DHS Is Looking Into Backdoors In Smart TVs By China's TCL

chicksdaddy shares a report from The Security Ledger: The acting head of the U.S. Department of Homeland Security said the agency was assessing the cyber risk of smart TVs sold by the Chinese electronics giant TCL, following reports last month in The Security Ledger and elsewhere that the devices may give the company "back door" access to deployed sets, The Security Ledger reports. Speaking at The Heritage Foundation, a conservative think tank, Acting DHS Secretary Chad Wolf said that DHS is "reviewing entities such as the Chinese manufacturer TCL." "This year it was discovered that TCL incorporated backdoors into all of its TV sets exposing users to cyber breaches and data exfiltration. TCL also receives CCP state support to compete in the global electronics market, which has propelled it to the third largest television manufacturer in the world," Wolf said, according to a version of prepared remarks published by DHS. His talk was entitled "Homeland Security and the China Challenge."

As reported last month, independent researchers John Jackson -- an application security engineer for Shutter Stock -- and a researcher using the handle Sick Codes identified and described two serious software security holes affecting TCL brand television sets and would allow an unprivileged remote attacker on the adjacent network to download most system files from the TV set up to and including images, personal data and security tokens for connected applications. The flaw could lead to serious critical information disclosure, the researchers warned. Both flaws affect TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below, according to the official CVE reports. In an interview with The Security Ledger, the researcher Sick Codes said that a TCL TV set he was monitoring was patched for the CVE-2020-27403 vulnerability without any notice from the company and no visible notification on the device itself. In a statement to The Security Ledger, TCL disputed that account. By TCL's account, the patched vulnerability was linked to a feature called "Magic Connect" and an Android APK by the name of T-Cast, which allows users to "stream user content from a mobile device." T-Cast was never installed on televisions distributed in the USA or Canada, TCL said. For TCL smart TV sets outside of North America that did contain T-Cast, the APK was "updated to resolve this issue," the company said. That application update may explain why the TCL TV set studied by the researchers suddenly stopped exhibiting the vulnerability.

In his address on Monday, Acting Secretary Wolf said the warning about TCL will be part of a broader "business advisory" cautioning against using data services and equipment from firms linked to the People's Republic of China (PRC). This advisory will highlight "numerous examples of the PRC government leveraging PRC institutions like businesses, organizations, and citizens to covertly access and obtain the sensitive data of businesses to advance its economic and national security goals," Wolf said. "DHS flags instances where Chinese companies illicitly collect data on American consumers or steal intellectual property. CCP-aligned firms rake in tremendous profits as a result," he said.

"Aligned"

[Wolfier]

> DHS flags instances where Chinese companies illicitly collect data on American consumers or steal intellectual property. CCP-aligned firms rake in tremendous profits as a result

TCL and Hisense are not just "aligned". These are state-owned enterprises, i.e. they're directly controlled by the commies.

See: https://nationalinterest.org/b... [nationalinterest.org]

brand loyalty

[Anonymouse Cowtard]

I have a Hisense tv and a Huawei phone. I'm not worried. Should I worry?

Re:

[ShanghaiBill]

I have a Hisense tv and a Huawei phone. I'm not worried. Should I worry?

If you care about actual evidence, then no. You don't need to worry because there is none.

If you worry about aspersions and innuendo from federal bureaucracies and Betteridge Law violating journalists, then yes, there is plenty to worry about.

But let's assume the worst: Some Chinese government employees can see your viewing habits. What bad thing would they do with that information? Why would they even want to collect that data in the first place?

Re:

[Anonymous Coward]

Go back to China if you love it so much there. Get your handlers to reassign you to a different country.

Its not for viewing habits you muppet

[Viol8]

These sorts of back doors are there to act as a trojan horse into the rest of whatever network the machine is attached to and potentially use it as an attack system. I doubt you want your home network used for DDoS attacks do you?

Re:

[drinkypoo]

But let's assume the worst: Some Chinese government employees can see your viewing habits.

The worst?

allow an unprivileged remote attacker on the adjacent network to download most system files from the TV set up to and including images, personal data and security tokens for connected applications

What bad thing would they do with that information? Why would they even want to collect that data in the first place?

