Samsung Q990D unresponsive after 1020 firmware update(us.community.samsung.com) |
Samsung Q990D unresponsive after 1020 firmware update(us.community.samsung.com) |
Comments show that there might be resolutions and potential for firmware patch. [0] Bad updates happen.
[0] https://us.community.samsung.com/t5/Home-Theater/Samsung-Q99...
They did this with their Blu-Ray players about five years ago:
https://www.theregister.com/2020/07/18/samsung_bluray_mass_d...
Each device had to be shipped to a repair center because they needed to directly re-flash the flash storage. The issue with the Blu-Ray players was that an update caused it to get in to a state where it would boot loop before it even got to a point that anything could be done, manually or otherwise.
What we don't know yet with this issue is whether the devices are booting enough to apply another firmware update. It may be possible to do this, fixing this issue. If that's the case "bricked" would be technically incorrect, but for now, it's not a wholly inaccurate term.
This is too circular for me. Google "bricked" and you get the Oxford Languages definition, which says "...typically on a permanent basis."
e: HN headline has been corrected
I've tried all the potential solutions this morning. It seems permanent unless Samsung somehow finds some magic to fix it, especially since the soundbar won't connect to WiFi/internet and doesn't do anything with the USB plugged in.
I'll take a chance on a hardware update if the forums say "soft brick." If people are saying "brick," then I'm only moving forward if I'm prepared to write off the device.
edit: HN headline has been corrected
I never patch such devices as long as they work, the only exception is phone and desktop. Those idiotic phone apps to tweak some minor stuff - thank you but I couldn't care less, I install maybe 1 new app to my phone a year and no, it won't be due to buying some effin' loudspeakers.
There is simply 0 real gain for me and always non-zero risk. Even those I hate updating, but grokking they are too important to leave some known hackable surface open.
It is bad engineering on Samsung's part to even be able to brick their product with an update.
Most people aren't techies. They buy the thing, and use it as instructed.
*.samsungcloudsolution.com
*.samsungosp.com
*.samsungqbe.com
*.samsungcloud.tv
*.samsungads.com
The first one gets the most hits.
I also don't connect my Samsung displays to Wifi anymore. Unless I notice a problem that I have to search to fix. Then if there's a firmware update that fixes the issues, I'll do it.
NextDNS and ControlD are helpful for blocking this sort if thing, or Pi-Hole if you want to set it up yourself.
I am moderately surprised that they even update their firmware on some models.
This will bite us again and again in general.
Also, it's entirely unclear to me why I need WiFi or a remote server for my dishwasher or refrigerator in the first place. What possible value-add is there?
Other than the slow boot (takes about 5 seconds to switch to Apple TV after pressing power button), I have no complaints.
Hello, I am Rene, a community expert on the Hacker News Experience Forums. I see you are having trouble with an auto-flagged post. I will try to help you with your auto-flagged post. Have you tried turning off your kitchen tap and turning it back on again?
Automated updates were supposed to give us peace of mind instead of having us worried about what bug or enshittification will follow.
I’d wager that, for most Internet-connected appliances, keeping them offline or disabling autoupdates have way more pros than cons.
But if it only allows the manufacturer to remotely execute arbitrary code on a device without the user's consent, it's called an automatic software update mechanism and most people somehow consider that it's totally fine.
> Have you tried to factory reset your soundbar?
In any case, it's mind boggling how a multi billion dollar company lacks proper rollout strategies.
I have a pair of Sony WH-1000XM4 headphones, and their app constantly tells me to install the latest firmware update. After the 20th time I finally agreed - only to be met with the update instructions: I must perform the update in a place with no other bluetooth or wifi devices.
Where on earth would I even have to go to find a place without there being any 2.4Ghz signal interference?
I've never been more careful when pressing “Cancel,” making sure I don't accidentally tap “Agree and Continue”.
[0] https://www.reddit.com/r/Soundbars/comments/1jb1ymp/comment/...
Unironic answer: most airports. Even small ones will have avionics shops, those avionics shops will have to test Emergency Locator Beacons, and those beacon signals are not meant to escape to the outside world during testing.
Thus, most have Faraday rooms, cages, or just small (2-3 cubic feet) boxes to block signals. I used to work for one of those teeny-tiny companies. Would not recommend working in aviation. That said, knocking on the door and offering to come back with doughnuts if they can help you out when it's not crazy busy, feels like less an insane idea than I'd have expected previously.
* Enhances the security features of the system software
* Improves Bluetooth connection stability
* Improves the hands-free calling quality
* Fixes an issue where the headphones cannot be paired on a Windows computer
* Fixes an issue where, when there are 2 Bluetooth devices connected at the same time, the connected devices repeatedly disconnect and reconnect
* Improves general performance of the headphones
By the way, Sony wearable products make use of their proprietary NN inference library called Nnabla, with a free helper GUI app Neural Network Console for Windows that can export low-code code into Spresense board codes. It is apparently used across the brand for tiny and transparent features like on-head detection through accelerometers. Not super related, but just so you know...
[0] There is no lossless high quality audio over BT, only a bunch of lossy codecs.
You might have to line the inner walls with something to prevent the signal from bouncing back? I'm not sure.
Inside a microwave oven.
You get similar problems in other larger metal boxes, eg caravans. In a caravan, short high data rate packets are transmitted properly, but bigger packets get lost because they interfere with a reflection off an internal wall.
Having worked for several billion-dollar companies, I can tell you it's very common. The extremely short answer to why is "silos on silos on silos on silos". Quite often, each team rolls things out however the hell they feel like. And the teams don't have very good people on them. It doesn't have to be this way, but the people at these companies simply don't give a shit about doing it in a better way. Bad leadership ensures it continues.
What was the need for the global instance 0->1 rollout of the firmware over the air ???????????????
could they perhaps test it on a small subset? perhaps on Samsung CEO's home system, not the customers'?
previous used https://appleinsider.com/articles/12/12/13/samsungs-chief-st...
new one uses, but just does not tell it.
apply display is good with apple tv.
and ceo dislikes automatically installed free to play tv apps and ads. as samsung does.
and here unwanted apps installed randomly
https://www.reddit.com/r/privacy/comments/ztuv0l/samsung_sma...
https://hackaday.com/2020/07/19/the-real-story-how-samsung-b...
'Having' (paid for) a device for not having it for weeks is not that customer friendly attitude. It is almost in the same league with how UK furniture makers exploit customers. You get into the shop, see something nice, start ordering it, casually ask about the delivery date, cancelling the whole thing and run to an Ikea after learning that it will take somewhere between 4-6 months, depending on the workload of the factory. They are insane! I mean those who actually buy this way. The manufacturers are just brazen. Thinking that someone goes into the shop for leaving behind money for the honor of using a product of theirs sometime in the unspecific mid term future, instead of like NOW!? Shameless.
