Samsung Bricks Smart TVs

Earlier this Fall, a Samsung warehouse in South Africa was robbed and the thieves got away with a quantity of smart televisions. Samsung proceeded to implement a little-known feature called “TV Block” which is installed on all of their TV products. The serial numbers of the stolen TV sets are flagged in their servers, and if one of these sets tries to connect the internet in the future, it will recognize that it is stolen and proceed to brick itself, disabling all television functionality.

So while this real-life scenario makes sense, it is a bit alarming to realize the implication of such a feature — the manufacturer can reach into your TV and disable it from afar. One can assume that Samsung won’t abuse this capability, because acting otherwise would harm their reputation. In a press release, Samsung announced that any consumers whose sets were incorrectly bricked can have their sets un-bricked after demonstrating proper ownership.

Despite such good intentions, the mere existence of such a feature is worrisome. What someone hacks the system and begins bricking TVs all over the world willy-nilly? If you are concerned about this possibility, one option of course is to never connect your TV set to the internet. But in that case, it might be better to just buy a “dumb” television set instead.

Anti-theft immobilizers are not new — one system was patented over 100 years ago to thwart car thieves. Car stereo systems have also long featured technology that renders them unusable when stolen. Although this robbery brought Samsung’s “TV Block” to consumers’ attention, we wonder if other manufacturers have similar anti-theft systems which aren’t well publicized. If you know of any, please share in the comments below.

247 thoughts on “Samsung Bricks Smart TVs

  1. So if criminal hackers would get a hold of the kill-switches they could brick all globally (connected) TV of this company? RaaS (Ransomware as a Service) is becoming a new dystopian reality. Not that I would care. I don’t connect “””smart””” stuff on the net. It is quarantined in a seperate VLAN.

      1. Oh the good old “I have nothing to hide argument”.

        Do you understand what CryptoDoneRight said, or are you so naive that you cannot imagine that some bad guys could take the control?

      2. So you are saying that the “criminal hackers” described above would only turn off stolen TVs if they acquired the kill-switches to all Samsung TVs?

        I would like to live you world.

        1. Funny I bought Samsung blue ray ?2years or close but last year it just stopped & will not read dvd but instead repeats loop over & over. Trouble shooting on Samsung model claimed that many blue rays had received internet hack disabling players? Samsung were not doing recall or refund blaming internet security allowing hack .

          1. This is somewhat incorrect. It was a software update that caused the Blu-ray players to keep looping. And, since they were stuck in an endless loop, there wasn’t a way to roll back the update remotely. While Samsung was trying to figure out the fix, you could contact them and they would email you a prepaid label to send the player to a facility to fix it, then ship it back to you. The whole process took a couple of weeks. I was one of the many who went through the process and get their player fixed.

            If you Google “Samsung player infinite loop” or similar, there are tons of results in regards to this.

        2. More like they can do so much more, unless this feature is somehow effectively isolated from the rest of Samsung’s network.

          I’d like to see how exactly this increases attack surface or practically makes things worse, if possible lol.

        3. If you re-read his comment again he asked that if cyber criminals got ahold of the trigger device that Samsung can brick the TVs with that the criminal can brick EVERY TV with this feature, not only stolen ones.

          1. And while that might be illegal, and probably do harm to a ton of Samsung TV owners, the message that it sent to Samsung’s support department would be impossible to miss.

            I often wonder why firms that implement such technologies don’t see the cost. The lawsuit when they have a data breach. The support effort when there’s a bad firmware update.

            They must be getting more money from harvesting watching habits than we all think.

      3. Cellphones use an IMEI number as unique identity.
        After 3 year of use, a phone was suddenly blocked by the provider.

        It turns out, the IMEI number was reported as stolen in a different country to a different provider.

        It is unclear what exactly happened, but it was not easy to get the device unblocked, even with proof of ownership, original invoice and a statement from the official dealer that the device (with that IMEI number) was indeed legally sold.

        1. This is very common place in cell phones. Your particular problem was likely under informed carrier service techs. Disabling a device, like with Samsung, is a process of the device company rather than the carrier. Even so, not many within the company understand how that process works, and even fewer have the keys to correct the issue.

        2. Newer phones have the ability to be shut down and even erased by their owners if lost or stolen. We can track the phone by GPS, or have another device such as Alexa ring a phone to find it.

          You have no expectation of privacy in any way. If our phones have these capabilities then they can be exploited. Every interaction you have is monitored and analyzed. Do any of us actually know what’s inside the cookies on this site?

          All we can do if we want to participate in the digital world is our best. Use virtual networks and anonymous routing. Use anti-virus and malware software and hope they don’t poison the well. It’s been done. Your best defense is your good common sense. Ain’t no such thing as a free lunch. Be wary of amazing offers. Don’t give up too much personal info online. A police detective put together info he gathered from a group of girls while pretending to be someone else. He showed up at their school to show them how a predator operates. As he said, what if he’s a bad guy?

          Sorry this got so long, I found it interesting. There’s nothing new about this tech, as someone else pointed out. It’s ubiquitous. If banks, major companies and the military can be hacked, I’d guess we can be hacked too. I have free credit monitoring for life so many companies have been hacked. It would drive me to drink if I worried over all the ways I can be hacked, my info stolen, my devices taken over. All we can do is try and be smarter than the bad guys.

          1. It’s truly incredible the amount of information you can find about a person using just their email. Or phone number. The amount of publicly available information on government sites, the stuff that is tracked. There’s no way around it. But you can be smart about it ,if you know what’s being tracked or how it’s not hard to spoof things or obfuscate just a little bit.

            Still, I find it funny how little people truly understand about what’s being tracked in their daily lives.

          2. ” All we can do is try and be smarter than the bad guys.”

            You may not need to be smarter than the bad guys, just a harder target. You just need to be smarter than, say, 95% of their victims.

          3. @[The Commenter Formerly Known As Ren]

            One of these things is true.

            It’s like your in the ocean with a friend and a shark is coming! Do you need to swim faster than the shark? No! you just need to swim faster than your friend. Then it kind of becomes troubling what you want to understand the meaning of friend rather than the meaning of shark.

