I never connect any “smart” device to wifi. If it doesn’t work without connectivity, I don’t want it. I use my TVs as display devices. They have HDMI-in and that’s it.
I get this policy in theory but don't see how it works in practice in a modern life where you want some device that runs Netflix, YouTube, of similar to show on your TV. It can be the TV or an android box - but somewhere you end up trusting a third party and a software that may end up running other this party apps. The alternative is a local jellyfin server but that means you very likely have to break some laws to put content that the family wants to see on it.
Personally I'd just not want any TV in my house, but convincing the family of that is not easy ;-)
It's annoying because I would definitely like for some internet-enabled functionality, such as youtube. I would also like to connect it to the LAN and not to the internet for other things, such as streaming from my NAS...
> After config fetch, the SDK opens a persistent WebSocket to:
wss://proxyjs.brdtnet.com:443
This hostname resolves to AWS Global Accelerator IPs
There is some irony that both the scrapers and the websites being scraped are probably hosted on AWS, while playing an elaborate cat-and-mouse game pretending that they weren't.
One of the problems I can see here is the problem that running a Tor exit node has: badly behaved users are going to be using it to hide their location.
Imaging having the police show up at your door because they've figured out that you're trafficking child porn, when the actual culprit is someone that is using your TV as a proxy to trade child porn.
> The SDK’s config ships a flag “use_netifs”: true. That flag triggers code in the SDK binary that constructs its NWConnection with a specific required interface: en0 (WiFi) or pdp_ip0 (cellular), rather than using the system default route.
> On iOS, this bypasses any configured VPN’s tun0 interface entirely. The peer tunnel does not cross a user-configured VPN, even when the rest of the app’s HTTPS traffic does.
What's a legitimate use case for this API? When/why should an app be allowed to bypass a user-configured VPN?
So wait a second then, it connects out using a websocket to its bot C&C server, right?
Which presumably passes it a URL to scrape and waits for it to return the data.
What happens if I write my own tool that connects to that C&C server, waits for a URL to scrape, and returns gigabytes of freshly brewed hot horseshit?
If the kind of proxying isn't illegal, in my opinion it should be -- saying it's bordering on circumvention of fundamental assumptions about Internet routing and IP address leasing (and ownership), would be a sorry understatement compared to what Bright Data has managed to package into a product payment:
> you are allowing Bright Data to occasionally use your device’s free resources and _IP address to download public web data from the internet_. (emphasis mine)
I think the misleading part -- to the end-user -- is the "download public web data" part. If the data is public why can't Bright Data download it themselves? Well, because the other end doesn't want them to, apparently. The product is make you help Bright Data circumvent the undesired properties of the "public" data providers, on behalf of someone who happens to have the cash but as of yet is at the short end of the Internet stick (for all the right reasons, I'd say).
This is absolutely deplorable, but knowing the directions this is heading, I am neither surprised nor concerned, frankly. People have long voted with their wallet -- it's not the privacy-conscious Joe the Hacker that is being proxied through here, it's our parents and millions of people who just want entertainment at the end of the working day, including _parents_ of small children.
Day by day the dark Internet theory sounds more plausible, and frankly I am all there for it. The Internet will collapse into a feudal internetwork where any routing will need hop-by-hop key, so real people (and agents, frankly) can maintain a measure of trust that right now is being actively circumvented.
Are there any defenses I can put in front of my websites that are good for stopping these things? The amount of traffic I see from residential proxies is just killing me. In particular defense against residential proxies.
I found some 60 iOS apps that have the SDK mentioned in the article:
https://appgoblin.info/sdks/brdsdk.framework (sorry this requires a free login due to heavy scraping, feel free to contact me for list)
I was unable to find related Android SDKs. I tried looking at the various apps on AppGoblin to find the android versions, then looking through their unmapped SDK parts but didn't see anything.
This looks like it should just be "com.brightdata" but I did not find anything. With 60 iOS apps there must be apps with Android SDK, but I'm not sure why I am not finding any.
If anyone knows, or would like to chat feel free to connect. I'm happy to share data.
Years ago I had smart TV, and while I never used anything “smart”, one day I connected it to the network to update it and forgot it, two days later I was checking my dns and 80% of the traffic and blocked queries in the past two days were from one device, after tracking it, it was the TV!
So what I have now is a pre-smart TV I found at the thrift, still very good picture that’s more than enough for the few times I use it.
There should be a way to disable the “smart” garbage in new TVs, or an option to buy normal ones at least.
