All TV's are dumb tv's if you only use them as an external display/monitor and don't connect them to the net. I have a dedicated computer for a media center and just use HDMI1 input on the TV. Never enter menus. Never update the OS. Never agree to anything. Never let the TV "phone home." Never set up wifi. Never connect a CAT5 to it. Set the input using the remote and forget it. Treat it as a dumb monitor. Computer is connected to the net, TV is not and has no way to access it.
That's sadly not really true. I have an LG that I (thought) I was using this way until one day in the middle of watching some TV I get a prompt about a OnePlus phone trying to control my TV, do I want to accept? Needless to say and didn't, but I was baffled by what happened. Turns out that the stupid TV is controllable via an app over bluetooth, and there is no way to turn bluetooth off. I'm just stuck with my TV constantly advertising it's presence to everything around it.
Since I use a Roku stick for streaming, I have no need for the WiFi module in the TV. I was able to follow the instructions in that post, which involve removing the back of the TV and physically disconnecting the Wifi Module, and correct the issue.
I suppose that's one way to make sure the TV is not silently connecting to WiFi, although I'm not sure how difficult that operation would be on other manufacturers.
Local playback is fine, but greatly restricts your options for media boxes. The top end Apple TV 4K for example only has 64GB of storage, and the Nvidia Shield TV caps out at a paltry 16GB. The Apple TV would fit a few shows if you were willing to rotate them out, but wouldn’t be able to provide a “library” experience. The Shield supports external storage, but who wants an external HD or NAS taking up space on their TV stand?
So local playback implies something more like a mini-ITX PC or SBC running some flavor of Linux. That’s fine, but it’s not going to be terribly couch-friendly since it’s going to have a bog standard desktop UI.
So the most popular option is to put all your media on a server in the closet (usually an old laptop or raspi or something), with a client on your streaming box like Plex, Kodi, Infuse, etc connecting to your server.
> with a client on your streaming box like Plex, Kodi, Infuse, etc connecting to your server.
Never heard of Infuse but don't Plex and Kodi both contact the vendor's server? That is enough to make me not want to go anywhere near them. I do know there are home media center distros for the RPI and PC and they are supposedly nice. I'd be ok with using one in principle, but I haven't cared that much about media UI to bother. I just use command line mplayer on my laptop if I want to watch a video, and that's good enough for me. I can understand other people wanting a more TV-like experience, which is also fine.
Plex definitely connects to third party servers, primarily for verifying subscription status (some features are tied to a subscription) and to make connecting to your Plex box from outside of your local network easier (no IP addresses or something like dyndns).
Kodi I’m not sure about. It was originally XBMC (XBox Media Center) and is open source so even if there’s so phone home element, it can be built without that. Another open source option is Jellyfin, which is a fork of Emby from before that project was closed off.
Why does plex have subscriptions at all? I understand (at least theoretically) that not all software is free, but charging for it the normal way (you pay money and buy a copy that you then use without it phoning home) works perfectly well too. Anyway I had had the impression that Plex also sends at least the metadata of your video library to its home server.
I didn't realize Kodi was XBMC or that you could build it yourself. Thanks for that info.
Plex isn't an alternative, its an app that plays content you host yourself, plus whatever sponsored crap Plex wants to shove into the UI. For people wanting to watch Netflix or Amazon Prime, this isn't a meaningful suggestion.
The Apple TV is a drop-in replacement for a Roku or Fire TV that lacks built-in advertising
I use an AppleTV 4K on every TV. Media is on a NAS (TrueNAS Mini). I use a Kodi port called MrMC (~7USD in App store) to mount the NAS shares and play all the media (supports NFS and SMB). Run a container (on the NAS) with MySQL that MrMC talks to that syncs status between all instances. Works great. Watch in one room, pause and pick up where I left off in the next room.
