Here's another case for not owning a Samsung Smart TV. Mine, which I bought for approximately £1.3k in late 2016 received a firmware "upgrade" in mid-2017 that inserted advertising into the TV's UI.
Upon contacting Samsung to complain they informed me that it was my fault that they were appearing due to applications that I have installed. The ads all originated from applications that were pre-installed that were locked and un-removable.
In the end I had to work out how to block the TV from contacting Samsung's ad servers at the DNS level, although now a PiHole is an easier solution to this problem.
LG TVs also contain ads in the home menu and other places, and there is no official way to opt out. Sony TVs appear to be the most user friendly options if you'd rather not see ads on a premium device.
I swore off Sony when my TV got an update to add advertising to the volume slider on the screen, which was the last straw. Weirdly enough, I replaced it with a Samsung, which appears to have ads if configured into any North American country, but if you select any GDPR-included territory, the ads don't appear at all
Serious question, has having a smart fridge really helped you in any meaningful way? I'm not sure if I'm just missing something because I've never owned one but they seem useless.
I had one. It was junk. Terrible touchscreen, rebooting several times a day, no compelling reason to even use it. I use a tablet on the counter for recipes and music, much more efficient and a better system.
Thank you Europeans for the GDPR law. The need to click to accept cookies in each site looks like a useless bureaucracy, but now we see the real advantages of the law.
I've also tried my best to avoid purchasing any Sony products...ever since around 2005 [0]. While i do acknowledged that some of their products historically have been good quality...I've tried my best to use my wallet to vote my conscience.
Thus, the problem with Adam Smith's Invisible Hand in the modern world. I salute you for sticking to your guns, but I think we all could have predicted that Sony wasn't going to suffer any significant consequences from that.
There's 10 major brands of TVs, and 10 attributes by which consumers decide what to buy. Even if you could got 95% of consumers to agree (ha) that one brand is the absolute worst at the most important attribute, it's still going to be the best at something else.
There simply aren't a sufficient number of axes of control here to influence change.
It is possible to disable this behavior unofficially via the service menu if you are brave enough (its kinda easy to break stuff). Not sure what happens to your warranty though. On mine it is also possible to disable OTA updates there.
Besides the dangers of the service menu, newer Samsung Smart TVs have the newer "smart remotes" that don't have the buttons access those functions. I had to purchase an older BN59-01198Q[0] remote just to get at the service menu.
Samsung does some odd things. I have a 2017ish model...when you turn it on it was silent, until I chose an app. One day, seemingly out of nowhere, there was a new live tv app of sorts in the first position, and the default behavior was that app when you turn the tv on. So now you get some awful commercial blasting every time you turn on the tv...
Our smart TV lives on it's own wifi network, I super don't trust it to interact nicely with other devices on our home network. All the other smart home stuff (smart led lights, etc) lives on it's own network as well.
Not really, but unless you are actually using the tuner for something you can get a monitor or commercial display, which is basically a dumb TV minus a TV tuner.
They typically cost more than smart TVs, but if you see them as more valuable because of avoiding unwanted functions, that's perfectly expected.
If that's the solution you're willing to deal with you can just not connect to the router in the first place. That's what I did with my new Fire TV but it does kill almost all the smart TV features like streaming and voice controls.
Honesty I just never connected mine to the internet and attached a Roku which I did connect. Smart TVs are anything but that, I rather have a dedicated media player than one bolted onto a screen.
I own a Samsung TV. It works great. There were apps, I used to use them but slowly by slowly they bitrotted until the TV is simply an HDMI monitor at this point.
It still supports legacy broadcast TV over coax etc. but anything "modern" has rotted away. Which makes me think I simply don't want any smart at all in the TV.
This is both true and not true — yes, a great many apps have been abandoned, but the big ones (Netflix, Prime Video, Hulu, HBO, premium sports apps, etc.) are well maintained. The built-in apps are by far the easiest way to watch 4K HDR video (which Amazon has lots of).
But yeah, all that said, the “smart TV” functionality would be better off in an external box. I trust that Netflix will update its app because I pay them every month. I don’t trust Samsung will update the TV software for the 10-year life of the TV because I paid them all up front. Such is life in the modern world :)
Oh, I totally agree that a lot of smaller services (including most of the cable / TV companies) stopped building apps. IMO it’s only worth it for global services because smart TV apps are far more heavily used in Asia and Europe.
The client I worked for (a big US cable provider) killed all their smart TV apps when they realized they were spending ~$500k a year on a bunch of apps that were being used by maybe 3,000 people a month. They do continue to support apps for external devices like Roku and Fire TV.
TV software developers are probably learning from HTML/JS developers who support only whatever version of Safari they have on their macbook. Their sites also don't work in browsers released in 2013.
I worked for a large network company at one time as a contractor. I was pretty horrified at some parts of their security. That being said they had a great attitude towards security I haven’t encountered since, so maybe they’ve improved. But still very little stopping even a small determined country like say Monaco from hiring 2-3 decent sysadmins and hacking them to pieces.
Anyway it would surprise me if the TV companies even had bare minimum acceptable security, because even the net security guys are struggling.