So they can sell it to someone who cares.

Re:brand loyalty

[chicksdaddy]

As the author of the story, not sure what you mean by Betteridge Law-my headline doesn't pose a question. As to "what bad thing they would do" might depend on who you are. If you're a research scientist or a senior executive at a corporation involved in R&D or mining and exploration, the back-doored TCL set is basically a surveillance node with both camera and mic. With access to a global network of similar devices, plus ML and AI to sort out the interesting bits of data from the uninteresting bits, the PRC and PLA could do _a lot_ - a lot of espionage, a lot of data mining, a lot of mischief. When you have Alibaba advertising "Uighur detection features" in its platform, its pretty clear we're not dealing with business as usual with China-based, government controlled firms.

Re:

[rainmouse]

It's a lot more than viewing habits. They will have access to data / credentials of connected apps, such as Amazon, Netflix etc and login there, which contains a trove of personal data. This can easily be abused to put pressure on public figures or used in identity theft. It's also not inconceivable that this could also be used to backdoor into your network, which of course would be very very bad.

Re:

[The-Ixian]

The worst case scenario is actually that the Chinese government now has a trojan horse behind a home or corporate firewall.

Re:

[Mattcelt]

Sure I shouldn't worry about nuclear missiles either, because they aren't targeted at me!

(In case you missed it, I'm pointing out the absurdity of your argument.)

What would you say if I told you that TCL wasn't reporting its information to the Chinese government, but rather to the NSA? Still comfortable with that, are you?

Re: brand loyalty

[cthulhu11]

What I donâ(TM)t get about stories like this is that the overwhelming majority of such devices have non-routed addresses behind NAT, so the only way they can be accessed is by compromising oneâ(TM)s local WiFi net. Which also for the most part isnâ(TM)t happening remotely, and a local intruder can sniff all the traffic anyway. Or am I missing something?

Re:what, me worry?

[storkus]

https://3.bp.blogspot.com/-2Ni... [blogspot.com]

Seriously, the number of people here who think this is nothing versus the few who think it's not only China but all of them is making me wonder if /. has been taken over. This is nothing new yet the responses to this article are acting like it is.

If you value your privacy, smart *anything* is bad news: TV, Alexa, Siri, "OK Google", it doesn't matter. Don't discuss anything private in front of an open mic, much less an operating camera!

"Just because you're paranoid does NOT m

Re:

[Krishnoid]

I think that's just being *way* too paranoid. I'm sorry Dave, I can't do that [youtu.be].

Re: "Aligned"

[fbobraga]

Oh, the evil Jhinaa! /sarcasm

Re:

[drinkypoo]

TCL and Hisense are not just "aligned". These are state-owned enterprises, i.e. they're directly controlled by the commies.

What commies?

Re:

[lsatenstein]

What is it like to be a commie and a university graduate? Do you have more political say, than the graduate? He has free healthcare, free education, a reasonable standard of living, paid vacations, pensions etc. The difference, from what I see, for the graduate, is not mich difference between that society and mine.

Try looking at all of them.

[Gravis Zero]

Honestly, the amount of data they collect is obscene. I refuse to allow one in my house because I know exactly what they are and why they all need network connections. The ability to stream content is literally just an incentive for you to connect it to the network. If you don't think the CCP can control any particular "smart" device in your home then you are exactly as dumb as they hope you will remain.

Re:

[zephvark]

I'm sure the Chinese government has a deep interest in knowing that you're watching Baywatch in your underwear.

Re:

[Tablizer]

I'm sure the Chinese government has a deep interest in knowing that you're watching Baywatch in your underwear.

If you run for office and they don't like your policies, they can post vids of you scratching yourself while watching Baywatch.

Re:

[DrMrLordX]

Governments build massive dossiers of as many private citizens as they can, to compromise and control them later when necessary, should they take public office or hold a desirable position within key corporations.

For the majority of us, it won't matter. For a few, it will.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[rainmouse]

Got Amazon Prime connected to your smart TV? Well now they have your credentials. I'll bet a lot of people would be rather uncomfortable with their shopping and browsing history on Amazon being available to a foreign state. Couple this with possibly similar intrusions on other devices, suddenly there is an uncomfortably complete picture of someones private life for grabs.
When the victims are politicians aides, statesmen, lawmakers etc, this blossoms into significant national security risk.