I boycotted Samsung after having similar troubles with their computer screens. Essentially, they chose a weird adapter for the screen that I can't find anywhere making the screen essentially useless.
I no longer buy anything Samsung. I can't say the same about other people as Samsung is essentially an Advertising company that happens to have consumer products.
Samsung product life cycle support seems like planned obsolescence.
1. Staged rollout of firmware updates. It’s common practice for apps and software but for some reason it’s less common with firmware. Rolling out to 1% (or less, depending on scale) of devices and waiting a day is cheap insurance. Side note: Build a good relationship with customer service people so you hear about these things immediately.
2. A failsafe firmware reset back to factory state. Some sequence that resets the device completely back to the way it was when it came out of the box, firmware included, as a last resort. In conjunction, your automated tests need to confirm that every factory firmware you’ve ever released can update to the latest firmware.
Isn't this about the most condescending thing they can start with?
I ended up factory resetting the TV to make it forget my wifi credentials, and I just haven't put it back online since then. I haven't regretted it at all.
I think mine is compatible with the SammyGo custom firmware, so I might install that one of these days, and then maybe I'll reconnect it to my network. But, for now, I just have a PC connected to it and manage everything there.
- If a firmware can be updated, it must keep a minimum ROM feature so it can be recovered.
- No device should be updated without the *owner* explicit intention to do so.
- Full docs must be released if the vendor stops supporting it.It was educational. I learned that I completely suck at trying to speak Russian. I could type "channel 4" into Google Translate on my iPad, press the Mic button on my TV remote, and press the speak icon on Google Translate and the channel would change.
But no matter how many times I listened to Google Translate say that in Russian I could not manage to match it close enough the TV to accept it.
The best thing we have been able to come up with is leaving the TV itself disconnected from the WiFi and using an Apple TV for smart features/streaming. I'm sure they're still gathering data but it's at least not as blatant. It's a real crapfest for the consumer at the moment.
both devices were malfunctioning within the first month.
1) 4k60 32" monitor, the power button always flaked and it would randomly shut off, thus necessitating unplugging and plugging it back in, 2-3 times a day. customer service: "unplug all monitor cables and plug just power in. what is on the screen? oh, then it's fine. have a nice day!"
2) Refrigerator. Intermittent fan issues were the reason i called. i ended up having to replace, for cause, the heating elements in the refrigerator side as well as the fans due to ice damage to the impellers; then the ice machine started leaking inside the freezer door somewhere, and that leak would freeze on the bottom of the freezer and push the door open, letting water just drip on my floor for hours, nearly damaging the subfloor. I also had to replace the motherboard. So now i have a water-less, ice-less refrigerator.
i could go on about how their SD cards are quite fast but don't last long if you have them in outdoor devices (like dashcams, trail cams, security cameras) - the only raspberry pi i've ever had to throw away had a samsung SD card in it that overheated to the point of contact burns - i went to unplug it to reboot it and received a welt from the SD card for my troubles.
I'm just one person, but read enough anecdotes and you can ignore them all!
This happens more and more often, and there is a fairly easy + popular workaround (which also comes with 99% ad blocking as a bonus). Just either set up pi-hole locally OR use a hosted DNS service that does essentially the same thing.
Main idea: Ads, updates, etc. typically (not always) need to resolve hosts before connecting to servers. Simply resolve these hosts to 0.0.0.0 instead of a real IP.
Arguments for pi-hole or other local solution: Free. Private.
Arguments for hosted solution: No set-up headache, no local raspberry pi or other machine to maintain. Overall a bit simpler.
Guide for blocking updates after the service is set up (I just went through this a month or two ago to block updates to my LG TV):
Step 1: Search around for servers that correspond to updates for your device.
Step 2: Test these lists; realize that they are often incomplete.
Step 3: Shut your device off. Open pi-hole like service, and watch queries live. While doing so, turn on your device (and if you have the option, check for updates).
Step 4: Put all of the queried hosts you see into your block list.
Step 5: Later, you may encounter broken functionality. When this happens, look at your logs, and see which server(s) were blocked at that moment. Remove only those from the blocklist. (And cross your fingers that the manufacturer doesn't use the same hosts for typical functionality and updates.)
At least with my Samsung soundbar, the remote can change the volume, the subwoofer volume and change between modes (standard, surround, game). But if I want to enable night mode, I have to use the SmartThings app. There's no way to enable it using the remote. What's worse, the app often hangs when connecting to the soundbar, requiring me to force stop and restart it. So sometimes toggling a feature that should be a single button on the remote takes me over a minute.
Samsung is right next to HP on my list of brands I will never ever buy in my entire life.
I installed the GitHub app a long time ago, and that had similar behaviors that kept me from the web-based experience I know & love & which is more URL based. Finding that disappointing, I uninstalled the app. But still, GitHub results in Google don't show the URL, they just say "app installed" where the URL would be. What a colossal regression.
More to the topic, we are on day 4 of Google Chromecast Audio & 2nd generation being broken. Supposedly an expired cert. Amazing neglect, ya'll.
After 1 year, I am 100% sure that I will never again buy a Samsung product, no matter how cheap it is.
Just look at the first sticky here: https://www.avsforum.com/threads/2023-samsung-4k-s95c-s90c-s...
I got one hoping it works be great but they add bugs to each release.
The video decoding macro blocks around dark objects at certain illuminations.
The TV complains it's running out of space (wth) after I installed only 6 TV streaming apps. 4gb of storage is the cause and when it gets to 1gb it complains, daily.
It makes power on off sounds, "bling", when off, and when on. Surprise!
The apps all have bugs, because Tizen OS is unpopular and difficult to develop well on.
I'm planning on selling mine as soon as possible, as I can't stand the judder on 24fps content as well.
Not to mention other quirks like limited passthrough support
I've done my share of embarrassing mistakes and each time I've felt awful. Nothing on this scale though.
I 100% guarantee everyone who uses one of these was railroaded into mandatory arbitration.
Nobody involved in the decision making cares about the customers. They only care about the potential hit to the bottom line, and if that's perceived as callous silence, they don't care. Unless, of course, they decide that appearing to care and being responsive results in less of a hit.
Silences like these are strategic and dependably predictable - engaging with customers on average costs more than remaining silent for whatever metric they've applied to the fix. If it takes longer than they thought, they might feel compelled to speak out, or they could just depend on the issue to fade into the 24 hour news cycle. Engaging with a customer runs the risk of them interacting with some threshold of people that will keep the negative story in the headlines for longer than it might otherwise be.
For example, little life pro-tip, never directly pay for a loan that you aren't liable for. Proxy it through the debtor, or not at all and get a lawyer if the debtor is deceased.
They knew they should have announced a recall, but they didn't. What they did was... They simply replace the TV panel, even outside the warranty, just to avoid lawsuits (After the person first try to contact them).
Yes, outside the warranty.
