@Bitty1 

Your pihole too?

What CDN's are you blocking? Because my Pihole already blocks roku ads on my home screen and I was hoping that if this happened, it would block them too.

It might be a new CDN too, that you just have to add. Did you check the logs? See if there's a new one accessed when your Roku ad played?

Any troubleshooting? Or just "whelp, it got around the pi".

Here's what stops all their ads for me.

ads.roku.com
display.ravm.tv
cloudservices.roku.com
customer-feedbacks.web.roku.com
identity.ads.roku.com
scribe.logs.roku.com
logs.roku.com
ravm.tv
p.ads.roku.com
i.ads.roku.com
tyler.logs.roku.com
giga.logs.roku.com
cooper.logs.roku.com
assets.sr.roku.com
prod.mobile.roku.com
wwwimg.roku.com
amoeba.web.roku.com
austin.logs.roku.com
griffin.logs.roku.com
liberty.logs.roku.com
littlefield.logs.roku.com
paolo.logs.roku.com
sugarland.logs.roku.com
victoria.logs.roku.com
windsor.logs.roku.com
traces.sr.roku.com
track.sr.roku.com
identity-dev.ads.roku.com
lagrange.logs.roku.com
midland.logs.roku.com
mobile.logs.roku.com
richmond.logs.roku.com
rollingwood.logs.roku.com
rxr.ravm.tv
samples.voice.cti.roku.com
benjamin.logs.roku.com
hereford.logs.roku.com
longview.logs.roku.com
camden.logs.roku.com
bryan.logs.roku.com
amarillo.logs.roku.com
digdug.logs.roku.com
digdug-g2.logs.roku.com
esp.logs.roku.com
gilbert.logs.roku.com

@easytodobetterIt is an inexpensive android yes but it has the backing of walmart and you can make the same argument against any other competitor, or Roku itself.  I don't think it stands up for a couple of reasons.  First, unless you're going to roll your own media box on something like an odroid N2, pi, or something like that (I have those laying around on desks now), you're at the behest of whoever is providing updates.  You're right to think this way, and I wish more people would, but I think it's a non issue. 

Let me explain why...

We're trusting Roku now, and they're nearly 10x as small as walmart and 25x as small as google.  This is an in-house walmart brand (don't get the knockoff on amazon) and they (onn house brand) is responsible for updates to the firmware, but google and the streaming providers are going to be responsible for the security of the underlying major OS components outside of base OS image and the individual streaming apps.  The same way an android phone gets google play services updates and core component updates over the air from the app store and a samsung device gets updates on the base android install from samsung.  Now ONN isn't going to use some strange fork/branch of android, it's a google TV/android tv certified device.  I agree if we're talking about some rando box from alibaba, but we're not.

The bottom line is, and this is the same for roku, is the device is behind most people's ISP or home router firewall on an unrouted RFC 1918 network most likely, so the security concerns outside of local network stack exploits from other infected devices on the same network, is going to be a vector that involves TLS protected transport to "thought good call home" services such as the play store, google, and the various streaming provider's own network via their apps.  In fact, the largest vector of attack would be not updating the OS in a while and running a browser on an attacker's website.  That is a non-zero threat in and of itself, but I don't think that's what we're talking about.

In general, the threat surface of these devices for most people is pretty low just because they're using constantly-updated google / android services and play store apps.  People are far more likely to get owned via their android phone than these boxes once you get from a reputable source.  The primary threat of cheap android boxes is where you get them, IMHO.

@Razathorn 

"is an inexpensive android yes but it has the backing of walmart and you can make the same argument against any other competitor, or Roku itself."

Nope.

Google, Roku, Nvidia, Amazon, Samsung, Tivo, etc, they all provide regular software updates at the OS and firmware levels to keep up with malware that I regularly track for work on websites like CVE, which will show you there's PLENTY of people getting hacked this way. It's just not AS BIG of a vector as your phone.

Roku provides software updates for devices going back quite a few years, actually, and it's one thing we shouldn't dog them for.

You're not getting that security, your device is as-is, and why those tiny little cheap SOC's (system on a chip) sell for only ~20 bucks.

I merely said some people care about that, some people don't. You sound like you don't, that's fine.

@easytodobetterAgree to disagree.  I think it's premature to think onn, a certified device, will suffer the same fate as the alibaba devices when it is a relatively new device, has already received multiple firmware updates, and is backed by walmart.  Who knows, though.  I'll take the risk, and in 5 years, if there are no more updates, guess it's on to the next cheap google/android TV box that does exactly the same thing, roku will be a name of the past by then with their current behavior.

@Razathorn

It's not my intention to go back and forth on this subject. I just wanted to clarify for others reading these posts and deciding what to do. What to invest in next.

"a certified device" loses me, sorry. We're not talking about certifications or how big the parent company is, we're talking about companies that provide continuous security updates.

ONN is not one of them. They just rebrand things. Super cheap. Historically they've only provided a few major patches likely related more with usability.

These days, every device on your network is an attack vector and malware for streaming devices is growing rapidly. I did not say anywhere that it will "suffer the same fate" as an Alibaba device, which often comes with malware, just that unlike a mainstream device, it's less secure without regular updates.

I would argue they're just a security risk for a savings of nothing since there are similarly priced options from reputable brands that provide updates for many years.

I accept that there are people who care about this and those who don't, but I wanted to clarify a few things I disagreed with like saying roku is basically the same, they're not.

Roku is now injecting ads all over the place in the user interface -- some just a picture like the home screen, others that require you to use the remote to close it, and now video ads.

This is super annoying and will destroy a lot of the good will you've built up over the past 15 years. I would gladly pay $10/month to avoid this junk, but I would also be happy to move to the Android platform or whichever platform demonstrates respect for its users.

Obviously, it costs money to run the Roku service, so let's find a compromise -- if you want to show ads to make additional revenue, great. But give users the ability to opt out of it by paying a monthly subscription fee. Call it "Roku Gold" or something.

@easytodobetterYou may end up being right in the long run, we will see.  I would like to note that Linus Tech Tips, in a follow-up to their "don't get a cheap android TV box because they're all filled with malware etc" they made a video saying which devices they would recommend.  They reviewed the onn box along side the other top offerings and the onn was their favorite.  We will just have to see if I wasted money.  Box gets here today.  If it doesn't work out, I guess I have a new N64 emulator, lol.

I wish I had the answer. Video ads are beyond user control. I have contacted Roku twice already to express my opinion about this unwelcome intrusion. I did not sign up for annoying ads that I am forced to sit through until I can use the device that I paid for. I have been using Roku boxes for probably over 20 years. I now have four and will trash them all if this continues. 

Same here! Video ads are beyond user control. I have contacted Roku twice already to express my opinion about this unwelcome intrusion. I did not sign up for annoying ads that I am forced to sit through until I can use the device that I paid for. I have been using Roku boxes for probably over 20 years. I now have four and will trash them all if this continues.