Is your TCL TV a Decepticon? (Secret backdoor software?)

In my experience it is mostly the opposite, they are clueless on how it is actually done for the most part, but they assume everything connected spy on them and they assumed they do it in more complex ways than they actually do, most thing that some conversation out loud they had with a friend when they had a phone in their pocket is the reason the algorithm proposed them an ads about it.

According to a nationally representative phone survey of 1,006 U.S. adults conducted by Consumer Reports in May 2019, 43 percent of Americans who own a smartphone believe their phone is recording conversations without their permission.

If 43% assume their phone is recording conversations and that without their permissions, imagine the % that assume something way easier that use less battery/power and other is going on or that at least actively listen without actually recording for voice tone and keyword.


Study/poll and my experience is that virtually everyone assume being listened too and if they buy a really cheap intelligent weight person that come with an app that force them to create an account, amazon smarttv device, roku, etc... I would imagine that most assume they are more spied with more complex ways than they actually are. Do really most people you know in 2020, when they buy the cheapest smarttv that give free streamed content on it, that there is zero spying going on ?

I think that something people like to believe that they repeat, because the truth that people have a mix of not caring when they are not welcoming it and actively doing it.

Isn't what people know in 2021 much more relevant?
 
I can't help to notice you ignored my offer.

also its not a conspriacy theory when its proven correct. you yourself argued it was going on but just didnt care but now you re aguing it is no going on ? seem like moving the goal post here...

My concern is more that some people here are prone to hyperbole.

For a start: the whole thread was started by the US suspecting that TCL might have backdoors, and the only evidence so far might just be a bad security vulnerability... but that has somehow morphed into "omg confirmed, TCL is spying on everything you do all the time." And that, in turn, invites the paranoid ones who are convinced that anything with a microphone is recording everything you say, among other unsubstantiated claims.

Are smart TVs and other living room devices sending data? Yes. Are they collecting wildly intrusive data, or gathering data for anything more nefarious than ad targeting or product feedback? Probably not. And we need to make that distinction. If we act like Chicken Little and treat all these devices as spy boxes, we don't really take a good look at what's really happening and inadvertently punish those companies with more responsible practices.
 
Last edited:
I use a htpc for all of my media. I dont trust smart devices at all. We skip having any "smart" amazon echos etc. It really isn't that hard to take 30 seconds and use the amazon website to order something.

Streaming services have websites and the old Lenovo HTPC remotes work great. Htpc also acts as living room gaming for the kids and also connects to the NAS.

So cheaper, more functional, and doesn't spy on me. Yeah, count me in.
 
My concern is more that some people here are prone to hyperbole.

For a start: the whole thread was started by the US suspecting that TCL might have backdoors, and the only evidence so far might just be a bad security vulnerability... but that has somehow morphed into "omg confirmed, TCL is spying on everything you do all the time." And that, in turn, invites the paranoid ones who are convinced that anything with a microphone is recording everything you say, among other unsubstantiated claims.

Are smart TVs and other living room devices sending data? Yes. Are they collecting wildly intrusive data, or gathering data for anything more nefarious than ad targeting or product feedback? Probably not. And we need to make that distinction. If we act like Chicken Little and treat all these devices as spy boxes, we don't really take a good look at what's really happening and inadvertently punish those companies with more responsible practices.

While you may be right, I often find it better to simply assume that any kind of smart device is using you as both the customer and the product. Making money off of you by you buying the them then also making money by "spying" (for lack of a more appropriate term) on you and selling valuable user data to marketers or what not. Then, when it comes to anything from a Five Eyes country, it's probably safe to assume that data is accessible to governments whenever they want it along with any data they want. The shit that Five Eyes countries do and want to do, isn't a conspiracy theory or paranoid hyperbole either. Multiple Five Eyes countries are trying to ban encryption or put laws into place that require mandatory backdoors into devices. You can throw concerns about China into a conspiracy pile, but I don't think it's wrong of people to assume they're spying as well. It's not like they, along with other foreign and domestic actors, haven't engaged in hacking and spying on people in the past. Exactly what they can do with the data, outside of buying interests in entertainment companies, is up for debate.

The level of distrust people have with these devices and with how the data is used, is exactly why we need privacy protections. There should be, strict, limits on how our data can be used and who is able to access it.

I use a htpc for all of my media. I dont trust smart devices at all. We skip having any "smart" amazon echos etc. It really isn't that hard to take 30 seconds and use the amazon website to order something.

Streaming services have websites and the old Lenovo HTPC remotes work great. Htpc also acts as living room gaming for the kids and also connects to the NAS.