My TV (Finlux) has an undocumented API, that allows anyone to pull information about what I'm watching at the moment. That same API can be used to launch a telnet daemon which can then be used to log in as root without using a password. Needless to say I've disabled wifi on it and I don't intend to ever connect it again.
But hey, the TV runs Linux, which is nice I guess.
>“Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks,”
This reads like an Onion parody article but unfortunately, that security precaution is reality.
To generalize the Samsung example further, this is why I don't believe it's realistic that decentralization can happen via average homeowners owning a "server appliance" that serves up webpages, social media profiles, videos, email, etc. I made a previous comment on how disciplined security practices are too tricky for non-techies.[0]
Yes, a bunch of techies can run personal servers (Raspberry Pis, Freedombox, etc) to run a decentralized Q&A site to replace Stackoverflow. Or maybe run a decentralized discussion forum to replace HN. However, a bunch of grandmothers cannot be expected to maintain their own web appliances to run a decentralized cooking recipes website.
If the base of their site was served from an auto updated base, there's no reason why it couldn't be pretty much as secure as a platform.
Say it's a frontend over a Docker image that gets updated upstream for security issues, and the server has a Cron job that keeps it up to date.
Why couldn't that work?
I know there's some centralisation around the Docker image, but that could be open source or provided by someone like Mozilla or Apache or WordPress who we can trust.
And there's no reason why the user couldn't choose from a whole ecosystem of image providers with a simple enough UI
>served from an auto updated base, there's no reason why it couldn't be pretty much as secure as a platform. [...] Docker image that gets updated upstream for security issues [...] Why couldn't that work?
The update process itself acts as an attack vector. Even the techies like programmers can get pwned with trusted repositories that suddenly became untrusted.[0][1][2]
A decentralized server appliance of powerful sophistication that requires updates will require a baseline level of technical expertise. So far, even the less sophisticated hardware like wifi cameras and Nest devices are leaving unwitting homeowners exposed to criminals and unwanted spying.[3][4]
Grandmothers and everyone else already use edge routers/modems that can be centrally managed and updated. Edge servers can be locally or centrally managed. If centrally managed, they can be decoupled from the telco, i.e. competition among "edge server management services" instead of a land-bound monopoly. Techies can optionally enable local management.
Is there any reason to suppose that such "centralised decentralisation" wouldn't end up with a small number of entities managing the centralised control planes thanks to economies of scale?
Since devices can be owned by the user, a range of business relationships are possible. Some data on the user-owned device can have a different legal status than data owned by a central provider. E2E encryption and separation of ownership can exist alongside capital-fueled consolidation of data.
It's not necessary for edge devices to "win" against centralization, only that they exist and are sustainably funded.
Microsoft, HP and Dell/VMware have device-as-service offerings. There can be many permutations of control planes between local and central, or even regional.
More and more routers self update these days, which is absolutely the right choice for 95% of users.
That's something I don't get about the Samsung setup here actually. Just run the scan (from the video it takes about a second?) automatically without the user needing to. Then you don't have to make awful promo videos about users needing to do a scan.
No, but then the HN user set would be posting outraged medium.com blogs about how their TV is stealth-updating behind their back without their approval.
>Grandmothers and everyone else already use edge routers/modems that can be centrally managed and updated.
The cable modems and DVRs run by cable companies are simpler devices that criminals will not target with malware to run cryptocurrency mining, or install fake CA certificates to MITM grandmothers' web browser and online bank transactions. These devices are restricted and constrained.
The type of hardware that decentralized proponents think of would have enough power and sophistication to displace Facebook and Youtube with p2p intelligence. It would be a more complicated server appliance (maybe a Linux base image) that has sophisticated software (Sandstorm.io, distributed apps on Blockstack, etc). The appliance would be more complex than the Samsung TVs of this thread that require owners to run virus scans. This type of advanced appliance is by design -- unrestricted and unconstrained -- to enable itself to evolve with new software capabilities.
>If centrally managed, they can be decoupled from the telco, i.e. competition among "edge server management services" instead of a land-bound monopoly.
Your scenario has 2 extra levels of "economic friction" and those extra costs act as barriers to decentralization:
(1) The hardware for the server appliance is a cost most normal non-techies would not want to pay for.
(2) The ongoing support payments is another cost that normal people would not want to pay for. (ie. sibling's comment of paying $20/month or $240/year is unrealistic.)
Also, the idea of non-techie consumers comparing "edge server management services" is itself a cognitive barrier to decentralization. Today, if we think of grandmothers' laptops as "hardware to be managed by somebody else" -- such as Geek Squad, we see that many don't have the technical knowledge to avoid being scammed.[0] To put the vision of "decentralization hardware" in perspective, it's basically asking millions of non-techies who are susceptible to Geek Squad scams -- to expose their laptop configuration and root access to the world.
>Techies can optionally enable local management.
And this configuration option to enable flexibility is yet another attack vector to trick non-techies into making their devices more vulnerable.
>It's not necessary for edge devices to "win" against centralization, only that they exist and are sustainably funded.
It's true they don't have to "win" but I was talking about the decentralized proponents' "dream scenario" of decentralized being good enough to make centralized services like Facebook/Youtube irrelevant. This can't happen if only a niche group of enthusiastic homeowners run server appliances.