Re:

[feldmark]

But what if they use facial recognition to identify CXO's of major corporations, politicians, and engineers doing interesting R&D at competitors to a big Chinese firm first. (Engineers would be easy to identify based on pictures/video taken at technical conferences where everyone wears badges with their name/company.) If the TV identifies anyone interesting, it records audio and video and sends back to China where they transcribe and data mine before passing off the translated Mandarin version to a hum

Re: Try looking at all of them.

[Anonymouse Cowtard]

If you don't think the CCP can control any particular "smart" device in your home ... Wow. I mean, really, BFW. What are they going to do? Monitor my viewing habits? Record me sitting on my couch? Geez they must live boring lives if *mine* is of any interest.

Re:

[fifirebel]

Wow. I mean, really, BFW. What are they going to do? Monitor my viewing habits? Record me sitting on my couch? Geez they must live boring lives if *mine* is of any interest.

Do you have shades or curtains in your house?
Why?
What are they going to do? Monitor your eating habits? Record you on the toilet? Geez, they must live boring lives if yours is of any interest.

Re: Try looking at all of them.

[phalse phace]

Do you have shades or curtains in your house?

Who the hell puts up curtains or shades in a basement?

Re: Try looking at all of them.

[Rick Schumann]

Wow. I mean, really, BFW. What are they going to do? Monitor my viewing habits? Record me sitting on my couch? Geez they must live boring lives if *mine* is of any interest.

Yes. They're going to do all those things if they can.
Do you want the Chinese Communist Party to make money off the data they can collect on you? That's one thing they can do with it: use it to target ads, just like American companies do, but corralling you towards Chinese companies, so more of your American dollars go into their pockets instead of American pockets, so they have more funds to use to spread Communist influence around the world. Is that something you want a part of?
For all we know, the camera and (hidden) microphone in your Smart TV could be used to collect data used to blackmail you into doing things you don't want to do. They may even be so kind as to offer to pay you a 5-digit sum to betray your country. How about that?
If they have a 'backdoor' into your Smart TV, then they have a backdoor into your home network, too, so they have access to any and all computers on your network. Do you really want your personal files, financial information, photos, etc, accessed by them? Do you want them knowing what kind of porn you keep, so they can use that to blackmail you? Or maybe just install ransomware on all your computers, extort a chunk of money out of you, which will go -- you guessed it -- right into the pockets of the Chinese government. Does that sound like fun to you?
Most people, like you, don't think deep enough about things like this. You're so used to taking your civil liberties, civil rights, and Constitutional rights for granted, you hardly can conceive of who else in the world would like to do nasty things to you and your little life, because they can take your money, or leverage you into being their errand boy, or just cause as much chaos and disruption of a free democratic Western country as possible.

Re:

[sedwards8675309]

Dollars have to be spent somewhere...normally in a place that accepts US dollars for goods and services. Its not like once a dollar is spent it is gone forever. It isn't burned, it is recirculated. So the Chinese get it...then what happens? They buy a French wine. The French then buy a Caribbean Vacation. One of the Caribbean islands then imports food from the US. Guess where that dollar now is?

Re:

[Rick Schumann]

Or they just use those American dollars to fund exporting Chinese Communism to more places around the world, undermining free speech and democracies.

Re:

[feldmark]

Perhaps they don't care about you. But they do care about audio of nearby conversations by CXO and engineers of competitors to Chinese companies, politicians, etc.

Re:

[SuperDre]

So you don't have any smart device? Not an Apple, not a Google, not a Microsoft or whatever smartdevice? Don't be so naive to think it's only the CCP connecting to any particular "smart" device in your home, it's the US also... And you know why the US want to ban Huawei hardware? Not because CCP would possibly be able to control it, but because the hardware is secure, the US cannot hack into those whereas US manufacturers have built in backdoors into their devices for US 'intelligence'services.

Re:

[Gravis Zero]

So you don't have any smart device? Not an Apple, not a Google, not a Microsoft or whatever smartdevice?