AppleTV is not analogous to a Roku stick however, unless I'm misunderstanding. It is an app that already requires a connection to Wifi from the TV; Roku stick is what provides this connection. Additionally, AppleTV does not support Netflix or Disney+ among others. [1]
Pedantic Post Alert, but there's a few different products called "Apple TV". There's the hardware box called Apple TV that comes with a remote and plugs into the HDMI on your TV. That IS an alternative to Roku.
Then there's the Apple TV app, which runs on the Apple TV box. This can integrate with some other streaming services and show you their content in the app. Not Netflix or HBO (or some others) though.
And finally (that's all?) there's the Apple TV+ service that's 4.99 a month and lets you watch shows that Apple produces in the Apple TV app on the Apple TV box (or your iPhone, iPad, etc.)
Confusingly Apple actually has a few ‘Apple TV’ product. There’s the app that you’re describing then there’s the physical device, as well as the subscription service.
The physical device is the Roku competitor, and supports Netflix/Disney+ etc.
AppleTV is a device like a Roku box or stick. AppleTV is also an app on iOS devices, roku boxes, etc. AppleTV the device has Netflix and Disney+ available, among many other apps.
I'm wondering if there is a wiki somewhere detailing the different ways to easily disable wireless connections inside consumer TVs...
From the link: > I taped the loose ribbon cable to the inside of the TV with a note saying, "Wifi Module disconnected, so as to disable 'Unknown Device is Disconnected' message." That way if anyone ever looks in there in the future, it will be known what was done :-)
For anyone with LG TVs, iirc there’s a project called OpenLGTV which is working to reverse engineer LG software. Maybe it could help disable some of these “smart” features?
I imagine they'll happily let your neighbor accept the terms and conditions you have yet to accept too =P That's a failure mode I hadn't thought about, I didn't realize people tried to control a TV with bluetooth.
Why would you do this? Initial configuration but then never again? I can't think of a technical reason it meaningfully helps when you can already type in a wifi password with the remote, so I'm inclined to assume that the feature isn't for the customer but rather because they want you to use their app on your phone because the data on your phone is more valuable than the data on your TV.
I used to quite like BT control of the TV back when my kids were babies. Advance warning though, these are going to be pretty niche use cases…
I would feed them and they’d fall asleep in my arms but sometimes I would be terrified to move them in case they woke (and sometimes I’d just enjoy cuddling them as they slept). However the TV remote might have been too far to reach, whereas my phone was always in my pocket.
BT became useful again when they became older and started playing with the TV remote. It was always getting lost. Whereas my phone wasn’t.
So that does make sense, for sure, though my thinking was about how once it's connected to your home WiFi surely your phone is too and is less range limited.
But in terms of involving installing an app on your phone to emulate a remote, both are the same so it's no different. At least it's for more than just to configure it, mandating a connection to a phone you may or may not have seems like a stretch. At least by making it possible to use your BT for a remote you're expanding the features rather than breaking them.
Well, that was mostly a neighbor who accidentally clicked on your TV's bluetooth broadcast signal. But still if you leave it at that and not let your TV connect via bluetooth, it still remains a dumb TV
We have a pretty bad relationship with one of my neighbors. Not gonna get into specifics, but they're quite immature and petty and vindictive, and just generally not pleasant people.
Anyhow, late one night we saw something popup in the list when I was pairing my headphones. "$crappyneighbor's TV". And we saw an opportunity to be a little petty back for once. We connected my phone, and apparently their TV model features no confirmation because it went right through, and started blasting Rick Astleys "Never Gonna Give You Up" until my phone disconnected a couple minutes later. Bit of good harmless fun at their expense.
A warranty is never voided if nobody knows what you did.
The profit margins are quite thin on consumer equipment; they can't afford to investigate into the chassis, having someone look at every chip that might have been tampered with.
You can disable bluetooth with some effort - find the BT antenna (inside) and replace it with a load terminator - the radio thinks there's an antenna still but there is nothing that can be broadcast or received.
It's an LG OLED55C9PUA. FWIW I went though all the menus, as well as searching the internet, and couldn't find any way to turn it off, nor as far as I could tell could anyone else who discovered this "feature".
