Blog: How Tos

Samsung TV voice encryption UPDATE: Fixed, but not quite…

consultant-placeholder01 Joe Durbin 06 Mar 2015


Previously Samsung TVs sent an unencrypted audio file containing your search term to the Samsung servers which then did the voice-to-text processing.

There’s a post about it here.
The search term data was then sent back to the TV unencrypted.

Here we see the words Samsung, Sampson and Samson being sent back to the TV as a response to the audio file being sent from the TV:


After the update, the audio data and the resulting response were seen to be suitably encrypted.
Problem solved!
…Not quite.

The search term is then sent to the following URLs:

For example (saying the word chicken):


These are sent over HTTP and are therefore unencrypted and can be intercepted.

We can’t hear you, but we know what you said.

Both of these websites offer an HTTPS interface which should be utilised in future firmware releases as shown below: