All Samsung TVs have a remote kill switch to disable stolen sets, and the company just...

mbrowne5061

Posts: 1,917   +1,117
This is concerning because hackers will now try to phish and otherwise get into the Samsung servers to not only install ransomeware but to also threaten to disable every connected Samsung TV. This is a real possibility. Once disabled, the original TV owner must send Samsung proof of purchase and some personal ID's to have it reactivated. Should millions be shut down all at once, this will be a logistical nightmare for both Samsung and its customers. I just learned that there is no good reason to keep a smart TV online anymore. I'll use a Roku box and stream using that.

Damnit. The world is going nuts.
And make sure you give the TV a lobotomy as well. Samsung's will try to connect to any open WiFi network, even without you telling it to do so. Only way to stop it is to crack the TV open and pull the WiFi card.
 

arrowflash

Posts: 474   +511
While I have no problems with thieves and purchasers of stolen goods getting this kind of retribution, I still don't like it one bit. One more reason for me to never purchase a Samsung tv (I've always preferred LG, Sony and AOC), and one more reason to never connect my tvs to the internet.
 

ZipperBoi

Posts: 95   +159
Sooo the easy work around is if you steal it, dont connect the TV itself to your wireless and just use a firestick or Roku for all of your streaming needs. Boom, problem solver. Who wants me on their next heist? Im a hustler.
 

hwertz

Posts: 73   +34
This doesn't bother me, being able to disable a stolen good like this is clever of them.

The ones that do bother me, there had been a few models in the past (NOT Samsungs..) that had *cameras* in them -- 1984 much? And they were pretty frank about it being so they could like "measure consumer engagement" or some damn thing (so it wasn't just a camera that *could* be used to creepily send data back, it was put in *to* do that.) I don't know if they took them out in newer models, or just made a vague statement or two and waited out the bad PR (waited until people got distracted by the next thing), if you have a Smart TV you might want to check your instruction manual!

I don't have a TV at all (watch on my computer); my parents have a smart TV and like it. I have to admit, I'd be tempted to get a "dumb" TV and plug in a Roku instead myself, but the Sammy they have is pretty nice (and they got it from a friend who was moving so they got it lightly used at a good price.)
 

Myflag

Posts: 12   +19
This is concerning because hackers will now try to phish and otherwise get into the Samsung servers to not only install ransomeware but to also threaten to disable every connected Samsung TV. This is a real possibility. Once disabled, the original TV owner must send Samsung proof of purchase and some personal ID's to have it reactivated. Should millions be shut down all at once, this will be a logistical nightmare for both Samsung and its customers. I just learned that there is no good reason to keep a smart TV online anymore. I'll use a Roku box and stream using that.

Damnit. The world is going nuts.
If Samsung is wise they have proper backups of their databases. It would be a simple matter of them rolling back any changes the hackers made and blocking the attack vector. That is presuming they are following industry standard data backup and security practices. Hopefully nothing like that ever happens though.
 

wiyosaya

Posts: 6,575   +4,971
Well that's cool, as weird as it is that a monitor would ID itself as a TV. I probably would have just adjusted the picture position manually to compensate (if it had enough play that is) but it's cool to know that you can do it in different ways.
Adjusting the picture position was my original "solution" to the problem, however, the ability to do so went away as the drivers "matured." (IMO, that's typical of software/driver releases - take away features that are extremely useful, and then tell all the users that this release is "better." :rolleyes: ) There were also no controls on the monitor that allowed positioning the image, either. So fortunately, someone figured out what the real problem was - the monitor identifying itself as a TV. It was an early LG 16:10 monitor - 1920 x 1200 but could do 1920 X 1080 - which is the 1080P HDTV resolution and where the confusion, I suspect, came into play. I wanted the maximum vertical resolution of the monitor (silly me, to expect something that I paid for ;) ) - not to mention that having the image skewed to the left made it impossible to use the left part of the screen since it was not displayed on the monitor.

But anyway, Service Mode is definitely a thing in TVs/Monitors and can be quite useful.
 
Last edited:

wiyosaya

Posts: 6,575   +4,971
I don't have a TV at all (watch on my computer); my parents have a smart TV and like it. I have to admit, I'd be tempted to get a "dumb" TV and plug in a Roku instead myself, but the Sammy they have is pretty nice (and they got it from a friend who was moving so they got it lightly used at a good price.)
The trouble is that finding a dumb TV these days is increasingly difficult, IMO.
 

DrSuess

Posts: 142   +123
A good firewall would protect against random connections from outside the owner's local network. First, the hacker has to find their way through that firewall - if that is even possible in the case of a well-designed firewall. That, though, depends on the device owner having a reasonable degree of technical knowledge about how to protect their network and the devices on it.

Personally, I am not all that concerned for my network with respect to the threat of such an attack. My firewall just does not respond to any "ping" requests, and will not allow connections to it that are not related to an outgoing connection. Nor do I have any ports open for anything. Lastly, I tend not to have "smart" devices connected to the internet. IMO, "bad actors" are not that hard to deal with when someone has a good firewall between their local network and the internet.

