LG TV logging filenames from network folders

After DoctorBeet’s blog post detailing his LG TV’s shady logging practices I decided to have a look at what my own was doing.

To start off I couldn’t seem to find an option to disable logging of my watching activity, I’d guess we are using different firmware.  Either way I set up a laptop as a middlebox and went about logging communications.  The first thing I noticed was authentication to the server, and when you turn your TV off to standby there is also a request to deauth the session.  I’m not sure how unusual this practice is but it gives LG a pretty precise measurement of when and how long you are using the TV.

 

Auth:

GET /rest/sdp/v3.0/c2.4/authentication.xml HTTP/1.1
Host: GB.lgtvsdp.com
Accept: */*
Content-Length:0
X-Device-ID:{SNIPPED}
X-Device-Product:BROADBAND DTV 4
X-Device-Platform:GP4I
X-Device-Eco-Info:01
X-Device-Model:HE_DTV_GP4I_AFAAABAA
X-Device-Country:GB
X-Device-Country-Group:EU
X-Device-Language:eng
X-Device-Sales-Model:42LS570T-ZB
X-Device-Netcast-Platform-Version:0003.0004.0002
X-Device-Publish-Flag:Y
X-Device-ContentsQA-Flag:N
X-Device-FW-Version:04.41.03
User-Agent:Mozila/4.0

Response 200 OK

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><authentication><deviceSecret>{SNIPPED}</deviceSecret><sessionID>{SNIPPED}</sessionID></authentication>

lg-startup-ping

 

DeAuth:

DELETE /rest/sdp/v3.0/c2.4/authentication.xml HTTP/1.1
Host: GB.lgtvsdp.com
Accept: */*
Cookie: JSESSIONID=C3F3C57B0AB40CDB723FD489B78EC3A0.node_sdp011; Path=/
Content-Length:0
X-Authentication:{SNIPPED}
X-Device-ID:{SNIPPED}
X-Device-Product:BROADBAND DTV 4
X-Device-Platform:GP4I
X-Device-Eco-Info:01
X-Device-Model:HE_DTV_GP4I_AFAAABAA
X-Device-Country:GB
X-Device-Country-Group:EU
X-Device-Language:eng
X-Device-Sales-Model:42LS570T-ZB
X-Device-Netcast-Platform-Version:0003.0004.0002
X-Device-Publish-Flag:Y
X-Device-ContentsQA-Flag:N
X-Device-FW-Version:04.41.03
User-Agent:Mozila/4.0
Response 200 OK

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

lg-shutdown-ping

Network:

Digging a little further, I was seeing the same requests DoctorBeet was seeing when it was logging his media from a USB mounted drive, except I had no USB mounted drive plugged in.  It turns out it was pulling filenames from my shared folders over the network and broadcasting those instead.  I moved all the media out of the folder and put a few duds in named “GiantPorn”, turned the TV off and on and it was still broadcasting the old filenames.  The TV couldn’t see those files whilst browsing manually so I’d hazard a guess it’s caching some of these locally.  It didn’t take long though to pick up the new ones:

POST /rest/sdp/v4.0/c1.0/smartshare/search.xml? HTTP/1.1
Host: GB.smartshare.lgtvsdp.com
Accept: */*
Cookie: JSESSIONID=C3F3C57B0AB40CDB723FD489B78EC3A0.node_sdp011; Path=/
X-Authentication:{SNIPPED}
X-Device-ID:{SNIPPED}
X-Device-Product:BROADBAND DTV 4
X-Device-Platform:GP4I
X-Device-Eco-Info:01
X-Device-Model:HE_DTV_GP4I_AFAAABAA
X-Device-Country:GB
X-Device-Country-Group:EU
X-Device-Language:eng
X-Device-Sales-Model:42LS570T-ZB
X-Device-Netcast-Platform-Version:0003.0004.0002
X-Device-Publish-Flag:Y
X-Device-ContentsQA-Flag:N
X-Device-FW-Version:04.41.03
User-Agent:Mozila/4.0
Content-Length: 713
Content-Type: application/x-www-form-urlencoded

query={SNIPPED PERSONAL FILES}/sample%5Fmpeg%34:/mpegGiantPorn:/mp%34GiantPorn

Response 404 Page Not Found

lg-giant-porn2

Although a 404 is returned it’s pretty trivial to collect the data and serve a 404 anyway.  Obviously I don’t know how/if they are logging the data but I’d prefer it wasn’t sent at all.

Now the clear problem I see with this is even if I did agree to this in any T&Cs presented to me, I doubt guests I have round using my WIFI connection would be too happy with filenames from their shared media being dispatched to LG.  Personally I’m not too happy that files you assume aren’t leaving the network are having their names broadcasted to LG, even worse so that it’s unencrypted.

Again I’d like to thank DoctorBeet  for bringing this to light, and I’ll be having a good look over the comms from my LG TV at the weekend.

Advertisements

11 thoughts on “LG TV logging filenames from network folders

    1. I would steer away from IP blocking, if they are load balancing with multiple IP address’ you may never catch them all.

      From http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html

      He suggests blackholing the following:

      ad.lgappstv.com
      yumenetworks.com
      smartclip.net
      smartclip.com
      llnwd.net
      smartshare.lgtvsdp.com
      ibis.lgappstv.com

      LG have stated they are issuing a firmware update, I’m probably just going to keep mine disconnected from the internet until then.

      Like

  1. I blocked my TV’s access to all of those sites, but the ad that appears under the mini-TV in the Smart TV screen still appears. I read on some of the other sites that it should get replaced by either a grey box or the “LG Smart TV” banner if one has properly blocked the ad sites, but no luck…

    Hopefully, I’ve at least blocked the data capture and send part of the problem.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s