Monday, 25 November 2013

LG SmartTV (47LW640S) confirmed to be "snooping"

Following some revelations from DoctorBeet's Blog about LG Smart TVs snooping on our watching habits and further information posted on Mark's blog, I realised my parents recently bought one of those... :-)

First of all we should be rational and assume that any "smart device" is doing that. Unfortunately (for LG) this is pretty bad timing for this kind of news to come out in the light of the recent NSA/Snowden/whatever leaks. Oh well, nothing to see and almost moving on....
Here is a screenshot of traffic from a TV running in Poland, model 47LW640S (also visible in the request headers).

TV turned ON


TV turned OFF

I completely agree that it's none of LG's business to know what files are on my USB sticks or network shares and that when I turn the reporting OFF it should be completely disabled (no exceptions), no reporting of any kind except for maybe periodic checks for new firmware updates. Otherwise than that, the monitoring they do is done on opt-in basis - if we decide to buy a "smart device" we get what we asked for, so the real question is if we users are smart enough to have "smart devices"?

That's it for me I think. Although the sniffer is still running, the TV is off and I don't have the time to dig into this one too much - unless something spectacular stands out.

Here are some questions I find somewhat interesting:
  1. Which models of LG "Smart TV" snoop on users (if you have confirmed another model does it, feel free to add it in the comment)?
  2. Are there any changes in observable behaviour between firmware versions (I'm sure there will be) on the same model and across models?
  3. Is there a different behaviour based on the country where the TV operates (possible awareness of legal restrictions maybe or simply adaptation to capabilities available in a particular country)?

One final note - the option to turn this logging off is called as my father read it to me "Pomoc w chmurce" which in direct translation means "Help in the cloud" but could also mean "Help in a popup/tooltip", at least for non-technical users, which I guess would be quite a few... Ooops!

I'd like to thank DoctorBeet and Mark for their blog posts. Good wake up call guys, well done!

Update:
I forgot to mention that when I base64 decoded the X-Authentication header value it contained ASCII string "(Upx" - go figure :-)