Off The Record
A single line in Samsung’s privacy policy sent the media into a frenzy
A single line in Samsung’s voice-recognizing SmartTV privacy policy sent the media into a frenzy.
It read: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”
But the voice of the virtual mob, concerned that their lives were becoming something out of George Orwell’s 1984, grew so loud that Samsung has issued an update.
The policy now names the third party that currently has access to voice commands when the voice-recognition feature is activated. The policy still points out that customers are given the option to activate or deactivate the voice-recognition feature at any time.
Previously, the policy read:
“If you enable Voice Recognition, you can interact with your Smart TV using your voice. To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you.”
Today, Samsung issued an update (changes in bold):
“If you enable Voice Recognition, you can interact with your Smart TV using your voice. To provide you the Voice Recognition feature, some interactive voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service provider (currently, Nuance Communications, Inc.) that converts your interactive voice commands to text and to the extent necessary to provide the Voice Recognition features to you.”
The policy goes on to explain that voice commands and the associated texts are used to “evaluate and improve the features” and that Samsung will only collect voice commands “when you make a specific search request to the Smart TV” when the microphone is activated, but with the new shocking expose by Wikileaks “Vault 7: CIA Hacking Tools Revealed” it doesn’t seems that way. It’s much more frightening.
Wikileaks reports:
“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.”
Next time you want to say something private in front of your TV, think twice before saying it.
Sources used: europe.newsweek.com, Wikileaks. Other sources are listed above