But one with one detail: They replace it with the same defective panel.
Unfortunately, I was the lucky one who ended up buying this TV, and I've already replaced the panel about three times in less than five years.
Even the Samsung repair technicians that came to my house to fix the TV already told "The model just have this issue, nothing we can do about it. If it happens again, report it again to fix"
Why on earth would anybody do that? I have these speakers, exactly model D, it works flawlessly either via eArc with TV or Bluetooth with both android and apple, there is absolutely nothing to fix or improve. You have to tinker with USB key and obscure series of actions or install a dedicated app on phone to force an update - why would anybody ever need such an app in first place? I am minimizing amount of apps on my phone, and not installing every semi-unknown low quality crap just because I can. That's basic security 101.
You can tweak basses directly on remote for these. These speakers are not HiFi albeit cca fine performers, realistically you will never need more from them (and TBH that one feature is absolutely stellar idea that many much more expensive receivers don't have, when kids go sleep I lower basses since they travel easier through walls and doors).
Its like pushing unknown BIOS updates to motherboard when your PC works perfectly fine, and then complaining it isn't anymore. Its sad state of 2025 electronics in general, but it was exactly same 10 or even 15 years ago, this ain't something new or unknown.
Turning of the dammed display would be an improvement. I don't want an animation playing telling me that yes it's still connected to the TV via eARC every time I change the volume on the TV.
Being able to disable the "microphone off" indicator LED would also be great.
It only takes a routine Windows Update to bring those setting back to helpful defaults.
And those updates are helpfully set to download and install by default.
And I assume my WiFi router updates have helped prevent people doing evil things with my devices.
Samsung's update here is obviously a massive fail, but it's one consumer device out of tens of thousands. I think it's clear the benefits outweigh the harms on the whole. Definitely sucks if you bought this particular soundbar though.
It's not even like people don't have the option, they're just suckers for marketing and don't fully research anything. Free markets are useless if the consumers are this dumb.
(Or not, of course...)
NEVER BUYING A SAMSUNG TV AGAIN
Most apps get removed because the people writing them don't want to support them anymore. The Samsung framework from 2013 was always trouble and it doesn't support many current W3C features that you'd want as a developer. Most people I know are drawing the line at supporting 2014 or 2016 Samsung devices.
Could Samsung update their devices to ensure they still supported modern frameworks? Possibly, but they don't really get any revenue from providing OS upgrades and those devices suck in terms of RAM and CPU.
I don't know how this work, but either Sony or the streaming service must be making the apps, and neither seems interested in maintaining apps for a 10+ year old TV. So when the streaming services are updating their backend, older TV don't get updated applications.
Smart TVs make absolutely no sense, the streaming service are moving to fast, so you'll need a cheaper box, or a product that is support for a decade.
Judging by current trends i will have to replace the attached chromecast before the TV breaks.
With luck there are some old TVs still on remaining stock and that is about it.
The solution (that I hope everyone knows about by now) is to buy an Apple TV and connect it. Once the TV starts, it shows Apple TV from the get-go and not any of the Samsung stuff.
I have a modern Sony Bravia, too, which is running "Google TV" natively. On the plus side, the UI is just about identical to what you get with a Google TV dongle (which I also have, plugged into an old 32" monitor in front of my bike trainer), but it's also a really heavy interface that's also increasingly rich in ads. If your household is like mine, and holds subscriptions to a half dozen or more streaming services, some of which are bundled and some of which are either discounted or comped via entirely different subscriptions (mobile phone) or membership (credit card), it's really not helpful to have Google show me subscriptions I might want to add-on to my Google TV sub, nor do I appreciate seeing ads for content from things I don't subscribe to. Also, the Sony remote has about 50 buttons -- not a fan.
All things considered, I end up having to fiddle with the Sony TV far more frequently than the Samsung one, usually because of network or app issues.
We have an old Roku stick plugged into an old tv in a spare room, too, and it's almost intolerably slow. It's primary use case is to plug into our projector for backyard movies in nice weather, so I keep it around, but man is it dog slow.
Are you happy with it spying on you?
That's what all Samsung televisions do, and there is no way to turn it off. They advertise on their own web page that they monitor the content viewed on their televisions for targeted advertising.
This isn't via some sort of metadata, they take screenshots at regular intervals and upload them to very insecure hosting.
I hope you never look at any "sensitive" content on your TV!
TVs are a wildly unprofitable business. It's astoundingly bad. You get 4-6 months to make any profit on a new model before it gets discounted so heavily by retailers that you're taking a bath on each one sold. So every dollar in the BOM (bill of materials) has to be carefully considered, and not far back the CPUs in practically every TV was single core or dual core, and still under 1GHz. Bottom of the bin ARM cores you'd think twice to fit to a cheap tablet.
They sit within a custom app framework which was written before HTML5 was a standard. Or, hey want to write in an old version of .NET? Or Adobe Stagecraft, another name for Adobe Flash on TV?
Apps get dropped on TVs because the app developers don't want to support ancient frameworks. It's like asking them to still support IE10. You either hold back the evolution of the app, or you declare some generation of TV now obsolete. Some developers will freeze their app, put it in maintenance mode only and concentrate on the new one, but even then that maintenance requires some effort. And the backend developers want to shutdown the API endpoints that are getting 0.1% of the traffic but costing them time and money to keep. Yes, those older TVs are literally 0.1% or less of use even on a supported app.
After a decade in consumer electronics, working with some of the biggest brands in the world (my work was awarded an Emmy) I can confidently say that I never saw anyone doing what could be described as 'planned obsolescence'. The single biggest driver for a TV or other similar device being shit is cost, because >95% of customers want a cheap deal. Samsung, LG and Sony are competing with cheap white label brands where the customer doesn't care what they're buying. So the good brands have to keep their prices somewhere close to the cheap products in order to give the customers something to pick from. If a device contains cheap components, it was because someone said "If we shave $1 off here, it'll take $3 off the shelf price." I once encountered a situation where a retailer, who was buying cheap set-top boxes from China to stick a now defunct brandname on, argued to halve the size of an EEPROM. It saved them less than 5c on each box made.
For long life support of the OS and frameworks, aside from the fact that the CPU and RAM are poor, Samsung, LG and Sony don't make much money from the apps. It barely pays to run the app store itself, let alone maintain upgrades to the OS for an ever increasing, aging range of products.
And we as consumers have to take responsibility for the fact that we want to buy cheap, disposable electronics. We'll always look for the deal and buy it on sale. Given the choice of high quality and cheap, most people choose cheap. So they're hearing the message and delivering.
If OEMs differentiated their TVs based on compute performance, consumers might be able to make an informed choice. (See smartphones: consumers expect a Galaxy Sxx to have faster compute than a Galaxy Axx.)
If not, consumers just see TVs with similar specs at different prices, so of course they’re going to pick the cheaper one.
