[ale] Stupid smart phone

Alex Carver agcarver+ale at acarver.net
Sun Dec 12 18:49:01 EST 2021 

I haven't gone poking around too much but I do know there are some open 
ports according to a couple quick scans.  Maybe during vacation I'll 
poke around with it, possibly toss Kali against it.

If that were the case and I got in then I could at least turn off some 
of the phone-home stuff.  I won't let it on the network directly because 
of that so I can't use the casting features.

On 2021-12-12 05:20, Jim Kinney wrote:
> But, but, but, it was only done that way to provide the the best possible user experience </snark>
> 
> If they have hard coded network addresses, I'll bet they also have hard coded root/admin passwords. Might even have an open port. That would be sad. <sniff><sniff>
> 
> On December 12, 2021 4:37:34 AM EST, Alex Carver via Ale <ale at ale.org> wrote:
>> Oh they're very clever about it, too.  Despite DHCP giving it DNS
>> servers that I control and despite the manual network configuration
>> exposing only two DNS server entries it actually has Google's DNS
>> servers hardcoded as a third server.  So if I tried to blacklist
>> anything at my own DNS server, it would get around that by querying
>> Google directly.
>>
>> I spotted that when I first got the TV and put a sniffer on it before I
>>
>> let it out into the wild.  It was querying 8.8.8.8 and 8.8.4.4 even
>> though I had manually configured it for my local DNS. When I let the
>> sniffer pass the DNS queries through it still used Google servers to
>> handle Vizio lookups to the mothership.  Evidently the user configured
>> DNS is only for the extra applications like Netflix, Hulu, etc. while
>> the core spyware uses only Google for DNS.
>>
>> On 2021-12-11 22:42, Bob Toxen wrote:
>>> GOOD FOR YOU to block it from spying on you and tattling!
>>>
>>> Bob
>>>
>>> On Sat, Dec 11, 2021 at 10:44:30AM -0800, Alex Carver via Ale wrote:
>>>> I've got a two year old Vizio that has RCA L/R audio outputs on the
>> back.
>>>>
>>>> Of course the TV does *NOT* have a built-in battery-backed RTC.  It
>> wants to
>>>> set its time every time you hit the power button via NTP and there's
>> no
>>>> manual way to set the time either.  So the firewall rewrites its NTP
>>>> requests to point to my internal NTP server and blocks all other
>> traffic so
>>>> it can't call home like every other TV does.
>>>>
>>>> On 2021-12-11 02:19, Steve Litt via Ale wrote:
>>>>> Jim Kinney via Ale said on Fri, 10 Dec 2021 18:22:04 -0500
>>>>>
>>>>>> Other days it's more like the vcr clock always
>>>>>> blinking "12:00" for lack of a $0.10 rc circuit to keep the clock
>>>>>> alive during a power blink.
>>>>>
>>>>> Speaking of for lack of, how many have noticed that oh-so-modern
>> TVs
>>>>> no longer have headphone jacks. You remember headphone jacks ---
>> you
>>>>> just patch the headphone jack to the line-in of any amplifier and
>> bang,
>>>>> you've got sound, and the sound is controllable by your TVs volume
>>>>> control.
>>>>>
>>>>> But noooooo. That's just soooo *legacy*. Instead of a 30 cent
>>>>> headphone jack, my Samsung TV has one of those silly "toslink"
>> infrared
>>>>> fiberoptics. So you have to buy a fiberoptic cable for about
>> $15.00,
>>>>> and then a $40 fiberoptic to line level converter, from which I can
>> use
>>>>> patch cords to go into my amp's line in. Because I don't have a
>> $500.00
>>>>> "home theater" system --- but rather have a $30.00 20 watt amp
>> that's
>>>>> tiny and works just great for TV sound.
>>>>>
>>>>> Well, after trying for days to get the toslink plus adapter to
>> work, I
>>>>> read that many Samsungs just don't work with those adapters. For
>> lack
>>>>> of a 30 cent headphone jack. Oh, and of course, the Samsung's
>> built-in
>>>>> speakers are guaranteed to be indecipherable, with various
>> oscillations
>>>>> at frequencies guaranteed to obscure speech.
>>>>>
>>>>> A couple weeks ago we went out and bought about the cheapest TV on
>> the
>>>>> market. Picture's not all that great but it had what we really
>> wanted,
>>>>> a headphone jack. Now we hear great sound that we can raise and
>> lower
>>>>> with the TV remote. Life is good.
>>>>>
>>>>> SteveT
>>>>>
>>>>> Steve Litt
>>>>> Spring 2021 featured book: Troubleshooting Techniques of the
>> Successful
>>>>> Technologist http://www.troubleshooters.com/techniques
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org
>>>>> https://mail.ale.org/mailman/listinfo/ale
>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>> http://mail.ale.org/mailman/listinfo
>>>>>
>>>>
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> https://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>

More information about the Ale mailing list