Own a Vizio Smart TV? It’s watching you

Vizio is offering advertisers “highly specific viewing behavior data on a massive scale.”

Read the whole story

 

[BasP]

Kestrel[/url]":1nb4xvoo]

BasP[/url]":1nb4xvoo]I'm kind of appalled that so many commenters on Ars apparently think that "Just disable the network connection and use [some network connected media player]" is an actual solution.

Could expand on why think it isn't? I can't tell if your objection is to the first part or to the second. I have no problem voluntarily letting Netflix track my viewing history, because I understood and accepted the terms of the arrangement. I give them money, they let me watch stuff without ads. I can end this at any time by ceasing to pay for it. I have no such deal with maker of the TV.

Do you have such a deal with the manufacturer of whatever you're using to watch Netflix? Roku? Western digital? Google? Apple? Microsoft?

My objection is that people appear to reason that if they don't trust their network-connected video playing device, they'll be safe if they disable the network connection and then play their stuff on a different network-connected video playing device.

 

[Scotty Bones]

astropheed[/url]":14ws4sie]

Iphtashu Fitz[/url]":14ws4sie]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

That could be more difficult than you think.
Ethernet over HDMI - http://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx

Block or deny the tv a network connection all you want. The moment you plug it in to a network connected device, it can route its connection via the HDMI cable to the mothership through that device.

Technology can really suck sometimes.

 

[kidahl]

enilc[/url]":103l22xi]

CQLanik[/url]":103l22xi]

enilc[/url]":103l22xi]

kranchammer[/url]":103l22xi]So, I have a pretty dumb question.

Leaving aside the breach of privacy, whatever that entails, what are the negative consequences of this happening?

Haven't seen an answer to this yet in this thread.

I'm a fairly intelligent person, but I don't understand the negatives? It's just TV. What do I care if some drone at an advertising/marketing company knows that I, among millions of other people, watch Big Bang Theory and Sherlock Holmes?

I DO disagree with the obsfucation by companies...not disclosing that you're doing this and/or making opt-out difficult is pretty scummy.

But is this uproar just about "it's not anyone's business what I watch on TV" and "I don't want advertising tailored to my tastes?"

Yeah, I too can't see any potential downside to having personally identifiable (even if supposedly anonymized) information sold to anonymous third parties without my knowledge or consent. /s

I don't understand the "/s" tag. While you're super good at sarcasm, nobody has answered the question.

Well, seeing that you are both persistent and lack imagination, I´ll bite:

* By knowing your news preference, your household political sympathies may be derived. (Please don´t ask why we have anonymous voting). Even in a so-called healthy democracy, this will be bought and used by political organisations to influence your vote. You typically zap when you see something you disagree with or don't like.

* By knowing your viewing habits, it can be decided whether you was at home on a particular time of day and can potentially be used to weaken an alibi.

* By knowing you viewing habits, an insurance company may decide it does not want to give you a good health insurance due to your sedative life.

* By knowing your preference for arabic channels, a crazy government may add a 1% possibility to your terrorist profile. That may in theory be the drop that lands you on the no-fly list.

* By knowing your preference for christian channels or gun channels, your religion and gun fetishism factor can be calculated.

* By knowing your viewing hits some crazy future data miner may believe they can derive a _lot_ of data about you, with retroactive effect.

* You also do understand that if they watermark the frames you see, that means your illegally downloaded film habits also can be deduced, right?

* What about that shocking clip your friends sent you just for fun, will you be tagged a potential sex offender for watching this?

* What about the stuff they watched when you rented your flat on AirBNB?

* How about someone attempts to derive your credit rating based on your viewing preference? It may fail, but nothing wrong with an attempt, right?

* Du you think your future employer would like to see your viewing habits for 5$ as part of an employee profiling package? Do you think they could deduce if you are pregnant?