You are literally the first person I have ever seen say this online, besides myself. I have worked in hardware for years and can vouch that there is no such thing as planned obsolescence, but obsession over cost is paramount. People think LED bulbs fail because they are engineered that way, but really it's because they just buy whatever is cheapest. You cannot even really support a decent mid-grade market because it just gets eviscerated by low cost competitors.
Comparing models from 2005/2015/2025, for example. Most people literally can't tell 4k from 1080 and anything new in the HD race mostly feels like a scam. The software capabilities are all there. I think to differentiate from the no-name stuff, longevity is going to become a more significant differentiator.
Explain to me then how an Apple TV device for $125 (Retail! not BOM!) can be staggeringly faster and generally better than any TV controller board I've seen?
I really want to highlight how ludicrous the difference is: My $4,000 "flagship" OLED TV has a 1080p SDR GUI that has multi-second pauses and stutters at all times but "somehow" Apple can show me a silky smooth 4K GUI in 10 bit HDR.
This is dumbass hardware-manufacturer thinking of "We saved 5c! Yay!" Of course, now every customer paying thousands is pissed and doesn't trust the vendor.
This is also why the TVs go obsolete in a matter of months, because the manufacturers are putting out a firehose of crap that rots on the shelves in months.
Apple TV hasn't had a refresh in years and people are still buying it at full retail price.
I do. Not. Trust. TV vendors. None of them. I trust Apple. I will spend thousands more with Apple on phones, laptops, speakers, or whatever they will make because of precisely this self-defeating decisions from traditional hardware vendors.
I really want to grab one of these CEOs by the lapels and scream in their face for a little while: "JUST COPY APPLE!"
I have a "smart" Samsung TV in my home office but it's never been plugged into the network and has a chromecast and various networked devices plugged in to it as a "dumb tv", that has been working out great, the TV still turns on/off easily and is as fast as the day I bought it (makes sense, it's still running the factory firmware).
Another possible solution is to only use one input on the TV. Connect an A/V receiver to that one input and connect all your other devices to the A/V receiver. Then you should only need to deal with switching inputs on the TV if you want to watch over the air TV using the TV's tuner. You can probably even get rid of that need by getting a stand-alone TV tuner and hooking that up to the A/V receiver.
Many A/V receivers have network interfaces that you can use to control them if for some reason you don't want to use their remote. Most Denon receivers for example have an HTTP server that presents a web-based interface if you browse to it from a computer or mobile device.
They also run a simple HTTP based API that is easy to use from scripts. For example here is a shell script that gets the current volume setting of mine:
URL=http://192.168.0.xx/goform/AppCommand.xml
cat > tmp.$$ <<HERE
<?xml version="1.0" encoding="utf-8"?>
<tx>
<cmd id="1">GetVolumeLevel</cmd>
</tx>
HERE
curl -X POST -H "Content-Type: text/xml" --upload-file tmp.$$ $URL
rm tmp.$$
<?xml version="1.0" encoding="utf-8" ?>
<rx>
<cmd>
<volume>-45.0</volume>
<disptype>RELATIVE</disptype>
<dispvalue>-45.0dB</dispvalue>
</cmd>
</rx>Every time you’d start the tv it’d switch to the Samsung Baywatch 24/7 stream.
So inappropriate for the children.
The bug, or Baywatch itself?
I'm never buying any Samsung products again if I can avoid it. A forced update bricked my damn phone when it forcibly restarted while I was showing something to a client.
Samsung doesn't give a shit. They'll trash the device you paid for and tell you to suck it up and buy a new one.
Reminds me of the time when a Samsung VP (or whatever his title was) showed up at a Microsoft Build conference to promote their TVs and the shiny new Tizen .NET Framework that shipped inbox. I asked if they planned to backport it to last year’s model—which I had just purchased—so we could test with and target existing TVs in the market. He looked me straight in the eye and, with a smarmy grin, said (paraphrasing), 'No, we want consumers to buy new TVs.' I walked away disgusted and abandoned any idea of targeting that platform.
Similarly, I vaguely recall a Samsung event that had leadership--CEO?--flat out say they wanted consumers to buy new TVs every year or so. I couldn't immediately find the quote though.
I want a separation between my display device and the thing serving it anyhow, but that's just me in my techie world. The fact that performance got worse with each update, though, that's just over the line for everyone. I mean, if you're going to babble about how you're upgrading my experience, shouldn't you, you know, upgrade my experience instead of constantly downgrading it? My experience gets downgraded, but gee golly, it sure seems like yours is getting upgraded.
Well. It's really not that hard to not plug in the ethernet cable.
My Roku boxes have also had the same trajectory over the years. As time rolls on, they just get slower and slower with each update. Slowly, but surely. How exactly this is accomplished I'm not even sure, it's not like they're overflowing with new features or doing bold new computations for my benefit. They just get a little bit slower every effing time. But at least replacing my Roku boxes is $20-40 now. Hey, sure, OK, a $40 thing probably can't be expected to work 5 years from now. If nothing else, video codecs do march on and specs may exceed what the hardware decoders can handle. OK. My $1000+ TV does not get that grace. It damned well better be able to turn on in less than 30 seconds, even 10 years, 20 years from now. No excuses.
Which tends not to be great for a tv one wants to use with a Chromecast or similar media box...
LG still has bits that are ultimately ads, but at least they're less egregious, presented as suggested content in a Home view that already aggregates content from various sources. Not ads for fucking McDonalds and similar. At least that was the case as of a couple of years ago—I disconnected my LG from the internet the day I got an Apple TV and never looked back.
Just let me buy a large class leading display without trying to insert yourself into my life, please. I'm already paying through the nose for it.
(disclaimer: maybe 5-10 years ago)
This doesn't work if your threat model includes denying rollbacks to prevent exploiting bugs in old firmware. I'd love to be able to roll-back firmware on some of my devices to allow me to "jailbreak" them using old firmware.
In some cases your newer firmware may be blowing e-fuses that prevent old firmware from functioning. See the Nintendo Switch, for an example.
To be clear: I think this is anti-consumer and wrong, but manufacturers absolutely do it.
Edit: I also think it should be illegal, by way of consumer regulation. I don't think consumers should have option to waive their right to manufacturers not damaging hardware they own.
Clearly the latter is heavily preferred by most companies.
this should be especially trivial when your device have some usb ports.
you can keep all requirements of only newer or the same version of firmware to flash, with all refuse checks.
if you mess up, you can allow consumers to flash fix using regular pendrive
Copyright and patent have morphed into evils that drive anti-consumer and anti-competitive behavior, and have driven a “subscription” model that allows rent seekers to achieve their wildest dreams.
Im not a fan of firmware lockdowns but I understand other people may value security over moddability.
Whats worse is that a lot of the affected hardware was near or EOL anyway, so Cambium was simply helping rescue devices headed for the scrap heap.
