"Smart" TV Security- Comcast modem firewall advice needed

X

x509

2[H]4U
Joined
Sep 20, 2009
Messages
2,630
We have Comcast triple-play plus Comcast Voice, so we are stuck with their crappy Technicolor TC8503C modem, which has a built-in router.

We just got a new Samsung H6350 TV which has built-in apps for Netflix, etc., etc., which means that I can put my new TV on my home LAN without another box. That's the good part.

The parts that have me very concerned are that there are enough Samsung TVs out there that sooner or later some crooks will hack into these TVs. A firmware update on the Samsung website is 750 MB. That's a big vulnerability surface if not coded securely.

Second, Samsung (and LG) both collect lots of data on viewing habits, and I worried that an aggressive, non-US company like Samsung (1) won't protect my data securely, and (2) sell that data freely.

With my old Netgear wireless router, I had a decent firewall. All my PCs have Norton full security, including firewall, IDS, etc., which is good, because the firewall in the Comcast cable model doesn't seem to allow inbound or outbound filtering rules on specific ports to the TC8305's laughable Security menu? Does anyone know if there are "hidden" menus that would allow adding such rules?

If not, what are my options here?

Thanks in advance.
 
x509 said:
If not, what are my options here?

Thanks in advance.
Click to expand...

I'd return the TV, get a "dumb" one, and get a HTPC instead.

What you should know before you buy a "Smart TV": Build a HTPC instead. Seriously, a HTPC is substantially better.
  • My HTPC won't spy on me and send information back to some manufacturer.
  • You don't have to make sure an app from your manufacturer exists for services you want to use. Want HBO GO but have an LG "Smart TV", tough break for you, no HBO Go app for LG. It's a PC so it just works.
  • You aren't at mercy of access to content/features disappearing (like here with Samsung) because of a dispute between companies. These situations have arisen with other manufacturers as well.
  • A HTPC won't disable itself if you don't agree to the terms of service that get shoved down your throat in an automatic update such as what happened here with LG "SmartTVs"
  • My HTPC doesn't shove ads down my throat. (Samsung in the link, but other companies are trying the same things).
  • My HTPC doesn't have a "lifetime" where the manufacturer abandons it after X years and things stop working as services get updated.
  • More versatile and keeps pace with updates to entertainment. New service "UlitimateBestEverNetflix2" comes out? Install the software or direct steam via webui from HTPC to TV. With a Smart TV - oh sorry, you need to buy a new one for that feature.

^Click links for shocking articles about greedy corporations doing their best to screw consumers.

I could go on with the list, but with what's there I really don't have to...
 
canna said:
I'd return the TV, get a "dumb" one, and get a HTPC instead.

What you should know before you buy a "Smart TV": Build a HTPC instead. Seriously, a HTPC is substantially better.
  • My HTPC won't spy on me and send information back to some manufacturer.
  • You don't have to make sure an app from your manufacturer exists for services you want to use. Want HBO GO but have an LG "Smart TV", tough break for you, no HBO Go app for LG. It's a PC so it just works.
  • You aren't at mercy of access to content/features disappearing (like here with Samsung) because of a dispute between companies. These situations have arisen with other manufacturers as well.
  • A HTPC won't disable itself if you don't agree to the terms of service that get shoved down your throat in an automatic update such as what happened here with LG "SmartTVs"
  • My HTPC doesn't shove ads down my throat. (Samsung in the link, but other companies are trying the same things).
  • My HTPC doesn't have a "lifetime" where the manufacturer abandons it after X years and things stop working as services get updated.
  • More versatile and keeps pace with updates to entertainment. New service "UlitimateBestEverNetflix2" comes out? Install the software or direct steam via webui from HTPC to TV. With a Smart TV - oh sorry, you need to buy a new one for that feature.

^Click links for shocking articles about greedy corporations doing their best to screw consumers.

I could go on with the list, but with what's there I really don't have to...
Click to expand...

Thanks for the advice, but I honestly don't have the bandwidth now to embark on such a project. I'm backed up enough with other PC-type projects, including upgrading my current system which cries out for watercooling, specs in my signature. And I travel a lot for my job.

Maybe next year, I could build an HTPC, which we would use to replace our other 25 year old but good Sony 27" Trinitron, but not now. I've been building my own desktops for about 20 years now, no problem, but I don't know jack about HTPC right now, and I wish I had to time to learn, but I don't.

I'm totally with you on the issues you list. I know that with companies like Google or Facebook or even LinkedIn, we are not the "users." We are the "product" for these companies, who sell access to our private data to companies trying to sell us things.

On the other hand, we probably won't keep this TV for 25 or even 10 years, because I've heard that TVs now are not built to last the way that they used to be.
 
Your best bet is to put your Comcast modem into bridge mode and use it to feed a real router. Even if you find some hidden menus on the Comcast modem that allow you to add some real firewall type rules, you can't trust that the next Comcast update won't drop that menu or change how the rules work.

If the modem won't do bridge mode, then get a second router to put between that and the rest of your network. Depending on the second router, you may wind up with double nat, but that is likely better then letting the TV send all of the info back to Samsung Central. Many of the new TOS make you agree to rather complete loss of privacy in order to continue using the 'Smart' features. If it has a camera, be very careful, especially if you have small children. Some of the TOS allow the sending of images, video and/or sound clips from the TV's camera or microphone. Those TOS probably also have clauses preventing you from holding Samsung responsible if a bad guy hacks the TV and obtains pics of your kids.
 
Dead Parrot said:
Your best bet is to put your Comcast modem into bridge mode and use it to feed a real router. Even if you find some hidden menus on the Comcast modem that allow you to add some real firewall type rules, you can't trust that the next Comcast update won't drop that menu or change how the rules work.

If the modem won't do bridge mode, then get a second router to put between that and the rest of your network. Depending on the second router, you may wind up with double nat, but that is likely better then letting the TV send all of the info back to Samsung Central. Many of the new TOS make you agree to rather complete loss of privacy in order to continue using the 'Smart' features. If it has a camera, be very careful, especially if you have small children. Some of the TOS allow the sending of images, video and/or sound clips from the TV's camera or microphone. Those TOS probably also have clauses preventing you from holding Samsung responsible if a bad guy hacks the TV and obtains pics of your kids.
Click to expand...

Dead Parrot,

Thanks for confirming my gut feelings. (Even though I trust my gut, I like to verify on [H].)

The comcast modem does support bridge mode. Any suggestions for a "real router" with WiFi?

My TV does not have a camera or microphone, and I don't have small children, but I've heard about how some bad guy hacked into a webcam setup and said pretty bad things to the father there.

x509
 
You must log in or register to reply here.
Back
Top