TV woes for Samsung keep getting bigger.
Voice recognition data that the company's TV sets record is being sent across the internet unencrypted, meaning anyone can intercept the data in transit and just listen to what's being said around the house, The Independent reports.
After the policy was revealed, the company said that: “In all of our Smart TVs we employ industry-standard security safeguards and practices, including data encryption, to secure consumers' personal information and prevent unauthorised collection or use”.
However David Lodge, a researcher at Pen Test Partners says the information is sent to third parties, and it's not secure – at all.
In a blog post published on Monday, he said the TV won't listen to you unless you ask it to, but once you do, it sends certain voice commands to third parties.
“Plenty more to work to be done here yet. The potential for a rogue firmware update enabling ‘snooping’ is significant, though I’m sure Samsung sign their updates…” says Lodge.
As it turns out, things you say in front of your TV will most likely end up somewhere on the net, completely unprotected.
“Based on the limited information leaked above in plaintext, there’s plenty to suggest that interesting data is making its way on to the interwebs from your TV. Come on Samsung, how about at least protecting it with SSL?”