But, for the non-technical user, I can see instances where this might be a problem if they don't have a good firewall device that is properly configured by default.
If you are going to use a firewall to prevent access to the TV what is the point to connecting the TV to the network as the firewall would inhibit the SmartTV functions. Even if you block inbound connections outbound connections can still establish a two way connection via TCP thus disabling your TV.
 

DrSuess

Posts: 142   +123
Well, that does depend on whether or not they're able to figure out the OS that the TV's using. If it's UNIX-based, then yeah, but if it's a Samsung-proprietary OS, they might not have a clue as to how to even get in.
The Tizen OS they use is open source and available for download. I was looking at it the other day.
 

Cubi Dorf

Posts: 367   +244
It didn't stopping these tv's on being stolen. Samsung is not going to get their tv back. The person who buy stolen tv on amazon not knowing it is stolen is the one who will feel the pains when it stop working and can't return because the seller is disappear.
 

theruck

Posts: 385   +226
This is concerning because hackers will now try to phish and otherwise get into the Samsung servers to not only install ransomeware but to also threaten to disable every connected Samsung TV. This is a real possibility. Once disabled, the original TV owner must send Samsung proof of purchase and some personal ID's to have it reactivated. Should millions be shut down all at once, this will be a logistical nightmare for both Samsung and its customers. I just learned that there is no good reason to keep a smart TV online anymore. I'll use a Roku box and stream using that.

Damnit. The world is going nuts.
or they just re-enable them all at once
 

Rdmetz

Posts: 316   +153
"Once the set connects to the internet, its number is checked against a database on the company's servers. A match results in all of the TV's functions being disabled."
Oh man, that's a pretty irresponsible thing to reveal. Now the thieves know that the TVs will still be usable as long as they're used as regular TVs and not hooked up to the internet to enable their "smart" features.

THEY LITERALLY JUST TOLD THE THIEVES HOW TO GET AROUND THIS SECURITY FEATURE!!! :joy::laughing::DšŸ¤£

I personally don't care for "smart" TVs because I always hook up a PC to them anyway and that way my TV can't spy on me.
They'll likley just enable a must have internet connection to complete setup requirement or maybe have to do it occasionally after being "unplugged" for a significant time.
 

wiyosaya

Posts: 6,575   +4,971
If you are going to use a firewall to prevent access to the TV what is the point to connecting the TV to the network as the firewall would inhibit the SmartTV functions. Even if you block inbound connections outbound connections can still establish a two way connection via TCP thus disabling your TV.
The response was in reference to someone hacking from the outside.

Besides, you can block outgoing connections, too, via any protocol, if you know what you are doing and your firewall allows that level of control. Mine does since it is on a dedicated Linux PC through IP Tables. It's not all that hard to do in my case.
 

madboyv1

Posts: 1,727   +642
Actually the call to OnStar happens in real time during a chase. Ending the chase and retrieving the car.

Disabling the TV's does the exact same thing. But you're worried about your privacy even it could result in getting your TV back. Cool story. Fearmongering doesn't work against common sense. Just an FYI.
That's not what the OnStar's website says regarding the technology ( https://www.onstar.com/us/en/articles/tips/stolen-vehicle-assistance-helps-stop-thieves/ ) but okay, I've never had OnStar before so I can't say for certain from personal experience on how it works. The point I'm making about the Onstar example is that OnStar is a paid service that is provided to a client, vs a locking mechanism that, as far as I am aware of, has never been made public and has only been used to protect Samsung's interests as the displays had not been sold yet, and not for any consumer registered displays that had been unlawfully taken. It is a fantastic middle finger to those who had stolen the displays for their own use, but I feel kinda bad for those that get unknowingly swindled when the TV they just bought from someone gets bricked when they connect it to the internet for the first time.

I don't think what I've said really amounts to fearmongering, just a pessimistic view of what possibility could happen, however unlikely it may be. If dismissing it tailors to your common sense, then more power to you. If anything the news of this won't stop me from purchasing Samsung products/TVs. I kind of just assume anything that connects to the internet has a backdoor whether we know it or not, and it's just a matter of whether I care enough (usually not) to manage what they can and can't talk to, and whether that kind of access is a known commodity.

Unfortunately, that's on Samsung. I think the same argument can be made of IoT devices, as well.
Very true. I just hope they take network security and access control much more seriously than the dozens of other examples over the last few years. We already know IoT are practically a ticking timebomb, despite all the cool things you can do with them. XD
 

wiyosaya

Posts: 6,575   +4,971
They'll likley just enable a must have internet connection to complete setup requirement or maybe have to do it occasionally after being "unplugged" for a significant time.
IMO, Samsung would face a torrent of negative publicity on forums like this or AVSForums by requiring an internet connection to complete the basic setup, and that they would be trying to mitigate this stolen TV problem would not quell that negative publicity.
 

defaultluser

Posts: 256   +230
A good firewall would protect against random connections from outside the owner's local network.