            And the second problem: Being smarter than the “bad guys” isn’t such an advantage when they have seemingly unlimited resources. That’s perhaps why they continue to be the so called “bad guys”.

        3. Lol except manufacturers are known to reuse batches of imei’s. Besides at least in the states samsung under the direction of the carriers have implemented a 2 tier system for sim locking branded/contract devices under 1 rom while factory unlocked lacks the niche features like uma/video calling

        1. I personally don’t trust Samsung.. They have their paws into too many “Smart” TV’s , Phones and every other electronic item on the market today, even the electronic items that don’t have the Samsung name on it.
          CAUTION BIG BROTHER IS WATCHING !!

      4. Not in a world where hackers run amok, and so good that major companies and governments are known to pay ransoms. If Apple can get hacked you can bet Samsung can too.. eventually it will happen to where every Samsung TV that is online will go dark because of it

      5. I would LOVE to discuss the “if you aren’t doing anything wrong then you have nothing to worry about” fallacy with “people” like you, face to face, if you catch my drift.

      1. Many smart TVs now are microphone and wifi enabled, have full network access, and likely some contain NEVER reused passwords for Amazon, Hulu, Netflix, etc. I think they provide the perfect opportunity for credential harvesting, or pivoting into the private network. Or perhaps even reselling the streaming service accounts of hundreds of thousands of Samsung TV owners. Heck, I’d be interested if only to pinpoint the TV’s location using nearby SSIDs. Sounds like a fun challenge.

      2. Does the concept of “lulz” elude you completely?

        I can say with absolute certainty that there are people who would brick every single Samsung TV just to watch the chaos unfold.

    1. Actually my worry is a company deciding that a “certain age” is old enough. Through firmware updates or by these kill switches it can be assured that a large number of people will need to purchase a new TV when said company decides. Delaying of bricking TV’S in batches wouldn’t raise too many red flags. And let’s be honest, most people will stick with the brand they have.

    2. Well, no, they have an un-brick switch, as they are offering anyone with a PoP who has inadvertently bricked this option. So any hacker(group) who decided to brick all of Samsung’s Smart devices, the deed could be undone. This of course assumes there is a “SELECT ALL” in the security feature and assumes the sheer quantity of Samsung TVs out there being bricked at once wouldn’t just crash.

    3. A separate vlan that has access to the wan is not doing anything to isolate a device and keep it from being bricked unless you have all of it’s ports blocked. Just wait till people find out the “secure block chain” is actually a zero day botnet disguised as “crypto being done right”

    4. I used to buy Samsung smart tv’s but I quit this some time ago after giving up on their “promise” of open source. I no longer buy their smart phones either. They just obsolete them way to fast and I loose my connection or updating of my Wemo switches after 2 years. Oh do you remember Samsung’s promise about Smartthings. Mine is sitting on a shelf gathering dust. I’ve had features quit working because of their “upgrades”. A pox on Samsung.
      Oh so what do I buy. I now buy Toshiba fire tv’s. They work great and so far I have no argument with the ease of connection.
      I went back to Apple who supports much better.
      As for an alternative to Smarttings check out Hubitat….It’s awesome ( I now have two).
      Disclaimer I have no affiliation what so ever with any of the above companies.

      1. I use an old Toshiba REGZA “dumb” 32″ TV as a monitor right now. It’s 16:9 has max res of 1920×1080 but I find 1360×768 better. Great for both browsing, word processing, email and CAD.

  2. “it might be better to just buy a “dumb” television set instead.”

    good luck finding a “dumb” tv. afaik there is absolutely nothing between big pc screens (up to thirty-whatnot inches) and professional screens for industry usage like info screens in shops or public places (which come with a horrible price tag and tend to be big and sturdy units).

    1. Sceptre still makes dumb TVs. Smaller display companies can’t afford to build and maintain the OS and the cloud infrastructure, and if they do offer a smart TV it’s usually bundled with Android to save on development costs.

      Just avoid big brands like Samsung, or any brand big enough that you know they have the budget and market share to build their own ecosystem and actually profit from locking out users.

      Watching a lot of TV isn’t good for you anyway, and obsessing over the specs and features won’t fix the plot holes, bad acting, and cheap special effects that viewers typically complain about.

      1. I’d prefer if “disable” meant making it possible to easily and physically remove the “smart” portion so it’s just a dumb TV with no ethernet network, AI or voice recognition capabilities.

        Basically a hardware based lobotomy requiring only a correct sized Philips or torx screwdriver to open a easily accessible service flap/door to yank out a socketed “smart” board, rendering it old fashioned except for the display input and panel capabilities.

        1. Why assume there’s a separate processor for the online stuff?

          My tv sets aren’t “smart”, but they use microprocessors and run Linux. Needed to do the actual tv work. So surely the apps ride on that, rather than a separate system.

          I don’t fully understand the fuss. My blu-ray player runs Linux, and does run apps, though I’ve never connected it to the internet. My Amazon Firestick runs Android, and does the same thing that apps on the blu-ray player or smart tv sets does. So why is a “smart” tv seen as so bad?

          1. Apparently you have never had an update go bad for you. Hopefully your good luck continues. I don’t remember how long ago there was a case of Samsung tvs being bricked by automatic update going bad.

            I will stick to my tvs with decade old firmware with media center pcs connected. If a update stops kodi from working correctly i can reinstall. I don’t know of any smart tvs that will let you roll back or swap the firmware.

            In case my bias isn’t obvious, i work on a helpdesk. My daily job is fixing “my computer isn’t working right after that last update”

    2. I currently have an abundance of “dumb” TV’s that I acquired after a number of them failed at the same time. It was my job to dispose of them. The ones I didn’t break during disassembly now work. They’re a “private label” for a distributor of security and audio-visual products. They have no network connectivity or apps whatsoever. Probably due to the mass failures, the company no longer offers private label TV’s.

      They use the same components and look to be the same as certain Philips models. I assume that the firmware would be different to support it, but there was an unused ribbon connector socket on the main board which I figured was for a “computer”. Probably these that I have are a dumb version of a smart TV.

    3. I had a dumb TV until early 2019 and only upgraded because my son wanted to play the Switch and a non-digital TV doesn’t have a fast-enough refresh rate. Otherwise, we’d probably still be using it and we don’t watch TV much. Fortunately it found a new home with disabled people who were happy to have a TV at all and didn’t need a smart one.

