell me how this is valuable to me, and don’t say it’s because I can target advertising to you.”

Apple, for instance, records virtually everything you say to Siri, and hands much of it off to a third party for processing, ostensibly so that Siri can be improved to better handle the curve balls we throw at her. Unfortunately, sending data off to the cloud immediately introduces potential security risks. What’s to say it doesn’t get intercepted? What ensures your neighbor isn’t the employee who helps translate your request for the best hemorrhoid cream?

“If the third party or manufacturer is storing, logging or collecting anything at all, it’s game over as anonymizing the data is next to impossible,” says Aaron Grattafiori, principal security analyst at iSEC Partners.

So perhaps the answer is for manufacturers to ditch the cloud entirely and go with a different system instead.

Safer inside

So if the cloud’s not private, how can your TV respond to voice commands? Simple. Use speech-recognition services that are baked right into the TV – no cloud required.

Many devices already process some commands in the TV, and some in the cloud. Sensory is one of the companies that provide embedded commands for various consumer electronics firms, and it wants to change that.

As an example, if you’ve ever used Motorola’s Moto X smartphone, you know that you can train the phone to wake up on a custom command using your voice, even when you don’t have a data connection. The company calls it “Truly Hands-Free” and it has nothing to do with the cloud. That’s Sensory’s technology, and it’s widely deployed in mobile phones, wearables, toys and home appliances and some in-car systems, among others.

But it’s limited to a small array of canned phrases, so Sensory is looking to do more through its Truly Natural voice-recognition technology. Though smart TVs have never really been a target market for Sensory, it will be with this new platform.

“Truly Natural can recognize 1 million different phrases with the same kind of accuracy we’re seeing in the cloud,” says Todd Mozer, CEO at Sensory. “We’re using the same sort of algorithmic approach, but we’re doing it with a much smaller footprint. If we’re not sending all that data into the cloud, how are we adapting? We’re adapting to individuals, which works better than adapting to the general population.”

Sensory uses “domains,” which are techno-speak for content categories. Sports, for example, are a domain of Siri, which has been tailored to understand what users are asking for when they request sports scores.

One key difference in how embedded recognition works is that that the wake-up command isn’t voice-neutral. Anyone can say “Hey Siri” to wake up an iPhone, but the Moto X needs to hear the proper phrase in the actual owner’s voice to light up.

moto x voice controlMozer says his company wants to dive deeper and add another layer of security, which could include biometrics like face detection or the device you carry with you that’s connected to the TV, like a smartphone. “We will permit voice passwords you define, that others don’t know,” he says.

With Truly Natural launching this month, Sensory is already experimenting with moving up to 60 million phrases, though a significant number of those would be numbers and addresses for mapping purposes. Still, movie, TV show titles, artists, albums and songs could just as easily be in there, too.

“You really only need to go to the cloud when you want data from it. When you want to set an alarm or play a track, why go to the cloud?” he says. “Everybody focused on the cloud first, and now they’re realizing the best solution is going to be a combination of built-in client and cloud.”

A more private future

So Samsung isn’t listening to your tirades in the living room, and hackers aren’t scooping your bank PIN number out of thin air as you read it aloud in front of the TV. Not yet anyway. But the tools are there, and manufacturers will need to prioritize security updates and rethink how voice recognition is done to really keep your living room secure.

In the meantime, if you’re the paranoid type, maybe you want rethink that TV in the bedroom. Or go for an old-fashioned solution: Slap some tape over the mic.

Editors' Recommendations

Topics
Ted Kritsonis
Ted Kritsonis
A/V Writer
A tech journalism vet, Ted covers has written for a number of publications in Canada and the U.S. Ted loves hockey, history…
You have until June 9 to save $500 off an 85-inch Samsung The Frame TV
A painting being displayed on a Samsung The Frame QLED.

Looking for great TV deals? You still have time to save $500 on the Samsung 85-inch The Frame QLED TV when you head over to Samsung. It usually costs $4,300, but right now the popular and stylish TV is down to $3,800, making it more affordable than before. If you’re keen to invest in a large TV but love to save money too, this is a good opportunity. Here’s what you need to know about the TV before you decide to buy.

Why you should buy the Samsung 85-inch The Frame QLED TV
One of the best QLED TVs around, the Samsung 85-inch The Frame QLED TV is a delight in so many ways. At its core, it’s a fantastic QLED TV with 100% Color Volume with Quantum Dot technology saturating the screen with a billion colors. QLED adds a layer of quantum dots to a TV’s LED backlight with these dots, once exposed to light, emitting their own light with a high level of efficiency to provide great picture quality.

Read more
It’s your last chance to get up to $1,900 off a Samsung OLED TV
The Samsung S90C in a living room environment.

There’s still a little time left to snap up one of the best TV deals available today, with Samsung still selling the 83-inch S90C OLED TV for $3,500 instead of $5,400. The $1,900 discount is a pretty vast one and one that you certainly don’t want to skip. If you’re looking for a great new TV for your large living space, you’re going to love this deal. Let’s take a look at how great the Samsung S90C OLED TV is.

Why you should buy the Samsung 83-inch S90C OLED TV
Samsung makes some of the best TVs around and we’re huge fans of the Samsung 83-inch S90C OLED TV. It has an OLED panel so you get self-lit pixels which can light up independently of each other. That means that you can enjoy the deepest blacks and the brightest colors all on the same scene, ensuring you never miss a detail. The Samsung 83-inch S90C OLED TV uses a Neural Quantum Processor with 4K upscaling so its AI-powered processor can transform whatever you’re watching. There’s also HDR OLED which uses AI deep learning to analyze each scene, detecting areas that need to brighter, darker, or simply richer in color.

Read more
This Sonos Bluetooth speaker has a discount in time for beach weather
Sonos Roam SL in black on a rainy rock outdoors.

A day out at the beach. Cooking outside using a discounted grill or smoker. Pool party madness. What do they all three have in common? A lot of fun, but also a great chance to get any sound equipment ruined by a sudden downpour or a splash of inevitable water. That's why there are models of waterproof Bluetooth speakers, of which the Sonos Roam SL is one. And the good news is that you can get yours at a discounted rate before summer officially gets here. Right now, the Sonos Roam SL is just $127, which is $33 down from its typical price of $160. To get yours, all you need to do is tap the button below. Consider also reading below, as we examine the speaker and see why it is considered an easy pick up.

Why you should buy the Sonos Roam SL
The Sonos Roam SL is an easy-to-use, compact speaker for wherever you roam. Connect to it easily over Wi-Fi at home or Bluetooth on the go, giving you easy options to control the sound in a way that makes sense for you and your location. If you're at home and connected to your Wi-Fi system and have other Sonos speakers, you can even get the Sonos multi-room experience, which syncs everything in a nice way. So, you can keep the Sonos Roam SL out on the patio (where it might get rained upon) and keep the best Sonos speakers indoors and have a really cool, worry-free party experience that not many others will be able to replicate.

Read more