​Samsung: Here's how we're securing your smart TV

Samsung wants you to know that it really does take smart TV security seriously.
Written by Liam Tung, Contributing Writer

Samsung's new security explainer follows recently released details of the CIA-developed Weeping Angel program that turns Samsung TVs into listening devices.

Image: Samsung

After several hacks, flaws, and privacy blunders, Samsung wants you to know that it is doing something to keep your smart TV secure.

Samsung has published a new overview of how it protects its smart TVs, which updates a lengthier document it released two years ago detailing its three-stage approach to security, covering apps, the platform, and hardware.

Notably, the new 'What Samsung is Doing to Keep Your Smart TV Secure' drops any reference to the TV's voice-recognition functionality. The post from 2015 went into detail about this feature, following alarm over a clause in Samsung's privacy policy stating that using voice recognition on Samsung Smart TVs monitored lounge room conversations and transmitted data to third parties.

Samsung denied this and updated the language of the policy via the Smart TV supplement to clarify that voice commands are sent to a specific third party, namely voice-recognition firm Nuance Communications, which converts voice commands to text.

It also notes that it limits collection to voice commands when a specific search request is made by clicking the activation button on the remote control or screen.

The new security explainer follows recently released details of the CIA-developed Weeping Angel program that turns Samsung TVs into listening devices, using the TV's microphone. A version to capture images using the TV's camera was said to be in the works. However, installing the program required physical access to the TV.

And though it's light on detail, Samsung highlights that it does encrypt data between its TVs and servers "to prevent any third parties from wiretapping and from modifying data, and to eliminate the possibility of unauthorized access to user information". Presumably this measure means its apps have enabled HTTPS.

It's now also explicitly mentions Tizen OS, which Samsung uses exclusively for its Smart TVs, and smart watches, as well as for its Z line of phones.

"Samsung Smart TVs are only operated with a reliable Tizen platform. Secure technology, with a strong foundation at the hardware level guarantees the stability of the Smart TV platform and applications," it says.

Formerly, it referred to Tizen as the "the reliable Operating System (OS)". Tizen became the default OS for all Samsung's Smart TVs in 2015.

However, no software is bug free, and as PCWorld reported in April, Samsung was busy that month sorting through which of 40 critical Tizen bugs were relevant to its TVs. Tizen also powers its Z smartphones.

Samsung is now offering smart TVs not one but two antivirus engines to detect and contain malware for its platform. Samsung has what it calls "the anti malware vaccine engine", but is now bundling third-party antivirus in its TVs.

The third-party product is McAfee Security for TV. But unlike PC users, Samsung Smart TV owners only need to activate the software and won't need to make an additional purchase.

The McAfee TV deal is only available in the US and Korea for now. Free McAfee software is also shipping with the Galaxy S8, while Samsung PCs will be bundled with a 60-day free subscription.

Additionally, Samsung's Smart TV browser has an anti-phishing pop-up alert if sees its owner click on a suspicious site. And Samsung suggests its hardware offers some kind of sandboxing or containerization enabled through a "chip architecture that prevents data from being leaked by separating the physical space in the hardware for the core software to operate in".

Read more about smart TV

Editorial standards