The problem is that it’s not obvious when you’re behind on security patches. You can only fix what you can see. And without knowledge in security, you can’t see insecure / unpatched software.
That said, maybe something like what Chrome does or what windows does would work ok. Pick a time / heuristic and install security updates automatically out of the box.
> this is why I don't believe it's realistic that decentralization can happen via average homeowners owning a "server appliance" that serves up webpages, social media profiles, videos, email, etc.
Which is why they should pay someone. The reason the tech should be open and decentralized is so that Samsung doesn't have control over it, the grandmothers can choose a vendor they trust.
This would also create a lot of low level tech employment, a B2B market for management software, a market for physical support, etc.. I could manage servers for at least 200 grandmothers; 200 grandmothers would probably mean 5-10 calls a day, a quick check of new threats and exploits, a bit of research into new features that my grandmothers might be interested in, a check on their backup status. I might have to call a service to visit one of my grandmothers and make sure that their physical appliance is installed correctly, or to replace it.
I always think that this criticism is due to a lack of imagination. I know how to take care of a home server, and I'm lazy about it. I would be entirely happy to send somebody $20/month to do it for me, as long as that person were my employee, not some massive corporation who works against my interest.
What we should do is pay a small boy to go around town breaking windows, and then grandmas should pay someone to either replace their windows, or to install some sort of decentralized window-protection hardware. This would create a lot of low-level ok I can't keep typing these words anymore.
What we should do is stop cramming processors and networking hardware into everything willy-nilly just so some advertising company can make 1/20th of a cent off my eyeballs.
Your suggestion that the solution to the problem should be handled downstream, out of my grandma's wallet, is frankly insulting.
I don't even understand what this complaint means. Your grandmother doesn't take her garbage to the dump or cut her own lawn, I'm suggesting that she pay someone to handle her computer too.
What I'm not suggesting is that we should pay a little boy to run around shitting on people's lawns and turning over trash cans. In fact, I'm going to be bold and suggest that we not do that.
edit: as far as I can interpret, your argument seems to be that every company using advertising to make money, and making their televisions smart in order to help them to sell more advertising, should just stop. That's not a plan.
The problem of grass growing isn't one that we created, nor is the problem of trash being generated.† The problem of our TVs cramming ads into every conceivable space is. I don't want grandma to pay to solve this problem; I want this problem to fuck off.
† ok, technically incorrect; our putative granny could have a xeriscaped lawn. And our society could get better at packaging.
We the people hold a common understanding that our God given time upon this planet be for the benefit of the almighty, ourselves, family and neighbours, and that surveillance and advertising companies are predatory in nature, disagreeable in behaviour, and hereby forbidden on pain of all directors and shareholders thereof being put in stocks and having rotten fruit threw upon their faces and their abusively gained assets confiscated and distributed amongst the surveiled.
If grandma can "maintain" an iPhone then she can maintain a server... as long as the server OS is designed for actual security instead of blame-the-user.
Is it even possible to buy dumb tvs anymore? I have been hanging on to my 2014 model (and will probably try to use it for another decade) because the new tvs I interact with have ruined basic tv interactions. All I want: on/off, input switch, volume control.
Last time I bought one I looked but couldn't find anything that fitted my requirements, (~55", excellent image quality preferably with HDR, supports ARC and CEC).
If there was a DumbTV that did all those things and was reasonably priced, I'd have bought it there and then.
Always on cell modems are eventually going to be installed in most electronics and it kind of terrifies me. I only want a handful of internet connected devices in my home and at some point that won't be possible. I can keep my "smart" TV offline today, but what about when it has a cell connection? Will I need to physically destroy the cell modem on my TV, refrigerator, stove, etc just to maintain some modicum of privacy?
Unless it attempts to aggressively get internet for itself. Those xfinity (eg) hotspots from neighbors come to mind. As does simply waiting for days to get a passive crack on any available wifi. And before anyone cries paranoia, look how much effort and customer ill will the IOT vendors are enduring in order to phone home: there must be a pile of money on the table.
I find that even if you don't use the internet features, you're still left with a massive slow box that takes ages to boot up, has a sluggish UI, and regularly gets video and audio out of sync.
Sadly, no. Which is a big problem, since Smart TVs are the most user-hostile thing _ever_.
Auto-play, ads, pre-installed stuff, non-reprogrammable app-shortcut buttons on the remote, user-tracking. And there is no control, no settings, no opt-out.
I have to figure out if I can get an alternative firmware on my Samsungs TV. In theory, Tizen is Open Source.
I have a smart TV that has some kind of integration with Roku, and never had any issues with ads, bad UI, etc. It also has a tangibly better UI than other TVs I've used, with features such as showing on the start-up screen what's being fed into all the HDMI inputs so you don't have to guess which one is connected to the cable box and which one is connected to the Wii. You can easily ignore all the other stuff it does and just use it as a dumb TV without much trouble. Not affiliated in any way, just something to look into if you're trying to avoid adware and the like.
>since Smart TVs are the most user-hostile thing _ever_.
Disagree - smartphones are far worse. At least I can buy a dumb tv and plug a box into it (for now) - my work requires mobile based 2fa, my bank/credit cards have features available in their apps that aren't available on their websites, my broadband provider only offers tech support through their app.