If you have HTTP port open to your TV (say, if you want to stream anything, or update firmware), they can send a packet in response to your request.

Most of the time it's just signed Firmware update, or a movie stream frame, but it can also contain your killer packet.

Your only safety from this is never too hook the thing up to a network
 

captaincranky

Posts: 17,442   +6,175
And this boyz and gurlz, is why I bought the absolute stupidest TV I could find, and keep an active burglar alarm account with monitoring..

When I fire up the telly it doesn't nag me that, "your TV doesn't have an active internet connection", or any f**king thing else. It just goes to the last channel, and shows me pictures.

When I'm really feeling alone and "disconnected", I can always run up my god forsaken Blu-ray player.. It'll start spouting that, "Blu-ray phone home", sh!t. :mad:.

After this last round of Samsung's antics, the bottom line is, I won't buy anything but their SSDs..
 

wiyosaya

Posts: 6,575   +4,971
If you have HTTP port open to your TV (say, if you want to stream anything, or update firmware), they can send a packet in response to your request.

Most of the time it's just signed Firmware update, or a movie stream frame, but it can also contain your killer packet.

Your only safety from this is never too hook the thing up to a network
Here's the thing (or stateful firewalls 101 - if you prefer ;)) - most modern firewalls are "stateful" firewalls. That means that a device on the protected side of the firewall has to contact an outside server first, and then the firewall examines any incoming packets to see if they are a response to that initial outgoing connection. Stateful firewalls can block incoming packets if they are not "response" packets - in other words, if nothing on the protected side of the firewall contacted the server that is sending the incoming packet, it is easily rejected by the firewall.

Not only that, but incoming HTTP connection requests can be blocked by blocking TCP port 80 as that is the port used by standard HTTP requests. HTTPS requests use a different port number which is also easily blocked in a similar manner. For more info - https://geekflare.com/stateful-vs-stateless-firewalls/

The point being if you block outgoing traffic from the device, it will never be able to send anything to a server and thus it will never establish a connection with that server - so any incoming traffic from that server would be easily rejected by a stateful firewall.

So sending an HTTP request to a network that is protected by a firewall is not that simple. If that network is running an HTTP server, such as is run by most web sites, then the network admin for the site has likely opened up port 80 for any incoming HTTP request, however, that is a different animal than what we are talking about here.
 

Avro Arrow

Posts: 1,804   +2,156
TechSpot Elite
The trouble is that finding a dumb TV these days is increasingly difficult, IMO.
Yeah, I'm really glad that I was able to get one when I did about five years ago. I got it at Costco and not only was it the only 55" 4K TV that was under $700, it was on sale for under $500CAD! It's a Haier model #55E5500U:
71oY+5A1t+L._AC_SL1500_.jpg

My mother (who is Irish and so therefore always has an opinion on everything, even when she's clueless) was like "I've never heard of Haier TVs before!".

The thing is, I've never been a brand ***** when it comes to flat screen TVs and monitors because I know that the panel was probably made by HannStar and I used to sell HannStar monitors at Tiger Direct under the name "HannSpree" and they were pretty damn good monitors. The picture on the display model looked great and so I bought it. It's only a 60Hz panel and I heard the rumours that a 60Hz panel can show blur but I couldn't find any actual evidence of it. Sure enough, I've watched countless NHL and CFL games on it and I've never seen blur.

The only thing that went on it was the speakers and I expected that because speakers on flatscreen TVs tend to be garbage but even they lasted for just over three years before they started to crackle. I found a small (40cm) sound bar at a store called "Factory Direct" for (get this) $25CAD and while it's not strong enough to wake the neighbours (probably a good thing), it's more than loud enough for my TV and gaming purposes. I actually thought it was funny because no matter where I looked on the box it came in or on the sound bar itself, I failed to find a brand name. Oh well, considering that it works beautifully and only cost $25CAD, I honestly don't care what the brand is. The TV has four HDMI ports, one USB port (which powers the sound bar) and one standard stereo headphone jack.

The best thing is that it's one less electronic device spying on me! :laughing:
 

Avro Arrow

Posts: 1,804   +2,156
TechSpot Elite
And this boyz and gurlz, is why I bought the absolute stupidest TV I could find, and keep an active burglar alarm account with monitoring..

When I fire up the telly it doesn't nag me that, "your TV doesn't have an active internet connection", or any f**king thing else. It just goes to the last channel, and shows me pictures.

When I'm really feeling alone and "disconnected", I can always run up my god forsaken Blu-ray player.. It'll start spouting that, "Blu-ray phone home", sh!t. :mad:.

After this last round of Samsung's antics, the bottom line is, I won't buy anything but their SSDs..
Just hook up your PC to your TV and you'll be able to do more than some stupid "smart" TV. I consider "smart" TVs to be for the technically inept. I consider most people here (who aren't on my ignore list) to not be in that category (which represents most people). I'd actually consider the limitations of a "smart" TV to be a hindrance.