Samsung lied -- its smart TV is indeed spying on you and it is doing nothing to stop that
About 70 years ago, English novelist George Orwell wrote 1984, a controversial novel which visioned of a fictional dystopian place called Oceania where people had no real privacy. As Orwell described, residents of Oceania had two-way telescreens so that they may be watched or listened to by government authorities. The book was written way ahead of its time, and while it didn't make much sense back then, a lot of assumptions Orwell made in 1984 are coming true now.
Samsung's smart TVs are in the news once again. Not for impressive sales figures -- something the South Korean technology conglomerate would definitely appreciate -- but for jeopardizing its users’ privacy.
Last week, the good folks at The Daily Beast dug through the company’s policy page to find that Samsung smart TVs were orchestrated to record everything you say and send them back to the company, which was later sent to an unidentified third-party player.
This could be a major issue to many, as not all of us would be comfortable with the fact that all the conversations we have in front and around our TV set are being analyzed by someone. The company, however, assured that all the recording was done to make its voice recognition technology better.
The company had publicly acknowledged that it was indeed logging users’ activity and voice commands (do note -- in the company’s defense, the privacy policy is also publicly available). The company also noted that "these functions [voice tapping] are enabled only when users agree to the separate Samsung Privacy Policy and Terms of Use regarding this function when initially setting up the TV". The company further noted that users’ data was fully encrypted as part of the industry-standard measures it takes.
But now we're learning that the data which Samsung gleans from its Smart TVs is not encrypted. Ken Munro and David Lodge, from the London-based Pen Test Partners tested one of Samsung’s smart TVs to discover that the TV was uploading audio files in an unencrypted form. The finding further reveals that a transcribed copy of what had been said when beamed back to the TV (letting the TV act on the commands) was also in an unencrypted form for any hacker to decode.
"Intercepting those communications could be done over wi-fi by neighbours and/or hackers outside your house, if you use the wireless feature of the TV to hook up to the internet", tells Mr. Munro to BBC. "It could also be carried out by your ISP, and by anyone else that has access to internet backbones. I'm thinking governments, law enforcement. This is an easy problem to solve. The communications should be encrypted using SSL just like other sensitive internet communications are".
Samsung has yet again acknowledged the issue and assures that it plans to fix it soon. "Samsung takes consumer privacy very seriously and our products are designed with privacy in mind", the company said in a statement.
Until the patch rolls out to your TV, enjoy your stay in the Orwellian world. Let us know in the comments how you feel about it.