Android systems can do this today. After an orderly shutdown of new software, then it can mark the new stuff as good and not allow older software to boot.
There are commercial offerings (like mender.io, never used) that basically specialize in providing rock solid update infrastructure, but that again takes investment and organizational priority that doesn't exist for non-feature code.
I'm trying to buck the trend though and on the new embedded system I'm working on, I've specifically designed the upgrade system to be as reliable as I can make it. It goes something like this:
- The new firmware is downloaded to the secondary application slot.
- Just prior to rebooting, the entire state data of the system is serialized as a document and stored on a flash partition.
- The upgrade flag is set, the system reboots and MCUboot does its thing.
- The new firmware finds out a upgrade happened, clears out all the data partitions, restores from the document and then clears out its partition.
The system is basically sanitized and restored after each upgrade. It's also the same codepath that handles saving and restoring the system's configuration by the end-user as well as settings management. If the document schema is for an older version, run the N-to-N+1 schema upgraders on it prior to applying instead of trying to patch the system in-place. If something goes horribly wrong, flip a jumper to trigger the heavy-duty sanitization that nukes the entire external flash (internal flash only contains the bootloader, primary application slot and factory parameters so it's essentially read-only once the application boots).
It might be hubris, but I hope it's good enough that I'll never see a bricked card that can't be resurrected by a factory reset with this project (assuming no hardware damage, no internal flash corruption and no bricking firmware getting signed with production keys seeping through the cracks despite all the checks in place).
> "One of every board revision we've ever produced"
The, ah, "special" people we had running engineering didn't even put in the work to be capable of the software querying the board rev. We had to play games like running certain motors past a position limit and seeing if there were limit switches there (or not) to guesstimate board revs.
I'm guessing stories like this are common.
Offline first approach respects user autonomy and creates a natural safety net against bad updates. Plus, it means your product keeps working even when servers change or get shut down years later or a nuclear war happens. Sure, connectivity has benefits, but a speaker's main job is playing sound, not phoning home. Building offline-first also forces better engineering decisions about longevity and graceful degradation.
It's so hard to find any offline-first apps/devices nowawdays, which is sad to see in a world of algorithms and AI.
This whole situation reminds me of this: https://programmerhumor.io/linux-memes/thats-the-attitude-sa...
See their new app debacle which coupled a non-reversible firmware update that made the hardware incompatible with the old app.
3. have a set of conditions to mark the running firmware image as "safe" and have it become the new fallback firmware image for this scenario. That way you can have a recently up-to-date firmware version constantly trailing the new ones
So many companies have begun rolling out updates that makes the device I purchased call home before allowing any user functions and if/when that server goes down my device becomes a brick. This behavior essentially invalidates my ownership of the product and renders it to a service, provided at will by the manufacturer.
Your idea ensures my device will one day become a brick as soon as the manufacturer decides to mark their update requiring internet check-ins “safe”.
If you think I’m exaggerating check out Louis Rossmann‘s YouTube channel.
It's common now for medium and large companies to have some variant of a cloud platform team: People responsible for shared practices, infrastructure, and processes in the cloud.
Smart hardware companies have done the same for decades. You have a firmware platform team that handles things like update protocols, recovery protocols, testing checklists, on-device OTA update architecture, and other critical functions.
When you're a company like Samsung that continuously releases and develops products this actually increases your time to market rather than decreasing it. You let each product team focus on the parts of the firmware that make their product valuable and free them from having to roll their own update systems
If the management folks have personal health insurance, surely they must understand the concept and the need. And this is a much better deal because unlike actual insurance this is more like "invest once, enjoy forever" type of thing. And multi-stage boot chain, recovery partition and staged rollouts are not some rocket science that needs some serious expertise.
Yet, here we go. Humans are not really rational actors after all, and collective humans are even less so.
There if something goes wrong during an update, you always have a backup BIOS with the previous version (not necessarily factory settings). If the system fails to boot, it automatically switches to the backup BIOS and restores the main BIOS to the last working version.
I'm not sure I understand various industries' conventions...
While interviewing for a principal engineer job, I was meeting individually with a bunch of team leads and managers, and one engineer asked how would I design firmware updating for the company's product (which was more critical, complex, and expensive than a soundbar).
I assumed they were probably trying to see whether I would throw in some robustness/resilience (not oversimplify it). So I sketched it out, while hitting notes like diffs, downloading and assembling in staging space, imperfect networking, having at least two firmware "slots", backing out upon boot loop or failure soon after boot, gradual deployment to installed base, contrasting with some less-critical consumer product firmware update practices, etc.
(Either that was a bad answer, or they got distracted thinking about something I'd said, because I was getting odd subconscious backchannel cues, and they were unresponsive when I tried elicit more requirements or guidance about what they were looking for. Maybe there was some standard embedded systems programmer canned answer that I was supposed to recite (analogous to the Web brogrammer 'system design' interview), and they couldn't think of how to nudge me towards the shibboleth without saying it?)
https://tweakers.net/reviews/10334/het-einde-van-de-high-end... (Dutch)
I think it usually takes a big rollout for these big companies to actually "hear" their users.
I'm reminded of the time a random NPR station accidentally bricked the infotainment systems on thousands of Mazdas and because there was no factory reset feature they had to spend millions replacing head units. That's just bad design.
I prefer to keep the factory firmware reset to a manual process that requires user intervention.
For example, holding down the reset button for 10 seconds after plugging the device in.
In my experience, it's not a good idea to have a device automatically roll back firmware and erase user data after failed boots. These mechanisms get triggered too easily during certain power outages (power comes on then goes off just long enough to cause multiple failed boots) or when users are doing simple things like rearranging their power cables.
I'm still pissed off about LG removing record to disk option from our TV after an upgrade. I've only connected it to internet & upgraded assuming some of those bug fixes resolved few dlna issues otherwise it's always on internet block list.
Why on earth a sound bar needs to update its firmware? Why firmware needs to be in a couple of tweeters and a woofer? It should basically output audio from an input source.
After many years of being burned I always delay system level non-security -related updates at least several days after launch to mitigate the risk.
Do you mean like a physical button? That could work, though I'm not sure I've ever seen it. Holding down power for 10 seconds (or whatever) usually just erases user data, but doesn't reset firmware. Are you aware of any device that does this? But does it require some meta-firmware to roll back the firmware? What if that meta-firmware has a security flaw and needs to be updated? And that update is faulty?
If you're talking about a code sent from your servers to devices to reset, that seems like asking for the impossible. If a firmware update bricks the device, that may very well brick its ability to receive codes at all.
In both situations, it starts to feel like a problem of infinite regress...
Reverting to factory state is the last resort. You don't have users do it unless there is no other good state to return to on the device.
> Just because that version worked a decade ago, it doesn’t mean it’s compatible with the world today.
That's why I said you have to include this in your test procedures.
