Skip to content

// #iot-security

2 articles

← All tags
🗄️ Assets

Free Apps Are Turning Smart TVs Into Residential Proxy Nodes — Without User Consent

Research published this week reveals that multiple free consumer applications are silently enrolling Android TV devices and Smart TV platforms as exit nodes for residential proxy networks, routing third-party AI web scraping and data harvesting traffic through household internet connections. Users receive free app access; their bandwidth and IP address are sold to commercial proxy operators without meaningful disclosure.

#smart-tv +7
🏛️ Architecture

CISA ICS Advisory: Milesight AIOT Cameras Carry Five CVEs Including CVSS 9.8 Hard-Coded SSL Key Flaw

CISA advisory ICSA-26-113-03 covers five vulnerabilities across 18-plus Milesight AIOT camera model families, including a CVSS 9.8 flaw where all devices share a hard-coded factory SSL private key that cannot be changed. An attacker with the key — which is extractable from any unit — can conduct undetectable man-in-the-middle attacks against the entire deployed fleet. Organisations using Milesight cameras in operational technology or physical security environments should isolate these devices immediately.

#ics +5

Commentary tagged #iot-security

Opinion

The Smart TV Is a Network Device. Most Enterprises Have Not Noticed.

The revelation that free apps are enrolling Smart TVs as residential proxy exit nodes is not primarily a consumer privacy story. It is a network security story about a class of device that has proliferated across enterprise environments — conference rooms, executive suites, hotel rooms during business travel — without being managed as a network security asset.

CipherWatch Editorial

Security Intelligence Platform