You do understand that these collectors does not care if _your_ information is correct, right? If 10% of the viewer deduction is plain wrong, YOU get the problem, THEY still get the benefit of slightly better decisions than their competitor on average. And you have no influence on where that information goes or how long it will stick with you. You can even end up being associated with the wrong viewer such as your crazy neighbour without any possible way to correct it, if the "fuzzy" data enhancing algorithm decides to.

 

[kidahl]

YetAnotherAnonymousAppellation[/url]":fck6kp4u]

swawif[/url]":fck6kp4u]

kranchammer[/url]":fck6kp4u]So, I have a pretty dumb question.

Leaving aside the breach of privacy, whatever that entails, what are the negative consequences of this happening?

It was a genuine question, folks, I would appreciate an answer instead of a silent downvote.

Usually this data were anonymous, so the don't really harm the user, other than their privacy. However, in this case Vizio decided to also record the IP address. Now imagine what happened if someone hack into Vizio's server and stole those IP? An IP in a hacker hand could be very dangerous and could lead to more hacking. Or it could also lead to some people targeting you in a heist or something because they know your information.

Not so much. All the hacker would have is an IP address and the knowledge that you have a mid-range TV. The IP might narrow the your address down to a city, but it may not even be that specific (depends on the ISP). Turning an IP into a physical address is fair a bit of (probably illegal) work. There are probably much easier ways to figure out who to target for a break in with much lower risk.

You don´t have to hack in to Vizios servers.. they will sell it voluntarily if it makes money.
It is very simple to find a person behind an IP address you have access, you just have to match the IP with another bought register that associates another identifier with your IP until you have a close enough match.

Fuzzy matching is hard for a single hacker, but not for a huge data broker with access to hundreds of these registers.

 

[DarthSidious]

jhaygood86[/url]":2jq60qk8]

DarthSidious[/url]":2jq60qk8]So I am wondering exactly how this works. It seems they could pull this pretty easily from the Smart TV apps for Netflix, Youtube, etc., but what about when watching something connected over HDMI? Would they be breaking HDCP to figure out what you are watching?

I used to work for a major ad tech vendor... And the answer is yes at least for Vizio and LG TVs. Granted we used it to target interactive TV ads when the broadcast stream had the corresponding TV ad...

Thanks (I think). That is freaking scary. How does this not run afoul of the DMCA / HDCP agreements? Pardon my ignorance, but if I were to do this I could get sued or go to prison.

 

[passivesmoking]

My TV recently crapped out so I figured I might as well go for a future-proof option and invest in a 4K capable replacement.

So far I've not seen a 4K TV that wasn't also a "smart" TV. I'm beginning to wonder if there's such a thing a non-smart 4K TV.

It's 4King infuriating.

 

[fuzzyfuzzyfungus]

Akemi[/url]":m0g5ygy3]A spokeswoman for Tapad, a company that helps identify users across their many devices, said that its contracts prevent it from sharing the name of the companies it works with.

I always find it funny that these advertisers wish to remain under a total cloak of secrecy. But you consumers well, just fuck your privacy because, well ya - we said so.

This is why none of my so called smart TV's are connected to my router which has a very strong password just to login and no guest access (whether via Wi-Fi or wired). No connectivity, no data hoovering and distribution.

For deeply unencouraging; but not terribly surprising, reasons, the analytics weasels that hoover up and crunch targeting data for advertisers have adopted basically the same mindset that drives intelligence agencies: spy on absolutely everything you can, deny the adversary information to the degree possible, either by silence, misinformation, or both.

As quoth the good Jello Biafra: "For every spy in government there's fifteen private eyes who round up dirt on you to keep on file; then sell the file! That's progress, the kind that makes you feel good inside!"

 

[=j]

Scotty Bones[/url]":n9hsfdxw]

astropheed[/url]":n9hsfdxw]

Iphtashu Fitz[/url]":n9hsfdxw]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

That could be more difficult than you think.
Ethernet over HDMI - http://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx

Block or deny the tv a network connection all you want. The moment you plug it in to a network connected device, it can route its connection via the HDMI cable to the mothership through that device.

Technology can really suck sometimes.