When you're planning for the long term you can accommodate for these things on your servers.
That's a nifty mechanism that also allows downgrade attacks, so it has cybersecurity implications that may or may not be acceptable. Furthermore, it might not be practical or even be possible to restore the system to factory condition due to technical reasons.
The team next door allows its systems to downgrade to a previous minor version with a mandatory factory reset. It however refuses downgrading to a previous major version because it implies the bootloader was upgraded or the storage was repartitioned and they really don't want to rollback that.
New firmware is pushed in phases 1%, 5%, 10%, 25%, 50% then full scale.
Each stage has some delay incorporated for acquisition/application and then for telemetry (including support contacts from affected accounts) to determine impact and allow for regression fixes.
The other reason they would phase launches is because of firmware builds being used across multiple CPE models and hardware revisions, where only a small subset of hardware could wind up being problematic, but not discovered until deployment.
When you have millions of devices deployed, even a fraction of devices having an issue can create a shit storm on the support side of things.
It all seems so obvious once you know to think about it.
A failsafe firmware reset back to a safe and secure state yes. The factory state is not necessarily that, so no.
I think devices should keep a last known good state firmware but keeping a full factory state immutable firmware would be irresponsible for many usecases.
Especially if there is an internal testing stage before actually rolling out to production. It's possible that the users seeing the bricked devices are in fact limited to the initial wave, but the damage is already done.
Or perhaps to the very first released firmware version. This way they don't have to support updating from any version to the latest, just from the first one.
#1: Requires competence, and/or management that isn't too focused on velocity and features to listen to their engineers' warnings about exactly the sort of problem being discussed here.
#2: Many firmware updates explicitly and specifically want to strip away features that the hardware shipped with (by introducing DRM, paywalls, etc.), so see the comment about management above.
It reminds me of some discussion I was seeing the other day about how the dynamic island on the newer iPhones is way buggier than it was at launch. Someone suggested that this happens because the S-tier engineers are tasked with building these things to blow everyone out of the water at launch, and then B-tier developers are tasked with maintaining them for the following years, at which point stuff starts regressing.
My iPhone XR that I am deliberately keeping on lower iOS for jail breaking reasons that when comparing the thunderbolt port to the iPhone 13.
The quality lacks so much that I am unable to listen to music with a wired headphone adapter.
Any slight jiggle of the adapter will cause it to disconnect. I don't want to use BT headphones.
Weirdly, serious groups, among them Signal seem to be clueless about this rule. In Signal, in their security concious context, this is a bit of puzzle to me why. They have updates every few days sometime, but no more than 2 weeks pass by without their update banner appears in the most prominent spot in their desktop app: above all of your recent chats, with background higlight to pop out even more, if someone would miss in important messaging. Like if this was the most important thing for everyone around - so much that it is made not possible to turn off -, to keep their software very very fresh, the freshest possible! It is generously allowed not to download updates immediatly, but that's it. The alert is always there.
But there are so little changes between updates. Once I checked the history, dominantly marginal things. Yet, the prime spot in their UI is occupied with these marginal things too, all the time (it must not be critical update in every few days because that frequency of security risks would be too worrysome for an app like Signal!).
And this is just one of the examples out there, there are too many similar ones (serious or marginal use apps alike).
Looks like software engineers lost sense throughout time, thinking the central spot of the user's mind is occupied like their own with the maintenance and state of their precious product. Not the task at hand where some whatever tool should help, without grabbing the attention away from the task all the time (also with all those frequent 'helpful' pop-up tips many software employ - I am looking at you Teams as prime perpetrator - for self advertisement, that is an other senseless narcissistic attitude).
Basically all I need in a TV apart from the display is an HDMi. It works amazing, been using like this over 10 years now.
They do, of course, sell some very low-end sets.
Unfortunately if you're a stickler for image quality this isn't an option. You can still not connect it to the internet of course, but if you're buying a high end TV there's no way to avoid all the other modern TV bullshit.
Namely needing to change the settings on every input for every source type. The first few days of a new TV is a regular trip into five layers of menus as you watch a new source combination for the first time (HDR Blu-Ray, Dolby Vision streaming movie, high framerate game) and have to turn off motion smoothing, turn off sharpening, turn the whites back down from basically blue to 6500K. I mean christ, there are still TVs out there shipping today that turn on overscan by default. Analogue TV broadcasts ended in 2012 here!
I use an Apple TV which, while a relatively expensive solution, has a clean interface and integrates well with the rest of my hardware. Plus rarely are there ads being shoved in your face in the OS/Home Screen. Apps can still do as they like of course.
Once or twice a year I'll go trough firmware update notes, connect it to the internet if there's things that can improve my "dumb" usage (fixes/improvements to refresh rate, Dolby xyz, etc.), then disconnect it from the internet again.
I bought a couple of Chromecasts for that reason but they're supposedly discontinued now.
Everyone you speak to at best is ambivalent and at worst vehemently hates it. And yet there's no sign of it slowing down. It's baffling.
Ahh! But you are just leasing the software!! Samsung is technically the owner!!
- if the manufacturer retains some form of ownership after "sale", it is obligated to provide free repairs/replacements for the duration of the contractMost owners want just plug and play, so it makes sense.
Even third point is pretty moot. We don't do that for hardware, why for software... A component is no longer manufactured? Tough luck, hopefully you stockpiled it.
I want to be able to opt-in to updates of my devices with official updates without the fear of them being turned into useless e-waste...
That point has practical issues, because most consumer electronic customers are technically dumb.
Consequently, you end up with a long-tail of deployed device firmware versions, which makes support a nightmare (fix this external integration that broke... across 20 different versions).
I'd phrase it more in terms of:
- Every device must include an option for owners to disable automatic firmware updates.It's a speaker that worked fine until Samsung unilaterally broke it. I don't think the customers are the dumb ones here.
I would rather have a bunch of mildly responsive legislators setting the boundaries of what is acceptable than a bunch of middle-managers trying to justify their salary to their private equity overlords.
Construction, hardware, radiation, dam and wastewater engineers are highly regulated professions. Do you take responsibility for bugs in your technology? Do you have insurance for your mistakes in professional work? Are you an engineer or a coder? Are you certified to do your job or just passed a boot camp?
Prison time is an appropriate remedy for theft.
https://ij.org/press-release/oregon-engineer-wins-traffic-li...
Eventually you end up with advertisements being served because the application refuses to show the content without the advertisements.
So let me cut back to your main idea:
> Main idea: Ads, updates, etc. typically (not always) need to resolve hosts before connecting to servers. Simply resolve these hosts to 0.0.0.0 instead of a real IP.
Better solution: resolve these hosts to an address you control on your network. You could even resolve it to a "public" address and add a static route to your router.
You can then choose to serve no-content from that address.
DNS over HTTPS is going to render this method ineffectual eventually. Smart devices are going to stop trusting anything on the local network.
This is more common than you think. Only a few days HP update bricked their printers https://arstechnica.com/gadgets/2025/03/firmware-update-bric...
Similar thing happened to Hisense https://old.reddit.com/r/Hisense/comments/18xnmz9/the_latest...
Samsung phones: https://www.androidcentral.com/phones/galaxy-s10-phones-smar...
- The test jig is probably pristine, so no hundreds of hours of telemetry data clogging up the internal storage.
- The test jig might be on ethernet whereas a lot of users would be using wifi.
- The test jig probably targets specific A -> B upgrades rather than testing progressive upgrade across every version that's ever existed.
- The test jig can't cover every permutation of config options.
- The test jig probably only does a bare minimal smoke test after the install, so if the problem takes a bit to kick in, it might not show up.
Not to say that it's certainly any of these, but all are possible contributors. In the coming days it'll become clearer what particular pattern the affected devices follows, and/or clever people with JTAG dongles will reverse engineer the problem and spill the beans.
On the Bose 700 headphones there was quite a bit of controversy after many users reported the ANC performance getting worse after an update. This was a few years after the headphones were released, so there were theories of it being intentional degradation to get people to upgrade.
Personally I didn't notice any difference. Bose denied any wrongdoing and seemed to spend real effort on investigating the customer complains.
Spending furtune on lies, then more on liers to lie about their frequent failures. Instead of spending on honest work and good products. It is petty so few boycott crap and crappy attitudes. And the masses eat up lies happily. So sad.
You don't want to provide more info than absolutely necessary, that could be bad from security and legal perspective.
Also, if you don't include more info, people tend to ask you less questions to clarify.
Or just connect the TV to your PC where you have the freedom to run whatever software you want. Why replace one crappy "smart" device with another.
In the event that one wants the app functionality, they’ll always be better off with a streaming stick. Even in respectable brands of TVs like Sony, the SOC’s are weaker than what you find in that $40 “Chromecast with Google TV.” so they’re pretty horrible to use even while they are current and supported.
He said "Hah, we can lose way more than that!"
Being a Philips (TP Vision), it also has Ambilight, which is nice.
It’s a few years old though, so no guarantees that newer Philips (TP Vision) models work the same way.
This is why we ended up with phrases like "Full HD".
The average consumer doesn't know what these numbers mean, people who read hackernews aren't the 99%. Phones have helped a little bit with widening the idea of newer = better, but ask the average person how many cores their phone is or how much RAM it has? They don't know.
Also, it's hard to benchmark TV performance as a selling point. Perhaps sites like rtings need to have UX benchmarks as well? They could measure channel change times, app load times, etc. That might create some pressure to compete.
One of the significant problems is that 80% of TV SOCs are made by one company, MStar (or their subsidiary). And there's only a handful of companies who make the motherboards with those chipsets. Anyone entering the market either buys those or isn't competitive. It's hard to be competitive because everything is so concentrated and consolidated. Since ST Microelectronics and Broadcom left the TV chip market it became a much less diverse market.
We were an established company who made software for STBs, we had done a ground-up build of what was probably the most capable and powerful framework for TV/DVRs. The new design was commissioned from us by a well known open source Linux distro, who then decided they didn't want to continue with the project after they realised that getting into TV OS's was hard. We then took on ownership of that project but getting investment or even commitments from buyers was impossible.
The retailers and TV brands wanted to rehash the same thing over and over because that was tried and tested. It didn't matter that we made something that was provably better and used modern approaches, it wasn't worth the effort for them. If you can't order about 500,000 TVs then you're not going to get anyone to make anything custom for you these days and you'll not make a profit.
--
It was a DVR/TV framework that was designed by people who had worked for big names in the TV business with a clean slate. It would handle up to 16 different broadcast networks (e.g. satellite, terrestrial, cable) and up to 255 tuners, even hot pluggable. Fast EPG processing and smart recording to either internal storage or USB storage. It was user friendly and allowed for HTML5 apps. We pushed it as much as we could but eventually on the brink of financial ruin the company was sold to someone who had no interest in what had been built. I will always feel that something great was lost.
Without the ability to flash from USB without a CPU doing this requires keeping spare CPUs that will work just to flash.
If it was something that really added value to the user they would mention it specifically (like on the 5th and 6th items).
I have a Dell laptop that mentioned such vague "improvements". After updating the firmware I couldn't undervolt anymore. Luckily I was able to downgrade.
I have a pair of WF-1000XM3s and this is painfully true. ANC was brilliant on these until I naively updated, and whoosh - instantly and grossly degraded ANC, to the point I previously almost didn't hear people talking at distance, keyboard chatter, city traffic etc. and now I do, no matter the app settings.
I wanted to upgrade to the in-ear XM4s, but after this? NEVER again Sony. At least for portable audio. I got instead a pair of cheap QCY HT07s (then $28, now ~$20) and got quite surprised with ANC performance on these: easily beats the crap of the XM3s-on-latest-firmware, and gets close to the previous one in audio quality. Which is a lot to say about Sony "updates".
Like once upon a time, someone established a lab with twenty different units in different states, and put in place a process for validating the releases on it, but that person is long gone, and parts of the lab haven't worked quite right in years, but the parts that do still give a green checkmark, and who wants to stick their neck out and block a release over some baroque process no one even understands, right? It's not like the lab ever seems to really catch a major issue, does it? Just send a :ship: emoji to the slack channel and wait to be assigned your next ticket in the sprint meeting.
The tragedy is that "respecting customer ownership" is now seen as leaving money on the table rather than building lasting brand loyalty through quality.
If I want equalization or convolution I apply them upstream shortly after decoding.
I don't think major music listening apps will switch your EQ automatically settings based on your listening device. So either you are doing that manually every time you switch devices, or you set your headphone EQ directly.
In any case, the software around this is not clean, and has lots of room for improvement.
I’ve had to set EQ on Bluetooth speakers themselves that didn’t sound so good out of the box.
Though at that point I rather throw away the speakers and get better ones…
Aviation is expensive and shitty. The FAA is a garbage organization that covers it's own ass first.
Can't say how glad I am to be out of aviation. I will say that it can play well on dating apps though - it can be dressed up to look very nice
They had their chance to deal with my legitimate grievances, now they can deal with me badmouthing them.
I don't think that is true. I think people care a lot... just not about the consumers. People care about themselves - they also don't want to be fired. So the decision is punted up the chain, all the way to executives. And executives want to mitigate the damage to themselves first, their orgs second, maybe consumers third.
Fwiw, to the best of my awareness, I don't receive any advertising from my Samsung TV other than perhaps the strip of suggested things to watch (half of which are "continue watching" linked to watch history in the app I'm hovering over) that lives above the app list. This is wildly different from Google TV, which has a core value prop of embedding advertising right in your face.
