A security researcher has discovered the voice commands Samsung Smart TVs sent to third parties are unencrypted. Recently there was a lot of fuss about the voice recognition of Samsung Smart TVs which allows consumers to control the TV using voice commands.
Security researcher David Lodge decided to intercept the traffic the TV sends to the internet. He discovered that a connection over port 433, normally used for HTTPS, is established by the TV. When Lodge investigated the data that went over the connection he discovered the data isn't encrypted. The data is a combination of XML and binary data.
"The sneaky swines; they're using 443/tcp to tunnel data over; most likely because a lot of standard firewall configurations allow 80 and 443 out of the network. I don't understand why they don't encapsulate it in HTTP(S) though", according to the researcher.
Lodge also found that all kinds of information about the TV is collected, like the MAC address and the operating system version. Also the voice command could be easily found in the transferred data.
According to Lodge he found out that the TV isn't actively listening to users, unless a voice command is activated. Something that can change with a firmware update which could make continuously listening possible, Lodge warns. He calls for Samsung to start using at least a SSL connection to transfer the data and to prevent eavesdropping by others.