    4. I bought a television in 2017 and I had no problem getting a ‘dumb’ Manta TV.
      It is better to have than a smart:
      – no smart function means more place on the remote buttons for actually useful functions like the aspect ratio for example,
      – cheaper (about 700 PLN for a 92cm wide tv if I remember), why pay for smart stuff you don’t want to use anyway,
      – If I want to watch stuff from the internet I can connect the computer to TV with a hdmi cable. If I also have a wireless keyboard and mouse available I can do stuff on the comp while sitting at the tv.
      – I have all video inputs I need: hdmi, vga, composite, s video, rgb, ypbpr, scart, … so I can connect whatever I want.

    1. Or worse, subscription.
      Unpaid TV licence, TV dies.
      It makes me wonder, who out there really wants an Orwellian future and why does that minority have such a big influence on the direction.

      1. More likely that sales are low so they brick the older ones that are out or warranty to promote new sales.

        Several companies have done this already. Some but not all have made a back-flip and re-enabled consumer goods due to consumer backlash.

        Anytime now a company will do the same but spread the bricking over enough time so that consumers don’t realize it’s a deliberate act. Probably happened this way already.

        I bought a device just a week ago and terms stated that I have a “revocable” license to use the product.

        The product packaging is marked ORION and it is marketed by ARLEC (a well known company that you would expect to use their own brand). The product packaging also has “Grid Connect” a completely different company that provides the revocable license to use the product. It has been made internet server dependent when most of it’s features don’t require internet access – it’s a door bell.

        Companies often setup a shell company who provide the “revocable” license so they can blame a different company name (even though they own or exclusively fund the company) when things get bricked.

        People are being completely naive to believe that this Samsung feature is for theft prevention. If it were then it would have been advertised that way as a marketing tool from the start. The fact that they were silent until it was used indicates that they don’t want it generally known.

  3. OK, cross Samsung off the list. What if someday my government declares funny cat videos ‘incorrect’ and demands that Samsung brick my TV? What if they order them to disclose my IP address so enforcement can come and confiscate my TV? Or, brick my phone because I said the wrong thing. Counting on manufacturers not to abuse their customers – Microsoft? Apple? Etc, etc.

      1. That’s not because it’s open source that’s safer. Remember when fake Arduinos boards pop on market and these stuffs where more than unreliable about their functionnality ?

        1. Most Arduino not made or sold in Italy are legal clones as Arduino were made to be open source. Anyone can manufacture and sell them as long as they don’t make it look like official Arduino. There are a few counterfeits.

          A few years ago fake FTDI chips were bricked with driver update, those didn’t affect just Arduino clones but many other devices.

          1. Those fake chips were only blocked on windows, by Microsoft taking deliberate action. Open source software users saw no such problem, making that incident one more reason to avoid proprietary software.

          2. Microsoft was supposed to vet the drivers before pushing them downstream – otherwise, what’s the point?

            It’s the same as HP pushing drivers that deliberately disabled older printers through Windows Update. I switched to Epson after losing two perfectly fine printers to programmed obsolescence.

          3. It appears I cannot reply past a certain depth, but for a while Windows Update was pushing FTDI drivers that exploited a flaw in fake chips, overwriting a critical part of their firmware and subsequently causing Windows to fail to detect the USB device ID.

          4. @[William]

            More commonly called FTDIGate. There’s a write-up here on HaD.
            It was FTDI that initiated the need for windows to update and Microsoft had no real reason to question them as FTDI was the manufacturer. Microsoft had no idea that the update would brick consumer or client products that used fake FTDI chips

            I lot happened after than and Microsoft disowned or disassociated with any organization that might use the windows platform to engage in dubious acts.

            FTDI really shot themselves in the foot with that act.

          5. >Microsoft disowned or disassociated with any organization that might use the windows platform to engage in dubious acts

            Except they didn’t. Case example: HP. When they “recommended” switching driver distribution to Windows update, HP used the opportunity to drop support for all the old printers that people were still using and crippled the new drivers for many relatively new devices, such that they would “work” but were practically useless. Then they dropped the working windows 7/8 drivers out of their download options, and Microsoft made it so these drivers would either fail to install, or break with every windows update if used anyways.

            You paid $500 for a color laser and updating from Win8 to Win10 you lost the ability to setup any color management, and prints turned out with a nasty stripe pattern. Older B&W Laserjets stopped working entirely, and the issue was simply that you weren’t allowed to install the right driver. HP never fixed the issues and MS never did anything about it.

          6. And Microsoft itself has done it to their own products. I have a USB headset where the Windows 7/8 driver includes a dial that allows you to turn down the bass. The Win10 drivers don’t, and you really really need it because the default option is like sticking your head inside the reflex tube of a subwoofer. They broke it and won’t do anything to fix it, because they’re not selling those headsets anymore.

          7. @[Dude]

            After the FTDIGate incident Microsoft handed over management of Vendor ID (VID), Product ID (PID) and driver management to an external company. Microsoft simply charged them a fee for driver signing. That way when things like FTDIGate happen, people can’t blame Microsoft.

            Except perhaps when Microsoft is also the manufacturer per se.

    1. It doesn’t matter what brand of TV you buy, regardless if it has this feature or not the government could mandate the manufacturer to make a new firmware that does whatevery they want.

    1. Those are called “monitors”. You’ll only tend to find the smaller sizes, since the smart bits end up being a small part of the cost for the larger ones. Probably the best move is to find a smart TV that’s easily hackable to do what you want.

        1. That’s being shipped from China it takes 3 months maybe more to get here in the shipping is $300 and it could cost you maybe $40 to get the TV it’s a shipping that kills you $300 to ship it I don’t know about TVs but I tried to get a dog carriage they wanted to charge me $19 for the carriage and $300 the shipping all Alibaba does that because it’s a China site I would never trust them if something goes wrong with it you have to pay the shipping to send it back there’s another $300 good luck with that site

      1. I disagree that a regular TV is the same as a monitor. A TV has usually different features than the average monitor such as a tuner/decoder, infrared remote, speakers and often many different signal inputs. Some monitors do have build-in speakers and some of them have many inputs, but none have tuners/decoders. Monitors are designed to be put on a desk close to a person, while a TV is designed to be viewed from a larger distance on a wall. Some monitors have advanced mounting capabilities such as TVs, but that doesn’t make them TVs. If it has a build-in browser or runs certain apps it is called “smart”, but that’s not the main feature that separates TVs from monitors.

