Samsung Deletes Tweet Warning Users to Virus-Scan Their Smart TVs

Samsung’s ham-handed handling of a recent corporate tweet is further evidence that companies aren’t very good at security messaging.
Initially, the company tweeted out a warning that users should run an AV scan on their smart TVs every few weeks.

What followed was a video on how to do this. The Verge refers to the practice of running such a scan as “laborious,” while Gizmodo states that the process is reasonably straightforward. “Just head into the General Settings, choose System Manager and then Smart Security and hit Scan.” Regardless, there is no way to automate the scan.
Smart TVs are annoying. Even if you have no choice but to buy one, I’d still recommend hooking it to an HTPC and using it as a dumb display. But this isn’t how most people use televisions, and it’s foolish to think everyone is going to change just because it makes good security sense to do so. Given that smart TVs are increasingly ubiquitous, customers are going to either have to learn to secure them. Samsung doesn’t yet seem to understand that part of teaching your customers to practice good security is accepting that you’ll occasionally be the company on the firing line. Companies should absolutely build AV scanners that work and provide effective security, but reminding people to periodically use the security tools you provide is not akin to kicking off a panic.
The reason for these kinds of occasional messaging collisions, in my view, is that the principles of security are almost entirely opposed to principles of marketing. Security requires vigilance. Marketing emphasizes ease-of-use and the concept of “just works.” Security requires monitoring and, in some cases, a deep understanding of the underlying product and how it functions.
Marketing understands that the last thing people want to do is worry about whether something is safe. Good security requires acknowledging that all security is a matter of degree and that absolute safety is a myth. The goal of marketing is to minimize the perception that future problems could occur for any reason, but especially reasons that might imply that the manufacturer didn’t do its job right the first time around. Good security starts by acknowledging that no one’s system can be assumed to be secure.
There are a lot of practical security questions to be raised about the state of smart TVs. Given how bad mobile phone antivirus tools are, it would be worth knowing whether smart TVs are any better, for one thing. But at heart, the idea that people should think about the security of internet connected devices is a good one, not a bad one. It may be annoying. It may be a good example of a product category where we’ve increased the annoyance factors that clutter up our lives rather than sticking with the simple usefulness of a “dumb” TV. But so long as smart TVs represent potential attack vectors, people need to be aware of it.
Continue reading

Massachusetts Passes Robust Automotive Right-to-Repair Law
Right to repair advocates scored a major victory this week with the passage of Question 1 in Massachusetts. Hailed as the most advanced right to repair law in the land, Question 1 requires that automakers create an open data platform for sharing diagnostic and repair information with independent shops and vehicle owners.

Sony May Let Users Move Games Off PS5, Xbox Series X SSD Is User-Replaceable
Microsoft is using a user-replaceable SSD for the Xbox Series X, while Sony is researching PS5 game transfers.

Xbox Series X Launch Is Microsoft’s Biggest Ever, Causes ISP Traffic Spike
Microsoft claims the Xbox Series X is its most successful debut in history and specifically calls out the Xbox Series S for bringing new players into the fold.

How Does Windows Use Multiple CPU Cores?
We take multi-core awareness for granted these days, but how do the CPU and operating system communicate with each other in the first place?