Not a single one. No smartphone, no smart tv, no fitbit, no IoT bullshit, no voice assistant, no Windows or OSX. I'm don't delude myself into thinking I'm perfectly secure but I'm a much harder target than I'm worth.

Don't be so naive to think it's only the CCP connecting to any particular "smart" device in your home,

I'm certainly not. The subject was China and the CCP is China.

Re:

[leptons]

You would also have to be pretty dumb to think that simply having one in your house is enough for it to collect any data or do anything nefarious without also connecting it to your network. Just simply don't connect it to your network and use it as a display device.

Re:

[Gravis Zero]

As I wrote, "[t]he ability to stream content is literally just an incentive for you to connect it to the network."

Firewall.

[AJWM]

On general principles, all my media devices (consoles, blu-ray player, TV, etc) are on a separate, firewalled, subnet. There may be ways around that, but why make it easy?

Re:

[eric777]

sounds sensible. I'm using unifi with everything in default settings. will the added complexity of network segregation make it harder to manage my (growing rapidly) home network of things? Maybe it makes sense to put mobile devices in one net; corporate desktops in another; personal desktops in a third; and all the other crap in the last? but then I can lose control of my amazon account, which is on my TV. Netflix I don't care about, but my Amazon credentials are very important to me. This sounds like

Re:

[AmiMoJo]

There is probably a market for a consumer router that makes this really easy. Comes configured with two wifi networks by default, one secure and one for IoT/guests. Or maybe some kind of simple UI that lets you move devices between networks based on their MAC addresses.

Re:

[drinkypoo]

This does exist. Some routers support multiple SSIDs, multiple networks, and VLANs out of the box.

For the savvier user, who I know you were not addressing, there's routers which run dd-wrt or openwrt. For example, Linksys WRT1200AC, which I got (refurb'd) for $100ish. It's kind of dated now, but still doing what I need it to do. It has support for dual SSID. ISTR it supported that feature out of the box too, though. However, I upgraded to openwrt [openwrt.org] almost immediately so I don't really recall. Because this mod

Re:

[account_deleted]

Comment removed based on user account deletion

Wow, what a surprise

[Malays2 bowman]

Jeeze willikers holy cow, I sure could not see this coming 10 miles away! /s

Nothing to see here folks, just consume as usual and just ignore the big camera in the corner.

Re: Smart TV = Dumb Idea

[fbobraga]

Real Smart TVs are displays HDMI capable with a raspberry pi on it (in my home there's 2 using libreelec.tv - besides been better, it's cheaper)

All governments want to hack and surveil

[seichert]

This should not be a surprise. Nor should it be a surprise that the U.S. National Security Agency compromised networking equipment being shipped to foreign countries. All governments want to hack and surveil. Maybe, I should move to an off-grid cabin in the woods. :)

Sources:
https://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden

Re:

[Registered Coward v2]

now TVs are the big bad? Really?

Have you watched TV news lately?

Re:

[DrMrLordX]

One of these things is not like the other. Also, "dreamers" hah what a nice title.

Re:

[account_deleted]

Comment removed based on user account deletion

There *will* be many.

[paulidale]

Given my experience with embedded development, there will be many many problems. The difficult determination will be which are back doors and which are the result of ignorance? Anti-China media will portray them all as back doors, in relative most are ignorance in action. The track record for embedded devices is tragic: default passwords, open telnet ports, sending data home, identical private keys, .... for pretty much any vulnerability you can think of, embedded devices had it first and worse. Update

Re: Can we send back our backdoored Cisco routers?

[Cochonou]

Indeed, I thought that the default behavior for these smart objects / appliances was to be vulnerable to security holes and to feature shameless backdoors. Only once publicly exposed, those can get eventually fixed or patched, if the device maintenance period is not already over. It seems that Chinese devices are no better than others in this regard.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[chispito]

I don't think pointing out the situation in Portland this year is a winning move for anti-Trumpism. Focus elsewhere.