My smartphone OS was built by an advertising company and probably modified by the manafaxturer. The OS tracks everything I do, everywhere I go, everyone I contact, and the OS maker, my carrier, my phone manufacturer uses that information to sell ads to other people and put them in devices that I pay large prices for.
I have one of these Philips and love it, but I was under the impression that shortly after I bought it (10 years ago?) they left the US market. That this link is Irish doesn't give me enough information to doubt that...
Really, everything I watch on the TV is fed to it by another device. I don't need or want a smart TV. I just need it to display the picture. It does seem like one could look into just using a plain monitor for this, since that's all you need now.
Most TVs have quite advanced image and motion enhancement filters that have no use in a computer monitor but make a very visible difference in picture quality. I would guess scaling signals is also looked on more closely on a TV set. If your devices already do enough in this directions it is still somewhat hard to use as you have to find a way to turn the TV on. CEC is most likely not present and the only way to control it and the way its done on computers is not understood by most devices.
Why do these filters have no place on a computer monitor, but do on a TV? If you ever watch videos on the computer screen, logically it would either also benefit from such filters or they are unnecessary anywhere. What makes the TV special?
It does seem to me like these filters could and should simply be ordinary software, not firmware that is baked into the screen.
The difference is that a TV is intended to be used to watch movies, TV shows etc. (which is why they do these effects in firmware) although a lot of TVs have a "Game mode" or something similar which disables these effects. Computer monitors are used for a lot of things (so - generic usage), and these effects would usually end up being terrible or unnecessary for the experience (do you really need motion enhancement filters for text editing, web browsing or spreadsheets?). If you need to show a video on monitor you can just process the image on the GPU and show it on a monitor, which is exactly how it's done.
These effects add a lot of latency (several pictures) so they are no good for general purpose computing, specifically gaming (hence the "game" or "PC" mode on the TV).
I basically agree with everything you wrote. I was responding to a comment arguing that not having such features built-in in plain monitors is one of the reasons that replacing a smart TV with a (video rendering device, plain monitor) combo was impractical.
I suspect the point is that all this image processing adds latency, which is fine when you're watching a movie but not when you're doing something interactive. Same reason I understand these TVs have a "game mode" that disables the fancies to keep latency down.
Agreed, most of these filters have no place on a TV, and a lot of talk about quality difference between televisions is that quality is judged as bad if these filters are on, and crisp if they aren't.
Those filters are essentially useless garbage that exist for the purpose of attracting potential buyers on a show floor. If the filters were actually desirable, most could be applied at the content level.
Look for the "Anytyme" brand of 4K TV Monitors - they are only a monitor, no "smart" no built in CPU of any sort, it's just a big, beautiful, dumb mutherfucking 4K monitor - and they cost around $200 US - I have 4 of them.
Buy a decent projector and mount it to the ceiling. Or if you don't need an "entertainment center", just get a large monitor and some speakers. There's really no need to have a specific "TV" device anymore. If you want "TV apps" then get a cheap Roku box, this way you can upgrade it when the tech changes.
No, but it is super easy to just not connect your TV to the internet, which is basically the same thing.
I've recently bought 2 new Samsung TVs and just pressed the SKIP button on the setup wifi screen. Then I disabled the home screen. After this I have a dumb TV as far as I can tell.
In my experience there are still problems: slow to turn on and off, audio/video syncing issues, bugs, terribly designed remotes, and of course you’re paying a much higher cost for hardware and software you don’t use. So it’s still a major problem that only smart tvs are available: they’re just shittier.
We need a linux distribution that could be installed on one of those Intel NUCs (for example) that give you a digital tuner and the applications that you want to have on you TV.
I've always thought that attaching computers to dumb monitors to escape the tyranny of smart tv centralization would establish a good base for more generalized home servers. Why not have my indie smart tv handle my email and PVR stuff, too?
Not for habitual watchers of broadcast TV, sure (I haven't watched broadcast TV in 15 years). But if you use TV for quality series and movies, and the occasional live sports, it's fantastic.
If you're not into dimming the lights, get a projector that's at least brighter than 3000 lumens. Occasionally, when watching something dark during the day, I'll need to adjust other light sources. Basically the same degree of annoyance as resolving glare issues when watching TV. I've had a projector for a year in an apartment with a floor to ceiling window (that has blinds) in the room where I watch.
Having greater than 1080p quality is the primary compromise, IMO. But that costs more whether getting a TV or projector anyways.
They are all pretty dumb if you don't connect them to the network. :) I cable the TV's up to do software updates and then remove the cable and leave them unconnected. I handle streaming with a "less ad invasive" box.
You can get dumb panels if you look into the b2b offerings. These are ment to be mounted in various business settings (show commercials in the checkout line in the grocery store etc). Often they don't even have any speakers, but the normal builtin speakers are crap anyway. A chromecast or android tv box and a sound system and you have yourself a smart TV setup where each part can be upgraded separately.
The downside is the price and inconvenience (as a consumer they are not easy to find). Buying a consumer grade smart tv is usually cheaper than buying the same panel as a "panel only tv".
It's really hard, and the choices are limited, but it's possible. Insignia, has some non-smart TV options. I've had the 55-inch for a little over a year. It's pretty good, and was cheaper than smart TVs.
