
This TV probably wasn’t spying on you.
I run a local resolver in my house and I’ve previously written about using it, together with a response policy zone, to block Windows 10 computers’ attempts to connect to Microsoft’s telemetry servers. I’ve added these lines to the zone in an effort to stop my telly connecting to the more suspicious-sounding domains:
log-ingestion-eu.samsungacr.com CNAME . devicelog.samsungcloudsolution.net CNAME . prderrordumpssm.samsungcloudsolution.net CNAME .
I’m being selective because I still want to use the ‘smart’ features of the set—I still want to watch Netflix and YouTube on it, for example. There’s more work to be done as can be seen from this list of domain lookup attempts by my TV in a period of five days. The Samsumg ones are the most interesting; some are obviously needed for the normal function of the TV’s smart features, but others might be blockable without disturbing them. If you find any that I haven’t listed, or know anything more about them, please leave a comment!
17688 log-ingestion-eu.samsungacr.com 2291 pool.ntp.org 2285 www.worldtime.com 2283 wwp.greenwichmeantime.com 1271 time.samsungcloudsolution.com 794 ns11.whois.co.kr 726 api-global.netflix.com 293 Coordinator-TA30-PROD-1091987395.eu-west-1.elb.amazonaws.com 247 secure.netflix.com 226 acr0.samsungcloudsolution.com 220 upu.samsungelectronics.com 203 appboot.netflix.com 185 nrdp.nccp.netflix.com 180 dpu.samsungelectronics.com 177 d1oxlq5h9kq8q5.cloudfront.net 161 lcprd2.samsungcloudsolution.net 139 osb-apps.samsungqbe.com 139 kpu.samsungelectronics.com 121 ichnaea.netflix.com 112 art-1.nflximg.net 97 art-0.nflximg.net 86 art-2.nflximg.net 67 cdn.samsungcloudsolution.com 63 www.samsungotn.net 59 noticecdn.samsungcloudsolution.com 57 googleads.g.doubleclick.net 53 www.samsungrm.net 46 ads.samsungads.com 43 notice.samsungcloudsolution.com 42 lcprd1.samsungcloudsolution.net 30 osb.samsungqbe.com 29 d38cmiae9b0e22.cloudfront.net 28 www.google.com 24 go.microsoft.com 22 multiscreen.samsung.com 22 config.samsungads.com 21 otn.samsungcloudcdn.com 21 cdn-0.nflximg.com 16 secureclock.playready.microsoft.com 14 oempprd.samsungcloudsolution.com 14 ipv6.connman.net 12 configprd.samsungcloudsolution.net 11 log-config.samsungacr.com 11 d3mjsomixevyw7.cloudfront.net 8 youtubei.youtube.com 8 www.youtube-nocookie.com 8 www.youtube.com 8 www.yahoo.com 8 www.google-analytics.com 8 tv.scdn.co 8 i.ytimg.com 8 ipv4.connman.net 8 gpm.samsungqbe.com 7 otnprd8.samsungcloudsolution.net 7 otnprd11.samsungcloudsolution.net 6 sas.samsungcloudsolution.com
Undertheradar
Ran across this because I got to looking at my chatty Samsung TV. WOW! Talk about spying on us!!! The TV keeps sending stuff to “log-ingestion”. Also I noticed that apps NOT BEING USED are checking in frequently (such as to Amazon…really??? I can only think profiling what I watch to figure out what I might want to buy)
These marketing folks are becoming more invasive every day. What I do and what I watch is MY BUSINESS!
I’m setting up selective blocking as well.
Thanks for your list. Here is partial of mine when I’m watching Pluto (DNS lookups removed to reduce noise):
2 6 21:49:49 Samsung TV (172.2.1.105) 34.225.153.50 (log-ingestion.samsungacr.com) HTTPS 3.23 KB / 6.13 KB close
4 6 21:49:41 Samsung TV (172.2.1.105) 34.204.239.34 (log-ingestion.samsungacr.com) HTTPS 2.14 KB / 5.97 KB close
5 6 21:48:49 Samsung TV (172.2.1.105) 52.44.210.24 (log-ingestion.samsungacr.com) HTTPS 3.23 KB / 6.13 KB close
8 6 21:48:31 Samsung TV (172.2.1.105) 34.205.103.15 (t.pluto.tv) HTTPS 645 B / 496 B close
9 6 21:48:16 Samsung TV (172.2.1.105) 34.205.103.15 (t.pluto.tv) HTTPS 928 B / 5.55 KB close
12 6 21:47:49 Samsung TV (172.2.1.105) 34.197.38.22 (log-ingestion.samsungacr.com) HTTPS 3.27 KB / 6.18 KB close
15 6 21:47:28 Samsung TV (172.2.1.105) 13.33.252.62 (silo.pluto.tv) HTTPS 645.98 KB / 29.10 MB close
16 6 21:47:06 Samsung TV (172.2.1.105) 35.169.131.5 (stitcher.pluto.tv) HTTPS 652 B / 496 B close
17 6 21:47:06 Samsung TV (172.2.1.105) 35.169.131.5 (stitcher.pluto.tv) HTTPS 935 B / 5.55 KB close
20 6 21:46:49 Samsung TV (172.2.1.105) 52.45.232.13 (log-ingestion.samsungacr.com) HTTPS 3.85 KB / 7.49 KB close
22 6 21:45:52 Samsung TV (172.2.1.105) 54.85.74.14 (log-ingestion.samsungacr.com) HTTPS 3.27 KB / 6.18 KB close
24 6 21:45:31 Samsung TV (172.2.1.105) 34.197.56.101 (t.pluto.tv) HTTPS 928 B / 5.55 KB close
29 6 21:44:48 Samsung TV (172.2.1.105) 52.22.134.185 (log-ingestion.samsungacr.com) HTTPS 3.32 KB / 6.25 KB close
31 6 21:44:40 Samsung TV (172.2.1.105) 52.22.220.25 (log-ingestion.samsungacr.com) HTTPS 2.10 KB / 5.97 KB close
35 6 21:44:09 Samsung TV (172.2.1.105) 52.50.124.229 (lcprd1.samsungcloudsolution.net) HTTPS 2.70 KB / 2.57 KB close
40 3 21:43:51 Samsung TV (172.2.1.105) 172.217.12.14 (smartlock.google.com) HTTPS 2.08 KB / 1.57 KB close
41 6 21:43:48 Samsung TV (172.2.1.105) 34.194.142.54 (log-ingestion.samsungacr.com) HTTPS 3.92 KB / 7.42 KB close
43 6 21:43:20 Samsung TV (172.2.1.105) 34.205.103.15 (t.pluto.tv) HTTPS 1.97 KB / 5.97 KB close
44 6 21:43:17 Samsung TV (172.2.1.105) 52.3.161.174 (k.pluto.tv) HTTPS 1.91 KB / 5.97 KB close
48 6 21:42:48 Samsung TV (172.2.1.105) 34.230.166.162 (log-ingestion.samsungacr.com) HTTPS 3.92 KB / 6.43 KB close