Feeds

You THINK you're watching your LG smart TV - but IT's WATCHING YOU, baby

Phones home with the names of videos you watch, too

Secure remote control for conventional and virtual desktops

LG smart TVs silently log owners' viewing habits to the South Korean company's servers and use them to serve targeted ads, one researcher has claimed.

According to Yorkshire, UK–based hacker "DoctorBeet," the internet-enabled sets try to phone home to LG every time a viewer changes the channel, giving the chaebol the ability to track exactly which channels are being watched, minute by minute.

Using network packet-sniffing tools, DoctorBeet discovered that his set was also transmitting the names of media files he played off USB storage, which he observes could potentially be embarrassing for those in the habit of watching less savory downloaded fare.

Even worse, these transmissions are completely unencrypted, giving anyone with the ability to mount a man-in-the-middle attack complete knowledge of whether the TV is in use at any given time and what the owner might be watching on it.

DoctorBeet thinks he knows what LG wants this information for: to serve ads. Digging around LG's websites, he came across a slightly creepy promotional video that touts the company's smart TV platform as "the differentiated advertising experience that you always dreamed of":

"LG Smart AD enables publishers to maximize rev-enues through worldwide ad networks, intelligent platform to boost CPM and the remarkable ecosystem," the LG Smart Ad website proclaims in not-quite-perfect English.

Some readers will surely question why a TV that the customer bought and paid for should be serving ads outside of the content being watched to begin with, but that's clearly the direction that LG would like to see things go.

Earlier this year, The Reg reported that LG was the first smart TV vendor to sign on with Cognitive Networks, a company that claims to be able to identify what TV viewers are watching by analyzing the actual images onscreen. The TV maker could then serve targeted ads based on the programming being watched.

LG Smart TV's content collection menu option

Don't worry about this menu – LG smart TVs track your viewing habits either way (Source: DoctorBeet)

The communications DoctorBeet observed don't appear to have anything to do with the Cognitive Networks system. Disturbingly, however, there doesn't seem to be any way to opt out of the data collection. DoctorBeet observed that while his TV did have an option called "Collection of watching info" in its settings menu, the data was still transmitted whether the option was set to on or off.

LG's US offices has yet to respond to a request for comment from Vulture Annex in San Francisco, and DoctorBeet's own request to the LG Electronics UK help desk netted nothing more than a polite dismissal.

If there is any bright side to this, however, it's that LG doesn't seem to actually be doing anything with the viewing data its TVs are sending – at least, not yet.

As DoctorBeet noted, the actual URLs his TV is requesting all resolve to 404 errors. Assuming that message is correct and not an attempt at subterfuge, this means that while LG does have a server setup at the address, it doesn't actually have an application in place to collect or store the viewing data.

Still, it could potentially set one up at any time. As a preemptive measure, DoctorBeet has compiled a list of URLs that he believes are involved with LG's ad-serving system. Customers who are concerned that LG might be spying on their viewing habits are advised to block some or all of these in their internet routers. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport
Breaches screening rules cos Apple SCREEN ROOLZ, ok?
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
The British Museum plonks digital bricks on world of Minecraft
Institution confirms it's cool with joining the blocky universe
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.