Matrix Posted September 19, 2019 Share Posted September 19, 2019 What just happened? With so many households now containing smart TVs, it’s no surprise to see an increasing number of privacy concerns over the devices. The fear that these televisions are monitoring users won’t be helped by two recent large-scale analyses, which found sensitive data is being sent to large companies such as Netflix and Google–even when some of the devices are idle. As reported by the Financial Times, researchers from Northeastern University and Imperial College London found several smart TVs, including those from popular brands Samsung and LG, as well as streaming dongles Roku and FireTV were sending data such as location and IP address to Netflix and third-party advertisers. Other smart devices that include speakers and cameras were sending users' data to “dozens of third parties,” including Microsoft and Spotify. A separate smart TV study by Princeton University found that some Roku and FireTV apps were sending specific user identifiers to third parties, including Google. The Northeastern University study, which was conducted on 81 different devices in both the US and UK, found “notable cases of information exposure,” with Amazon, Google, Akami, and Microsoft the most frequently contacted companies. Researchers did point out, however, that this is partly because these companies provide cloud and networking services for smart devices. The team said third parties receive data such as device information, user locations, and possibly even when people are interacting with their TV. “So they might know when you’re home and when you’re not,” said Professor David Choffnes, a computer scientist at Northeastern University and one of the paper’s authors. The companies named in the report have defended the practices. Netflix said the information it receives from TVs that are not signed in to its service is confined to how the app appears and performs on screen. Google said that “depending on the device manufacturer or the app owner, data sent to Google could include user location, device type and what the user is watching within a specific app so they can be targeted with personalized advertising.” Back in 2015, Samsung found itself in trouble when its Smart TV privacy policy revealed that the devices were potentially eavesdropping on users and sharing the data. Another report from last year showed that five of the top-selling brands of smart televisions tracked users’ viewing habits, even when they were not streaming. VIEW: Original Article. Link to comment Share on other sites More sharing options...
Infinite_Vision Posted September 19, 2019 Share Posted September 19, 2019 In my opinion, it is not just the TVs. I have a feeling it is the smart Fridge, new smart toys for kids, etc. Just like those smart speakers that were caught recording our voices. That is the reason why I use old school stuff and I don't need all this fancy stuff that they are putting into appliances. Spyware. They are selling our data like hot cakes. Just like when you go to some of these newer stores where the cameras are pointing right in your face. Any one gone to a new Walmart or Target store lately? In the self check out line, under the register, a camera is facing down watching you. There is duo purposes for that. To caught someone stealing but to also map out what each consumer is purchasing. I wouldn't be surprise if some form of facial recognition software is install in the future. Or it might be in there now but someone needs to look into that. Link to comment Share on other sites More sharing options...
Karlston Posted September 19, 2019 Share Posted September 19, 2019 Facebook and Google have ad trackers on your streaming TV, studies find× You just can't get away from the big ad tech companies, it seems. Enlarge / A Vizio TV seen at CES in 2011. Ethan Miller | Getty Images Modern TV, coming to you over the Internet instead of through cable or over the air, has a modern problem: all of your Internet-connected streaming devices are watching you back and feeding your data to advertisers. Two independent sets of researchers this week released papers that measure the extent of the surveillance your TV is conducting on you. They also sort out who exactly is benefiting from the massive amounts of consumer data that is taken with or without consumer knowledge. The first study (PDF), conducted by researchers at Princeton and the University of Chicago, looked specifically at Roku and Amazon set-top devices. A review of more than 2,000 channels across the two platforms found trackers on 69% of Roku channels and 89% of Amazon Fire TV channels. The most prevalent tracker, Google's doubleclick.net, showed up in 975 of the top 1,000 Roku channels, with Google analytics trackers showing up in 360, the researchers found. Over on the Amazon side of things, perhaps unsurprisingly, Amazon trackers were the most prevalent, showing up in 687 of 1,000 channels. Doubleclick trackers were found on 307 channels, and Facebook trackers were on 196. Tracking not only includes sending information about video titles, which you might expect, but also permanent device identifiers and wireless SSID information, the researchers found. A majority of the channels sending information back through trackers sent it unencrypted in plaintext, the researchers also found. The second study (PDF), conducted by researchers at Northeastern University and Imperial College London, examined a broader range of cloud-connected consumer devices. In addition to the same over-the-top (OTT) plug-in devices the Princeton and Chicago researchers investigated, the Northeastern and Imperial College researchers also looked at several different smart TVs and other devices. The TVs were the worst for how many "unique third-party destinations" they contact, the researchers found, corroborating the findings that a great deal of data is sent in plaintext. Facebook, Amazon, and Doubleclick were again among the top recipients of consumer data, along with Akamai and Microsoft, which both act as hosting providers, as the researchers note. Perhaps most surprising, however, was Netflix. "Nearly all TV devices in our testbeds contact Netflix even though we never configured any TV with a Netflix account," the researchers write (emphasis theirs). "This, at the very least, exposes information to Netflix about the model of TV at a given location," if not more. An old problem, getting worse The companies that make and distribute content have always sought as much granular data as possible about the way consumers consume. For markets based on ad sales, the measurement makes sense—how much you can charge a company to place an ad depends in large part on how many eyeballs its ad can be expected to reach. The dominance of that model applies across all media types that need to make money, which is all of them. A newspaper company has always been able to tell how many issues it sells in a day or a week, and it has been able to tally some data on its subscriber base. A digital media