Not quite yet. They need special ethernet capable HDMI cables. Also, they need the connected device to recognize and use the ethernet capabilities.

 

[BitMaker11]

DannyB[/url]":27h05s98]

The company said in its filing that revenues from its viewing data business are not yet significant.

We need to work hard to make those revenues very significant.

In a negative number sort of way.

Best way? Return the TV citing privacy concerns, even if just after a purchase. Returns are very expensive, more than lost sales, so they will quickly notice this.

 

[BitMaker11]

Scotty Bones[/url]":17k3oo5d]

astropheed[/url]":17k3oo5d]

Iphtashu Fitz[/url]":17k3oo5d]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

That could be more difficult than you think.
Ethernet over HDMI - http://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx

Block or deny the tv a network connection all you want. The moment you plug it in to a network connected device, it can route its connection via the HDMI cable to the mothership through that device.

Technology can really suck sometimes.

Show me a router with HDMI i/o? Now is it mainstream?

 

[aaronb1138]

astropheed[/url]":nlb89pia]

Iphtashu Fitz[/url]":nlb89pia]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

Or do some advanced firewall control and only allow it outbound to Netflix, Amazon Prime, et cetera. Advanced firewall control is going to become the critical killer app for security in dealing with the steaming pile of poo that is the Internet of Things. A couple other network engineers and I keep toying with the idea of building a software driven firewall similar to Checkpoint (as opposed to simple firewalls like pfSense and Monowall) with advanced traffic features (DLP, IPS, URL filtering and DNS control, etc.) and figuring out a way to sell it to consumers more on the privacy angle since people have largely stopped caring about security. Hitting the a reasonable sub $200 price point is easy these days as far as hardware is concerned. The current is just silly on pricing because the current target audience is exclusively enterprise customers.

 

[fuzzyfuzzyfungus]

DarthSidious[/url]":2kvkebhi]

jhaygood86[/url]":2kvkebhi]

DarthSidious[/url]":2kvkebhi]So I am wondering exactly how this works. It seems they could pull this pretty easily from the Smart TV apps for Netflix, Youtube, etc., but what about when watching something connected over HDMI? Would they be breaking HDCP to figure out what you are watching?

I used to work for a major ad tech vendor... And the answer is yes at least for Vizio and LG TVs. Granted we used it to target interactive TV ads when the broadcast stream had the corresponding TV ad...

Thanks (I think). That is freaking scary. How does this not run afoul of the DMCA / HDCP agreements? Pardon my ignorance, but if I were to do this I could get sued or go to prison.

They might simply be getting away with it; but I'd assume that the implementation is technically DMCA-compliant:

HDCP requires that the HDMI source and the HDMI sink both be duly licensed, pay their tithe to the consortium, abide by the terms and conditions; and ensure that video traffic across the wire is encrypted. However, it's perfectly acceptable(indeed, necessary) for the HDMI sink to decrypt the traffic(using the licensed keys, which are blessed by the DRM system and thus don't count as 'circumvention devices') in order to send it to the panel driver for display. There might be some systems that integrate an HDMI sink in the same package as the panel driver, just for cost reasons; but even there there will be a logical handoff of decrypted data to the panel driver half of the package.

Since TVs offer things like color-balance adjustment, assorted 'enhancement' settings, that backlighting thing Phillips does, etc. their embedded processors have access to the video stream between when it is decrypted, and when it is spit onto the screen. The HDCP license agreement would very, very much take a dim view of a 'smart' TV using this access to, say, exfiltrate the plaintext video stream; such a device would be in violation of the license agreement; but merely gathering some data about the video stream is not obviously forbidden; and architecturally the sampling presumably happens after the signal has been legitimately decrypted, on its way to the panel driver.

HDCP licensing is mostly concerned with the possibility of HDCP sink devices that re-transmit the decrypted video in some user-accessible form; but all HDCP sink devices may(and must) transmit the plaintext at least a short distance(to drive the display and audio); and aren't forbidden from modifying it(at least at the level of basic color-balance, effects filtering, etc. You might get into 'derivative works' territory if you sold an HDMI cable with an embedded expert system that bleeped obscenities or something).