It takes less than a minute to disable ad tracking and ACR on a Samsung TV.
Settings > General > Terms > disable two checkboxes.
https://www.zdnet.com/home-and-office/home-entertainment/how...
1. https://eandt.theiet.org/2024/12/11/smart-tvs-take-screensho...
> That's why I said you have to include this in your test procedures.
You can’t test the world. Even if your servers can correctly respond to requests from old software, it doesn’t mean that the network between you will too.
In the factory reset state, things should have a USB flash drive firmware install route which could be used to bring back working root certs, etc.
Of course again this depends on whether the mfg is worried about DRM bypass hacks that are found later on in the factory firmware.
I'd support legislation to issue stiff fines for devices that can't be factory reset at any time, with the only exception being for directly-consumer-benefitting anti-theft (so, iCloud lock is okay).
I think all the OP was saying, is: Suppose you’re releasing firmware version N for some widget you make. Now, for all versions V in (0..N-1), verify that applying N to V works correctly.
And now that they've disconnected the thunder-bolt adapter too.
I know the quality is less than my XR. I own both and I have a box of three thunder bolt to audio cables, all have the same issues.
EDIT: just checked, my router doesn't even support WPA3... I think it's typically the 5GHz network that upsets it, but I suppose I'll just continue resetting it for now.
The thing is that the 2.4ghz wifi from the S90C (they both need to be on the same network for some goddamn reason to work in SmartThings) interferes with my DualSense gamepad.
I don't want to turn on my TV to listen to music (and Tizen only allows up to a certain quality), or use my nvidia shield, as it also turns on the TV via CEC.
Other platforms also don't support full quality like FLAC or Atmos mixes.
It’s not a secret that arbitration agreements are intended to force the parties to arbitrate their disputes.
While I understand that not all companies are like this... most are, especially the big ones.
So when I say the "true purpose" is to stop you from being able to sue, I do not mean that it's somehow some closely-held secret that arbitration is an alternative to suing. It's just that the widely perpetuated façade of "oh you just agree to the more convenient arbitration" is a vast oversimplification and there are much deeper and far more malicious intents behind those clauses. It is not at all the win-win that companies would have you believe; I've even unironically seen at least one company say, essentially, "arbitration is much better, and filing a lawsuit is so inconvenient that you wouldn't want to do it anyway". Yeah. It's soo inconvenient for me to cause you so much trouble. For me. Inconvenient for me. It sure is. I'm definitely the one that wouldn't want it to happen. I definitely don't like when companies pay for intentional wrongs directed at me. Definitely not.
I've been wronged by companies a lot through the years and I have exactly zero patience for exactly these kinds of terrible, anti-consumer business practices. Access to arbitration as an option is great; forced arbitration however is a trap designed to protect the company at the expense of the consumer. In other words, forced arbitration has never actually been about arbitration at all, but rather exclusively getting out of lawsuits. That is what "true purpose" means. "Arbitration" is just their "get out of lawsuits free" card; they would use any other card that would have the same effect, because it is that effect that they're after.
I was applying some dielectric grease to the USB port used for Android Auto (in order to prevent intermittent disconnects while driving) but I wouldn't be surprised if one of the many other cables plugged into it led to a cell antenna on the exterior.
There are also software options; I was able to disable the "telematics" in the same vehicle by inputting a (frankly schizophrenic) combo of rolling back the date, touching random invisible trigger zones in menus, and entering a leaked PIN to access the appropriate service menu on the infotainment unit.
Figuring all that out was unfortunately quite difficult, although I imagine you might be able to get "official" help if your local dealership is friendly and willing to bend the rules. I had to settle for a lot of keyword massaging on Google.
This is only sufficient if you trust software, which you shouldn’t. Hardware disconnects are reliable. Cut the power.
This sort of functional interdependency has become increasingly common in embedded these days with heterogenous SoCs.
One thing I've seen before is to separate downloading from rebooting, broadcast the manifest for the updates between all the independent processors (all updates need a declarative manifest for so, so many reasons) to check locally, and only proceed when they all agree. Rollbacks are initiated if they can't see everyone with their expected versions afterwards.
Still isn't perfect either.
I won't get into details, but in some of the horrors stories I've heard the distributed system happened to be entirely software in nature. There are plenty of creative ways to mess up an upgrade on a uniprocessor system.
I kept the summary short and simple, partly because that product isn't out yet and also because I don't want to bury the lead with a lot of extraneous details that we do take into consideration, but are irrelevant to the big picture idea of an upgrade method that factory resets the card and restores its state with a codepath shared with the end-user save/reset and configuration mechanisms.
I’ve had two devices end up with malware like this. A Sony blue ray player that was uploading 2gig a month before I caught it and a Samsung tv.
It’s worth mentioning you have to block or change WiFi credentials. The device with malware may attempt to connect to any known wifi even if you disable it on the device. I get 45000 auth attempts a day from my tv.
Plug in an Apple TV?
If you're saying the software stops working because the backend it talks to goes away, well that's a deliberate choice the company is making. All they have to do is have a proper versioning system and do not touch the backend service, and it also should work forever.
For instance, suppose a streaming service starts requiring a new login method. They have to update their apps to use this new API. If there are and have been over a dozen different distinct smart television operating systems in the past 15 years, and there will be a dozen more in the next 15 years, it’s unreasonable to expect that even companies the size of say, Netflix, are going to reach far enough back in their history to update all those apps. They probably don’t have developers who understand those systems anymore.
And also, the software distribution mechanisms for each of those platforms are probably no longer intact either in order to receive an update. While it’s true that my Panasonic Blu-ray player that I bought in 2009 is still perfectly functional, and has a Netflix app, I assume it doesn’t work and that Panasonic would be hard pressed to distribute me a working updated app.
The only way things would be much different would be if technology progressed at a far slower pace, so there had been no need to adopt any breaking changes to how the app is built, how the apps and firmware was distributed, etc.
Most people don't encounter it because their device was updated at least once. People should be less trusting in flash drives than they are, I recently pulled three USB flash sticks out of storage and two of the three are now unhappy.
There's a strong argument that consumer electronics should be able to be more incrementally upgraded. Including things like baseline upgrades for certificates. One of the things about TVs and these systems is that they are usually running on something like OverlayFS to avoid corruption of the base OS and enhancing security/integrity. They focus on replacing the underlying image, which is often security signed as well. If you screw something up with a device that's in a customers home then you're going to be spending a lot of money fixing it, the manufacturers have their war stories in this regard, so they're very risk adverse.
As for freezing the backend, you can't. Your API will evolve and for example if your database changes then your backend services will need to be touched. That database will change, some metadata or label will need to change. Even if you keep the API the same you'll need to maintain the legacy backend. Then you need that service running, consuming compute, for years even if there's hardly anyone using it and it's costing money. Then you need security patches for the backend service because the framework needs upgrading or the OS needs upgrading. