Worth pointing out this isn't any proper Android TV devices, but rather those cheap boxes that are often basically SBCs with AOSP installed on them which are predominantly sold as easy piracy boxes.
Edit: in fact, the article doesn't currently have TV in the title
Leaving out the TV makes it less precise and more clickbaity because then it sounds like Android phones are affected.
I guess the problem is that "Android TV" is a specific thing that none of these devices actually are, they're just dodgy boxes running Android that can be plugged into a TV.
For me it's more clickbaity because Android TV isn't actually involved here at all.
I'd say it would be more clickbaity if you just removed the "TV", because it'd make you think of smartphones, and those would be much more concerning
I miss having a dumb tv
If I don't connect it to the internet they don't get to sell ur data innit
I only watch pirated content. What data are they selling?
Your viewing habits. Nature shows? Show this guy camping gear ads on his phone!
I'm annoyed that they don't sell them and that even if you don't connect a smart tv to wifi to keep it dumb it'll still not just be a display and it'll try to shove stuff in your face
Most TVs have an office or presentation mode hidden somewhere in the settings, that will get rid of the ad-ridden interface and replace it with a plain and functional one. That plus no wifi, ever, gets them sorted.
I bought a Hisense and it had the option during setup to disable most smart features and leave it in “basic mode”. I was already going to put an Apple TV in it so I just left it there and I’ve been happy. Only thing a tv needs is settings and the ability to change inputs.
Walmart sells Sceptre 4k tvs which are dumb, sure they aren't OLED or have amazing refresh rates but they are the perfect TV for most people, it's much easier to chuck and buy a new $20 streaming device when updates make it crawl to a near stop than it is to do the same with a $600+ TV.
LOL I'm still using an old CRT TV because it just won't die and I barely watch TV
That's why you should build your own media center from an old machine. Much safer and more private.
How?
/ partition will do), maybe have a homemade NAS ready tooCheers, I'm using this as a jump off point for a weekend project maybe. Would anything change if I was interested in casting content too?
Look into Plex servers, that should keep you busy for the next six months till you get it up and running.
Or Jellyfin. Because free.
Is jellyfin a better alternative?
Yes
Yeah, it's free and open source. I just pointed it at a few folders of TV, movies and music that I downloaded years ago, and it catalogued them all, downloaded all the blurbs and posters.
Like a mini Netflix that you host yourself.
The problem is that YouTube app and F1 app are Android only so having a Linux media box won't help. It needs to run Android to run Android apps.
Plus I like to use Chromecast, we use it all the time to send YouTube videos from our phones to the big screen.
Wait, smart devices might not be secure?! I'm shocked!
China hacked my fucking coffee mug.
These are just generic Android TV devices that use Allwinner board. Allwinner made these kind of generic boards for Android TV and Android Auto head unit and sell them to OEMs. The OEMs then "customize" it by adding their APKs into the ROM provided by Allwinner. I doubt the malware come from Allwinner. Maybe it's just one (or more) OEM that include whatever APK they found on the internet without checking.
In total the researchers confirmed eight devices with backdoors installed—seven TV boxes, the T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G, and a tablet J5-W.
The other thing discussed is fraudulent android apps that have been removed from the play store.
This is the best summary I could come up with:
This week, cybersecurity firm Human Security is revealing new details about the scope of the infected devices and the hidden, interconnected web of fraud schemes linked to the streaming boxes.
“They’re like a Swiss Army knife of doing bad things on the Internet,” says Gavin Reid, the CISO at Human Security who leads the company’s Satori Threat Intelligence and Research team.
“This is a truly distributed way of doing fraud.” Reid says the company has shared details of facilities where the devices may have been manufactured with law enforcement agencies.
In the second half of 2022, Human Security says in its report, its researchers spotted an Android app that appeared to be linked to inauthentic traffic and connected to the domain flyermobi.com.
When Milisic posted his initial findings about the T95 Android box in January, the research also pointed to the flyermobi domain.
The company’s report, which has data scientist Marion Habiby as its lead author, says Human Security spotted at least 74,000 Android devices showing signs of a Badbox infection around the world—including some in schools across the US.
The original article contains 455 words, the summary contains 180 words. Saved 60%. I'm a bot and I'm open source!
This is a most excellent place for technology news and articles.