That doesn't sound like a great user experience. "I have this TV that I want to use as a monitor, but I have to turn of a feature on my unrelated device which I want to use with a headset, keyboard, etc". I would rather buy a dumb TV that didn't require me to lose phone features.
> grant the fucker an internet connection over BT, it starts to rat on you
Or it does that by itself, with a mesh network that your neighbours have setup by accident with their Alexa or Ring - Amazon Sidewalk is an amazing end-run around your own firewall rules.
that's not petty, that's downright patriotic. we have an inalienable right to privacy, security, and liberty, and absolutely no obligation to let companies (or governments) invade or curtail those rights.
> we have an inalienable right to privacy, security, and liberty
I assume you’re referring to the US constitution. The rights you’re referring to constrain the government, not companies. You do not have a legal right to privacy w.r.t. your TV spying on you.
no, not just the constitution, it's inalienable because it's intrinsic to being civilized people, not because some piece of paper says so. on the contrary, companies have no right to spy on us.
note that a right isn't a passive trait, but an active assertion. every time we give in to what's easy, we lose a little bit of our rights. you maintain rights by speaking out and living by them. we wouldn't need a second amendment were that not the case (n.b., i don't personally own nor desire a gun).
If you build it into all of the exterior facing walls, you can use a cell range extender to tunnel a data connection inside your house, and also similarly with a Wi-Fi AP connected via Ethernet, in the event that you want Wi-Fi signal outside your home as well.
Actually, when I build my next house in 5-10 years I think I might do exactly this
Not gunna lie, i'm looking at building/remodelling a home in the next few years, and i'm seriously considering foiling the walls of some rooms just to build a faraday cage.
I mean sure, it's (probably) not an internet connection, but Bluetooth and an IR remote aren't really comparable. Bluetooth exchanges information in both directions, IR does not. Bluetooth works from hundreds of feet away (or more) with no line of site, an IR remote does not. Bluetooth allows for broadcasting arbitrary content to my TV, an IR remote can only change the channel. Given the relative complexities I'm also far more concerned about a security vulnerability existing in the never updated random Bluetooth module/drivers in the TV than an IR receiver that emulates button presses.
My Vizio TV's settings can only be changed with a phone app. It comes with a regular remote, but there's no button for entering the settings menu. For the app to work, it requires to be in the same WiFi.
I dodged the bullet by setting up a restricted WiFi (no internet), but that shows how TV manufacturers try to force you in connecting your TV to the Internet.
How old is your Vizio? All modern Vizio tvs in the past 6 years have a remote with a Menu button. And they ask for accepting Privacy Policy before you can connect to wifi. You can very easily avoid connecting a Vizio to a network and just use it as a dumb tv.
I just got a new Vizio, I only connected it long enough for it download the latest firmware, and then neutered it by removing the Ethernet cable.
You can bypass the acceptance of the privacy policy entirely and it just disables all the smart features (can't use any of the apps or cast to it with Airplay or Google Cast), but will still download firmware updates and install them.
From the network capture I did on it, if you don't accept the policies it only reaches out to the update servers for the firmware, and that's it. Nothing else.
Has Vizios software gotten any better? I had a 2019 model and the software (had mine offline/neutered too) was too shitty to even use it as a dumb TV. For example it would randomly reboot while we were watching something via the HDMI input or it almost always took multiple restarts to properly recognize the Vizio sound bar...
I have a 2016 model Vizio that came with a very simple remote without a menu button, expecting you to use a mobile app for all settings. They made a more complete remote available 18 months later as a separate purchase. If you didn't buy the remote you could get softlocked not being able to navigate away from the Smartcast channel.
While the remote does have a menu button, many settings continue to be available only via the mobile app.
I have seen stories of smart TVs doing active scans for any unsecured wifi network in range, then connecting and phoning home without ever informing the user or showing anything in the menus. Is that a real thing?