So cheaper, more functional, and doesn't spy on me. Yeah, count me in.

Unless you're using Linux, your OS is spying on you. Those streaming services still sell your usage data to marketers.
 
It's all connected anyway -- here's an example. On my Apple TV I use a 3rd party remote that doesn't have a microphone. My brother came over one day and was discussing his high end lighting for his camera gear with me. (something I've never searched, never had an interest in) About 5 minutes later on YouTube, I got an ad for Angler BoomBox professional camera lightboxes. The only thing I can think of why this happened is that my Google phone was listening which uploaded speech to text to my Google account which then supplied a recommended ad to my Apple TV Youtube connected account. We were both like uhh, that's not a coincidence. (his phone wasn't connected to my wifi either, unless Google does some crazy stuff with geolocation to pump personalized ads into other nearby Google-connected devices that aren't even yours) I've had personalized ads turned off for years as well.

Also, this has happened numerous times with various off-the-wall conversations my wife and I have had where we've mentioned things that we have never searched for and never even thought about purchasing, then we get an ad for it. The most bizzare example happened when my son was 1.5yrs old and first started talking. (2yrs ago) He said some gibberish word that isn't even a word. Then about a half hour later, my wife got a Facebook ad for the gibberish word he said which happened to be a sock company. The gibberish word was "bombas" and the company Bombas makes socks. I had never heard of them until that day.
 
Last edited:
While you may be right, I often find it better to simply assume that any kind of smart device is using you as both the customer and the product. Making money off of you by you buying the them then also making money by "spying" (for lack of a more appropriate term) on you and selling valuable user data to marketers or what not. Then, when it comes to anything from a Five Eyes country, it's probably safe to assume that data is accessible to governments whenever they want it along with any data they want. The shit that Five Eyes countries do and want to do, isn't a conspiracy theory or paranoid hyperbole either. Multiple Five Eyes countries are trying to ban encryption or put laws into place that require mandatory backdoors into devices. You can throw concerns about China into a conspiracy pile, but I don't think it's wrong of people to assume they're spying as well. It's not like they, along with other foreign and domestic actors, haven't engaged in hacking and spying on people in the past. Exactly what they can do with the data, outside of buying interests in entertainment companies, is up for debate.

The level of distrust people have with these devices and with how the data is used, is exactly why we need privacy protections. There should be, strict, limits on how our data can be used and who is able to access it.



Unless you're using Linux, your OS is spying on you. Those streaming services still sell your usage data to marketers.
I'm not of the mind that virtually every smart device is spying on you, but we do tend to get complacent and forget that devices are sending back more data than is absolutely necessary. And so long as end-to-end encryption is still viable, countries can't really spy on some data no matter how much they might want to.

What amuses me are the people who decry their smart TV potentially sending data to home base... but are hardcore Android fans who would never buy an Apple device despite the better (not perfect, but tangibly better) privacy. It's like saying you care about the environment because you bought the most fuel-efficient Lamborghini.
 
What amuses me are the people who decry their smart TV potentially sending data to home base... but are hardcore Android fans who would never buy an Apple device despite the better (not perfect, but tangibly better) privacy. It's like saying you care about the environment because you bought the most fuel-efficient Lamborghini.
I thought the same, but is Apple really any better than Google? They might be worse.
Apple publically prevented the FBI from accessing user phones, but once the publicity died down, they gave them access. There is also a backdoor into iOS and iPhone security can be cracked.
Apple also backs up nearly everything you do on iCloud, which is stored on Amazon servers.
On top of that, try taking another camera phone, point it at the top of your iPhone where the camera is and you will see a laser constantly scanning your eyes. "Face detection" or something worse?
I don't trust Apple either.

LineageOS minus Google Apps is about the only way you might maintain your privacy.
 
Last edited:
I thought the same, but is Apple really any better than Google? They might be worse.
Apple publically prevented the FBI from accessing user phones, but once the publicity died down, they gave them access. There is also a backdoor into iOS and iPhone security can be cracked.
Apple also backs up nearly everything you do on iCloud, which is stored on Amazon servers.
On top of that, try taking another camera phone, point it at the top of your iPhone where the camera is and you will see a laser constantly scanning your eyes. "Face detection" or something worse?
I don't trust Apple either.

LineageOS minus Google Apps is about the only way you might maintain your privacy.
There are a number of problems with those claims.