        1. A lot of this is unnecessary these days. Most people use cable/satellite boxes which have HDMI outs and their own IR. What’s better, you can control most modern monitors over HDMI CEC, or even i2c a la ddccontrol. Most larger monitors have VESA mounting patterns.

          The fundamental difference between monitors and TVs is size and marketing.

          1. Yes, you are right. The fundamental difference is what the device is marketed to be and its size. There is a lot of overlap in features and the lines are blurred.

            But my point remains. If you remove the “smart” features from a TV (apps and browser), you still have a device with features most monitors don’t have.

            Example: Most monitors do not have a remote, so if you want to switch input sources you need to walk up to the monitor and push physical buttons (nothing wrong with that, I grew up with a TV without a remote, but kind of outdated for a TV). I’ve never heard of ddc-control before. If switching sources over that protocol is supported by cable/satelite boxes I guess a large monitor with good build-in speakers could function as a TV.

            BTW. I haven’t watched cable TV in years and we use a large monitor as a ‘TV’. It is a high-end model with HDR, but the build-in speakers are lousy so we are using external speakers, it is still smaller than a TV and using a wireless mouse and keyboard is less optimal for control. So it is not the full TV experience.

      2. I currently have a 55″ NEC monitor with large array of inputs. It is fully dumb, but can be made smart with a media card. It has some interesting features, such as the possibility of making a matrix of 10 monitors, connectors for input and output of the IR signal, ethernet connection for controlling it from the local network, but with only as much control as the IR remote gives you. I got it for free from what used to be a conferencing system, but I imagine that it is at least twice the price of a normal smart TV, but will also have a much longer life.
        I have Kodi, Chromecast and game consoles plugged into it. Any live TV streams through my phone, so no need for a tuner.

    2. You have to look at suppliers for commercial/industrial products. A few years ago we needed some displays at work over ~65″ with absolutely no networkability to meet certain requirements and I think we paid about double what the nearly identical retail model cost for the feature of fewer features

      1. Odds are pretty good that it used the same board as it’s consumer brethren, they just didn’t bring out the connectors and/or just turned off those menu options.

        So it was really just a smart TV that was smart enough to play dumb so people would pay more for it. Well played TV, well played.

    3. i wonder how modular they are. i remember 10 years ago we took apart an lcd tv and it had separate boards for power supply, lcd drive, and inputs. i guess everything’s probably changed since then. but it sure would be nice to just pop out the microprocessor board just like any other input board.

        1. Having tried that (disconnecting the wifi antenna), I can say it is not quite so easy. With the antenna disconnected the wifi would still work. Even replacing the antenna with a 50 ohm dummy load the wifi would still work.

      1. If you remove the microprocessor, chances are good the tv set is dead.

        Bith my tv sets run Linux. So does my blu-ray player. Thus both are smart, but not in the way you mean. They can’t operate without the microprocessir.

      1. A couple of months ago, my wife and I watched an old black and white movie on Roku.
        The majority of commercials inserted into the stream were for Medicare supplements, medicines for the aged, hearing aids, etc.

        B^)
        (I guess only “old people” like my wife and I watch “old movies”!)

      2. My wife and I found that Walmart sells televisions under their ONN brand that have no internet connectivity. No apps. Just the tv. Now, just because the TV isn’t connected, doesn’t mean the devices connected to it aren’t. Anything you do, besides watching from antenna signals (rabbit ears), puts you right back on the radar.

    4. You just don’t sign it onto the wifi or plug cat5 into it. Just use a PC for streaming needs and use it as a monitor. The streaming apps are always sluggish on these smart tvs anyway. Even a 15 year old PC can do a better job with a decent video card. That way any tv is a dumb tv. Otherwise you can sign it into a guest account on your router with severe port blocking set up but sometimes updates are pushed through client apps so ymmv. Good luck >)

  4. Economy of scale is weird.. All I want is a huge display that takes HDMI input, it shouldn’t do anything else. no sound, no remote, no nothing, just be a display. And such a display should be cheaper because it’s less parts, but it’s unobtanium.

    1. Such a display isn’t subsidized by advertising & personal viewing data collection revenue. Indeed the hardware cost should be lower. But you don’t pay the hardware cost when you buy it, you pay the consumer price, which is based on the business model involved in selling you that screen.

    2. Video monitors for “smart displays” like you see at McDonalds and other such places for their menu boards. But those tend to not have built in sound so you’d have to have something to break the audio out from HDMI or get your sound another way from the Android TV box, HTPC or whatever device you’re using with it.

  5. I live in South Africa. I saw the devastation earlier this year _directly_ caused by people in power not willing to let go of that power. So I get the point of the worries people here have about this feature possibly being used in nefarious ways. But it’s bordering on conspiratorial.

    Personally I got a the warm and fuzzies reading this story.

    1. I too got warm and fuzzy knowing that many will connect their tv’s at least once to “test out the smart features” via mtn or to watch the free football via the net. and greetings from Zambia.

      1. Reminds me of stories of a certain European country known for having a plethora of cars on their roads that were stolen in their neighboring countries then smuggled across the border… To the point that the government official in charge of their police & motor vehicle registration was caught driving a stolen car while attending a meeting in another country.

  6. They should implement this in reverse: The TVs should come locked from the factory and the seller has a special device to unlock it after it was bought. TVs on display can be in some demo mode that would require periodic unlocking or something. That way stealing an unactivated TV would be pointless and if you buy it honestly the manufacturer or a hacker cannot brick your product remotely.

    I would be surprised if such a thing doesn’t already exist.

    1. Apple’s iOS devices, and Google’s ChromeOS devices work along those lines. Out of the box they won’t function until linked to an account online. The account can be created new on the spot, but this still links the serial# with any preset configuration (aka a “stolen” flag) as well as an IP address.
      Some Microsoft products do this too, but the majority either can’t or are trivial to work around.

