How your LG Smart TV can spy on you

Share

LG Smart TVThere’s a fascinating blog post by “DoctorBeet”, which anyone who owns an LG Smart TV should probably read.

It turns out that your LG Smart TV might be silently logging what channels you watch, and when you switch channel – sending the data back to the South Korean company so it can target you with advertisements.

And, surprise surprise, the data is sent in an unencrypted format.

DoctorBeet, a UK computer enthusiast, stumbled across the “feature” while fiddling with the settings on his LG Smart TV.

Astonishingly, DoctorBeet subsequently discovered by examining network traffic that his TV was reporting information about his viewing habits back to LG *regardless* of whether he had the system option “Collection of watching info” enabled or not.

LG options screen. Source: DoctorBeet

LG options screen. Source: DoctorBeet

Here is the reply that DoctorBeet got back from LG’s helpdesk when he asked them to comment on the enforced data collection and profiling of customers:

The advice we have been given is that unfortunately as you accepted the Terms and Conditions on your TV, your concerns would be best directed to the retailer. We understand you feel you should have been made aware of these T’s and C’s at the point of sale, and for obvious reasons LG are unable to pass comment on their actions.

We apologise for any inconvenience this may cause you. If you have any further questions please do not hesitate to contact us again.

In what will concern the privacy-conscious even more, DoctorBeet discovered that his LG Smart TV was also attempting to send the names of media files accessed on TV-connected USB sticks back to the television manufacturer.

DoctorBeet tested this by creating a file called Midget_Porn_2013.avi, shoving it on a USB thumb drive he stuck into his TV, and accessing the media content.

Media content test. Source: DoctorBeet

Media content test. Source: DoctorBeet

Sure enough, network traffic suggested that the TV was attempting to share information about the file being watched via the internet.

Network traffic mentioning "Midget_Porn_2013.avi". Source: DoctorBeet

Network traffic mentioning “Midget_Porn_2013.avi”. Source: DoctorBeet

In September, The Register reported that LG had struck a deal with Cognitive Networks to serve targeted adverts, based upon an analysis of the images shown on the TV screen – but this does not appear to be connected to the option setting that DoctorBeet has uncovered.

Clearly LG is very keen to monetise the millions of TV it has out there with targeted advertising. But if consumers are not clearly warned of the feature, and given a method of turning it off, the most sensible choice may be to choose a different manufacturer for your TV viewing.

Learn more on DoctorBeet’s blog, including a list of domains that you could block on your router, to prevent data being transmitted by your smart TV.

Do you have an LG Smart TV? Were you aware it was collecting information about your TV viewing habits? Leave a comment below, telling us your thoughts.

Further reading: LG says it will push out firmware update for spy TVs, but fails to apologise

See also: LG fumbles response to Smart TV spying revelation, withdraws Smart Ad video

Share

Tags: , , , , , ,

, , , , , ,

8 Responses

  1. Miguel Valentin November 20, 2013 at 1:41 pm #

    So, Graham…what CAN we do to prevent this?? Any suggestions??

    • Graham Cluley
      Graham Cluley November 20, 2013 at 1:52 pm #

      First way of preventing it is to not buy an LG Smart TV, and tell LG that this is the reason why you chose to buy a TV from another manufacturer instead. :) If enough of us kick up a fuss, maybe manufacturers will think twice about doing this kind of thing in future.

      Second way would appear to be to follow DoctorBeet's suggestion to block the web servers at your router that LG TVs attempt to communicate with.

  2. Spryte November 20, 2013 at 6:12 pm #

    Since I have never had any good luck with any Lucky Goldstar product they really would not be on my shopping list.
    However I will be on guard for my next 'smart' purchase… As many manufacturers are making Smart TVs, and some are made by Lucky Goldstar, we must ask who else is doing this.

  3. George November 21, 2013 at 6:14 pm #

    Hi I read about this whole saga this afternoon, having
    bough an LG Smart TV about a month ago in france, from Amazon.fr.
    At 15:00 I emailed them re this problem and asked for an immediate
    uplift and credit for a device they had sold me that was spying on
    me, and I also sent them the link to Dr Beet's original
    article and the Sophos Labs article. At 15:30 Amazon PHONED me ( an
    unheard of response ), and offered me a full refund no questions
    asked, with a FOC FEDEX Collection. Unless you live in France you
    will not be aware that responses from suppliers are generally
    NEVER, at best very slow after many reminders, and the answer is
    always "NON". So it seems Amazon.fr took this
    seriously enough to jump about and react ! Thanks everyone for
    bringing this nasty business to light !

  4. Ruy Flávio de Oliveira November 25, 2013 at 5:33 pm #

    Every LG SmartTV owner should rename an innocuous movie as "Koo Bon-Moo f*cks a goat.avi". Koo Bon-Moo, beiung LG's CEO, would have a lot of incentive to shut down this invasion of privacy, I bet.

  5. Robert November 25, 2013 at 8:36 pm #

    Thanks for the info. I don't own any LG product,
    and it stays so! It is unbelievable. Bad enough to report what
    channels I use to watch, but data from my USB… If
    Orwell"s vision of 1984 is as correct as the Animal Farm,
    our children will have a strange world to live in. Even we… I am
    going to send a letter for my local MediaMarkt, Saturn, Tesco etc.
    and ask them to remove ALL LG products until the responsible
    managers are found and punished. By punish, I don't mean
    laid off with a nice compensation. Where I grew up, one of the
    worst thing what could happen, if the postman had opened
    everybody's mail and sold the information… Can you
    imagine that? And now, this is happening. Regards

  6. Terry November 25, 2013 at 9:49 pm #

    For the router record:
    GB.smartshare.lgtvsdp.com has address 193.67.216.135

    Also:
    Domain Name : lgtvsdp.com

    Registrant::
    Name : LG Electronics Inc
    Email : domain@lge.com
    Address : Seoul 20 Yoidodong Youngdungpogu
    Zipcode : 150875
    Nation : KR
    Tel : 02-3777-3703

    • Graham C January 8, 2014 at 9:19 am #

      A DNS lookup no longer resolves an address for
      GB.smartshare.lgtvsdp.com However a google search of 193.67.216.135
      shows the operating organisation as LG Electronics. More
      interesting however is that the IP address is a spool operated by
      the Internet Service Provider Verizon in the Netherlands, Strange
      that a large organisation like LG should be hiding behind an ISP
      when they surely must have their own IP subnet and server farm ???
      Now it has been reported that Verizon is a connection node for the
      NSA !!! Does the plot thicken ?? This is NOT Graham Cluley -
      Another Graham C in Melbourne Australia

Leave a Reply