Why You Should NEVER Sign In to Android TV With an Important Google Account!
Вставка
- Опубліковано 11 чер 2024
- In this video, we will take a look at how Android TV handles Google Accounts and how signing into an Android TV device using your primary Google account could give anyone with access to the TV full access to your Gmail Mailbox, Google Drive and any services where you've signed in using your Google account!
Buy the Nokia Streaming Box 8000 on Amazon (Affiliate): geni.us/9O2KBg
Buy the 13.3" "Lapdock" on AliExpress (Affiliate): geni.us/UH5itjY
www.camerongray.me/
/ camerongray1515
Chapters:
00:00 - Introduction
00:47 - What we'll be using
02:50 - Why is this an issue?
05:23 - Initial Setup Process
09:22 - Taking a Look at the Issue
11:46 - Installing Google Chrome
14:08 - Signing in to Chrome
16:02 - Accessing Gmail
17:26 - Accessing Google Drive
17:51 - Accessing "Sign in with Google" Services
19:01 - Conclusion
AFFILIATE LINKS NOTICE:
Product links under this video marked “(Affiliate)” are affiliate links where I may receive a small commission on qualifying sales. Affiliate programs that I am a member of include, but are not limited to: Amazon Associates, eBay Partner Network and AliExpress Affiliates.
As an Amazon Associate I earn from qualifying purchases.
Purchasing through these affiliate links will not cost you any more money, however the commission earned significantly helps fund the production of videos on my channel. - Наука та технологія
Buy the Nokia Streaming Box 8000 on Amazon (Affiliate): geni.us/9O2KBg
Buy the 13.3" "Lapdock" on AliExpress (Affiliate): geni.us/UH5itjY
I have implemented the practise of creating a separate google account since 2020 when I got my first Smart TV. But not lot of people do this so an excellent video indeed
That's common sense to me at this point, but I can definitely see myself logging into my main Google account at the TV if I was living all alone.
Me too, only because I live alone 🙂
While this is a pretty niche problem, I think it's very much worth highlighting!
I think the bigger issue on the phone vs TV front isn't PIN codes vs no PIN codes, it's physical control vs no physical control. I have my phone basically on me all the time - I have physical control over it.
But my TV is at home "alone" most of the time. While I'm not a high value target, knowing that someone who has physical access to my home TV also has trivial access to my email, that's interesting. I guess it doesn't even need to be a real threat-actor - could be a family member, roommate, friend, etc - all people that you assume wouldn't be able to casually access your email
Excellent info something I wasn’t aware of thanks for making video on it!
Very helpful Information Cam. Great Job as always!
Thank you for sharing this!
15:20 - That “Yes, I’m in” button is exactly what they say in terrible TV shows when a ‘hacker’ side steps around a passcode and gains higher access 🤣😂😅
I enjoyed traveling that rabbit hole with you as my captain.
Thanks Cameron. A worthy PSA, I'm in the fortunate position of having practically no "friends" who visit, and have a good home security system in place to prevent breakins, but still..
Why its also always a superb idea to factory reset everything you want to get rid of that has credentials stored on it.
Common sense you'd think that obviously isn't so common.
I try to avoid most smart TV functionality and apps for other reasons, but when required, the TV has its own specific account to limit these sorts of things.
Good video and well worth knowing the risks. Shame for those with UA-cam premium who have it on their main account and want to use it on their TV. Wonder if there’s any workaround short of migrating to a new google account for UA-cam, but then presumably losing subscriptions and watch history etc.
My family don’t even know how to use my bedroom TV, let alone to use my Nvidia Shield, and do all these steps (my mum barely knows how to minimise a page on her laptop) - I’m fairly safe!! And as a tech savvy dude I’ll be factory resetting when it’s end of life 😊 I love my premium too much
TV Pro is excellent for side-loading apps on Google TV etc.
Pretty niche and requires physical access but man, that's a heck of a security issue. I might have to make my sync passphrase a bit stronger! 😂 I haven't set one of these in a while, does 2FA kick in if set up when signing in?
Will you be reviewing this box? I just bought a Google TV/Chromecast 4K, but I'm curious if this would be better for around the same money-
I'm not sure the video would really do well enough to justify it although it does seem like a pretty nice device. It doesn't have the newer Google TV interface that the Chromecasts use, but other than that they seem very similar at a hardware level and it does perform pretty well. I was originally planning on going with the Chromecast but the Nokia with built in Ethernet ended up working out cheaper than a Chromecast plus a separate Ethernet adapter.
I've done the same steps on my Chromecast with Google TV and it looks like this has been sorted. Chrome now requires verification before it uses the synced account for a google service. Developer mode was also needed before it would install the APK. Account purchase settings can be set to require password.