      The only major difference is that those three companies I would “trust” to properly implement their PKI securely (Not trust to not abuse it, but trust in the technical sense that any abuse is exactly as intended by them and wouldn’t extend to random hackers)

      Samsung however is the type of company I would expect such bricking commands to be sitting on an unsecured FTP server on a passwordless AWS instance..

      1. That would be a terrible example. I don’t want to have to have a google account to use my TV. Or any account for that matter. If I want to browse the web on a TV I’d connect my laptop to it.

        1. I received a new Samsung A50 phone in August. (not stolen)
          I haven’t used it. During setup it required acceptance of Google policy before completing.
          It is still waiting for me to accept it…

          Yes, I know that Google “owns” the Android software on the phone, and so they can make whatever prerequisites they want before I can use it.
          But, given that, I can’t even use the phone as a calculator, or camera, or phone…

          In the meantime, I will continue to use my Swampscum Galaxy S5 (old) with as much Google I could disable.

    2. TV manufacturers, who make as much or more revenue from advertising & collection of viewing info than direct profit from sales of the hardware, would probably love to require activation and consistent internet connectivity.

      But product returns and customer service are expensive. Even a small percentage of consumers without reliable connectivity probably makes requiring internet access unprofitable.

      1. That’s why I’m talking about the seller doing the activation before the customer takes home the product. And even this could, in theory, be done without an internet connection. The customer should not have to have an internet connection to use their fridge, toaster or TV.

        I think there should be a ban on manufacturers building in back doors into their products that could brick them remotely.

        1. TV manufacturers would probably love in-store activation, probably offering juicy rebates & incentives to retailers who capture reliable customer contact information in the process.

          But changing the way retailers sell goods is easier said than done. Who knows, maybe it will eventually happen.

          When / if it does, deterring theft will probably be at best an afterthought.

          1. Good in theory… until the hacker reverse engineers the ‘activation’ protocol, releases said procedure on the internet, and all of a sudden all those “secure from theft” devices become very attractive.

    3. Many Dell laptops were sold a few years ago (maybe still true) that were locked before they were shipped.

      If they were stolen in transit, they were pretty useless.

      Of course, there were some of us engineers who could unlock them. I would usually ask them whose car trunk they bought it out of.

  7. Reminds me a hell of a lot of Sonos’ “Recycle Mode” because remember kids it’s recycle reuse reduce and definitely not the other way around. F off with this I just want to OWN what I OWN.

      1. Don’t burn the fingers of someone who can’t figure out if something is a little too good of a deal.
        Also AFAIK in south Africa, the supply chain is so knackered that keeping track of the supply is a nightmare, so stolen goods eventually ends up mingling with legit ones.

        This only truly harms the end receiver, because professionals would’ve already passed it on the moment Samsung knew.

  8. So… Samsung added a remote brick mode to their TVs as a theft deterrent but neglected to tell anyone so a bunch of the TVs got stolen anyway? Bit of pyrrhic victory there, no? I mean, any potential profit from the stolen units is lost regardless of the we’ll-activate-it-after-the-fact “protection”.

    With a little more effort they could have included location tracking and had the thieves arrested as soon as any of the devices turned on. Assuming, of course, that any post-sales “hand of a vengeful god” is any kind of ethical.

    Which it could be if offered as an optional service – “if your device is lost or stolen, just reach out to us and we’ll guide local authorities to it, anywhere in the world, 24 hours a day”.

    1. Some electric drill-drivers I used at a former employer had batteries that could only be recharged through a special charger, it was a theft deterrent.
      (IIRC, it was a Dewalt tool/battery)

      1. My grandfather’s mining oil lamp has a magnetic lock to prevent him draining the oil for use at home. So it’s hardly new.
        Of course, documentation is lacking, I don’t know if I’ve failed to find the unlock method, or the thing has seized.

        1. Nah, it’s a theft deterrent, powertool batteries are standardized to hell and back (as long as same chemistry and manufacturer)
          Although I’m more familiar with Milwaukee’s implementation of anti-theft where it’s in the tool itself, but battery theft is also an issue so I genuinely wouldn’t be surprised if Dewalt implemented it into batteries too.
          After all, a chunky boy lithium powertool battery has a spicy pricetag.

  9. Here in Chile they stole CLP$400.000.000 (USD$478.102) worth of cellphones, no one announced that they will block them using the IMEI codes nor nothing, even though that feature exists ( https://www.meganoticias.cl/nacional/359042-robo-iphone-bodegas-mercado-libre-celulares-21-11-2021.html ). However, I think there is another issue with the IMEI, you have to subscribe the IMEI to the company when buying it, else they won’t be able to block it…. Maybe do it in reverse, if not subscribed, then you can’t use the phone…

    Companies or governemtns can also abuse this system to block you from using your phone if they want to…. Security vs Privacy, always has been an issue!

  10. Agree with flipping this on the side….Activation. Make it only operate in a demo mode until I activate it. Upon Activation, the system looks to see if the serial number I’m activating is reported stolen. If not, activate away. If so, challenge the user to provide proof of purchase and follow through to find the people selling stolen goods. Make activation contingent upon providing useful information for the authorities to track the people stealing the goods. Otherwise, it’s a brick and only good for non processor parts.

    Not exceptionally comfortable with the ability to remote brick the device. And if I get bricked by accident for a product I bought months ago, how do I prove I’m not using stolen merchandise?? Slippery slope. And segmenting the TV on a separate LAN segment…how does that help? If you’re using the smart features it needs to contact the mothership for update checks, so depending on how the brick feature is built in, you’re not protected.

    1. My suggestion is to do any activation in the store, by the seller. With some kind of special secure device. Only seller is authorized to do it. This way customer doesn’t require an internet connection or any proof of purchase. When the customer takes the product home (or after it is shipped) it will be fully functional and unbrickable.