None of this, of course, makes such behavior any less worthy of being purged with holy fire; but the DMCA is probably uninterested.

 

[BitMaker11]

A lot of really good solutions on this thread. Another one would be if reviewers also reviewed based on privacy (of product, manufacturer, past behavior etc). Purchasing decisions rely heavily on reviews so this needs to be addressed right at the (purchasing) start.

 

[fuzzyfuzzyfungus]

BitMaker11[/url]":10ooc0qs]

Scotty Bones[/url]":10ooc0qs]

astropheed[/url]":10ooc0qs]

Iphtashu Fitz[/url]":10ooc0qs]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

That could be more difficult than you think.
Ethernet over HDMI - http://www.hdmi.org/manufacturer/hdmi_1_4/hec.aspx

Block or deny the tv a network connection all you want. The moment you plug it in to a network connected device, it can route its connection via the HDMI cable to the mothership through that device.

Technology can really suck sometimes.

Show me a router with HDMI i/o? Now is it mainstream?

My understanding is that the router is not, and never was, intended to be HDMI connected: the point of HDMI ethernet is to allow one device in a stack of HDMI connected devices to share a network connection(made by normal means, wired or wireless) with the other devices, without the wasteful duplication of having a NIC in every last object in the media center.

It's conceptually much like HDMI CEC, but with the notion that devices being connected to the internet is a virtue: like CEC, HDMI ethernet is supposed to facilitate interaction between HDMI-connected devices; with one of them acting as a bridge to the network and the others sharing through it; just as in the CEC use case one device accepts remote control input and then orders the others around as appropriate.

Perhaps the bigger issue is that, at present, nobody makes HDMI-connected firewalls, packet filters, or IDS systems, so your devices could be plotting behind your back and inspection would be tricky.

 

[DarthSidious]

fuzzyfuzzyfungus[/url]":q22i9ht8]

DarthSidious[/url]":q22i9ht8]

jhaygood86[/url]":q22i9ht8]

DarthSidious[/url]":q22i9ht8]So I am wondering exactly how this works. It seems they could pull this pretty easily from the Smart TV apps for Netflix, Youtube, etc., but what about when watching something connected over HDMI? Would they be breaking HDCP to figure out what you are watching?

I used to work for a major ad tech vendor... And the answer is yes at least for Vizio and LG TVs. Granted we used it to target interactive TV ads when the broadcast stream had the corresponding TV ad...

Thanks (I think). That is freaking scary. How does this not run afoul of the DMCA / HDCP agreements? Pardon my ignorance, but if I were to do this I could get sued or go to prison.

They might simply be getting away with it; but I'd assume that the implementation is technically DMCA-compliant:

HDCP requires that the HDMI source and the HDMI sink both be duly licensed, pay their tithe to the consortium, abide by the terms and conditions; and ensure that video traffic across the wire is encrypted. However, it's perfectly acceptable(indeed, necessary) for the HDMI sink to decrypt the traffic(using the licensed keys, which are blessed by the DRM system and thus don't count as 'circumvention devices') in order to send it to the panel driver for display. There might be some systems that integrate an HDMI sink in the same package as the panel driver, just for cost reasons; but even there there will be a logical handoff of decrypted data to the panel driver half of the package.

Since TVs offer things like color-balance adjustment, assorted 'enhancement' settings, that backlighting thing Phillips does, etc. their embedded processors have access to the video stream between when it is decrypted, and when it is spit onto the screen. The HDCP license agreement would very, very much take a dim view of a 'smart' TV using this access to, say, exfiltrate the plaintext video stream; such a device would be in violation of the license agreement; but merely gathering some data about the video stream is not obviously forbidden; and architecturally the sampling presumably happens after the signal has been legitimately decrypted, on its way to the panel driver.

