Several Reddit users recently reported an issue where ads popped up every 20 to 30 minutes on Samsung Smart TVs. One of the users wrote, "Every movie I play 20-30 minutes in it plays the Pepsi ad, no audio but crisp clear ad. It has happened on 6 movies today. Oh yes mine is a Samsung TV also."
Gigaom pointed out the issue to Samsung, which responded in no time and even accepted the occurrence of the issue on its Smart TVs; though just in Australia. A Samsung spokesperson noted, "We are aware of a situation that has caused some Smart TV users in Australia to experience program interruption in the form of an advertisement. This seems to be caused by an error, and we are currently conducting a full and thorough investigation into the cause. This situation has been reported only in Australia. We would like to apologize for any inconvenience this may have caused."
One of the ads that popped constantly on the Samsung Smart TVs was of Pepsi and was reported more from the Plex app, a streaming service that organises video, music and photos from personal media libraries and streams them to smart TVs. The publication adds that a Plex spokesperson had assured that the streaming service company had nothing to do with the pop ad on Samsung's Smart TVs.
Soon after reports about Samsung recording and transmitting private conversations of Smart TV users surfaced on the Internet, the company defended itself by saying that it takes consumer privacy very seriously and that its products are designed with privacy in mind.
"We employ industry-standard security safeguards and practices, including data encryption, to secure consumers' personal information and prevent unauthorized collection or use," it added.
The claims of Samsung might be comforting for a regular consumer but a security researcher has refuted the company saying that the user voice data being sent by Samsung was not encrypted.
First reported by PCWorld, David Lodge, researcher with Pen Test Partners security company, in a blog post detailed how the data sent from a Samsung Smart TV was intercepted and analysed. Lodge discovered that Samsung was not encrypting the data and transmitted it in a "custom binary data packet."
"What we see here is not SSL encrypted data. It's not even HTTP data, it's a mix of XML and some custom binary data packet," he explains in blog.
Samsung had confessed in its blog that it was transmitting the collected information to a third-party service provider, in this case Nuance Communications, to convert the voice commands to text.
So far Samsung has not responded to the claims of the security researcher.