With the continuous advancements made in technology, our online experiences are becoming more streamlined and seemingly user friendly. We no longer require stationary desktop computers to access the Internet, but instead can reach the web through our laptops, smartphones, tablets and now, televisions. Smart TVs are one of the latest additions to the family of fun gadgets millions of people have their eyes on, but are they secure? A recent report from Germany’s computer magazine, c’t, has us saying no.
In January 2014, c’t took a deeper dive into the safety of smart TVs by inspecting the televisions of major manufactures including LG, Samsung and Philips. Journalists from the magazine were able to crack into the devices by messing with their SSL certificates. SSL certificates act as digital signatures and oversee the security protocol of Internet sessions, working as the overarching management system of sessions for HTTPS web addresses, requiring the use of encryption to transmit messages to and from the server.
By generating and signing their own certificates, c’t journalists were able to exploit the systems and intercept data from apps on the televisions because those given TVs never verified whether or not the certificates came from a trusted source. Once they were inside, journalists listened in on browsing sessions and HTTPS traffic to gain access to personal data, like usernames and passwords. The magazine reached out to each company whose devices they had exploited, and the given companies did promise to release updates to their firmware to increase security measures.
This isn’t the first time we’ve heard about smart TVs failing to provide security to its users though. In December we warned you about an incident in which a UK based developer learned his LG Smart TV was unknowingly tracking him to collect personal information. And just last year, researchers from iSEC Partners discovered a flaw in Samsung smart TVs that allowed the camera to be remotely activated. But what do these weaknesses mean for you and your own device?
Even though one of the major selling points of smart TVs is the fact that they offer users access to the Internet, that’s also one of their downfalls. Given their recent appearance to the digital device scene, they’re not yet protected robustly enough, and therefor present a risk to those who are using them to go online. Our best recommendation would be to avoid using the Internet altogether on them until they are better protected, but if you’re going to, then browse carefully:
- Don’t access any websites that require you to enter personal data, like banking sites or password-protected addresses, when using your Smart TV to go online. If you want to visit a website that is asking you to share private information, do so on a device that is already protected with a trusted antivirus, like your PC or tablet.
- If you do decide to go ahead and surf the web on your television, then you should limit your access to sites you already know and trust. Likewise, once you’re on those websites, avoid clicking on any unknown links that may appear. Your data is not just susceptible to schemes like the one run by the c’t’s journalists, but is also vulnerable to attackers who use malicious links and websites to target victims. If you don’t have an AV watching over your system, there is way to guarantee full safety.
- Finally, just like you should be using trusted websites, you should also only be using trusted applications. Both the Apple Store and Google Play have seen their fair share of fraudulent apps, so be sure to put some time into researching the authenticity of the apps you’re downloading and using to ensure their security.
As Smart TVs become the norm amongst television watchers, their security is bound to improve. With vigilance and smart browsing habits you should be okay to enjoy your device for now, however, until more security is offered , it’s up to you to ensure your safety while using them.