HDCP licensing is mostly concerned with the possibility of HDCP sink devices that re-transmit the decrypted video in some user-accessible form; but all HDCP sink devices may(and must) transmit the plaintext at least a short distance(to drive the display and audio); and aren't forbidden from modifying it(at least at the level of basic color-balance, effects filtering, etc. You might get into 'derivative works' territory if you sold an HDMI cable with an embedded expert system that bleeped obscenities or something).

None of this, of course, makes such behavior any less worthy of being purged with holy fire; but the DMCA is probably uninterested.

Thank you for the detailed response!

 

[orangebag]

Whenever possible buy dvds & put them onto a hard drive, watch from that.
That option is likely to disappear when/if >1080 resolution becomes normal.

 

[fuzzyfuzzyfungus]

aaronb1138[/url]":1ihyf79l]

astropheed[/url]":1ihyf79l]

Iphtashu Fitz[/url]":1ihyf79l]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

Or do some advanced firewall control and only allow it outbound to Netflix, Amazon Prime, et cetera. Advanced firewall control is going to become the critical killer app for security in dealing with the steaming pile of poo that is the Internet of Things. A couple other network engineers and I keep toying with the idea of building a software driven firewall similar to Checkpoint (as opposed to simple firewalls like pfSense and Monowall) with advanced traffic features (DLP, IPS, URL filtering and DNS control, etc.) and figuring out a way to sell it to consumers more on the privacy angle since people have largely stopped caring about security. Hitting the a reasonable sub $200 price point is easy these days as far as hardware is concerned. The current is just silly on pricing because the current target audience is exclusively enterprise customers.

The one tricky bit(I've actually been trying to work this out for myself recently; because of all the things that can't be trusted not to chat) is getting all the features you need in a single box that doesn't either cost a surprising amount of money or consume excessive power. If you go with a cheapie ARM SoC, from the router school, you get plenty of ports; but a CPU on the low end and very little RAM. A punchier application processor doesn't cost much more; but tends to cut you down to a single GbE interface in exchange for a bunch of GPU that you don't need. Either way, getting more than a couple GB of RAM is a bit of a challenge. If you move up to an x86 motherboard, you can get the RAM that you really want; but now you've got something that wants an ATX PSU and an SATA boot volume and all.

Basic firewalls can be pretty lean; but Snort and friends can get rather hungry.

Since you seem optimistic on the notion, would you care to tell what strategy you were thinking of? Low-cost 32 bit ARM with limited RAM, and make it fit? One of ARM's 64-bit devices once they become a bit less mythical? At Atom/Celeron that has the NICs without attracting Intel's because we can' pricing like those with ECC support do?

 

[jimCA]

BasP[/url]":1bq41hoa]

Do you have such a deal with the manufacturer of whatever you're using to watch Netflix? Roku? Western digital? Google? Apple? Microsoft?

My objection is that people appear to reason that if they don't trust their network-connected video playing device, they'll be safe if they disable the network connection and then play their stuff on a different network-connected video playing device.

My objection to your objection is you're failing to account for price. If I decide I dislike a $100 device, I can replace it more readily than a $1000 device. Adding "brains" into the peripheral is stupid, it's just planned obsolescence.

 

[Sasparilla]

How disappointing, very sneaky as well.

To all those who are saying well I just won't give it a login...remember this was behind the curtain...so if I was Vizio I would make sure I had a behind the curtain deal with Comcast and AT&T etc. to automatically use those "free" parallel wifi connections they're installing in all their customers houses (often without them knowing) all over the country...then the requirement of the user providing network access is solved.

I wonder if they've done this already?

 

[Buran]

Uxorious[/url]":2mth330j]

Iphtashu Fitz[/url]":2mth330j]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

The disappointing fact is that unless you are only watching optical disks on a standalone player, you are probably already reporting back to some mothership, whether it be to Netflix, hulu, iPlayer, YouTube, etc.

That's exactly what I do. 9 times out of 10 when I want to watch a movie, it's not on Amazon Prime (I don't count their "you have Prime but you have to pay anyway" shenanigans as having the film in question) or on Netflix. I only use them to watch back episodes of shows. I also once started watching a movie on Netflix, got interrupted, when I went back a few days later to finish, Netflix's search claimed the movie wasn't on the system. I didn't get to finish watching.

