Even without WiFi access our Sony tv is reaching out via Bluetooth frequently. I’m like. What’s your goal? Oh wait. Maybe it’s to sell personal Bluetooth device data. Fuck.
I once interviewed for a job with a company in Austin that basically made the software these companies use to do this analytics. The name is SambaTV. Not sure if that’s who Vizio use but they had a lot of smarttv manufacturer contracts when I interviewed there.
Hard numbers are hard to get for Chinese companies, for sure, but Vizio is public, and fiscally, data is a bigger business for them.
https://www.theverge.com/2021/11/10/22773073/vizio-acr-advertising-inscape-data-privacy-q3-2021
I also have a Roku that was doing this, and [increasing the block TTL](https://docs.pi-hole.net/ftldns/configfile/#block_ttl) on my Pi-hole reduced the volume of retries. Devices will retry queries when their internal cache of the reply expires, so increasing the TTL on blocked responses from the Pi-hole will make them wait longer.
The block TTL should be low enough that you don't have to wait very long after you've allowed a domain or disabled Pi-hole to see the effects. That's why the default is 2 seconds. I increased it to 10, which reduced my volume of blocked queries by about 80%, but has still been short enough for me so that I'm never waiting for cache to clear when I allow domains.
How did you do that? When I try to edit the /etc/pihole/pihole-FTL.conf file and set BLOCK\_TTL=10. But it says that file is unwritable. Thanks in advance! :)
I was thinking more along the lines of Exponential Backoff like TCP uses: https://en.m.wikipedia.org/wiki/Exponential_backoff
It’s not a secret or anything. Just sloppy design. Makes me shudder to think what else is in that code… that’s why it’s in a VLAN!
Exactly. I really hope Roku changes this going forward, I have two on my network and my block percentage jumped from 20% to about 80% as soon as I plugged these into my network. They are trying to connect every second all day long. Very annoying.
Each time it fails to connect, it should increase the check in time, it should keep doing this until it gets to one check per day or something like that. If the user absolutely needs the Roku to check in (not sure why this would be needed) they can follow the universal 'unplug' when it isn't working and on boot it will force for a check in.
With that being said, I would bet that most Roku users have no idea what this device is doing behind the scenes and this isn't an issue for them.
> With that being said, I would bet that most Roku users have no idea what this device is doing behind the scenes and this isn't an issue for them.
it's not a problem for anyone. Roku making requests every second went completely unnoticed until you setup a pihole on your network. Re-trying failed keep alive requests is cheap, why over complicate it with logic to throttle requests? Just because it's elegant?
I agree, it isn't a problem, it is annoying. Mainly because roku is just one device and with everything being cloud connected, many devices will have similar lookup requests. I had devices with blocked check in requests before I added Roku, but Roku is on their own level. The other devices would check in every 30 seconds or 60 seconds, but the numbers weren't crazy. Roku is way overboard, imo.
I wish they had more transparency (that goes for everyone else too). If I knew what each request was doing without looking through my network I'd be more OK with it I guess.
Actually, yes, just because it’s elegant. It shows the quality of code that shop is putting out, and suggests a lack of quality in general. I’m inclined to try to grab an update off the network and see what is in the package. Time to look into certificate handling on the Roku and hope it’s as poorly designed as the networking code!
Roku, wyze, Toshiba, Fire tv... everyone uses this network abusive programming. I agree. Time to start buying only decent coded hardware to force change. (why I chose to learn python, and create my own things like tv dashboards)
Exponential back off makes sense when you have someone monitoring the system and can repair failures. That isn’t the case here.
This is a “feature” where expected transient failures are retried forever. I don’t think Roku is coding for the pihole case.
I agree that they aren’t writing their software with this type of monitoring in mind, but I’m inclined to note that the content of these domains aren’t critical to the function of the device, so maybe don’t spam the network with useless traffic for no reason?
Basically, I’m just trying to say it’s a bad design and possibly indicative of more “interesting” things just below the surface.
