alt Hacker NewsFind the TV’s MAC address and block it on your router. My brother home network had this system where your MAC address had to be whitelisted on the router to communicate with the network, as the days go by I see how in hindsight how this might be for the best in the end.
Replies
Allow list is the best approach. Soon TVs will randomize their MAC just like our phones do.
I split my network(s) into subnets (sharing the same wire, not to be confused with the actual subnets which don't share the same wire) which correspond to routability policies. This in turn involves firewall rules, routing table entries, and DHCP configs corresponding to those subnets.
I give away the software which does the following. I get this (and a lot more) for every host on my network, and I know what every host is.
# peers upstairs-roku.m3047 +addr +serv
dns.google [8.8.4.4] domain [53]
dns.google [8.8.8.8] domain [53]
athena.m3047 [10.0.0.220] domain [53]
mediaservices.cdn-apple.com [23.46.228.133] https [443]
mediaservices.cdn-apple.com [23.46.228.134] https [443]
mediaservices.cdn-apple.com [23.46.228.135] https [443]
mediaservices.cdn-apple.com [23.46.228.137] https [443]
mediaservices.cdn-apple.com [23.46.228.138] https [443]
mediaservices.cdn-apple.com [23.46.228.139] https [443]
mediaservices.cdn-apple.com [23.46.228.140] https [443]
mediaservices.cdn-apple.com [23.46.228.142] https [443]
mediaservices.cdn-apple.com [23.46.228.143] https [443]
mediaservices.cdn-apple.com [23.46.228.144] https [443]
mediaservices.cdn-apple.com [23.46.228.145] https [443]
mediaservices.cdn-apple.com [23.213.34.169] https [443]
mediaservices.cdn-apple.com [23.213.34.176] https [443]
mediaservices.cdn-apple.com [23.213.34.178] https [443]
mediaservices.cdn-apple.com [23.213.34.185] https [443]
mediaservices.cdn-apple.com [23.213.34.186] https [443]
mediaservices.cdn-apple.com [23.213.34.187] https [443]
mediaservices.cdn-apple.com [23.213.34.188] https [443]
mediaservices.cdn-apple.com [23.213.34.193] https [443]
mediaservices.cdn-apple.com [23.213.34.196] https [443]
mediaservices.cdn-apple.com [23.213.34.201] https [443]
mediaservices.cdn-apple.com [23.213.34.203] https [443]
nrdp.push.prod.netflix.com [35.81.198.46] www [80]
ec2-35-86-100-253.us-west-2.compute.amazonaws.com [35.86.100.253] psbserver [2350]
austin.logs.roku.com [35.212.27.142] https [443]
scribe.logs.roku.com [35.212.34.174] https [443]
austin.logs.roku.com [35.212.72.105] https [443]
austin.logs.roku.com [35.212.119.44] https [443]
display.ravm.tv [35.212.178.254] https [443]
logs.netflix.com [44.226.179.188] https [443]
logs.netflix.com [44.228.67.58] https [443]
nrdp.push.prod.netflix.com [44.229.50.4] www [80]
logs.netflix.com [44.229.122.169] https [443]
nrdp.push.prod.netflix.com [44.232.75.216] www [80]
api.roku.com [44.249.213.211] https [443]
nrdp.prod.ftl.netflix.com [45.57.40.1] https [443]
nrdp.prod.ftl.netflix.com [45.57.41.1] https [443]
nrdp.push.prod.netflix.com [52.24.26.117] www [80]
logs.netflix.com [52.33.247.19] https [443]
themes-service.sr.roku.com [54.200.214.141] https [443]
occ-0-1009-1007.1.nflxso.net [198.38.112.135] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.144] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.145] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.165] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.169] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.170] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.172] www [80]
occ-0-1009-1007.1.nflxso.net [198.38.112.178] www [80]
mdns.mcast.net [224.0.0.251] mdns [5353]
239.255.255.250 [239.255.255.250] ssdp [1900]
I’m paranoid that actually blocking internet access to the TV will result in filling up the TV’s disk with all of this intrusive data they have collected waiting to be uploaded, eventually run out of space and brick the TV. This could be just bad software or actually malicious where they intentionally break something if it loses connectivity for too long and they can see you using it with other connected devices.
We really need normies to care enough about this to the point manufacturers will need to think they need to advertise on their TVs that they are privacy-friendly and don’t collect anything as a selling point. Until then, they don’t really care. I just wish someone like Apple made a TV with their Apple TV functionality baked in that I could trust.