To start, you're confusing the FBI's demand to access phones themselves with iCloud access. Like it or not, there's not much Apple can do to prevent authorities from demanding access to iCloud accounts since there are logins and some unencrypted data. However, it's still holding firm on refusing to help crack the actual devices — both because the storage is encrypted and because of the legal and privacy implications.

You also mistake Cellebrite successfully cracking iPhones (circa 2019, I'd add) with a backdoor. Apple did not add that backdoor; Cellebrite was taking advantage of a security vulnerability. Apple has made a point of patching flaws used for cracking tools like Cellebrite's, so it's clearly not leaving holes open for long.

Storing data on AWS servers isn't a controversial thing. So long as that data is secure, it doesn't particularly matter who the host is.

And... apparently, you don't know how depth cameras work, whether it's on iPhones or other devices. That's an infrared sensor, not a laser, and on iPhones it's not constantly running; it's used for Face ID (unlocking your phone, Apple Pay, secure apps) and features like Memoji. It's only studying data points, not actual imagery of your face, and stores those data points in a secure hardware element. The data doesn't leave the chip, let alone the device. That use of a hardware element is a fairly common trait on phones with depth cameras.

You may have inadvertently underscored my point. If you say "eh, Apple is as bad as Google," it indicates that you're not particularly familiar with how their privacy strategies really work. This isn't to give Apple a free pass (ideally, it would encrypt all iCloud data whether or not the source was encrypted to start with), but it's important to know what the company is really doing rather than equivocate and make assumptions.
 
And... apparently, you don't know how depth cameras work, whether it's on iPhones or other devices. That's an infrared sensor, not a laser, and on iPhones it's not constantly running; it's used for Face ID (unlocking your phone, Apple Pay, secure apps) and features like Memoji. It's only studying data points, not actual imagery of your face, and stores those data points in a secure hardware element. The data doesn't leave the chip, let alone the device. That use of a hardware element is a fairly common trait on phones with depth cameras.
I've noticed in my security cameras that the infrared sensors are constantly strobing when my family are using their iPhones. This is sometimes minutes after they've unlocked and began using their phones.
 
I've noticed in my security cameras that the infrared sensors are constantly strobing when my family are using their iPhones. This is sometimes minutes after they've unlocked and began using their phones.

Phones within in the last few years use infrared sensors to detect someone in front of the phone so it doesn't lock on you while using it. Can't remember what its called, every phone seems to call it something different. My Pixel 2 would stay unlocked if I was looking at it but if I looked away it would lock. Its a handy feature so you don't have to constantly unlock the phone as you were reading a book and didn't flip a page every 5 seconds.

Of the stuff a phone does, the infrared sensor probably the least of your concerns lol.
 
Phones within in the last few years use infrared sensors to detect someone in front of the phone so it doesn't lock on you while using it. Can't remember what its called, every phone seems to call it something different. My Pixel 2 would stay unlocked if I was looking at it but if I looked away it would lock. Its a handy feature so you don't have to constantly unlock the phone as you were reading a book and didn't flip a page every 5 seconds.

Of the stuff a phone does, the infrared sensor probably the least of your concerns lol.
That makes more sense -thanks for pointing that out. I am not overly concerned with this tech, just wanted to mention what I noticed on my cameras. Happy New Year
 
My concern is more that some people here are prone to hyperbole.

For a start: the whole thread was started by the US suspecting that TCL might have backdoors, and the only evidence so far might just be a bad security vulnerability... but that has somehow morphed into "omg confirmed, TCL is spying on everything you do all the time." And that, in turn, invites the paranoid ones who are convinced that anything with a microphone is recording everything you say, among other unsubstantiated claims.

Are smart TVs and other living room devices sending data? Yes. Are they collecting wildly intrusive data, or gathering data for anything more nefarious than ad targeting or product feedback? Probably not. And we need to make that distinction. If we act like Chicken Little and treat all these devices as spy boxes, we don't really take a good look at what's really happening and inadvertently punish those companies with more responsible practices.

i though i put this on this thread but it might have been another place
but any data recording that is not directly from natively running the service is unneeded and should be treated as such
Data does not to be directly nefarious to result in nefarious results

Also companies has shown they are incapable if keeping those data protected.
Amazon gave the wrong couple access to the voice recording of their Amazon devices
Which of cause is definitely unwanted and can results in nefarious results.

The other counter to why we should be more protective rather that just wait for something being nefarious is still that once data is out there you cant get it back under control.

So yeah any unneeded data recording should not be accepted directly nefarious or not


I honestly believe that people that say "I don't have anything to hide" area absolute ignorant to modern threat vectors
 
Last edited:
Back
Top