      1. “Next on Hackaday! Arduino used to “authorize” smart devices!”
        B^)

        Another thought; big box retailers want as little hassle in getting sold merchandise out of the door, especially during the busy (i.e. SuperBowl) holiday season. So, they may NOT want to sell such merchandise…

      2. I just don’t think this is realistic. Amazon is going to have to unbox each unit, futz with the thing, rebox it and ship it to the end-user? That’s a lot of overhead for a low-margin product all to prevent the extremely rare edge case of the thing getting stolen on its way between factory and Amazon. This doesn’t protect Amazon from the more frequently-occurring scenario of the TV being stolen off the buyer’s front porch and the one that Amazon actually cares about.

        Instead, Amazon would like this thing to automatically configure to end-user’s internet through their “Frustration Free Setup” and let this process potentially validate the device, etc.

        https://developer.amazon.com/en-US/blogs/alexa/device-makers/2019/09/make-your-smart-devices-easy-to-setup-use-and-maintain-with-frustration-free-setup-new-smart-home-skill-api-features-and-the-alexa-connect-kit

        Amazon isn’t (yet) the only retailer, but if a manufacturer were to implement the seller-validation scheme described above, I wouldn’t expect Amazon or several other eTailers to sell their products.

          1. But you’d need to power the device. NFC to an unpowered device?? Anything that will enable or disable the lock on the set would require that set to be ON or at least plugged in to work. And if we assume that a coin cell can do that work for that, then when does that coin cell fail? That’s extra hardware that will fail and cause reliability issues.

  11. Funny. Years ago their normal firmware updates bricked two of my Samsung Blu-ray players and I had to take them back to Best Buy for a refund. Now I wonder if the firmware was really anti-theft firmware. For what it is worth it was so annoying that was the last Samsung TV or player I have ever bought.

  12. I decided to treat myself to a cheap 4k tv this weekend. Knowing the cost is subsidized by their connectivity and spying I said no way is this getting internet connected. Well I picked up a 58″ Highsense with Roku branding. Out of the box it was buggy and nearly unusable. Every input was choppy and the antenna signals were weak. I was getting ready to box it up for a return but thought maybe updating the software will help. That was another can of worms.

    First I tried wifi and it would find my AP but tell me there was no connectivity. Ok break out the ethernet cable and let’s see what happens. Same thing, link but no connectivity. I run my own dhcp server so time to check the logs. The server was seeing the requests but never assigning an address. Fine let’s assign a static lease. Don’t know what broken stack they’re running but it was finally assigned an address and downloaded an update.

    TV reboots and magically the choppy picture was fixed and antenna strength was better. Do they intentionally ship this tv with bad software forcing you to connect it and then figure you’ll be lazy and leave it connected?

    1. 99% probability that they shipped it before the firmware was done to meet a schedule figuring they would fix all the issue with a field update.

      There is a months-long delay between when you need to start manufacturing hardware and when the customers see the first units. Companies use these months to fix bugs. The new firmware is not available at the time of manufacturing so they put a version of firmware on the device that is just functional enough to connect and update the firmware.

      Source: I’ve had to do this myself many times to appease the keepers of the schedule.

      Pro tip: Always update your firmware.

  13. Who really loses here? The robbers? The Company? No the families that thought they were getting a great deal. So a family loses a few hundred bucks and a tv goes to a landfill.

      1. Only if it’s widely enough known.
        Some crackheads still mug people for iPhones, despite the fact they can be locked, and even tracked by the owner whilst they’re “off”.
        Most criminals are stupid enough they’d steal policemen if they had a resale value…

    1. Like people who buy stolen goods are blameless. Lets be serious, if you are buying your TV from a guy in a van for way below retail, you know what you are getting. So is your answer that Samsung should just do nothing at all?

      How about the consumer that gets his prices raised due to high losses? and of course Samsung loses, that is what happens when your property is stolen.

      1. Back in the 1970s, police questioned a man in a bar/tavern parking lot selling high end stereo components.
        The components had cut power cords and cut audio cables. He proved to them that he was an authorized dealer of such equipment. He told the police he could get higher prices, if people thought they were getting a
        great deal by buying “hot” merchandise. I’m sure he didn’t have to worry about warranty repairs either.

      2. People no longer sell the majority of stolen goods from the backs of vans. Third party resellers are all over. For example, ever see the difference in return policy between shipped and sold by Amazon or WalMart? Let’s not even talk about sites like Let it Go and Craig’s list “Bad divorce everything must go”. Hell, people are even renting and selling houses online that they don’t own.

    2. I don’t like the idea of a brickable TV per se but if they got the “great deal” from a legitimate source they can provide proof of purchase and have their TV reactivated.
      Otherwise, it they bought the TV from a guy in a shady parking lot they chose to finance organized crime so… shrugs…

  14. Um guys? If they can push new firmware to a device, they can brick it, regardless of whether the existing firmware has a “brick feature”. And so can any nefarious actor who can break into it or them.

    You lost when you bought the “smart”, cloud-connected, manufacturer-dependent TV. The problem is intrinsic to that model and cannot be avoided.

  15. As an IoT/Smart device developer I can confidently say: if a device’s firmware can be updated remotely it can be bricked remotely.

    Now one might argue that if the device prompts you to update before updating you *might* have some illusion of control, but the reality is, it’s pretty easy to push a firmware update from the manufacturer that will disable a device. Calling this a “feature” or implying that some companies couldn’t brick the device they sold you is a bit misleading.

    “What someone hacks the system and begins bricking TVs all over the world willy-nilly?”

    If implemented correctly, a remote “bricking” feature is no more of a security risk than any other secure field firmware update. A hacker could, in theory, push a signed firmware update to any internet connected device that supports firmware updating (which includes most IoT/Smart devices) if they know how to properly sign the update.

    I dare say that many IoT and Smart devices don’t even use a secure boot mechanism and pushing a firmware update to brick them is likely frighteningly easy.

    1. The bricking could also happen unintentionally when automatic push updates without rollback are possible.
      Case in point, that I’ve seen personally: the Sky-branded Roku stick. When purchased it was working fine, but a day they pushed a software update, that probably worked on a fast internet connection, but on an old 7 mbps ADSL connection made the HDMI key stuck in a loop saying that the internet connection was too slow. Interestingly using a Windows PC and a browser, the Sky steaming service was working just fine.