outfit knows very well how many people read a story or watch a video. Television is, of course, no different. Quantification powerhouse Nielsen launched its TV ratings service—a massive audience measurement tool—back in 1950. The digital revolution, however, has made data gathering extremely precise, granular, and permanent, with troubling implications for user privacy. The pair of research papers makes clear to what degree user tracking happens and certain mechanisms through which it happens, which is useful information to have. But it's not new, and business is proving slow to change since it has a financial incentive not to. A deep dive by ProPublica back in 2015 drew attention to highly detailed consumer tracking by TV manufacturer Vizio. The company eventually reached a settlement with the Federal Trade Commission in 2017 over the allegations that it tracked 11 million viewers' usage data without knowledge or consent. Vizio also faced a class-action suit about the tracking, and the company used the TV displays themselves to inform device owners about the activity. Consumer options Other than opting out of the 21st-century media landscape entirely, consumers' options for preventing the trackers from scooping up and sharing information are extremely limited, both studies found. Past research finds that "viewers find sharing of their data with advertisers unacceptable," the Princeton study concluded. But "our findings show that such concerned users have limited options at their disposal. As emerging platforms, OTT services lack tools, controls, and countermeasures available on the Web and mobile platforms." Even folks who are familiar with ad-blocking services on their computers and mobile devices can't do much about the situation on a TV device, the researchers found. "Widespread collection of persistent device identifiers like MAC addresses and serial numbers disables one of the few defenses available to users: resetting their advertising IDs." Users can use options to limit ad tracking on Roku devices or disable interest-based ads on Amazon Fire TV devices, the study said. Enabling "limit ad tracking" on a Roku reduced the number of advertising ID leaks to zero "but did not affect the number of trackers contacted by the channels." Disabling interest-based ads on a Fire TV, meanwhile, caused 50% fewer channels to leak advertising ID information, but "the remaining traffic, including the other identifiers communicated to trackers, remained largely the same." Owners of smart TV sets can delve deep into their device's settings to find options, which may include disabling automatic content recognition or limiting the use of personalized ads. Available options vary by device manufacturer. Source: Facebook and Google have ad trackers on your streaming TV, studies find (Ars Technica) Link to comment Share on other sites More sharing options...
Karlston Posted September 19, 2019 Share Posted September 19, 2019 If your router/modem firmware supports it, ad tracking domains can be blocked there. All your devices using it will then be protected. Am running Diversion ad-blocker in Merlin Asus-WRT, here's the top 10 blocked domains... The top 10 blocked ad domains were: -------------------------------------------------------- 236 googleads.g.doubleclick.net blocked 205 www.google-analytics.com blocked 108 d2c8v52ll5s99u.cloudfront.net blocked 61 dpm.demdex.net blocked 54 www.googletagservices.com blocked 54 www.googleadservices.com blocked 48 tags.news.com.au blocked 45 analytics-static.ugc.bazaarvoice.com blocked 33 secure-dcr.imrworldwide.com blocked Actually nine, hmmm... 😕 anyway, four out of the ten nine are Google related. Link to comment Share on other sites More sharing options...
Papillon Posted September 20, 2019 Share Posted September 20, 2019 15 hours ago, Karlston said: If your router/modem firmware supports it, ad tracking domains can be blocked there. All your devices using it will then be protected. Am running Diversion ad-blocker in Merlin Asus-WRT, here's the top 10 blocked domains... The top 10 blocked ad domains were: -------------------------------------------------------- 236 googleads.g.doubleclick.net blocked 205 www.google-analytics.com blocked 108 d2c8v52ll5s99u.cloudfront.net blocked 61 dpm.demdex.net blocked 54 www.googletagservices.com blocked 54 www.googleadservices.com blocked 48 tags.news.com.au blocked 45 analytics-static.ugc.bazaarvoice.com blocked 33 secure-dcr.imrworldwide.com blocked Actually nine, hmmm... 😕 anyway, four out of the ten nine are Google related. Thanks Karlston this is a good idea. I suspect that most people can block these domains by using the 'Parental Control' setup section in their modem/router. How did you identify the nine domains that you blocked? Do you have a more complete list? Link to comment Share on other sites More sharing options...
Karlston Posted September 20, 2019 Share Posted September 20, 2019 2 hours ago, Papillon said: I suspect that most people can block these domains by using the 'Parental Control' setup section in their modem/router. You're right. A Parental Control list of domains to block, set for 24/7 will work. 2 hours ago, Papillon said: How did you identify the nine domains that you blocked? That's a neat addon that adds a tab to the Tools screen in the Merlin UI. 2 hours ago, Papillon said: Do you have a more complete list? DIversion regularly downloads lists of domains to block. Not sure exactly which ones, will see if I can find a list of the lists and post them later. I think one of them is... http://winhelp2002.mvps.org/hosts.txt If you're going to use this, or any other blocklist, first make sure its format/layout is compatible. Some useful links... https://www.asuswrt-merlin.net/ (Asuswrt-Merlin Home) https://www.snbforums.com/forums/asuswrt-merlin.42/ (Asuswrt-Merlin SNB Forum) https://diversion.ch/ (Diversion Home) https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/ (Diversion SNB Forum) https://forums.whirlpool.net.au/thread/9lkn50q3?p=72#r1431 (Good summary of how to install Diversion) https://www.snbforums.com/threads/uidivstats-webui-for-diversion-statistics.56393/ (uiDivStats - addon to show Diversion statistics in the Merlin UI) http://winhelp2002.mvps.org/ (A blocklist Home) Link to comment Share on other sites More sharing options...
Karlston Posted September 20, 2019 Share Posted September 20, 2019 3 hours ago, Karlston said: will see if I can find a list of the lists and post them later Can't find a list of the blocklists Diversion can use, this is the STANDARD one I'm currently using... https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted September 23, 2019 Administrator Share Posted September 23, 2019 On 9/21/2019 at 2:29 AM, Karlston said: Can't find a list of the blocklists Diversion can use, this is the STANDARD one I'm currently using... https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts I personally use a smaller list to prevent overloading of the router. I use this too. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.