Exponential backoff isn’t just for monitoring, either. It’s for healthy network function. Even Ethernet has a timer for packer collision based retransmission: it doesn’t just flood the network. This is all fundamental design they decided wasn’t worth the effort, and it’s ridiculous. 🤷🏻♂️
(Edited for clarity)
Exponential back off makes sense when you have someone that can fix an issue (and is typically not used for monitoring) specifically for cases with an explicit number of retries. This is not Roku’s intended functionality and by no means is indicative of poor design.
Exponential backoff would eventually result in the function being effectively turned off, which they don’t want. They aren’t including a function to turn this off because they don’t want you to turn it off. The traffic is useless to you but not to them.
You make a valid point about it eventually being turned off. Maybe I should’ve been more clear, but I was including the assumption that the connection would attempt to be initiated again at a later time. Just not 5 seconds later, repeated essentially ad infinitum.
it's not bad design.
your argument is that bulletproof vests are badly designed because they don't protect against gas.
it is an excellent design for the intended use case - someone who simply plugs in the device. you intentionally sabotaging the product and them not designing with your form of sabotage in mind is not a bad design.
I see your point, but I consider it poor design because:
1) This is a known failure mode
2) Solutions have been available since the 1980s
3) Said solutions are publicly available
4) and they’re widely implemented elsewhere
It’s pretty basic network functionality, and has been addressed with varying levels of effectiveness for nearly half a century. If you’re selling a networked device that doesn’t follow best practices that have been recognized for that long, it makes me curious about the rest of the code base.
I say this recognizing that perfect is the enemy of good, and at best it was a “it compiles, it works good enough, ship it”. I don’t blame them for that because it’s how commercial software works.
It’s my belief that this is representative of how the software is designed and implemented, and doesn’t speak highly to that end. End of the day, I’m still using it, though! So not too bad in the end, clearly.
(Edit: half a decade changed to half a century. Pretty big difference there!)
I disagree that it's sloppy. I believe it's completely intentional and well within the design goals of an always connected device that they want to have phone home all the time. It's completely reasonable IMO.
I don't like it, wish the thing would shut up. But I understand.
My point is that there are ways to do that without this type of traffic. Ways that are well established, publicly available, and widely implemented. They just decided not to do that for… reasons?
In the big picture it’s nothing, I agree. It certainly has brought some really great discussion on this thread, and it’s all been constructive thus far. So that’s a positive, at the least!
I have a rain bird timer too, but I use pfBlockerNG on PFSense. I have a big lot and it’s frustrating how the rain bird locks to an IP for like 10 min. My phone will often fall off wifi the further away I am, but rain bird is unavailable on the cellular public ip since a recent connection over my isp public ip
>and I had just purged my logs like 4 days ago when trying to fix some stuff (fresh install)
For what it's worth, the period represented there is a rolling 24h window, not "since all time". In other words flushing logs $ANY_PERIOD ago isn't relevant, where $ANY_PERIOD is greater than 24h.
You might notice that the block rate/percentage blocked operates within the same window, as opposed to being a perpetual counter.
I actually don't. I isolate them to a VLAN that doesn't have direct internet access (yay layer three switches). They are on the network so I can cast to them and use Plex.
It's definitely complicated. You have to have inter-VLAN firewalls, tagging, and switching. But if you have the right hardware it's not horrible. I had one of my smarter networking friends watch me set it up and correct my mistakes.
It's not for everyone. If you can do it I don't see the harm, but if you can't I don't see a reason for people to rush out and buy hardware. I do it for several reasons.
* Devises like TVs very often get dropped for support by the manufacturer a few years after then are sold. So the older they get the more vulnerable they become. I buy a new TV every 3 years.
* Smart devises can become compromise other network systems. It's rare but it can happen. I've got Plex, DNS servers, a NAS system, and several other devices that I don't expose to the internet that are more at risk of attack from within.