      I suppose that the bricking is relative, because maybe putting the stick on a faster internet connection will force it to update on a firmware without a spped test bug, but at the end the problem is that these devices don’t have an unbrick modality. General purpose personal computers are very difficult to brick, barring a failed BIOS update, but nowadays most of motherboard have a safe BIOS mode in case something goes wrong.

      Even simpled devices, like some satellite receivers or synthesizer have a recovery mode, that could be triggered by the 1st stage boot loader, or will auto trigger if the second stage boot has a wrong checksum or the like, but these features have to bee enginnereed ad could add some cost on the board, and of course having an eeprom chip on a socket is costly, not to mention the cases where the eepron is inside the CPU chip.

  16. Personally, I feel that consumers shouldn’t ever have to prove ownership of anything less valuable than a vehicle, unless they are trying to return said item for a refund/credit.
    Those TVs will probably end up being sold to unsuspecting poor people that will end up being punished by the actions of a company that has zero loss from the theft of those TVs (that’s what insurance is for).
    But that’s just my opinion. To each their own.

  17. Literally anything that takes an OTA update can be bricked and I guarantee you that those companies do it.

    Samsung, LG, TCL, Sony (including Playstations), etc all have the same capability

  18. Why wouldn’t Samsung publicise this “feature” more? Surely if it were widely known that a stolen Samsung TV could be bricked, it would ultimately make them less attractive to thieves, cheaper to insure, and less attractive to potential buyers of said stolen tv.

    1. That’s not true… Once bricked, DFU can usually unbrick the device if you have appropriate credentials. Some very early implementations of Apple antitheft had the once-brick-permanently bricked property, but that only lasted for about 6-9 months of product line IIRC.

  19. I remember some trouble at a chaos communication congress in Berlin years ago. There was a hardware workshop showing how to build a tv-b-gone. Some participants entered one of the electronic shops nearby to test and play with those tv-b-gones. Unfortunately some of the exhibitet tv-sets entered the transport mode. A mode to prevent theft during shipping, which has to be disabled by a legal importer. The shop owners arrested the tv-b-gone users and called the police.

  20. I’ve found with these so-called smart-tvs – devices with ATSC tuners – users can’t even get OTA EPG info that’s included in broadcast signal unless connected to some server. Hell, on Roku-branded TCLs, one cannot even set the clock unless connected to their server (I have to whitelist one of 10 servers just to have correct time “feature”).

  21. My suspicion is that Samsung does this to their cell phones on purpose. I’ve been a long time Samsung user, my last 2 phones suddenly stopped working i.e. no data connections on the previous phone, unable to receive calls on the last phone. Both phones stopped working just out of the 1 year warranty but before my 2 year cell phone contract was up requiring me to pay a upgrade penalty with my cell provider. Only in Canada, Eh?

    Dude’s comment on “see you in court”? Good luck on trying to prove that you are getting fleeced when you will never gain access to the proprietary confidential information to prove your point. Corporations are incentivized into bad behaviour and have deep pockets and will fight beyond the rational end because they can. The only recourse is to stop buying from these crooks.

    1. If Samsung televisions quit working in large numbers for no reason, you bet there will be investigations. If you want to make it a conspiracy theory, you should claim that they’re doing it to just 5-10% of users at random, pretending that the devices simply “broke” to amp their sales by that much – though it would probably make no sense since they’d have to replace many of them and it would hurt their brand.

      The EU has a 2-year minimum legal guarantee for repair, replacement, reduction or refund. The 1-year warranty could only be an extra service, because they’re already obliged to honor the legal guarantee without any charge to the consumer. Many countries have extra “fault liability” clauses that hold the manufacturer responsible for replacement even after the warranty period if there is a clear flaw in the product – i.e. if your phone breaks a month out of warranty for no fault of your own, you can still claim fault and get a replacement.

  22. I was present in the server room when such a feature (activated by a hardware disk error) bricked every Cable TV settop box in the city of Enfield CT Took a MONTH to reset all the boxes.

  23. The first ‘buyer’ of the stolen Samsung TV more than likely either knows or should know the TV is stolen (bought on street corner, out of the back of a van, etc), paid a significant discount, and took a risk. Subsequent buyers are less likely to know the TV’s origin.

    When counterfeit money is detected, the person holding the fake bill ‘pays the price’ and loses the value the counterfeit bills represent, no matter how the bill came into their possession, the same thing is happening here with the stolen AtV, but the stolen TV (unlike a fake $20 bill) can be detected remotely and neutralized.

    No one in this equation, not the thief, the fence, the first buyer or subsequent buyer, has a right to an operational tv after it was stolen.

    Until I hear a problem with the security of the ‘kill switch’ in the TVs, I’m ok with their existence. In this particular case, the manufacturer is able to confirm serial numbers and ‘kill’ the devices individually.

    Anything that connects and can be updated over the internet can be similarly ‘killed’*, this is just the first time a manufacturer publicly announced the capability.

    * if a mfg can update the firmware remotely, they can download a firmware full of ‘No OP code’ and render the device useless.

  24. This is a worrisome feature, especially with it being implemented in secret…

    The point of such a feature is to make the TVs a less attractive target for theft. Therefore, in order for the feature to be useful, it must be widely known to the would-be thieves that they will get no value from stealing the TV due to this feature.

    If the feature is not widely known, then it does not serve as a deterrent and bricking the TVs is merely vindictive without providing any benefit.

    As to how the TV should behave after the feature is activated, it should provide instructions for contacting Samsung to enable the television. It should give no indication that it is an antitheft feature and should, instead, lead to a call center that will pretend to be registering the product (including obtaining name, address, installation location, etc.) and then dispatch police to recover the product if possible.

    1. It’s not likely that Samsung developed a wholly separate feature of bricking TVs for the specific purpose of limiting theft. If you can install a firmware update remotely then you can certainly brick something remotely, sometimes even unintentionally. It’s not like we’ve never seen a firmware update go awry and end up bricking millions of devices, this stuff happens all the time. A typo is all it takes.

      Samsung has seen the news about the buggy firmware updates on other devices, and experienced a massive loss of property during recent looting sprees. They don’t want to see further theft, and they already have the capability to push a firmware update, so they went ahead and used this capability to set an example for future looters.