If I buy Blu-ray, it's always going to be on the shelf and nobody gets to pull that shit on me. So yes, all I need is a Blu-ray player and a commercial dumb display and a sound bar. I've been called a Luddite for that, but hey, it works and doesn't fail me randomly, and works even if my internet service fails. The "cloud" may be trendy and cute, but it's too unreliable.

 

[alj_ars]

teceneha[/url]":2nroj2ou]Add Samsung to this list as well. Really they all do it, and where Amazon blatantly offers an ad supported kindle for 70% of the price, the Smart TV companies have been collecting and monetizing this data behind everyone's back for a while.
Thankfully, there have been a couple privacy issues in other countries, so turning off the collection is pretty easy. For example:

LG in the UK
http://www.bbc.com/news/technology-25018225

Samsung in Australia
http://www.dailymail.co.uk/sciencetech/ ... ovies.html

After that, companies have been more careful, so you can just opt out of everything and the TV actually won't collect your data.
...Or don't plug a network cable into it, and sort of hope the devs haven't designed in the option of connecting to any unsecured wifi network nearby and sending the data.

Thor84no[/url]":2nroj2ou]I write software that detects and acts on the content displayed on your smart TV, and it's certainly not just Vizio doing this. Certainly LG and Toshiba do as well, they probably all do. If anything, this job has made me certain that I'm never buying a smart TV, or at least never connecting it to the Internet. If they start requiring it I just won't be buying TVs, just need to find some cheap large monitors instead.

In Europe, the only Manufacturer still providing non-smart 4k TVs seems to be Phillips (PUH4900 series), and while it is a recent model, it is far from available everywhere.

There is also the solution of ditching completely the TV. With the quality of programming here, look more and more attractive.

 

[eeks]

Will never buy a Vizio now and when people ask about what TV they should get I'll tell them to stay away. Pretty simple. I am on the market for a TV now so this is timely.

 

[simonbarsinister]

It could be worse. LG smart TVs have been caught browsing your PC network shares and sending all of your *filenames* back to Panopticon headquarters. Yes, that's right. Hope you don't have anything identifiable like the address of property you own or family members information in any of your filenames. Not to mention there is nothing stopping their next release from actually sending the full contents of your shared documents.

http://meincmagazine.com/security/2013/11 ... gger-says/

This is why no devices or internet-of-things will ever get a network connection or wifi password in my house. It is time to consider your home network a hostile environment and keep strict permissions between devices. Unfortunately, the same bad behavior can be expected of random pieces of software on my computers and phones.

 

[fuzzyfuzzyfungus]

simonbarsinister[/url]":343f256x]It could be worse. LG smart TVs have been caught browsing your PC network shares and sending all of your *filenames* back to Panopticon headquarters. Yes, that's right. Hope you don't have anything identifiable like the address of property you own or family members information in any of your filenames. Not to mention there is nothing stopping their next release from actually sending the full contents of your shared documents.

http://meincmagazine.com/security/2013/11 ... gger-says/

This is why no devices or internet-of-things will ever get a network connection or wifi password in my house. It is time to consider your home network a hostile environment and keep strict permissions between devices. Unfortunately, the same bad behavior can be expected of random pieces of software on my computers and phones.

Aside from 'because corporations', I'm still not sure why building TVs that deployed a 'scan vulnerable SMB shares' behavior wasn't eleventy-zillion counts of Computer Fraud and Abuse Act violation.

I have this sneaking suspicion that if I produced 'fuzzymediaplayer', which played videos but was also a trojan that scanned your network in an identical manner, there might be a few hungry prosecutors circling for an easy kill.

 

[cheeetoe]

When can we get a standardized privacy label on products/services that verifies they aren't selling all your data out the back door to anyone with a checkbook.