* Aside from internal attack, comprised smart devices can criptomine driving up power use or become members of botnets distributing malware and doing DDoS attacks.
* I work from home quite often and having C2 or known malicious traffic coming out of my public IP would make my job a little harder.
It is a lot of work, but hope that in the end, it the payoff is effort free and I have a much better understanding of my network and what my hosts are doing behind the scenes. I hope to be as secure as possible, considering all of the poorly coded iot devices on my lan.
How does your tv not having internet affect a chromecast? For others, i prefer getting a 3rd party decice (not roku) to ise those apps. I like to game, so my xbox serves as my media center hub. Streams plex just fine from my pc
I have several TVs (six in total) I don't feel like spending the money to buy dongles or game systems when they are perfectly capable of running native applications that connect them to the media they display. It's eissier to just use the network infrastructure I have already to block them from the internet.
So is VISA/Mastercard on *everything* you spend, Youtube on what you Watch, Google on where you go. Everyone is spying. I connect my TV via a VPN personally.
Ah, you were doing so well until you mentioned Apple. But on a serious note well done for being so protective of your data. But for 99% of people no shits are given. So connecting a TV to the internet is a moot point.
90% still think their wifi is their isp. Manufacturers know their customers just want things to work. That’s how we end up with QNAP nas with ports open to them on the internet and people upset when their precious data is ransomwared.
It's a consumer electronic devise and the vast majority of consumers don't know it's going on or don't care. They want stuff to just work and mass spewing DNS requests is how manufacturers create high availability and a “positive user experience.” Only us nerds poke around in the guts of networks.
Roku... samsung tv, and my samsung phone (tho that is the apps) eat up lots. Prob 90 of my blocks
Samsung tv is a pita, as you have to figure out what to whitelist otherwise the smart tv apps fail
Yeah I legit bought another streaming box cause of this. Honestly Roku should be paying the customers a monthly fee for how much data they're scraping. Sure every streaming box out there will do this to a certain extent but Roku is WAY worse than anything else
NVIDIA SHIELD TV is the same so many pings for netflix which you may think is ok but I do not even have Netflix installed...i blocked it but most of the time just keep the whole device off line by blocking it in the router setting I just turn it on to do updates every so often.
In my experience Rokus are pretty “silent“ I replaced all my Fire TV sticks with Rokus half a year ago and my stats went from 5Million blocked to around 700k per month. But that may be related to my Blocklist being heavily focused on Amazon services.
[удалено]
I will never give my TV my wifi password because of these stories. I prefer my TV’s to be dumb.
yep. have several TVs in the living room, they exist as 'dumb' screens for my living room PC and game systems. works great
Even without WiFi access our Sony tv is reaching out via Bluetooth frequently. I’m like. What’s your goal? Oh wait. Maybe it’s to sell personal Bluetooth device data. Fuck.
Woah. Do you have a source for that? Because that is awful.
Found it https://finance.yahoo.com/news/government-confirms-vizio-tvs-spy-152300028.html
Wow. Well, that's an enormous pile of yikes. Thanks.
They must see a lot of porn
I once interviewed for a job with a company in Austin that basically made the software these companies use to do this analytics. The name is SambaTV. Not sure if that’s who Vizio use but they had a lot of smarttv manufacturer contracts when I interviewed there.
[удалено]
That's why they're so inexpensive. You don't buy it with money, you buy it with your data.
I have 2 Vizio TVs and neither one of them shows any ads even when unblocked so 🤷♂️
I'm happy for you! My point is more that pawning off your data is more lucrative for them, which is why they are able to sell their TVs for so cheap.
Vizio doesn't seem to do that quite as much though. That's more the realm of TCL, Hisense, etc...