It doesn't yet but i think the pin function should be adjusted keep all access a bit more secure, not limited to preventing a child account from signing out. 🤔
I’ve used android TVs since around 2015 and always use my main Google, but my family have no idea how to use my bedroom tv - let alone change the inputs and use the Nvidia Shield Pro -- I always use my main account as I subscribe to UA-cam Premium and Music Premium which is linked to
If Google were to redesign how they handle Google accounts on the Apple TV, this would be a problem on there as well. I know this because of how Google handles accounts on your iPhone, iPad, and computer. It's pretty much the same way as with android. Google stores a file on your device containing your account credentials and stuff like that. They then are able to give you a similar experience between an android and iPhone device, for example, because of this. Also, for devices like the Samsung smart refrigerator that has a screen on the front and the general electric smart stove hood that also has a screen on the front, this is also a problem as they run android OS and have a browser, though I'm not sure if it is Google Chrome.
I've separate Google accounts for all of my major use-cases: 1. keeping personal information/data safe like Gmail, GDrive, Google Pay, etc. 2. using various Android devices (e.g. tablet) with Play Store app updates, but without access to significant personal information (i.e. obviously app usage information is still PII, like watched videos, etc.) 3. account for testing Android devices, etc. 4. account for use within my car (i.e. navigation history, POIs, etc.) 5. account for sending emails through GMail on free linux VMs hosted at various cloud providers
The problem is more generic than just Android TV devices though. Google account credentials can be accessed by all sorts of apps on an Android device (using the respective API of course). The problem comes up when an Android device (or more specifically a user profile on an Android device) is not locked/secured properly, or at all. For Android TV devices this is pretty much standard procedure as the most widespread use-case is to have it in your home. And most people assume that at home the device is "secured" even without any unlock procedure before each and every use. The more paranoid of us do not assume that our house/flat is a secure place where only we can access our things. :-) There's always the possibility of a break-in or a raid by the police, etc. Btw. you should also always consider the possibility that any (even secured/locked) Android devices (or in fact any other device) could get compromised by a malicious actor (perhaps by a malicious app), so compartmentalize your accounts and data accordingly. Of course it always should come down to a risk analysis: what level of nuisance are you willing to accept to increase your level of security or what risks are you willing to take for the sake of convenience?
Google has allegedly fixed the issue and is rolling it out for all Android TV devices (including older ones). They say: "Going forward on Google TV and Android TV, sideloading Google Chrome will no longer automatically use the login token for the Google account when accessing Gmail or Google Drive on the device." Sounds like a band-aid solution and doesn't actually fix the problem. You can install any number of Google apps (e.g. GMail) and have the same result, i.e. compromise of the Google account if an unauthorized person gets access to the unsecured (i.e. unlocked) device.
What is the microphone you are using, Cameron?
I'm using a Sennheiser HSP Essential Omni headset mic connected to a Sennheiser EW-DP wireless system.
@@camerongray1515Great, thank you!
When I did have Alexa I never used my Amazon Shopping email account and setup a specific email account jus for Alexa. I have specific email accounts all with different passwords and all have MFA or Hardware key password. I feel there is too much emphasis on Convenience sometimes and that does not always equal good security. UA-cam channel and general channels are all seperate to my email accounts, smart home android tablet again seperate and Amazon fire tablet always signed out but uses separate account from amazon account.
I like how the apple tv does it - you have to tap a notification on your phone to do anything sensitive
I think you mentioned that your primary TV set has a proprietary operating system on it, but how many modern day smart TVs have that? I have a 2013/2014 model Sony Internet connected TV who's operating system is completely proprietary and closed, but I thought most modern smart TV from all the big names like Panasonic and Sony etc ran Android TV. I think some Samsung models have their own operating system.
Sony and Panasonic primarily offer Android based TVs however Samsung offer TVs based on their Tizen OS, LG run on WebOS and my Hisense TV runs their "VIDAA" OS which I suspect is some sort of custom Linux OS. Android TV is nice but it can be pretty sluggish at times which is why I think other manufacturers still tend to offer their own lighter weight OSs. Smart TV apps are generally just wrappers around web apps so they are relatively simple to release across several different smart TV platforms.
@@camerongray1515 I see.
@camerongray1515 tbf my Hisense TV has VIDAA and I find it a bit rubbish tbh, its just a bit sluggish particularly the Netflix app
The whole "smart" side of things makes me dread buying my next TV I just want a large display.
Just make sure to buy a 'smart' TV where you can avoid the smart stuff, this is what I do with mine.
The only time I connect mine to the internet is for firmware updates.
For most use cases, if a malicious actor is INSIDE YOUR HOUSE with physical access to your android TV box, I think you have bigger problems.....
I think this is a bit too specific of a warning for such a niche issue, maybe the PSA is just - Log out of things when you're done with them - that is a problem for many more things than just this.
true, but…watching tv is *by far* the most likely kind of device activity where you would have guests there. friends over to watch the big game. your new friend watching a show while you cook or shower. i can’t think of any other device we use even half so likely to be left with other people while we aren’t even in the room.
A tv with camera watching you nosepicking 😂 is a problem too. Don't forget the remote mic😊
For Google, this is such a dead-easy fix; make it so if anybody is trying to sign into a service through Android TV - _or any device_ - prompt a modal for an end-user that tells them somebody's trying to sign in, and have deny be the bigger of the two buttons. Best case it is the user, second-best case is _is_ the user but they denied signing in, thus they have to log in again. But why?
