Features, settings & updates

Get troubleshooting tips to configure your Roku settings. The community forum has tips for screen mirroring, Guest Mode, software updates, audio, and more.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
948493
Streaming Star

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

I think something is seriously wrong with you.  You are truly part of the problem at this point, definitely not the solution.   You must be too dense to understand, Please just go away. This is not an issue that you posted and you are the antithesis of helpful.  You obviously don’t get it…. 

UserOfStreamers
Roku Guru

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

@948493 

It would probably be more useful if you provided links to the specific articles enumerating specific (claimed) vulnerabilities of Roku devices - its hard to address whether a vulnerability exists/has been fixed without specific information.

The 1 year 4 month old (not 2 years old) article that @DBDukes linked explicitly states it doesnt apply to TCL's Roku models.

In general, there are some vulnerabilities that have been fixed (e.g. Linux DHCP related), and others that have not (e.g. "Network Access = disabled" is broken and allows connections).  Some claimed vulnerabilities are not vulnerabilities, but documented & published functionality (e.g. remote control access via "Network Access" functionality).

To be clear, the most "secure" and "patched" network device is still relatively insecure, as all of them have unknown/known unpatched vulnerabilities, and always will (regardless of hardware/software source/design).

Again, if you could link to specific articles/vulnerability info, it would be more efficient...

TrooperDada326
Roku Guru

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

@UserOfStreamers  THANK YOU. The article from Toms was published on November 16, 2020

@DBDukes  that pertains to messages from others 

0 Kudos
948493
Streaming Star

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

I see the distinction you are making, thank you for wording it in a helpful manner.  I can eat humble pie and see that the Roku TV’s are not android based platforms.  I also appreciate that many vulnerabilities are personal user settings related.  

0 Kudos
UserOfStreamers
Roku Guru

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

@948493 wrote:

I see the distinction you are making, thank you for wording it in a helpful manner.  I can eat humble pie and see that the Roku TV’s are not android based platforms.  I also appreciate that many vulnerabilities are personal user settings related.  


No need to eat humble pie - its a legitimate concern (security/privacy).

FTR, both AndroidOS and RokuOS are Linux-based/derived platforms, and therefore share many of the same kernel/process/middleware/app vulnerabilities as Linux itself.

So while Roku isnt Android-based, and isnt subject to Android-specific vulnerabilities, it IS subject to many Linux-based vulnerabilities, and therefore it is important to track Roku's Linux-related vulnerabilities (in addition to RokuOS-specific issues, like "network access = disabled" is broken).

However, Roku has little to no security/privacy transparency - they dont generally publicly disclose a vulnerability/fix database/list or specific data collection, dont have dedicated public-facing security disclosure processes (contact process, bug bounty, etc) and either ignore longstanding security issues or "stealth" fix them in months/years-belated versions/builds. They may occasionally mention a "security issue" existing/being resolved, but its almost always generic/non-specific & rare.

Most of their "security"-related development seems to be around content/platform protection, not device access.

The devices are partially subsidized by advertising/data collection (like many streaming platforms), so there tends to be a lot of that, with little/no specific disclosure as to the who/what/where/when/how/how much.

Knowing nothing specific, and as with other consumer/IoT devices (including other streaming platforms), keeping the device firmware/software updated (that means keeping it internet-connected) and using reasonable LAN/network security policies/practices is what you are left with.

948493
Streaming Star

Re: Any info about TCL Roku TV’s having cybersecurity issues?

Jump to solution

I greatly appreciate your detailed explanation.  

0 Kudos