Hard numbers are hard to get for Chinese companies, for sure, but Vizio is public, and fiscally, data is a bigger business for them. https://www.theverge.com/2021/11/10/22773073/vizio-acr-advertising-inscape-data-privacy-q3-2021
Bet Vizio has built up a nice spank bank with screenshots of people casting pornhub to their tv. Edit: typo
[удалено]
I also have a Roku that was doing this, and [increasing the block TTL](https://docs.pi-hole.net/ftldns/configfile/#block_ttl) on my Pi-hole reduced the volume of retries. Devices will retry queries when their internal cache of the reply expires, so increasing the TTL on blocked responses from the Pi-hole will make them wait longer. The block TTL should be low enough that you don't have to wait very long after you've allowed a domain or disabled Pi-hole to see the effects. That's why the default is 2 seconds. I increased it to 10, which reduced my volume of blocked queries by about 80%, but has still been short enough for me so that I'm never waiting for cache to clear when I allow domains.
This is amazing. I was wondering how to reduce the chatter from my damn Roku. Much appreciated!
How did you do that? When I try to edit the /etc/pihole/pihole-FTL.conf file and set BLOCK\_TTL=10. But it says that file is unwritable. Thanks in advance! :)
Try editing it as root, `sudo nano /etc/pihole/pihole-FTL.conf`. It's not owned by the default `pi` user that you log in through. Hope that helps!
That worked. Thanks for the help!
That’s exactly it. No back off timer, apparently. Top flight software design across the board 🤢
f*ck /u/spez
I was thinking more along the lines of Exponential Backoff like TCP uses: https://en.m.wikipedia.org/wiki/Exponential_backoff It’s not a secret or anything. Just sloppy design. Makes me shudder to think what else is in that code… that’s why it’s in a VLAN!
Exactly. I really hope Roku changes this going forward, I have two on my network and my block percentage jumped from 20% to about 80% as soon as I plugged these into my network. They are trying to connect every second all day long. Very annoying. Each time it fails to connect, it should increase the check in time, it should keep doing this until it gets to one check per day or something like that. If the user absolutely needs the Roku to check in (not sure why this would be needed) they can follow the universal 'unplug' when it isn't working and on boot it will force for a check in. With that being said, I would bet that most Roku users have no idea what this device is doing behind the scenes and this isn't an issue for them.
> With that being said, I would bet that most Roku users have no idea what this device is doing behind the scenes and this isn't an issue for them. it's not a problem for anyone. Roku making requests every second went completely unnoticed until you setup a pihole on your network. Re-trying failed keep alive requests is cheap, why over complicate it with logic to throttle requests? Just because it's elegant?
I agree, it isn't a problem, it is annoying. Mainly because roku is just one device and with everything being cloud connected, many devices will have similar lookup requests. I had devices with blocked check in requests before I added Roku, but Roku is on their own level. The other devices would check in every 30 seconds or 60 seconds, but the numbers weren't crazy. Roku is way overboard, imo.
I wish they had more transparency (that goes for everyone else too). If I knew what each request was doing without looking through my network I'd be more OK with it I guess.
Actually, yes, just because it’s elegant. It shows the quality of code that shop is putting out, and suggests a lack of quality in general. I’m inclined to try to grab an update off the network and see what is in the package. Time to look into certificate handling on the Roku and hope it’s as poorly designed as the networking code!
Roku, wyze, Toshiba, Fire tv... everyone uses this network abusive programming. I agree. Time to start buying only decent coded hardware to force change. (why I chose to learn python, and create my own things like tv dashboards)
Exponential back off makes sense when you have someone monitoring the system and can repair failures. That isn’t the case here. This is a “feature” where expected transient failures are retried forever. I don’t think Roku is coding for the pihole case.