Having never owned a telivision because of how much I didn't like advertising when tv was the primary delivery method, the feeling of having avoided a life sentence of bieng lashed to the tube is wierd, I know that people might catch me looking all to intently into there eyes trying to see if they are realy in there.
- DNS block & SNI filtering: I expect BrightData to rotate the endpoints if this issues gains enough attention. It will take some time once all the apps embedding the SDK catch up, but if they're smart SDK may already have a backup C&C connection they will try to reach out to after prolonged unavailability of the current endpoints.
- TLS fingerprint: unless SDK pins it, it's the cheapest one to rotate continously.
- MDM solution: almost unattainable to private users; not clear how stable the SDK name is to rely on.
Not saying I have a better approach. It seems behavior like this should be explicitly banned on Apple/Google's side with immediate termination of their publisher accounts.
Blocking your tv on the local network is great in principle. However, didn't Amazon Fire devices start using Sidewalk to establish a route to the mother ship for a while? All it needed was a default config on your neighbor's ring doorbell and it was gtg
25 comments
[ 3471 ms ] story [ 1987 ms ] threadPersonally I'd just not want any TV in my house, but convincing the family of that is not easy ;-)
wss://proxyjs.brdtnet.com:443
This hostname resolves to AWS Global Accelerator IPs
There is some irony that both the scrapers and the websites being scraped are probably hosted on AWS, while playing an elaborate cat-and-mouse game pretending that they weren't.
https://aws.amazon.com/marketplace/seller-profile?id=bf9b432...
Imaging having the police show up at your door because they've figured out that you're trafficking child porn, when the actual culprit is someone that is using your TV as a proxy to trade child porn.
> On iOS, this bypasses any configured VPN’s tun0 interface entirely. The peer tunnel does not cross a user-configured VPN, even when the rest of the app’s HTTPS traffic does.
What's a legitimate use case for this API? When/why should an app be allowed to bypass a user-configured VPN?
I'd love to find and remove any apps from my devices that have this SDk active.
Which presumably passes it a URL to scrape and waits for it to return the data.
What happens if I write my own tool that connects to that C&C server, waits for a URL to scrape, and returns gigabytes of freshly brewed hot horseshit?
> you are allowing Bright Data to occasionally use your device’s free resources and _IP address to download public web data from the internet_. (emphasis mine)
I think the misleading part -- to the end-user -- is the "download public web data" part. If the data is public why can't Bright Data download it themselves? Well, because the other end doesn't want them to, apparently. The product is make you help Bright Data circumvent the undesired properties of the "public" data providers, on behalf of someone who happens to have the cash but as of yet is at the short end of the Internet stick (for all the right reasons, I'd say).
This is absolutely deplorable, but knowing the directions this is heading, I am neither surprised nor concerned, frankly. People have long voted with their wallet -- it's not the privacy-conscious Joe the Hacker that is being proxied through here, it's our parents and millions of people who just want entertainment at the end of the working day, including _parents_ of small children.
Day by day the dark Internet theory sounds more plausible, and frankly I am all there for it. The Internet will collapse into a feudal internetwork where any routing will need hop-by-hop key, so real people (and agents, frankly) can maintain a measure of trust that right now is being actively circumvented.
I was unable to find related Android SDKs. I tried looking at the various apps on AppGoblin to find the android versions, then looking through their unmapped SDK parts but didn't see anything.
https://github.com/BrightSDK/bright-sdk-gradle-plugin-docs
This looks like it should just be "com.brightdata" but I did not find anything. With 60 iOS apps there must be apps with Android SDK, but I'm not sure why I am not finding any.
If anyone knows, or would like to chat feel free to connect. I'm happy to share data.
> MDM, mobile EDR
Anyone care to ELI5 these?
So what I have now is a pre-smart TV I found at the thrift, still very good picture that’s more than enough for the few times I use it.
There should be a way to disable the “smart” garbage in new TVs, or an option to buy normal ones at least.
Ah yes. The big privacy scraping company called themselves The Luminati. It’s like they are side-investing in tin foil hats or something.
- DNS block & SNI filtering: I expect BrightData to rotate the endpoints if this issues gains enough attention. It will take some time once all the apps embedding the SDK catch up, but if they're smart SDK may already have a backup C&C connection they will try to reach out to after prolonged unavailability of the current endpoints.
- TLS fingerprint: unless SDK pins it, it's the cheapest one to rotate continously.
- MDM solution: almost unattainable to private users; not clear how stable the SDK name is to rely on.
Not saying I have a better approach. It seems behavior like this should be explicitly banned on Apple/Google's side with immediate termination of their publisher accounts.