Smart TV security issues

Here’s a warning and advice from the FBI:

FBI Recommends Securing Your Smart TVs and IoT Devices

The U.S. Federal Bureau of Investigation (FBI) recommends making sure that Internet of Things (IoT) devices and smart TVs in your home are properly configured to protect them and your other devices from potential attackers.

FBI’s recommendations come after a long stream of malicious campaigns targeting such devices [1, 2, 3, 4, 5, 6] that usually are unsecured, to either add them to large botnets or use them as a stepping stone in multi-stage attacks aiming for other devices like smartphones and personal computers.

This advice aims to help you build a digital defense around your smart TV and IoT devices to protect your sensitive personal and financial information, seeing that they are easily reachable as they usually come with an Internet connection enabled by default.

“Unsecured devices can allow hackers a path into your router, giving the bad guy access to everything else on your home network that you thought was secure,” the FBI Portland Office says.

… The following guidelines should have you covered if you own an Internet-connected smart TV according to the FBI:

• Know exactly what features your TV has and how to control those features. Do a basic Internet search with your model number and the words “microphone,” “camera,” and “privacy.”​
• Don’t depend on the default security settings. Change passwords if you can – and know how to turn off the microphones, cameras, and collection of personal information if possible. If you can’t turn them off, consider whether you are willing to take the risk of buying that model or using that service.​
• If you can’t turn off a camera but want to, a simple piece of black tape over the camera eye is a back-to-basics option.​
• Check the manufacturer’s ability to update your device with security patches. Can they do this? Have they done it in the past?​
• Check the privacy policy for the TV manufacturer and the streaming services you use. Confirm what data they collect, how they store that data, and what they do with it.​