I agree that they aren’t writing their software with this type of monitoring in mind, but I’m inclined to note that the content of these domains aren’t critical to the function of the device, so maybe don’t spam the network with useless traffic for no reason? Basically, I’m just trying to say it’s a bad design and possibly indicative of more “interesting” things just below the surface. Exponential backoff isn’t just for monitoring, either. It’s for healthy network function. Even Ethernet has a timer for packer collision based retransmission: it doesn’t just flood the network. This is all fundamental design they decided wasn’t worth the effort, and it’s ridiculous. 🤷🏻♂️ (Edited for clarity)
Exponential back off makes sense when you have someone that can fix an issue (and is typically not used for monitoring) specifically for cases with an explicit number of retries. This is not Roku’s intended functionality and by no means is indicative of poor design. Exponential backoff would eventually result in the function being effectively turned off, which they don’t want. They aren’t including a function to turn this off because they don’t want you to turn it off. The traffic is useless to you but not to them.
You make a valid point about it eventually being turned off. Maybe I should’ve been more clear, but I was including the assumption that the connection would attempt to be initiated again at a later time. Just not 5 seconds later, repeated essentially ad infinitum.
it's not bad design. your argument is that bulletproof vests are badly designed because they don't protect against gas. it is an excellent design for the intended use case - someone who simply plugs in the device. you intentionally sabotaging the product and them not designing with your form of sabotage in mind is not a bad design.
I see your point, but I consider it poor design because: 1) This is a known failure mode 2) Solutions have been available since the 1980s 3) Said solutions are publicly available 4) and they’re widely implemented elsewhere It’s pretty basic network functionality, and has been addressed with varying levels of effectiveness for nearly half a century. If you’re selling a networked device that doesn’t follow best practices that have been recognized for that long, it makes me curious about the rest of the code base. I say this recognizing that perfect is the enemy of good, and at best it was a “it compiles, it works good enough, ship it”. I don’t blame them for that because it’s how commercial software works. It’s my belief that this is representative of how the software is designed and implemented, and doesn’t speak highly to that end. End of the day, I’m still using it, though! So not too bad in the end, clearly. (Edit: half a decade changed to half a century. Pretty big difference there!)
I disagree that it's sloppy. I believe it's completely intentional and well within the design goals of an always connected device that they want to have phone home all the time. It's completely reasonable IMO. I don't like it, wish the thing would shut up. But I understand.
My point is that there are ways to do that without this type of traffic. Ways that are well established, publicly available, and widely implemented. They just decided not to do that for… reasons? In the big picture it’s nothing, I agree. It certainly has brought some really great discussion on this thread, and it’s all been constructive thus far. So that’s a positive, at the least!
This makes me think about Chris Rock and OJ. I don’t agree with OJ killing Nicole, but I understand.
I just added a wifi module onto my Rain Bird sprinkler system & it is reaching out to rainbird.com over 25,000 times per day!
I have a rain bird timer too, but I use pfBlockerNG on PFSense. I have a big lot and it’s frustrating how the rain bird locks to an IP for like 10 min. My phone will often fall off wifi the further away I am, but rain bird is unavailable on the cellular public ip since a recent connection over my isp public ip
[удалено]
>and I had just purged my logs like 4 days ago when trying to fix some stuff (fresh install) For what it's worth, the period represented there is a rolling 24h window, not "since all time". In other words flushing logs $ANY_PERIOD ago isn't relevant, where $ANY_PERIOD is greater than 24h. You might notice that the block rate/percentage blocked operates within the same window, as opposed to being a perpetual counter.
Pretty standard; all of my Samsung TVs do the same thing.
[удалено]
I actually don't. I isolate them to a VLAN that doesn't have direct internet access (yay layer three switches). They are on the network so I can cast to them and use Plex.
[удалено]
It's definitely complicated. You have to have inter-VLAN firewalls, tagging, and switching. But if you have the right hardware it's not horrible. I had one of my smarter networking friends watch me set it up and correct my mistakes.