"Dumb" TVs cost much more than these smart TVs cost, since they are able to amortize the benefit from all their tracking/ads and price the hardware competitively. Its a razor/blades model, only someone else is buying the blades...
That said, the easiest way to make a smart TV into a dumb one is to connect it to your local internet through a Pi-Hole or other gateway, and then block everything but the Netflix/Amazon domains needed to stream content. If the Smart TV can't phone home, it can't leak data.
I read months ago here on hacker news that digital signage devices are the way to escape from smart tv because these IIRC are not bundled with any "smart" software but very basic stuff only.
I am willing to pay additional 30% mark up on top of the current price of Samsung SmartTV for an Apple TV Set.
Benedict Evans has been saying TV market has slim margin, and long replacement cycle. I doubt the HomePod addressable market is any bigger than TV, and likely has similar long circle. Why not TV? Clearly there is something the Apple could bring value to the TV market. ( Although he has been right every time I disagree with him )
The thing is, that monitor is actually compared to Reference Monitor, and as far as the initial preview from those who have seen it, most can't believe a LCD could be as good if not even better than the OLED. And if the spec is actually as good as they say ( Apple has always been very conservative in Spec listing ) may be they are really targeting Reference Monitor?
If so, then a normal monitor / tv would not cannibalise it, since they are completely different segment.
Given that we do everything via HDMI and use a Chromecast for anything fancy, what would people recommend if someone doesn't need these doodads? Computer monitor plus a soundbar or something? Or does anyone in the UK know of a non-smart TV that can do FreeView and nothing else, but has a decent spec panel?
Had a similar thought before recently buying a new TV. I had heard of Samsung ads, LG's slow interface so was looking for something else. I do use a PiHole in the house, but didn't want to rely on it.
Ended up finding the Philips 50PUS6753/12 50in 4k - the previous version got What Hi-Fi's TV of year award and does a much better job than a PC monitor. Under £400 on Amazon atm. In-built sound is, for me, enough to avoid the soundbar. Also the Ambilight is a nice touch, sort of extending the picture beyond the screen. Responds to screen, audio or custom colour.
Main thing though is there are no ads that I've noticed and it's a fast enough interface. Currently using the TV itself for catchup/freeview/youtube and the rpi as a media centre. You can just not plug the TV in too if you want it truly dumb.
Vizio probably still sells lower quality TVs without smart features, and their "premium" lines seem to use a "built in chromecast" instead of some stupid knockoff system.
Also insane is that there is no “disconnect and forget” option for the WiFi on these TVs. The only method I’ve found that works is to trick the TV into joining a different network and then turning off that other network.
I have discovered the same thing, had to factory reset the one TV I connected before I realized this. Now I have a "dummy" SSID I start up anytime I do want IoT devices to connect to the internet.
I think this makes the case for not owning ANY smart TV.
Are there ANY manufacturers that have a strong track record of out-of-the-box configs that aren't total swiss cheese, combined with years of prompt updates to address issues discovered later, going out to the lifespan of a typical dumb TV?
I have a Samsung TV but I've never thought of scanning it for viruses. So, thank you for this piece of news. Looks like we should take care of ourselves; at least, thanks to Samsung for warning.
I don’t understood with how cheap chromecast/Apple TV/whatever streaming machines are these days why people don’t use one of those and just not hook the TVs to the network? Is there something specific on the tv that’s not available on these other platforms?
Our Samsung TV isn't allowed to speak to the internet. Hopefully, by the time we are in the market for another TV, there will have been a swing in the market away from Smart TVs.
If we could somehow standardise on the panel cable, like the one used in LG OLED Thin and Samsung. Then the panel maker concentrate on making better panel. While we get a choice and more competition of "Smart".
The biggest issue is lack of software/security updates.
They treat those products as dumb TVs. they've compiled an OS build ("firmware") and you'd might get a year of updates and that's it.
Any Smart TV will eventually become a security hazard.
meaning "dumb" TV with an AppleTV or a reasonable modern streaming device is safer :)
Having a manual virus scan button on a TV is ridiculous. It wouldn't entirely surprise me if it doesn't do anything useful at all and is purely a placebo. If a signature-based virus scan tailored to TVs is available, it should just run in the background, requiring manual interaction is entirely insane.
Securing the TVs well in the first place would be the best option, but that is unlikely to happen.
Chase bank has one of these as well. Pretty awesome to get a canned response (then ignored all weekend) when you get locked out of your bank while in a different country.
I feel glad I own a "stupid" TCL TV. If I feel the need to have "smart" features, a Raspberry PI running Kodi/OSMC connected by HDMI is more than enough.
Slightly unrelated, but maybe we should start calling TVs with cameras "telescreens"? Like, "don't forget to check your telescreen for viruses every several days".
I bought a samsung SmatTV in 2017 in Costco. The tv is ridden with software bug: it would turn off itself randomly or cannot turn on the tv unless I remove the remote batteries and reinstall them. The ui is really slow. I also owned a series of samsung Android phones since the S2 to S5, a samsung security camera. They are all ridden with a lot of bugs. I have vowed not to buy a single samsung product anymore.