      Now everyone is losing their minds over the crushing realization that they don’t control their own TVs, and at any moment could lose access to their beloved content. News flash: Just because you control the dial and the antenna on the tube doesn’t mean you’re in control of what you watch.

  25. I’ve heard reports that a home improvement retailer partnered with power tool manufacturers to create a wireless activation system for power tools.

    Essentially it prevents the tools from even powering on unless they are activated at the register.

  26. Every flat screen I’ve opened for the backlight because of smashed the LCD have a little dongle with a few wires and it plugs into the mother board. They have FCC certs on the label, you will know what to do. Pluck! I have a collection of these spy-chips, the “TV” light still comes on but I don’t know if the unit would still display. They are not on the motherboard, they can be plucked like cherries.

  27. An alternative to this, is to give devices away for FREE.
    Then you purchase capabilities for each function you want to use.
    Ideally these feature keys would be stored within the device, so that no further connection or re-licensing is required.
    If you want to upgrade a feature, you buy it, and install it.
    Won’t work for 80% of the population, but it’s the right way to do it.
    Either you own the device and upgrades, or you don’t.

  28. It is nearly impossible to get a “dumb” TV anymore, but I still don’t know why anyone would ever hook their TV up to the internet directly. At best, you’ll be running unpatched, soon to be obsolete software that connects to the internet. Just setup a media PC, or at least use a media device like a Roku or something. My main concern is not that Samsung has added this bricking feature, but that at some point in the future, they or other companies are going to make setting up your TV with internet compulsory to use the TV at all.

  29. I really hope everyone who is concerned about this feature doesn’t own any type of electronic device and lives in a cave. Almost every electronic device that is or can be connected to the net is and or will be at risk from a hacker and or bricked. Ebay thing from your cell phone to your car.

    1. honestly it would be better for all involved if they did. then these companies might wonder why their profits are sinking and make the appropriate changes to their products. but people are sheep and submit to every little microscopic intrusion forced upon them by manufacturers and regulators alike. they build up and now we got things like die level spyware. good job consumers. im more angry about people who are fine with this.

  30. i worry that features like this will be used (or are being used) to remotely disable products at the end of their service life as part of planned obsolescence. sometimes you start up a well used laptop or some other gadget, and nothing happens. you question whether or not there was a kill switch in there to force you to buy another. you really question it when it happens within a week of the warranty expiring.

  31. I bought an Eero wifi router off eBay, and months later received an email from the MetroNet cable/internet provider saying that I was using their property and that my router would be shut down if I didn’t pay for it.

    I didn’t pay for it, and my router continues to work. Perhaps their threat only applies if you’re on the MetroNet network. (I’m on Cox.)

    Ever since I first set the router up, the Eero app on my phone has displayed MetroNet branding, which struck me as odd. But I guess at least that’s explained. Presumably the person who sold it to me was a MetroNet customer who was renting the router.

    One of these days I need to redo my network so that one of the other two Eero units is the one connected to the modem, and see if that removes the MetroNet branding from the app.

    1. I think you should notify eBay, or if possible (I know eBay has a time limit on when a buyer can change their recommendation/comments) attach something to the Seller’s profile (if they are still active) that they sold something that didn’t belong to them.

  32. Samsung already bricked devices in the past, an update to their disc players bricked a hand full of models all over the world. After a year of no solutions, I binned my unlocked blueray player since I probably damaged the tray mechanism getting a disc out. Apparently, it was a bad XML file that caused an endless reboot loop. I won’t buy a Samsung again, they ignored the problem for awhile considering how many were affected and were complaining.

    What I did learn is to turn off auto update on devices if possible.

  33. I had a Samsung blue ray player bricked when someone tried remotely applying a Samsung smart TV rom so they could listen to me. This is bs. You own the device you should own the original rom and be able to stop a remote attack by locking the rom and unbrick when hacked. Samsung wouldn’t even respond 350 down the tube. I won’t buy Samsung anymore, they don’t care. They think you will just keep buying.

  34. How long before credit companies get access to these services and brick TVs where credit payments are behind? I can imagine some manufacturers selling this capability as a service. And then next, courts will get access to it, to brick your devices in general debt cases, not necessarily related to TV repayments, instead of relying on bailifs.

    This kind of kill switch could be a desirable feature if it were for the user’s benefit, instead of yet another example of the way tech is becoming user-hostile. If your devices could be permanently configured to expect a cryptographic heart-beat on the local network, and simply not work when it’s absent, then stolen devices would be useless.

    1. This is why learning about modding and hacking your own devices is important. There should be coalitions of underground tech vigilantes who target companies that pull crap like remotely screwing with or bricking the devices of end users.

      This sort of thing can affect people in many ways. Years ago, our internet went down without warning. I contacted the company and they said that a copyright holder contacted them and gave them my IP address and CLAIMED that I was illegally uploading some stupid movie called “Mean Creek.” I had never heard of the film, nor did I have the film on my PC (I did a file search to ensure that it somehow hadn’t been placed on my PC by a hacker.)

      No proof, not nothing. The scumbag on the phone told me that I am responsible and equally guilty if my firewall and other security measures weren’t good enough, while ignoring that the file didn’t even exist on my system. I told the imbecile that he was victim blaming amd that it would be like the cops telling a person whose house was robbed that it was their fault for having crappy locks.

      After mentioning that I could discuss the issue in person with their technicians out in public along with a few other “or else’a, ” they switched our internet back on. Sometimes, people need to take matters into their own hands if being abused by a corporation.

    2. You know this was a brilliant reply and it makes me think of something else. Many newer cars are internet connected or cell service connected. It wouldn’t surprise me if the police were on a car chase and they could call up and just have the car disabled. I do know there has already been hacks to some cars where remote hackers have changed the performance but have not been able to cause an accident.

  35. If you buy a Samsung phone with a trade-in, they mention in their terms and conditions, that if you fail to ship your trade-in device to them within 15 days, Samsung reserves the right to remotely disable the new phone.

  36. I suppose everyone forgot when unnamed printer company ‘X’ asked users if they were refilling. Yes got the units bricked. Let us also think about mistakes in programming occur regularly. Accidental bricking models due to typo or disgruntled employee can occur, as well.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.