 

[aaronb1138]

fuzzyfuzzyfungus[/url]":1o9wa3xp]

aaronb1138[/url]":1o9wa3xp]

astropheed[/url]":1o9wa3xp]

Iphtashu Fitz[/url]":1o9wa3xp]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

Or do some advanced firewall control and only allow it outbound to Netflix, Amazon Prime, et cetera. Advanced firewall control is going to become the critical killer app for security in dealing with the steaming pile of poo that is the Internet of Things. A couple other network engineers and I keep toying with the idea of building a software driven firewall similar to Checkpoint (as opposed to simple firewalls like pfSense and Monowall) with advanced traffic features (DLP, IPS, URL filtering and DNS control, etc.) and figuring out a way to sell it to consumers more on the privacy angle since people have largely stopped caring about security. Hitting the a reasonable sub $200 price point is easy these days as far as hardware is concerned. The current is just silly on pricing because the current target audience is exclusively enterprise customers.

The one tricky bit(I've actually been trying to work this out for myself recently; because of all the things that can't be trusted not to chat) is getting all the features you need in a single box that doesn't either cost a surprising amount of money or consume excessive power. If you go with a cheapie ARM SoC, from the router school, you get plenty of ports; but a CPU on the low end and very little RAM. A punchier application processor doesn't cost much more; but tends to cut you down to a single GbE interface in exchange for a bunch of GPU that you don't need. Either way, getting more than a couple GB of RAM is a bit of a challenge. If you move up to an x86 motherboard, you can get the RAM that you really want; but now you've got something that wants an ATX PSU and an SATA boot volume and all.

Basic firewalls can be pretty lean; but Snort and friends can get rather hungry.

Since you seem optimistic on the notion, would you care to tell what strategy you were thinking of? Low-cost 32 bit ARM with limited RAM, and make it fit? One of ARM's 64-bit devices once they become a bit less mythical? At Atom/Celeron that has the NICs without attracting Intel's because we can' pricing like those with ECC support do?

Checkpoint UTM 1100 has advanced features if you invest in the blades at thousands of dollars on top of the $600 price of entry. It's just an ARM box at 1-1.5 GHz with Yellow Dog Linux (I think they ditched RHEL for smaller devices). Similarly the SonicWall TZ series can do some pretty advanced URL filtering, Anti-Spam, Anti-Virus and similar with add-on software on about the same range of ARM. Intel Atom based offerings get below $100 with sufficient RAM, Flash and 2x NICs.

Per the following, even CheckPoint 4200s are powered by what are now very affordable specs: https://blog.lachmann.org/?p=1454 , being dual core Atoms and 4 GB of RAM. Anything 4000 series and up can do some pretty extreme IPS, DLP, and similar with relative easy with a couple hundred users.

 

[bobthe]

Wow, what a giant bag of dicks Vizio has become...

 

[azazel1024]

theoilman[/url]":2bnvgyfj]Any of the TV companies not doing this already will be doing it within a few years. All the more reason to just use your TV to display things, and use chromecast, Apple TV, etc to be the smart part.

Beyond generally a better interface, this is exactly why I do that. At least I have one source point where I can keep abreast of how it is trying to spy on me and trying to limit that spying.

At least a small number of the betters ones, don't seem to really do any spying at all (I am looking at you Apple TV. Which doesn't mean Apple isn't mining what you are buying through iTunes and stuff, but this all encompassing spying business doesn't seem to be going on).

 

[kurkosdr]

How can the so called "feature" be turned-off? I think Ars should have that in the article to help any Vizio owners.

PS: This is why I don't like those SmartTVs". Don't like the way a set top box works? Change it. Don't like the way your Smart TV works... hmm... Just give me lots of HDMI ports.

 

[Invid]

theSeb[/url]":3hxd4wdc]

CQLanik[/url]":3hxd4wdc]

theoilman[/url]":3hxd4wdc]Any of the TV companies not doing this already will be doing it within a few years. All the more reason to just use your TV to display things, and use chromecast, Apple TV, etc to be the smart part.

Because Apple and Google don't collect data on you, amirite?

Apple does not sell any of your data to third parties.