Re:

[DrMrLordX]

Lawful asylum seekers, huh? The ones that have a ~10% chance of actually appearing at their asylum hearings? They should have stayed in their own home countries and applied for asylum at one of our embassies or consulates. That way nobody in the Trump administration would have been stuck with the onus of trying to figure out how to house thousands of "asylum seekers" prior to their hearings. Which has been going on since the Obama administration, mind you. Obama simply didn't have to deal with the volume

Re:

[sedwards8675309]

"...They should have stayed in their own home countries and applied for asylum at one of our embassies or consulates..."

I actually felt myself getting dumber reading this....so you would have told Jewish people in occupied Poland to apply at the consulate or embassy and wait rather than get on the boats, flee the danger and apply in person?

I've read a lot of moronic things in my life, but your argument here rates near the top dude.

Ummm

[Ryzilynt]

Aren't there already people/agencies tasked with checking whether or not TV's made in other countries contain back doors? Or any other IOT item for that matter.

You mean like the WiFi enabled Instapot?

[atrimtab]

You can't use it without signing up for an account. Big Brother Instapot is watching you!

I wonder if they know what you are actually cooking?

What about TCL HDTVs with Roku?

[antdude]

Do they have the same problems?

Re:

[Freischutz]

Do they have the same problems?

All of these things are just TV's with a small embedded PC onboard that do not get patched all that often and whey they do it's not being done by 'the best people'. Having a backdoor helps but I'd be seriously surprised if it took any hacker, Chinese or some other nationality, more than five minutes to hack any networked 'Smart TV' on the market if no backdoor is available. This includes the 'Smart TVs' made in the US (if you can find one). So if anybody is worried about China spying on him and the wife as

Re:

[drinkypoo]

if anybody is worried about China spying on him and the wife as they sit on your couch eating snacks and guzzling down sodas while watching America's Got Talent, buy a regular dumb TV.

Those people are probably too dumb to know you can still get dumb TVs by looking at signage displays, or that they don't even cost much more than smart TVs.

If I can't get a dumb TV for whatever reason, I want is a TV whose "smart" component can be rooted, so I can be in control of what is running on it. And I want it to run Android or Linux so that what is running on it can be Kodi.

Re:

[transwarp]

From the original reports, TCL creates the Android TV firmware images, and Roku supplies the With Roku firmware images. All the vulnerabilities (and the sketchy behavior, like a silent same-build-number patch after the researcher started poking at something) were in the Android TV build.

Entirely missing the point... smart (IoT) sucks

[gavron]

> ...Secretary Wolf said the warning about TCL will be part of a broader "business advisory" cautioning against using data services and equipment from firms linked to the People's Republic of China...

NO, caution against making things "smart" that don't need to be. Your FRIDGE, STOVE, TV, LIGHT SWITCH, FIREPLACE, DRYER, etc. do not need to be ON THE INTERNET EVER.

Stop with the IoT stuff. "Smart" stuff is cheaper because the mfg.s are getting free data -- your data -- and leveraging it.

You want to know what's in your fridge when you go shopping? Make a list. It's worked for over 100 years.
You want to know if your stove is on when you're gone? Turn it off before you leave or sit a kid with a timer to watch it. 100 years...
You want to change the color of your lights when you're not there? Nobody is there to see it.
You have an electric fireplace and you think ....
Your dryer may have finished the cycle but it's still showing 40% humidity and you want to run it again? Get home and do it. 100 years...

I challenge any slashdot reader to show an IoT example that actually adds a value not available otherwise. Having your clothes dry earlier doesn't count :)

E

Re:

[drinkypoo]

Personally, I think all those examples are legit uses of the technology. The place where they fall down is "on the internet", at least, directly. If they had to go through a standards-based gateway [daemon] and that system was impossible to configure insecurely (requiring, for example, a certificate and a password for connection) then you could even have them be internet-accessible and not have it be a terrible idea.

However, the whole idea that we're going to have a shit-ton of "things" directly on the inte

Re:

[thegarbz]

Having your clothes dry earlier doesn't count :)

Why, do you not wear cloths?

I mean you may be happy riding your horse to work, getting off the couch to change the TV channel, and manually turning the heater on and off repeatedly to try and regulate the temperature, but the rest of us prefer to automate such pointless shit so we can do other things with our lives.