Recently I did some research to choose a new TV. I plan to use it as a regular one, with HDMI input and don't need any smart stuff. Unfortunately, most models are smart and there is no information about their behavior when disconnected. It may still show popups to make an account or connect to the network. Choosing a smart TV feels like choosing a blind box with crap. Perhaps I'd spend more and buy a commercial monitor instead.
Many of the comments here say that you can just not give your TV access to your network and you'll be OK. This may not actually be true thanks to Ethernet over HDMI(1), which could let your Roku/Fire Stick/Apple TV give your TV internet access over the HDMI cable.
As far as I know, no Roku device has ever implemented Ethernet over HDMI. It's too poorly supported by devices to spend money on implementing, and WiFi just works better.
I guess it would be too difficult for Samsung to have the TV run it's own checks? They could be run while the TV was off to avoid impacting the user experience.
But honestly if it's anything like PC antivirus software those scans are useless. If you don't intercept the virus before or while it is installing it's too late. Once it's in there it can hide from regular AV software all day long.
421 comments
[ 4.9 ms ] story [ 308 ms ] threadUpon contacting Samsung to complain they informed me that it was my fault that they were appearing due to applications that I have installed. The ads all originated from applications that were pre-installed that were locked and un-removable.
In the end I had to work out how to block the TV from contacting Samsung's ad servers at the DNS level, although now a PiHole is an easier solution to this problem.
https://gist.github.com/peteryates/b44b70d19ccd52f62d66cdd4b...
https://www.rtings.com/tv/learn/ads-in-smart-tv
[0] = https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootk...
[1] - https://en.wikipedia.org/wiki/OtherOS#History
[2] - https://en.wikipedia.org/wiki/Sony_Computer_Entertainment_Am...
There's 10 major brands of TVs, and 10 attributes by which consumers decide what to buy. Even if you could got 95% of consumers to agree (ha) that one brand is the absolute worst at the most important attribute, it's still going to be the best at something else.
There simply aren't a sufficient number of axes of control here to influence change.
[0] https://www.google.com/search?q=BN59-01198Q
Or alternatively all IPs Netflixe uses so I can whitelist those.
EDIT:
From another comment's link.
They typically cost more than smart TVs, but if you see them as more valuable because of avoiding unwanted functions, that's perfectly expected.
https://gist.github.com/Perflyst/a7538478d0f6a764311dfe5bc40...
I used some variation of this list to block ads.
It still supports legacy broadcast TV over coax etc. but anything "modern" has rotted away. Which makes me think I simply don't want any smart at all in the TV.
But yeah, all that said, the “smart TV” functionality would be better off in an external box. I trust that Netflix will update its app because I pay them every month. I don’t trust Samsung will update the TV software for the 10-year life of the TV because I paid them all up front. Such is life in the modern world :)
I pay each month for the WWE Network, yet last week the app stopped working, with a "no longer supported" message, on my 2013 Samsung TV.
The client I worked for (a big US cable provider) killed all their smart TV apps when they realized they were spending ~$500k a year on a bunch of apps that were being used by maybe 3,000 people a month. They do continue to support apps for external devices like Roku and Fire TV.
There are so many better options than built in smart options.
Anyway it would surprise me if the TV companies even had bare minimum acceptable security, because even the net security guys are struggling.
But hey, the TV runs Linux, which is nice I guess.
https://www.cnet.com/news/samsungs-warning-our-smart-tvs-rec...
This reads like an Onion parody article but unfortunately, that security precaution is reality.
To generalize the Samsung example further, this is why I don't believe it's realistic that decentralization can happen via average homeowners owning a "server appliance" that serves up webpages, social media profiles, videos, email, etc. I made a previous comment on how disciplined security practices are too tricky for non-techies.[0]
Yes, a bunch of techies can run personal servers (Raspberry Pis, Freedombox, etc) to run a decentralized Q&A site to replace Stackoverflow. Or maybe run a decentralized discussion forum to replace HN. However, a bunch of grandmothers cannot be expected to maintain their own web appliances to run a decentralized cooking recipes website.
[0] https://news.ycombinator.com/item?id=11861683
Say it's a frontend over a Docker image that gets updated upstream for security issues, and the server has a Cron job that keeps it up to date.
Why couldn't that work?
I know there's some centralisation around the Docker image, but that could be open source or provided by someone like Mozilla or Apache or WordPress who we can trust.
And there's no reason why the user couldn't choose from a whole ecosystem of image providers with a simple enough UI
The update process itself acts as an attack vector. Even the techies like programmers can get pwned with trusted repositories that suddenly became untrusted.[0][1][2]
A decentralized server appliance of powerful sophistication that requires updates will require a baseline level of technical expertise. So far, even the less sophisticated hardware like wifi cameras and Nest devices are leaving unwitting homeowners exposed to criminals and unwanted spying.[3][4]
[0] https://www.theregister.co.uk/2018/07/12/npm_eslint/
[1] https://www.infoworld.com/article/3184399/malware-finds-unwi...
[2] https://nakedsecurity.sophos.com/2016/02/22/worlds-biggest-l...
[3] https://www.google.com/search?q=home+wifi+cameras+hacked
[4] https://www.vice.com/en_us/article/8qbq5x/the-cia-spied-on-p...
