Feeds

You THINK you're watching your LG smart TV - but IT's WATCHING YOU, baby

Phones home with the names of videos you watch, too

Choosing a cloud hosting partner with confidence

LG smart TVs silently log owners' viewing habits to the South Korean company's servers and use them to serve targeted ads, one researcher has claimed.

According to Yorkshire, UK–based hacker "DoctorBeet," the internet-enabled sets try to phone home to LG every time a viewer changes the channel, giving the chaebol the ability to track exactly which channels are being watched, minute by minute.

Using network packet-sniffing tools, DoctorBeet discovered that his set was also transmitting the names of media files he played off USB storage, which he observes could potentially be embarrassing for those in the habit of watching less savory downloaded fare.

Even worse, these transmissions are completely unencrypted, giving anyone with the ability to mount a man-in-the-middle attack complete knowledge of whether the TV is in use at any given time and what the owner might be watching on it.

DoctorBeet thinks he knows what LG wants this information for: to serve ads. Digging around LG's websites, he came across a slightly creepy promotional video that touts the company's smart TV platform as "the differentiated advertising experience that you always dreamed of":

"LG Smart AD enables publishers to maximize rev-enues through worldwide ad networks, intelligent platform to boost CPM and the remarkable ecosystem," the LG Smart Ad website proclaims in not-quite-perfect English.

Some readers will surely question why a TV that the customer bought and paid for should be serving ads outside of the content being watched to begin with, but that's clearly the direction that LG would like to see things go.

Earlier this year, The Reg reported that LG was the first smart TV vendor to sign on with Cognitive Networks, a company that claims to be able to identify what TV viewers are watching by analyzing the actual images onscreen. The TV maker could then serve targeted ads based on the programming being watched.

LG Smart TV's content collection menu option

Don't worry about this menu – LG smart TVs track your viewing habits either way (Source: DoctorBeet)

The communications DoctorBeet observed don't appear to have anything to do with the Cognitive Networks system. Disturbingly, however, there doesn't seem to be any way to opt out of the data collection. DoctorBeet observed that while his TV did have an option called "Collection of watching info" in its settings menu, the data was still transmitted whether the option was set to on or off.

LG's US offices has yet to respond to a request for comment from Vulture Annex in San Francisco, and DoctorBeet's own request to the LG Electronics UK help desk netted nothing more than a polite dismissal.

If there is any bright side to this, however, it's that LG doesn't seem to actually be doing anything with the viewing data its TVs are sending – at least, not yet.

As DoctorBeet noted, the actual URLs his TV is requesting all resolve to 404 errors. Assuming that message is correct and not an attempt at subterfuge, this means that while LG does have a server setup at the address, it doesn't actually have an application in place to collect or store the viewing data.

Still, it could potentially set one up at any time. As a preemptive measure, DoctorBeet has compiled a list of URLs that he believes are involved with LG's ad-serving system. Customers who are concerned that LG might be spying on their viewing habits are advised to block some or all of these in their internet routers. ®

Beginner's guide to SSL certificates

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Don't wait for that big iPad, order a NEXUS 9 instead, industry little bird says
Google said to debut next big slab, Android L ahead of Apple event
Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
The Fourth Amendment... and it IS better
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
A drone of one's own: Reg buyers' guide for UAV fanciers
Hardware: Check. Software: Huh? Licence: Licence...?
The Apple launch AS IT HAPPENED: Totally SERIOUS coverage, not for haters
Fandroids, Windows Phone fringe-oids – you wouldn't understand
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
Here's your chance to buy an ancient, working APPLE ONE
Warning: Likely to cost a lot even for a Mac
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.