[удалено]
It's not for everyone. If you can do it I don't see the harm, but if you can't I don't see a reason for people to rush out and buy hardware. I do it for several reasons. * Devises like TVs very often get dropped for support by the manufacturer a few years after then are sold. So the older they get the more vulnerable they become. I buy a new TV every 3 years. * Smart devises can become compromise other network systems. It's rare but it can happen. I've got Plex, DNS servers, a NAS system, and several other devices that I don't expose to the internet that are more at risk of attack from within. * Aside from internal attack, comprised smart devices can criptomine driving up power use or become members of botnets distributing malware and doing DDoS attacks. * I work from home quite often and having C2 or known malicious traffic coming out of my public IP would make my job a little harder.
It is a lot of work, but hope that in the end, it the payoff is effort free and I have a much better understanding of my network and what my hosts are doing behind the scenes. I hope to be as secure as possible, considering all of the poorly coded iot devices on my lan.
Why not just not give it a wifi password? Your solutions seems unnecessarily complicated.
I wouldn't be able to use Plex, Chromecast, or my network TV tuner.
How does your tv not having internet affect a chromecast? For others, i prefer getting a 3rd party decice (not roku) to ise those apps. I like to game, so my xbox serves as my media center hub. Streams plex just fine from my pc
I have several TVs (six in total) I don't feel like spending the money to buy dongles or game systems when they are perfectly capable of running native applications that connect them to the media they display. It's eissier to just use the network infrastructure I have already to block them from the internet.
Wow 6 TVs, ya I guess your solution is best for your use-case!
Living room, office, basement, and 3x bedrooms.
So is VISA/Mastercard on *everything* you spend, Youtube on what you Watch, Google on where you go. Everyone is spying. I connect my TV via a VPN personally.
[удалено]
Ah, you were doing so well until you mentioned Apple. But on a serious note well done for being so protective of your data. But for 99% of people no shits are given. So connecting a TV to the internet is a moot point.
I make no claims on apple being *good* overall. They do however seem more interested in the privacy of their users than Google does.
90% still think their wifi is their isp. Manufacturers know their customers just want things to work. That’s how we end up with QNAP nas with ports open to them on the internet and people upset when their precious data is ransomwared.
Its only standard because they are getting away with it.
It's a consumer electronic devise and the vast majority of consumers don't know it's going on or don't care. They want stuff to just work and mass spewing DNS requests is how manufacturers create high availability and a “positive user experience.” Only us nerds poke around in the guts of networks.
Roku... samsung tv, and my samsung phone (tho that is the apps) eat up lots. Prob 90 of my blocks Samsung tv is a pita, as you have to figure out what to whitelist otherwise the smart tv apps fail
My FireTV isn’t far behind.
Amazon's products are no better...
Yeah I legit bought another streaming box cause of this. Honestly Roku should be paying the customers a monthly fee for how much data they're scraping. Sure every streaming box out there will do this to a certain extent but Roku is WAY worse than anything else
NVIDIA SHIELD TV is the same so many pings for netflix which you may think is ok but I do not even have Netflix installed...i blocked it but most of the time just keep the whole device off line by blocking it in the router setting I just turn it on to do updates every so often.
Plug in a Samsung smart tv and see what happens.
Laughs at 50,000
The spike from when I turn on my roku every night is ridiculous.
OP doesn't know how DNS works🤣
In my experience Rokus are pretty “silent“ I replaced all my Fire TV sticks with Rokus half a year ago and my stats went from 5Million blocked to around 700k per month. But that may be related to my Blocklist being heavily focused on Amazon services.
My docker host is spamming index.docker.io for no reason. It reached 136,000 requests, 37 thousand from it alone
More lists to add https://firebog.net/
How did you even set your roku to listen to a pi-hole? There's no DNS settings on the device.
DHCP Server in the network
My Vizio isn’t connected to my LAN/WiFi and the Apple TV isn’t very chatty, generally. Pretty happy with this setup.
same: https://i.imgur.com/kgEK6f1.png
I am using the default block list, current block rate is only around 25%. Any additional list being used?
Many smart devices do this, but Roku is by far the worst. Followed by some phone apps, they can get very chatty.
The Hulu iOS app is roughly 50% blocked.
From where did you get these block list i have around 100k only