There a number of guides on disabling this. That being said you still need to bring the SD card to doctor every 6 months for review. This is a good thing. The doctor is trying to help you. I know someone that died because they went on a trip and forgot their CPAP and just stopped breathing in the middle of the night and did not wake up. It happens. When you get a CPAP there is a reason. Take it seriously.
If you are having issues because of physically fixable issues there are surgeries that can help (I had 2 things fixed). Most of the time however its just being fat and physical. Loosing the weight helps and the effect can be tracked in the data the CPAP collects. The doctor can then use the data to adjust then pressure down.
I am speaking from experience. My pressure setting has dropped as I took off the beer gut. This time next year I will likely be able to be done with it.
It's going to be time to crack the sucker open and burn out the traces to/from the modem, isn't it.
E: And in the ongoing arms war, then manufacturer's ship remotes that no longer use tried and true IR but instead go over the same bluetooth or 2.4ghz chip. Some probably already do, I would expect.
My new Panasonic TV has dual-mode remote control - IR+Bluetooth. Bluetooth means that you don't need to point the remote as accurately. Plus you can use a phone as remote control.
I'm optimistic within 5-10 years we'll start to see the rise of open source tvs that'll save us. I have no sources to back this up but seeing the release of several open source laptops gives me hope.
I doubt these stories. The number of people who get a smart TV and don’t connect it to the Internet are a minority. It’s just not worth the cost for any company to develop advanced features to spy on that limited subset.
Amazon had (perhaps still has) whispernet - a global coverage of cellular networks. It was used to download books to your kindle, essentially anywhere in the world, without having to have a local plan or WiFi.
It was 2G iirc, enough for book download. Uploading a perceptive hash of what you are watching - e.g. a frame every few seconds - also fits on 2G speeds.
TV phones home a lot, with info about stuff, some info big lots of bandwidth.
could there be an attack with buying some tvs and putting them on public WiFi - and could one find a way to increase the amount the tv was sending so it amounted to an attack - but still have plausible deniability.
If tvs were put on public wifi, which I guess there is no reason why you shouldn't put your tv on public wifi, and the tv is using lots of bandwidth, and your tv is popular in a country with lots of free wifi, is that tv manufacturer guilty of an attack on the free wifi infrastructure of that country?
I'm asking for a short story or several I might write some day.
Yes. Toyota seems to like putting the transceiver behind the glove box, forcing you to introduce a bundle of rattles to your newly purchased vehicle to remove. Also, I'm pretty sure removing it disables some of the front speakers, requiring manual wire connecting to get them back. You could maybe leave the device in there but encase it in a Faraday cage, but still rattles are introduced.
Ford, iirc, places it on the floor under or behind some seats making it much easier to deal with.
I think MA just passed a law about not allowing vehicles sold there to sell your telemetry data or something.
Whispernet is dead from what I understand. As countries began shutting down 3G networks, Amazon was no long able to get connectivity at a price point where it was economically feasible.
This doesn’t seem like a practical thing for manufacturers to implement. How common are such networks in actuality? Literally the only time I ever encountered unsecured Wi-Fi networks in the past several years were guest networks, and all of those were gated by a capture portal that would have blocked any sort of attempt at telemetry or ad serving.
xfinitywifi, the comparable similar functionality from CenturyLink, etc, or if you happen to live just a bit too close to a McDonalds or other business that has open WiFi. And of course the possibility of one of your neighbors screwing up his WiFi setup.
There are a lot of ways this can (and has) gone horribly wrong for privacy.
I doubt any TV does this but if I needed to implement it I would just do it the same way that I use wifi in hotels that have captive portals without paying for it: tunnel IP over DNS.
To second this advice, I have a 4 year old 75" Sony Bravia that I did not connect to the internet in any way, despite being an Android device. I have updated the firmware using the instructions on the Sony website, downloaded a package, extracted on a USB stick and let the TV boot on that. Figured it's best to have an up to date operating system for bug fixes, security updates, file format support etc.