It's not necessary for edge devices to "win" against centralization, only that they exist and are sustainably funded.
Microsoft, HP and Dell/VMware have device-as-service offerings. There can be many permutations of control planes between local and central, or even regional.
Azure Sphere edge devices will have 10 years of Linux security updates from Microsoft, even if the vendor goes out of business.
That's something I don't get about the Samsung setup here actually. Just run the scan (from the video it takes about a second?) automatically without the user needing to. Then you don't have to make awful promo videos about users needing to do a scan.
The cable modems and DVRs run by cable companies are simpler devices that criminals will not target with malware to run cryptocurrency mining, or install fake CA certificates to MITM grandmothers' web browser and online bank transactions. These devices are restricted and constrained.
The type of hardware that decentralized proponents think of would have enough power and sophistication to displace Facebook and Youtube with p2p intelligence. It would be a more complicated server appliance (maybe a Linux base image) that has sophisticated software (Sandstorm.io, distributed apps on Blockstack, etc). The appliance would be more complex than the Samsung TVs of this thread that require owners to run virus scans. This type of advanced appliance is by design -- unrestricted and unconstrained -- to enable itself to evolve with new software capabilities.
>If centrally managed, they can be decoupled from the telco, i.e. competition among "edge server management services" instead of a land-bound monopoly.
Your scenario has 2 extra levels of "economic friction" and those extra costs act as barriers to decentralization:
(1) The hardware for the server appliance is a cost most normal non-techies would not want to pay for.
(2) The ongoing support payments is another cost that normal people would not want to pay for. (ie. sibling's comment of paying $20/month or $240/year is unrealistic.)
Also, the idea of non-techie consumers comparing "edge server management services" is itself a cognitive barrier to decentralization. Today, if we think of grandmothers' laptops as "hardware to be managed by somebody else" -- such as Geek Squad, we see that many don't have the technical knowledge to avoid being scammed.[0] To put the vision of "decentralization hardware" in perspective, it's basically asking millions of non-techies who are susceptible to Geek Squad scams -- to expose their laptop configuration and root access to the world.
>Techies can optionally enable local management.
And this configuration option to enable flexibility is yet another attack vector to trick non-techies into making their devices more vulnerable.
>It's not necessary for edge devices to "win" against centralization, only that they exist and are sustainably funded.
It's true they don't have to "win" but I was talking about the decentralized proponents' "dream scenario" of decentralized being good enough to make centralized services like Facebook/Youtube irrelevant. This can't happen if only a niche group of enthusiastic homeowners run server appliances.
[0] https://www.reddit.com/r/technology/comments/5n6het/why_you_...
I think people underestimate folks. Given time I've known tech illiterate people to figure out all kinds of hacks.
That said, maybe something like what Chrome does or what windows does would work ok. Pick a time / heuristic and install security updates automatically out of the box.
Which is why they should pay someone. The reason the tech should be open and decentralized is so that Samsung doesn't have control over it, the grandmothers can choose a vendor they trust.
This would also create a lot of low level tech employment, a B2B market for management software, a market for physical support, etc.. I could manage servers for at least 200 grandmothers; 200 grandmothers would probably mean 5-10 calls a day, a quick check of new threats and exploits, a bit of research into new features that my grandmothers might be interested in, a check on their backup status. I might have to call a service to visit one of my grandmothers and make sure that their physical appliance is installed correctly, or to replace it.
I always think that this criticism is due to a lack of imagination. I know how to take care of a home server, and I'm lazy about it. I would be entirely happy to send somebody $20/month to do it for me, as long as that person were my employee, not some massive corporation who works against my interest.
What we should do is pay a small boy to go around town breaking windows, and then grandmas should pay someone to either replace their windows, or to install some sort of decentralized window-protection hardware. This would create a lot of low-level ok I can't keep typing these words anymore.
What we should do is stop cramming processors and networking hardware into everything willy-nilly just so some advertising company can make 1/20th of a cent off my eyeballs.
Your suggestion that the solution to the problem should be handled downstream, out of my grandma's wallet, is frankly insulting.
What I'm not suggesting is that we should pay a little boy to run around shitting on people's lawns and turning over trash cans. In fact, I'm going to be bold and suggest that we not do that.
edit: as far as I can interpret, your argument seems to be that every company using advertising to make money, and making their televisions smart in order to help them to sell more advertising, should just stop. That's not a plan.
† ok, technically incorrect; our putative granny could have a xeriscaped lawn. And our society could get better at packaging.
Legislate then to stop. That’s a plan.
We the people hold a common understanding that our God given time upon this planet be for the benefit of the almighty, ourselves, family and neighbours, and that surveillance and advertising companies are predatory in nature, disagreeable in behaviour, and hereby forbidden on pain of all directors and shareholders thereof being put in stocks and having rotten fruit threw upon their faces and their abusively gained assets confiscated and distributed amongst the surveiled.
Dear people, if you don't like smart tv's - don't connect them to internet.
Everything can get hacked. Whether it's Roku, AppleTV or your local cable STB...
Not saying Samsung software is any better or worse, but why we are surprised by this?
If there was a DumbTV that did all those things and was reasonably priced, I'd have bought it there and then.
