Skip to main content
  1. Home
  2. Computing
  3. News

Who’s watching what you’re watching? Avast finds vulnerabilities in Vizio smart TVs

Jonathan Keane
By

VIZIO Reference Series Event
Jeffrey Van Camp/Digital Trends
Security researchers at Avast have demonstrated a number of vulnerabilities and potential attacks against Vizio smart TVs, including intercepting data that displays a person’s viewing habits.

Under the wide umbrella of the Internet of things and smart homes, Avast began to pull apart the security of a Vizio smart TV and found that it was susceptible to man-in-the-middle attacks due to HTTPS certificates that were not being validated.

Recommended Videos

Avast discovered that the TV was constantly accessing tvinteractive.tv, a website run by a company called Cognitive Networks. The service appears to gather a timestamp that reports what someone is watching and when, and then sends that info to the content provider or advertisers. Avast even discovered that the TV would accept a forged certificate when connecting to the site as it does not fully validate the HTTPS certificate. Instead it just validates the checksum at the end of the data being transferred.

Related

Essentially, the HTTPS certificate is what makes a connection secure, validating the information and telling the sender what a site actually is. Without it, a hacker could potentially steal the information. Carrying out a man-in-the-middle attack in which it impersonated the tvinteractive.tv with forged HTTPS credentials, Avast was able to crack the data that was being sent and view it.


“This data is the fingerprint of what you’re watching being sent through the Internet to Cognitive Networks. This data is sent regardless of whether you agree to the privacy policy and terms of service when first configuring the TV,” said the researchers.

The data is more like a snapshot of pixels rather than a clear view of what you are watching. Here’s an example from Avast. Vizio has a way of deactivating this tracking through the following commands: Menu -> Reset & Admin -> Smart Interactivity -> OFF.

Avast has dubbed its discovery as a possible attack vector into a person’s home network. It’s just the latest evidence that shows how a smart TV can make your local network vulnerable, and Avast claims that it could be a possible means to display content remotely on someone else’s TV.

“Further investigation is needed to demonstrate a proof of concept; however, this appears to be a potential attack vector for remotely displaying unwanted material on a person’s TV,” said Avast.

Vizio has patched these vulnerabilities and says the update will install automatically, but there is still no report on whether this update has been successfully delivered to all TV owners yet.

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
What is a smart TV? Everything you need to know
vizio 65inch oled 4ktv deal best buy december 2020 tv 768x768

Smart TVs are everywhere. In fact, you'd be hard-pressed to find a TV on a store shelf these days that doesn't do clever things like play movies and TV shows from the latest streaming services while you ask it to do so with (gasp!) your voice through an intelligent voice assistant. Widgets and apps open up possibilities like gaming, weather, video calling, and smart home features that would make your old TV fear for the curb. 

But what makes a TV smart, and why should you care? Is it as simple as an internet connection and an operating system? If it's just a more direct route to streamers like Netflix and Disney+, then is that better or worse than my trusty Apple TV or Roku set-top box? Who makes smart TVs, and does it matter which I choose? We decided to weigh in on the matter.

Read more
Amazon Music is now available on Vizio TVs
Amazon Music on a Vizio TV.

Amazon Music is now available as a native app on Vizio televisions. The inclusion of the app for SmartCast -- Vizio's built-in operating system -- means that you'll be able to stream more than 2 million songs for free on the third-largest music streaming service in the world without having to resort to Bluetooth or AirPlay or some other workaround. You'll also be able to stream Amazon Music Unlimited, which ramps things up to more than 75 million high-definition songs.

“With millions of users across the country, Vizio is an obvious choice for Amazon Music to expand our service into the homes of music fans,” Karolina Joynathsing, director of business development for Amazon Music, said in a press release. “We look forward to our customers being able to easily listen to their favorite music on Vizio smart TVs starting today.”

Read more
How to watch Super Bowl 2022 on a Vizio TV
The Vizio V-Series 4K TV in the living room.

Super Bowl 2022 is almost here. The treasured, annual sporting event that has been wrangling families and friends together for as long as most of us can recall, the Super Bowl is about as widely recognized as most major holidays. But here's the hundred-dollar question: What TV are you watching the Super Bowl on? Every manufacturer is looking to cash in on the Big Game, but if you've landed on this page then you're likely wondering how to watch Super Bowl 2022 on a Vizio TV.

A well-respected name in the TV marketplace, Vizio delivers high-quality sets at prices most competitors can't touch. And guess what? If you aren't already set on watching the game using a streaming device such as Roku, Apple TV, or Amazon Fire TV, that new big-screen Vizio has everything you need to stream the Super Bowl already built-in, no paid cable required. Let's get started.

Read more