Samsung and Roku TVs can be hacked, says new research from Consumer Reports. The magazine noted that it analyzed top TV brands under its broad privacy and security evaluation, and found millions of smart TVs are at the mercy of hackers and “raise privacy concerns by collecting very detailed information on their users.”
According to the report, the vulnerable smart TVs are “Samsung televisions, along with models made by TCL and other brands that use the Roku TV smart TV platform, as well as Roku’s popular streaming devices.”
Disconnect lead engineer, Eason Goodale, said that Samsung smart TVs do the maximum to ensure that only authorized applications can control the television. However, the technology that they deploy is itself flawed, notes BGR.
“It’s as though once you unlocked your door, the door would never lock again,” the expert said. Disconnect helped CR in its investigation.
Talking of Roku TVs, Consumer Reports said that the problem is with the application programming interface or API, which allows the developers to make their own products work with the Roku platform. Goodale noted that Roku devices have an entirely unsecured remote control API enabled by default.
According to Consumer Reports, even a “relatively unsophisticated hacker” could control the TV and change the channels, manage the volume and play offensive content to disturb the owner, who at first would fail to understand what is happening. It further noted that these smart TVs could be hacked over the web from thousands of miles away.
However, CR assured that the TVs’ security vulnerabilities would not allow a potential hacker to get user information. Though Consumer Reports found Samsung, TCL and other Roku TVs as being vulnerable, models from other big brands such as LG, Sony and Vizio were also put to the test.
These TVs may be safe from a security point of view, but according to Consumer Reports, all these televisions collect detailed information on their users. Limiting the data collected by these Smart TVs is possible. But for that a user should give up on some major TV functionalities and be aware of the right buttons and settings.
According to Consumer Reports, their objective for carrying out the tests is to ensure that consumers are better informed about their privacy and security options, and at the same time, inspire manufacturers to develop products that are safe and secure.
This was the first time Consumer Reports brought its Digital Standard into action. These standards were developed by Consumer Reports and partner cybersecurity and privacy organizations to set parameters defining how manufacturers should handle security, privacy and other digital rights.
“The Digital Standard can be used to evaluate many products that collect data and connect to the internet,” said Maria Rerecich, who leads electronics testing at CR. According to Rerecich, starting with the smart TVs was an obvious decision as they are growing in popularity, and offer a plethora of information about the consumer to the TV manufacturers and business partners.
Samsung has admitted the privacy concerns, and has assured CR to update its API soon. However, Roku rebuffs the findings and claims that its users face no security risks.
