Roku has hit back against a new Consumer Reports study finding that smart TVs from makers such as Samsung, LG Electronics, Sony, Vizio and TCL (which makes a line of Roku-powered TVs) are vulnerable to hackers, holding that they can be broken into to track what viewers are watching.
As USA Today notes, Consumer Reports said it was able to break into a TCL/Roku TV using a feature that Roku developed that enables remote use of a remote control on other platforms, including smartphones.
"What we found most disturbing about this, was the relative simplicity of," how easy it was to hack those products, Glenn Derene, Consumer Reports' senior director of content, told the publication.
Gary Ellison, Roku’s VP of trust engineering, posted a blog item holding that Consumer Reports “got it wrong,” at least with respect to how Roku's platform was characterized.
“This is a mischaracterization of a feature,” he wrote. “It is unfortunate that the feature was reported in this way. We want to assure our customers that there is no security risk.”
Ellison acknowledged that Roku enables outside developers to create remote control applications that consumers can use to control their Roku product using an open interface, and added that consumers also have the ability to turn off that feature.
He also said Roku’s support of ACR (automatic content recognition), another technology that Consumer Reports viewed as a vulnerability because it can be used to target ads, is an opt-in feature.
But, as USA Today rightly points out, data gathering practices and general privacy issues with smart TVs have been drawing scrutiny.
About a year ago, for example, Vizio agreed to pay $2.2 million to settle federal and state charges that millions of its connected TVs were collecting viewing data without the consumer’s knowledge or consent.