Ghiglieri, Marco (2017)
Smart TV Privacy Risks and Protection Measures.
Technische Universität Darmstadt
Ph.D. Thesis, Primary publication
|
Text
DissertationMarcoGhiglieri_v2.pdf Copyright Information: CC BY-NC-ND 4.0 International - Creative Commons, Attribution NonCommercial, NoDerivs. Download (8MB) | Preview |
Item Type: | Ph.D. Thesis | ||||
---|---|---|---|---|---|
Type of entry: | Primary publication | ||||
Title: | Smart TV Privacy Risks and Protection Measures | ||||
Language: | English | ||||
Referees: | Waidner, Prof. Dr. Michael ; Volkamer, Prof. Dr. Melanie | ||||
Date: | 28 February 2017 | ||||
Place of Publication: | Darmstadt | ||||
Date of oral examination: | 25 April 2017 | ||||
Abstract: | Smart TVs have been becoming more popular in recent years. They are not entirely new devices, they are rather traditional TVs with current technology and increased functionality. In addition to streaming traditional broadcast content, Smart TVs facilitate access to Internet content and services. Thus, different Internet functionality on Smart TVs is available. For instance, Facebook, different video on demand services or online games. Some Internet functionality can access and utilize the integrated microphones and cameras. Smart TVs can also be used to browse on web applications that processes sensitive data such as online banking. Furthermore, the vendor independent functionality HbbTV (Hybrid broadcast broadband TV) has been available on almost all new Smart TVs that have been sold in Germany since 2015. This functionality combines the traditional broadcast content with Internet content. It is activated by default. Examples for the content are program-dependent functionality such as infotainment from the Internet, targeted advertisements, direct support for consumers while teleshopping and channeldependent video on demand services. At the first glance, the Internet functionality of Smart TVs appears to deliver distinct value, as compared to traditional TVs. However, Smart TVs are also, as known from other Internet enabled devices, exposed to different risks due to the Internet connectivity. They could be subject to different attacks that aim to access the Smart TV or the stored data unauthorized. Researchers have shown that it was possible to gain access to the Smart TV and its microphone over a vulnerable media player. For hackers it could already be of value to read sensitive data for example from online banking in order to manipulate or misuse this data afterwards. Therefore, Smart TVs have to validate whether the connection is as secure as the web application provider intends. If the connection is not or not correctly validated, the consumer’s data is under risk and it could cause social or financial losses for consumers. Broadcasters and vendors are also interested in Smart TV data to establish usage profiles of Smart TVs. This usage data can be used to improve their products, program schedule or targeted advertisements. Nowadays, broadcasters acquire usage data from specialized companies such as GfK that extrapolate the viewing figures from a specific representative amount of households to the population. From a technical perspective, it is not a challenge for broadcasters to collect usage data directly from the Smart TVs using HbbTV. Vendors could get the data directly from the Smart TVs. This usage data would reveal more precise data of consumers. For example, when and how much is a Smart TV used and which channels consumers prefer. It could be a risk when the data is used in another context or purposes than expected by consumers or permitted by law. The presented risks are becoming more and more important as the distribution of Smart TVs increases. Thus, our primary goal of this work was as follows: • identify and understand Smart TV related privacy risks, • research consumers’ knowledge and attitudes of Smart TV related privacy risks, • and develop a combination of appropriate awareness and technical protection measures. We revealed severe privacy risks for consumers in two extensive analyses in the first aspect of the goal: Severe privacy risks in the HbbTV functionality analyses for consumers were revealed. In 2013, we published, as the first paper in this area, that data transfers to different servers already started when a channel was selected that supported HbbTV. This happened without that the consumers actively used the HbbTV functionality, i.e., the data transfer started without pressing the Red Button on the remote control. The destinations of this data were among others the broadcasters and third parties like Google Analytics that are specialized to profile consumers. This data can be used to improve products, targeted advertisement and hackers could steal the data from broadcasters in order to misuse them. In this publication we also recommended some countermeasures to reduce the risk for consumers. It was partly added in the HbbTV standard. Media and press immediately reported about our results. Afterwards, TV and interviews with different magazines were conducted. In order to analyze the evolution of HbbTV, we conducted further analyses in 2014 and 2015 and published the results in 2014 and 2016. In addition to the results in 2013, we found radio channels that supported HbbTV. Those had the same characteristics as the analyzed TV channels in 2012. The consumers must be aware of this risk to be able to disable HbbTV. Moreover, in a systematical security analysis of seven Smart TVs in 2012 to 2016, we revealed that the validation of secure connections is not performed correctly. This issue still exists in some subsystems of the Smart TVs. Data of secure web applications, e.g. online banking, could have been eavesdropped or manipulated. This vulnerability was not limited to the web browser, but also other functionality (e.g. HbbTV) of the Smart TV was affected. In 2012 we, to the best of our knowledge, were the first researchers who revealed this vulnerability and communicated it to the vendor. It was patched in 2014. Some Samsung Smart TVs are still vulnerable since the update has to be performed over USB, but consumers have not been informed about that issue yet. In the second aspect of the goal we analyzed the assumption that consumers are not aware of Smart TV related privacy risks as well as of countermeasures. We were, to the best of our knowledge, the first researchers that conducted a survey with 200 participants to research it. We explored that consumers are not aware of privacy risks or appropriate countermeasures. Only a small number of participants mentioned privacy risks or countermeasures. Additionally, we presented four different scenarios motivated by occurred privacy issues that should be rated by the participants. We asked them to justify the ratings. Based on these, we identified factors that potentially impacted the consumers’ attitudes towards privacy risks and their ratings. This factors were essential to develop further awareness-raising messages. In the last aspect of the goal we analyzed awareness and technical measures. To the best of our knowledge, we conducted the first research work that evaluated awareness-raising messages and technical protection measures for Smart TVs. We proceeded as follows: Based on the factors, we developed different awareness-raising messages that we evaluated in a pre-study. We concluded that privacy-related awareness could best be prompted by messages that avoid being too specific about a potential misuse. Being too specific (e.g. burglary) is likely to be judged as low risk as it is considered as too unlikely in this context. Two of the evaluated messages were further evaluated in another study of 155 participants. The result was that most consumers would willingly sacrifice their privacy to benefit from Smart TV functionality. This analysis indicated that awareness-raising messages can increase awareness however messages alone do not show the desired effect on consumers. Additionally, we combined the above mentioned awareness messages with feasible protection measures and evaluated them in a study with 169 participants. Our result is that consumers would spend time and/or money on protecting their privacy when the Smart TV’s Internet functionality is retained. Based on the previous results, we tailored a prototypical solution, the Smart TV Protector, which shows the feasibility of an appropriate technical protection measure. The Smart TV Protector is the first technical protection measure for Smart TVs. Furthermore, we theoretically outlined an extension for the Smart TV Protector that respects broadcasters’ and vendors’ interests. We developed an approach that uses methods to keep the privacy protected while aiming to reach a high stakeholder acceptance. This approach is only feasible if all stakeholders accept the rules. |
||||
Alternative Abstract: |
|
||||
URN: | urn:nbn:de:tuda-tuprints-61879 | ||||
Classification DDC: | 000 Generalities, computers, information > 000 Generalities 000 Generalities, computers, information > 004 Computer science |
||||
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Security in Information Technology |
||||
Date Deposited: | 05 May 2017 08:57 | ||||
Last Modified: | 09 Jul 2020 01:37 | ||||
URI: | https://tuprints.ulb.tu-darmstadt.de/id/eprint/6187 | ||||
PPN: | 402877586 | ||||
Export: |
View Item |