But hey anti IoT comment makes you look intelligent right? Here's a tip: if you want to look really intelligent don't try and arbitrarily draw lines in your life and dictate how others live their

Re: Entirely missing the point... smart (IoT) suck

[dsgrntlxmply]

Here is my example of value added. My Logitech security camera that was essentially bricked by firmware and host software "upgrades", now provides birds a place to park and shit on my front porch. Sadly, I no longer keep it powered, so it no longer provides heat in winter. The birds are tiny, I like their antics, and they do not shit much.

They all periodically check for updates anyway

[locofungus]

Surely the vast majority of these systems can download a "backdoor" later anyway.

So even "patriotically made American TVs" are potentially going to be "taken over" in the future if/when company ownership changes.

Many of them will require internet access. With DoH, ESNI and certificate pinning it will be impossible to block it downloading updates too (unless you can completely firewall it from the internet)

The best you can do is firewall it from the rest of your network (and don't do things like checking emails on it)

I know why only Chinese

[Gabest]

Because only China makes electronics lol.

Looking into backdoors in TVs?

[Bearhouse]

Great; make a change from them looking into my backdoor in airports...

I had a TCL Android TV once

[comodoro]

I had a TCL Android TV once. I only found out after the purchase because it was Philips and I did not do proper information search (it is TCL owned). It was cheap and it was bad. I wanted Android TV to try to adapt some of my apps for it, but there was no PC connection (and I am no electrical engineer to try to create one based on online hacks), UI was awful (seriously, why did Google not improve this and why are those sticks with dozens of small buttons still a thing?) and the inability to remove ads from

Re:

[drinkypoo]

I wanted Android TV to try to adapt some of my apps for it, but there was no PC connection (and I am no electrical engineer to try to create one based on online hacks),

You don't need to be an EE to follow a guide for adding a connector to a TV. Usually all you need is to know how to solder. That is an extremely useful skill anyway. You should probably learn it; it doesn't take long to get the basics.

UI was awful (seriously, why did Google not improve this and why are those sticks with dozens of small buttons still a thing?)

The details of the UI are left up to the manufacturer. They can tweak a lot of it without even writing any code at all. It's probably not Google's fault.

and the inability to remove ads from Youtube drove me crazy

Yes, that is a big problem with unrootable Android devices. If you can root android you can fix it. It can probably also be

Re:

[comodoro]

The details of the UI are left up to the manufacturer. They can tweak a lot of it without even writing any code at all. It's probably not Google's fault.

Theoretically you are right, in practice not that it were not possible, but even smartphone manufacturers' customized UIs are usually closely aligned with the Google version. And TV makers mostly look like sticking to the old "TV as continuous one way stream of shows and ads" paradigm, so you cannot expect too much there.

It's a vector advantage

[Afell001]

So, the worry about TV sets with back doors is more to do with it becoming a foothold to provide a vector by which an actor can attack other devices on the network. Sure, the TX can possibly contain embarrassing material as well (pictures/conversations/viewing habits) but from a security perspective, it's more about where the TV is at in a network than what is on the TV. If they are able to access a government employee's laptop, for instance, they gain a ton of essential information. And with all of us work

Is this different from computers?

[joe_frisch]

I'm not minimizing the risk from smart TVs and the like, but aren't we already exposed to the risk form computers, many of which have Chinese manufactured components with enough intelligence to be hacking tools? Many also have firmware and IPMI code that is not use accessible, so there is no practical way to verify that they are secure.

Everyone knows that it is a given.

[dmitch33]

This is a given if you buy an electronic device manufactured and sold by a Communist party member. And since all Chinese businesses must have at least one member of the CCP on its board, as well as do ANYTHING that the CCP asks of them, why would you believe that you are going to be free from the overlords?

As opposed to backdoors from the NSA?

[whitroth]

I mean, surely you only want *our* backdoors, not theirs....

Or maybe we should just kill all backdoors.

Re:

[RockDoctor]

Is it possible ...
That a TV with an American software backdoor allowing the NSA in, and a hardware Chinese backdoor allowing them in at a deeper level ... will allow the Chinese backdoor access into the NSA?

Then they could fight each other directly in CyberTVSpace, and leave the rest of the world in peace?