Never intend to use the "smart" features on the TV, internet browsing, Netflix etc., I handle that perfectly with my "broken lid" laptop, which is a well maintained machine, typing these very words on it.
So I can vouch that at least for Sony TVs in the KD or KDL series XD, XE, XF, XG (most of them launched a few years ago), you can use them just fine without internet, and you can even update them. You can also turn off Bluetooth and prevent the TV from advertising its presence.
Don't know about the newer OLED and QLED devices, you should try them on in the store.
I disagree. You can have security bugs in non-connected devices, for example crafted file formats or metadata that can carry executable payload, worms that force their way in though some insecure Bluetooth receiver, or even by infecting the myriad data channels embedded in modern broadcasting; access to such a broadcast stream might be very lucrative since it will give you access to tens of thousands to tens of millions of devices.
I agree that the target is low value and that the attacker will most likely not bother infecting Android TVs; he would need to force them to connect to WiFi to exfiltrate any data, a very complex and unlikely attack if your TV is not used to monitor uranium centrifuge data.
>Never enter menus. Never update the OS. Never agree to anything. Never let the TV "phone home." Never set up wifi. Never connect a CAT5 to it. Set the input using the remote and forget it. Treat it as a dumb monitor. Computer is connected to the net, TV is not and has no way to access it.
so, are there any TVs where this is not possible? For example as part of turning on there is a setup procedure that makes it phone home and connect to wifi? If so (I wouldn't know but I would expect because natural cynicism) then the question naturally becomes what TVs is what you suggest actually possible on.
on edit: I see jiveturkey just posted that in fact what I suspect would be the case of difficulty to keep it from connecting is often the case https://news.ycombinator.com/item?id=29383963
Unless there are new features or fixes you want. My TV needed updates to support Dolby Vision and to fix ARC/CEC bugs. More recent TVs have required updates to support HDMI 2.1 features.
At least you can download the firmware separately and update through USB instead of a network update.
We have the dumbest modern TV I could find, it routinely decides to ask us to agree to the T&Cs again, and complains about not being connected to the internet.
The problem isn't just that they want to be connected tot he internet, it's that that they're terribly written buggy bloatware devices that glitch continuously when not connected to the internet.
Of course from what others have said it seems like they're also glitchy and terrible when connected to the internet?
If nothing else, it's one more thing in the TV that can break down, and probably add a little bit to the energy consumption of the TV. And if the trend continues, how long until your TV doesn't work at all unless it is connected to the internet?
That's something that seems like would be feasible in a more monolithic world of broadcasting, and smaller firmwares. They could probably simply broadcast various firmwares at different times; then if the TV detected "hey, that is for me", it could capture the packets.
It's hard to imagine streaming services like YouTube, NetFlix and whoever agreeing to do anything of that sort.
Indeed, my guess is right about this seems to be in the right ballpark:
Same as YouTube Premium, I thought if I did their free trial they're stop bugging me, nope, now I get the same prompts straight up asking me to pay now.
I guess if the TV really want to exfiltrate data, it can speak via HDMI-CEC to all peripherals connected to it. For example if you have an TV-Box or a game-station, it probably can send it remote control commands to the TV-Box, so it can have the same user interface than you have on your TV-Box (which quite often even when it's connected in Ethernet, can display on the screen the wifi password, or surf the web).
There are also quite often free public wifi in the neighborhoods. Bluetooth may also be an option. Or they can just add a cellular network to get your data. Or maybe they can create a wifi mesh network between nearby TVs and share the internet if one has access to it.
I would check what TV you have and what patches are available. I have a smart Sony TV, but I've only connected it to a network twice to get patches. I did so once because it fixed an audio issue that was very annoying.
My dumb TV's remote is so simple, it has room for a dedicated button for each HDMI input. I don't have to go through any on-screen widget to pick an input: just hit a physical button on the remote dedicated to going to that HDMI input.
Cycling through picture modes is just a button also.
Never enter menus? What if you'd like to adjust something related to the display; sharpness or something.
