Vizio Privacy PolicySource: CordCutters

There's much gnashing of teeth today from a Black Friday/Cyber Monday PSA from the Portland field office of the Federal Bureau of Investigation — the FBI — that does a good thing badly.

The gist? Lots of folks were going to be buying smart TVs over the shopping holiday, and so there are a few things said folks should be wary of. Modern TVs often have microphones. They occasionally have cameras attached. They most certainly connect to the internet.

It wasn't what I'd call a particularly good story, nor do I believe it was meant to be taken as some white paper on the perils of modern technology. It's part of a "Oregon Tech Tuesday" series they do, which includes other useful headlines like "Building a Digital Defense Against Calendar Fraud," "Building A Digital Defense Against Weight Loss Scams," and "Building a Digital Defense Against Travel Scams" — among 116 others, dating all the way back to May 16, 2017, with "FBI launches 'Tech Tuesday: Building a Digital Defense' ".

The premise was simple:

The FBI's Portland Division is launching a new Public Service Announcement (PSA) campaign titled "Tech Tuesday: Building a Digital Defense" for home and work. Each week over the next few months, the FBI in Oregon will release information about the computer threats that we all face along with helpful hints as to how a person or a business can best defend against hackers, thieves, and cyber criminals.

Simple enough. Nothing wrong with a government PSA series, even if it might be oversimplified. That is, after all, how these sorts of things are done.

So that's the context around the Nov. 26, 2019, post: "Securing Smart TVs." It sets the stage of these connected TVs that let you do all sorts of things, like use your voice to control them, and video chat with grandma. Nothing untoward there. There are a couple more grafs that are a little more sensationalistic, though they're not wrong:

Beyond the risk that your TV manufacturer and app developers may be listening and watching you, that television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router.

Hackers can also take control of your unsecured TV. At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently cyberstalk you.

Let's be clear here: That's a risk every single one of us takes with every single electronic device we use. I'm taking a risk with the device I'm using to type this post. You're taking a risk with the device on which you're reading it. (The worst line probably was the one talking about how a "locked-down computer" is after than an "unsecured TV." No kidding.) Companies don't always put our interests ahead of their own. Vizio got caught. Roku is as much an advertising company as it is a streaming company — though at least it's pretty up-front about that.

Because the internet was built backward, without security in mind first, we all need to take steps to mitigate our risk. And that includes basic things like knowing about the device you're buying, covering cameras when not in use (good ones will have lens caps or covers or some sort), changing default passwords and administrator accounts — or by not even connecting the blessed thing to the internet in the first place if you don't need to.

I get that dragging the FBI is a fun thing to do online, because it's the FBI and because folks just can't help themselves. But the intention of the FBI Oregon post absolutely was in the right place, even if the execution wasn't quite there. Fortunately, they don't let bloggers and even official PR-writers conduct more sensitive FBI operations just because we can spot holes in a public service announcement.

We can always still tweet, though.