If Google _really_ cared about data security, they would make the refusal to sign in also sign the end-user on another device out. Complete wipe of session token upon *no* / *deny* being given as an answer. Then the person on the other side would need your password to continue. Which would be an incredible inconvenience for them, and only a minor inconvenience for you.
this is why I like rokus
Great if you don’t have youtube premium. Anyway to get that benefit onto the device (not asking for alternative means for ad free youtube)
If you have 2FA enabled, it will ask for login confirmation on the phone. Probably. Since it was a new account made for the tv box, I believe it was not setup. At one point you will be forced to do that, because without it there is no way to generate individual passwords for apps that need traditional login.
This is an interesting discovery and it all makes sense, I understand the risks involved with doing this now you've explained it. However, I do have a question. Let's say you've subscribed to UA-cam Premium and you use that on your primary Google account, and suppose you want to access UA-cam Premium on an Android set top box or TV. If you set up a Google account specifically for that device so others can't access your important personal data, can you share your subscription with that account? If not, does that mean you'll need a second subscription to UA-cam Premium, costing you even more money?
UA-cam Premium is something I need to look into, if it came to it you could always set up a UA-cam Premium family subscription which is still more expensive than individual but not as bad as two completely separate accounts, you could then add your main and the "Android TV" account to the family. I also think you can log into the UA-cam app with multiple different accounts, I'll need to test this out to see if it works or if it ends up exposing those additional UA-cam accounts in the same way.
@@camerongray1515 OK, hopefully it's possible to have one subscription and share it, but somehow I don't think so.
I think you could just sign up for Premium on the throwaway account and then sign into that throwaway account on your phone, computer, etc as a second account. You might have to do some juggling to be on the right account to access Premium though. I think it'd work better on mobile because each app can be using a different Google account. I'm not sure how that works on a PC, I wonder if you can use say a different Google account for Gmail vs UA-cam on the same browser.
@@lhamil64 This appears possible, I can have one tab with UA-cam open on a different account then another open on gmail under another different account at least in Chrome.
This should be common sense!
It probably is for people who are familiar with Android and understand how it handles Google Accounts, however the average person will simply sign in when they are prompted and because there is no native apps that can access Gmail/Drive.etc, they won't be aware of what is actually possible.
Being non-technical must be so hard.
You didn't explain why this is an issue.
Biggest problem with this is that it can be costly if purchases are involved.
good news! google is going to change this! 🎉
chrome sync is NOT encrypted, it's stored in a readable format to any application that can access it, and many forms of malware are written to steal this.
that is very bad
It was my understanding that while it's stored unencrypted once it has synced, a sync passphrase is still used to encrypt the data while it's stored on Google's end so in the case of this device, you'd still need to enter the sync passphrase before you'd be able to access the synced data the first time you enable sync. But once this is done, as you've said, the data is stored unencrypted which is why you should always use a proper password manager that doesn't store the data unencrypted at any point.
@@camerongray1515 You have to explicitly enable the sync passphrase, it's not on by default.
When you said 'access' I thought you meant remotely, but no, you mean actual physical access to the device. Yeah, as someone else said here, if somebody has physical access toyour thing, you've got other problems to deal with.
Nokia makes android tv box's, the hell?
Um... there's restricted mode . When you've finished using your box, you put it into restricted mode. You then need a PIN to get back to your normal mode. In the meanwhile, anyone with physical access only sees a simple UI and can't access your Google account, network, apps, etc. Without knowing your PIN anyway.
That sort of works, but you still need to manually switch over to the restricted profile when you aren't using the device so it's not quite the same as a device level lock.
Mmmmlkioooooo
The surveillance state has ruined the potential of silicon valley technologies. It's sad that they continue to allow them to do this.
Another reason why you should be using 2FA,
I thought this was obvious
Sure, it's probably obvious for technical users who understand how Android works, however I suspect the vast majority of people who are setting up these devices would see signing into an Android TV device as no higher risk than signing into the UA-cam app on a non-Android Smart TV.
I agree with Cameron that this isn't obvious at all. I wouldn't assume my TV can open my email. And a light digging around inside Android TV won't show you anyway it can.
I guess you dont use Andriod much, it makes it VERY clear as soon as you login if you read and understand it. It gives the same access as when you login to any other andriod device, be it a mobile phone or chrome book.
I've used Android for over 13 years... To me, this is relatively obvious which is what prompted me to investigate it. However, for the average person who is setting up an Android TV device, they almost certainly don't expect to behave in this way - They're probably already familiar with signing into apps on other smart TVs and likely assume this works in exactly the same way. This is compounded by the fact that Android TV devices don't include Chrome or apps for Gmail/Google Drive so they will be very unlikely to see this behaviour in practice. Nowhere in the setup process on this device (which is shown entirely on camera) does it make it "very clear" what logging in means in terms of access to your account. Maybe it's buried somewhere in the terms and conditions, but can you really expect anyone to read those when they're just trying to set up their new TV?