What's hilarious is I used to hear all those "Apple's going to make a TV" rumours and laugh...there's no margins in TVs and Apple loves their margins. Now I'm thinking that when my dumb Sharp Aquos dies I'm going to end up buying an Apple TV to replace it.

Apple's value proposition is that they won't sell my data to anyone, for the low, low cost of forty percent gross margin. Vizio just made their pitch for them.

Dammit.

 

[locozozi]

nehinks[/url]":3rizsdjr]Are any brands making "Dumb" TVs with decent panels? For most brands I've looked at, you have to pay for the Smart features in order to get a good screen, even if you're not interested in anything but the screen.

Not that I'm aware of.
Last year I went on a long hunt, and indeed, they stuff the "Smart" down your throat if you want a good panel.
Ended up getting the best TV (Panel) I could a afford, And it's kept off the network.
Even a TV software update I had to do, I did offline (thumb drive).
Love my TV, but the Smarts I leave to my HTPC...

 

[blacke]

BasP[/url]":2d0xctud]

Kestrel[/url]":2d0xctud]

BasP[/url]":2d0xctud]I'm kind of appalled that so many commenters on Ars apparently think that "Just disable the network connection and use [some network connected media player]" is an actual solution.

Could expand on why think it isn't? I can't tell if your objection is to the first part or to the second. I have no problem voluntarily letting Netflix track my viewing history, because I understood and accepted the terms of the arrangement. I give them money, they let me watch stuff without ads. I can end this at any time by ceasing to pay for it. I have no such deal with maker of the TV.

Do you have such a deal with the manufacturer of whatever you're using to watch Netflix? Roku? Western digital? Google? Apple? Microsoft?

My objection is that people appear to reason that if they don't trust their network-connected video playing device, they'll be safe if they disable the network connection and then play their stuff on a different network-connected video playing device.

Because with some external ones (mainly home builds) I have the possibility to exactly control what does and doesn't do.

However, are you honestly saying that we shouldn't trust some manufacturers/brands over others based on their individual actions but rather base them all as one single entity?

 

[PrimalxConvoy]

theoilman[/url]":1vmhc2to]Any of the TV companies not doing this already will be doing it within a few years. All the more reason to just use your TV to display things, and use chromecast, Apple TV, etc to be the smart part.

Exactly, that's why I've never bought a smart tv device. However, what's going to stop STB makers from doing the same thing?

 

[DarkSyd]

Vizio is offering advertisers “highly specific viewing behavior data on a massive scale.”

Says the webpage displaying ads based on my Amazon purchases.

 

[TylerH]

This really bums me out. Here I was telling everyone I knew that Vizio was the brand to stick with; they were doing all the right things and had the best TVs at the consumer level... then they go and do this.

 

[lewax00]

Vizio is offering advertisers “highly specific viewing behavior data on a massive scale.”

Says the webpage displaying ads based on my Amazon purchases.

But unlike a TV, you didn't pay for Ars. If you do, they stop displaying the ads.

 

[BajaPaul]

CQLanik[/url]":27jm0rjx]

BajaPaul[/url]":27jm0rjx]

astropheed[/url]":27jm0rjx]

Iphtashu Fitz[/url]":27jm0rjx]Makes me glad I haven't fallen for the whole smart TV hype yet. It can't report back to the mothership if it doesn't have a network connection.

Just don't give it a network connection.

Just opt out!

That assumes that you will always be able to do so, and that you believe that they actually stop collecting data on you when you do so.

You are right. After further study, apparently Vizio doesn't stop collecting even if you do opt out...

 

[Zak]

DarthSlack[/url]":2zf043d7]Sigh. Must everything revolve around feeding data to advertisers? It's getting to the point where I'm not sure I trust my dog not to be feeding data back to advertisers in exchange for more kibble.

This intrusion into our lives is out of control by now, we can't stop it. They must sell more, make more money, more money, more money...

I refuse to buy any "smart" devices. My "TV" is still just a 42" dumb monitor hooked up to a PC.