Just wait until they have always-on cellular service which is used to deliver ads, spy on you, and "upgrade" firmware.
https://security.stackexchange.com/questions/113502/how-to-p...
http://www.lessemf.com/paint.html (beware, this place sells literal tin-foil hats)
Auto-play, ads, pre-installed stuff, non-reprogrammable app-shortcut buttons on the remote, user-tracking. And there is no control, no settings, no opt-out.
I have to figure out if I can get an alternative firmware on my Samsungs TV. In theory, Tizen is Open Source.
It is so frustrating.
https://www.mwave.com.au/product/lg-se3kdb-49-full-hd-ips-le...
Some of these things look like they have API and what not, so maybe they allow you to turn off all the things you don't want?
[0]: https://www.silicondust.com/product/hdhomerun-connect/
Disagree - smartphones are far worse. At least I can buy a dumb tv and plug a box into it (for now) - my work requires mobile based 2fa, my bank/credit cards have features available in their apps that aren't available on their websites, my broadband provider only offers tech support through their app.
My smartphone OS was built by an advertising company and probably modified by the manafaxturer. The OS tracks everything I do, everywhere I go, everyone I contact, and the OS maker, my carrier, my phone manufacturer uses that information to sell ads to other people and put them in devices that I pay large prices for.
There is a bunch of ways I can fix the issues with this TV, but why the hell do I have to fix a brand new TV?
See this one for example: https://www.philips.ie/c-p/50PFS5503_12/5500-series-ultra-sl...
It does seem to me like these filters could and should simply be ordinary software, not firmware that is baked into the screen.
No use? What about games? I bet most "gaming" monitors have better response time, color, and picture quality than your average TV set.
- bad HDR photo
- smudgy temporal smoothing mush
- home video
I've recently bought 2 new Samsung TVs and just pressed the SKIP button on the setup wifi screen. Then I disabled the home screen. After this I have a dumb TV as far as I can tell.
I've always thought that attaching computers to dumb monitors to escape the tyranny of smart tv centralization would establish a good base for more generalized home servers. Why not have my indie smart tv handle my email and PVR stuff, too?
https://en.wikipedia.org/wiki/Home_theater_PC
Best decision I made, once we moved to a house with the space for it.
It also discourages mindless TV watching, makes it an event since you tend to want to dim the lights.
Having greater than 1080p quality is the primary compromise, IMO. But that costs more whether getting a TV or projector anyways.
The downside is the price and inconvenience (as a consumer they are not easy to find). Buying a consumer grade smart tv is usually cheaper than buying the same panel as a "panel only tv".
https://www.bestbuy.com/site/insignia-55-class-led-1080p-hdt...
That said, the easiest way to make a smart TV into a dumb one is to connect it to your local internet through a Pi-Hole or other gateway, and then block everything but the Netflix/Amazon domains needed to stream content. If the Smart TV can't phone home, it can't leak data.
I prefer my TV a bit smaller, but I found larger 'dumb' tvs as well when looking for this one.
Benedict Evans has been saying TV market has slim margin, and long replacement cycle. I doubt the HomePod addressable market is any bigger than TV, and likely has similar long circle. Why not TV? Clearly there is something the Apple could bring value to the TV market. ( Although he has been right every time I disagree with him )
The thing is, that monitor is actually compared to Reference Monitor, and as far as the initial preview from those who have seen it, most can't believe a LCD could be as good if not even better than the OLED. And if the spec is actually as good as they say ( Apple has always been very conservative in Spec listing ) may be they are really targeting Reference Monitor?
If so, then a normal monitor / tv would not cannibalise it, since they are completely different segment.
Ended up finding the Philips 50PUS6753/12 50in 4k - the previous version got What Hi-Fi's TV of year award and does a much better job than a PC monitor. Under £400 on Amazon atm. In-built sound is, for me, enough to avoid the soundbar. Also the Ambilight is a nice touch, sort of extending the picture beyond the screen. Responds to screen, audio or custom colour.
Main thing though is there are no ads that I've noticed and it's a fast enough interface. Currently using the TV itself for catchup/freeview/youtube and the rpi as a media centre. You can just not plug the TV in too if you want it truly dumb.
So check out your local walmart I guess
Are there ANY manufacturers that have a strong track record of out-of-the-box configs that aren't total swiss cheese, combined with years of prompt updates to address issues discovered later, going out to the lifespan of a typical dumb TV?
And what do you do if this process returns positive (ie compromised)?
Any Smart TV will eventually become a security hazard. meaning "dumb" TV with an AppleTV or a reasonable modern streaming device is safer :)
Securing the TVs well in the first place would be the best option, but that is unlikely to happen.
> `Hello there! Thanks for reaching out! Could you please send us a DM with the TV Model code and more details about this concern? ^Nick`
to every tweet it gets. https://twitter.com/SamsungSupport/status/114041514667572838...
https://twitter.com/ChaseSupport/status/1139899780283469825
> 'Hi there. We're here to lend our support. Please DM us with your full name, zip code, and additional details regarding your concerns. ^EL'
https://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx
(1) https://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx
But honestly if it's anything like PC antivirus software those scans are useless. If you don't intercept the virus before or while it is installing it's too late. Once it's in there it can hide from regular AV software all day long.