SoylentNews is people
SoylentNews
According to Doug Lynch at xda-developers.com:
Android TV owners recently received an update across multiple platforms that have started to display sponsored content with a "Promotional Channels' title in the launcher of the Android TV software. We're currently seeing reports that it has shown up in Sony smart TVs, the Mi Box 3 from Xiaomi, NVIDIA Shield TV, and others. This has been an incredibly off-putting change for a lot of Android TV users. What makes matters worse is people were unable to disable the ads at first, but Reddit user Felisens seems to have figured out how to disable them.
[...] Update: Google's response
A Google spokesperson gave us the following statement:
Android TV is committed to optimizing and personalizing the entertainment experience at home. As we explore new opportunities to engage the user community, we're running a pilot program to surface sponsored content on the Android TV home screen.
(Score: 5, Interesting) by aiwarrior on Friday April 05 2019, @01:49PM (14 children)
My LG TV has spotify, netflix and youtube and i do not see any advertising. It is simple and does it's thing. It maybe not be the most powerful but it is enough. It also spies but you actually have to agree to it, and i did not, so the voice thing does not work.
(Score: 5, Informative) by Anonymous Coward on Friday April 05 2019, @02:00PM (7 children)
You connected your tv to the Internet?
Your tv is spying on you.
(Score: 3, Insightful) by ikanreed on Friday April 05 2019, @03:21PM
Not if it's connected to the internet through a hdmi plug to a linux computer.
Sometimes I wish I were better about pirating, rather than buying streaming media, though. It's really fucking annoying that I should see a real moral compunction against fairly paying for things I enjoy.
(Score: 2) by curunir_wolf on Friday April 05 2019, @08:05PM (4 children)
I am a crackpot
(Score: 0) by Anonymous Coward on Friday April 05 2019, @09:00PM (3 children)
DNS-over-HTTPS will exfiltrate your data even with a pi-hole.
(Score: 2) by NotSanguine on Friday April 05 2019, @09:45PM (2 children)
Egress Filtering [wikipedia.org] FTW!
DNS sinkholes [wikipedia.org] like Pi-hole aren't bad, but as you pointed out, local DNS restrictions can be overriden, and not just with DNS-over-HTTP. Assuming your firewall allows DNS requests outbound (necessary because you don't have the whole 'net in your DNS resolver or server caches), there are a bunch of things that can be done:
1. Using hardcoded DNS servers on the device
This can be defeated by -- you guessed it -- egress filtering -- only allow your local DNS servers to send DNS requests to the Internet
2. Using hardcoded IP addresses for ad servers to avoid DNS sinkholes
Again, egress filtering is your friend -- block outbound access for the device in question
3. DNS-over-HTTP
This can also be defeated via egress filtering with Policy-based Routing [wikipedia.org]
The best (if potentially inconvenient and possibly blocking services you might wish to use) way, of course, to defeat data exfiltration is to block *all* access from the device to the Internet with...wait for it...egress filtering. :)
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 0) by Anonymous Coward on Saturday April 06 2019, @08:12AM (1 child)
I'm not disputing anthing you wrote. But a pi-hole doesn't do egress filtering, does it?
I'm also interested how you would do egress filtering if Google decides to use ajax.googleapis.com for both DoH and as data collection drop point.
(Score: 2) by NotSanguine on Saturday April 06 2019, @10:23AM
I have no idea what pi-hole's capabilities are.
I read a brief summary that implied it was a DNS sinkhole with a gui. I don't know if it has packet filtering capabilities.
Then again, if it runs on top of Linux/Unix your can always use netfilter/iptables [wikipedia.org]. But if you do that, why bother with pi-hole at all? Just set up your own BIND server and blackhole to your heart's content. Or use something like pfSense [pfsense.org].
As for egress filtering on various types of web traffic, that can be handled via policy based routing [wikipedia.org] (PBR). However, determining whether it's application or spying traffic may be problematic with https, as the detail you require may be in the packet payloads rather than the headers.
If you need to perform PBR on https traffic, you'll need to implement a transparent proxy, decrypt the payloads, then make a routing decision (in this case, route vs. drop) based on the content. This can be done with Squid [squid-cache.org], Privoxy [privoxy.org] or other tools.
As for Google using ajax.googleapis.com for DoH (DNS over http(s)?) that shouldn't be a problem for PBR, as the payload will obviously have data structures as required by the DoH API. Again, if https is in use, you'll need to use a transparent proxy to decrypt, filter then connect/drop.
HTHAL
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by aiwarrior on Saturday April 06 2019, @11:10AM
Hmm maybe I am unconventional but, I actually do not use my TV for any other content, than the above services. Given that they are internet services, not having internet would make my TV an expensive black frame. Furthermore what is the difference between being spied on the computer, phone or tv? I think that privacy needs to be kind of piecewise. For example, does my computer contain sensitive information? If yes, encrypt it. Does my email account store sensitive information? If yes run your own server. If my phone contains sensitive information buy a burner phone etc. Compartmentalize and set procedures/workflows that require higher sensitivity. If you want to be completely anonymous, good luck passing on most modern technology and world, and paying a huge productivity penalty.
(Score: 3, Informative) by DannyB on Friday April 05 2019, @02:03PM (5 children)
I also have a TV that is "smart". Yet I have never used those features. It is able to spy on me and see that I alternate between a two different HDMI inputs. (DVD or RoKu)
RoKu is an ancient word which fell out of use several millennia ago, that, loosely translated, means: screw cable tv! Linguists say the word is derrived from an earlier language where the word was TiVo.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Farkus888 on Friday April 05 2019, @05:02PM (4 children)
I know you are making a joke, but I'll say it anyway. If it is connected to the internet, they can tell what you are watching.that stands even if you only watch hdmi input.
I'm not saying no one is able to spy on me. I like the conveniences in trade. By limiting the number of people holding a copy of my life story I improve my odds of staying out of breaches though.
(Score: 4, Interesting) by NotSanguine on Friday April 05 2019, @05:32PM (3 children)
I have a Vizio "smart" tv (and yes, I am aware of the spying and other nastiness they do).
However, I use it as a dumb monitor. I don't even switch HDMI inputs, as it's just plugged into an HDMI output jack on my A/V receiver (not network connected).
What's more, to keep the Vizio from sneakily connecting to any available WiFi network (it certainly can't connect to mine), Initially, I just didn't connect it to a network at all. But then I noticed that it was trying to connect to every WiFi network it could see, even after I disabled WiFi.
So now I'm using wired ethernet and a static IP address (I suppose I could do this with WiFi too, but I have the extra port and I don't want the Vizio searching for some open WiFi somewhere. I do egress filtering on my firewall to block *all* traffic from the Vizio device. I also created dummy DNS zones on my local DNS servers for the domains that the Vizio attempts to contact and have 'A' records pointing back at the Vizio TV.
I suppose this would work for Android TVs too, assuming you don't wish to the use the "smart" capabilities.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 0) by Anonymous Coward on Saturday April 06 2019, @08:14AM (2 children)
Ethernet over HDMI [hdmi.org].
(Score: 2) by NotSanguine on Saturday April 06 2019, @10:29AM (1 child)
And where does it go from there? The AV receiver has no network connectivity of any kind. What's more, the Vizio itself is blocked from sending *any* traffic to the Internet.
Given that I said all that in the post to which you replied, what's your point?
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 0) by Anonymous Coward on Monday April 08 2019, @01:11AM
If your AV receiver is a cable box, it can get your data out.