Monday, April 11

Geek

Daily News Stuff 11 April 2022

Hold The Roomba Edition

Top Story


Tech News


Disclaimer: Shift fifteen boxes full of books and what do you get?  A broken toe from when you dropped one of them and you weren't wearing shoes.

Posted by: Pixy Misa at 07:07 PM | Comments (10) | Add Comment | Trackbacks (Suck)
Post contains 296 words, total size 3 kb.

1 Something I've wondered about smart TVs... isn't it pretty easy to render them "dumb" by just not letting them have access to your wi-fi network? Maybe that won't work if you were counting on using "smart" features, but how common is that, anyway?

Posted by: Avatar_exADV at Tuesday, April 12 2022 02:56 AM (NoOEO)

2 Avatar:  There are various ways.  Perhaps you give the Smart TV a fake IP address that's completely outside your network range, and don't connect it to your physical or wireless network, and make sure your wireless network is properly secured against unknown devices.  Ban the TV's mac address on your router for good measure*.
Alternatively, create a little network for it using a Raspberry Pi which provides a DHCP and DNS server, and will happily resolve its own address and the tv's address but anything else it returns 127.0.0.1 for.
This doesn't solve what to do if a Smart TV manufacturer builds in a wireless network card and if it can't successfully connect to its command and control node through the settings you supply, then starts scanning all available wireless networks it can see and tries to connect through those.  As soon as it hits someone's open/unsecured network it will use that, and suddenly you're in the advertising swamp.  Someone will try this dirty trick at some point.  Hell, I'm counting on someone nefarious setting up an open honeypot network with malware just to screw with people and their devices.

{*} Side story, I had to ban a neighbour's smart-bulb from a Chinese comany called Tuya because it kept trying to hammer my wireless network with connection requests, even though the network is locked down and they don't have the encryption key.  The firmware is so stupid, it will just keep trying forever and it was degrading my network performance.  So I banned it from the wireless router and wireless access point via mac address and that helped.  Apparently this stupid smart-bulb goes for the strongest wireless signal it can find, and then gets fixated on it and won't attempt to connect to anything else.  Yes, they're that bad.


Posted by: Grumpy and Recalcitrant at Tuesday, April 12 2022 03:47 AM (nRMeC)

3 Some of the "smart" TV's will show a blank or config screen, or at a minimum a popup "please connect" message mid-screen, if you don't have them connected.

Posted by: David Eastman at Tuesday, April 12 2022 03:50 AM (qSKtI)

4 I have one where you can't completely disable wifi, and if you don't give it the password for yours, it will connect to any open nearby access point. I put it on my guest wifi and then blocked its IP address at the router.

-j

Posted by: J Greely at Tuesday, April 12 2022 03:50 AM (ZlYZd)

5 Nothing in what I suggested helps you if the Smart TV insists on a working internet connection or the TV will refuse to function.  I'm betting there are already some in this category.

Pixy's on to one of the possible solutions:  Buy a big computer monitor that isn't infected with "Smart TV" firmware.  Yes it will cost more, and it's worth it.
Another possible solution (which will also cost more than the residential market Smart TV) would be to buy a television intended for commercial customers (hospitals for their in-house television viewing in patient and waiting rooms, corporate conference rooms, two-way video conferencing, fast food restaurant digital menus/in-house advertising, etc...)  There is no way those customers are going to accept pushed advertising from third parties into their environments.


Posted by: Grumpy and Recalcitrant at Tuesday, April 12 2022 04:27 AM (nRMeC)

6 Aha, I see David and J Greely already replied while I was writing my second reply.

David:  So no function other than "please connect" if it can't connect to the internet?  That sucks.  (I hate it when I'm right.)
J:  Yeah, that's about all you can do, play ball with it for a couple of minutes and then throw it in network jail and hope it doesn't throw a hissy fit afterwards.

Posted by: Grumpy and Recalcitrant at Tuesday, April 12 2022 04:30 AM (nRMeC)

7 "Blipverts" Pixy, you are old. No one remembers tha....what that on the..................................................

Posted by: The Brickmuppet at Tuesday, April 12 2022 04:55 AM (5iiQK)

8 Someone willing to put enough effort into dealing with a TV that refuses to work if it can't connect might do so by setting up a fake server.  "Nope, I have no firmware updates for you.  Sure, I'll take (and dump) any reported info you send."  It will, of course, be more complex than that.

Posted by: Rick C at Tuesday, April 12 2022 05:04 AM (Z0GF0)

9 Brickmuppet:  I remember blipverts.  That pilot episode predicted things scarily well.  Take away the actual blipvert-effect, and you saw a television with a camera and microphone capable of viewing the viewer, identifying him, his family, his location, his economic status...  and selecting an advertisement for him based on all of that.  Once again I find myself saying:  "These dystopian fictions were supposed to be a warning, not an instruction manual!"


Rick:  The amount of work involved in that would be into the "hacking for learning's sake" territory; very much effort for very little payoff.  If you tried to make money by selling devices to fake the company's server(s), said company would probably engage in lawfare to try to shut you down via court judgement, or draw out the trial process to bankrupt you so you'd give up and stop threatening their business model.  It would start with an accusation of breaking their "digital lock" per the DMCA (oh how I hate that particular law's overreach.)

Posted by: Grumpy and Recalcitrant at Tuesday, April 12 2022 05:19 AM (nRMeC)

10 It looks like 4K projectors aren't infected with "smarts" yet, so when I build out the home theater in my basement next year, that's what I'll be looking at.

Rick, the fake server can work for things that are too stupid to use encryption (sadly, still a lot of those out there), but given that someone recently asked, "hey, why does my internet-connected Nespresso coffee maker listen on the OpenVPN port", I suspect most of them are being built around either BusyBox or Android, and have an SSL client cert baked into the firmware that validates the server they're talking to, and vice versa.


-j

Posted by: J Greely at Tuesday, April 12 2022 05:22 AM (ZlYZd)

Hide Comments | Add Comment




Apple pies are delicious. But never mind apple pies. What colour is a green orange?




57kb generated in CPU 0.027, elapsed 0.1701 seconds.
58 queries taking 0.1571 seconds, 350 records returned.
Powered by Minx 1.1.6c-pink.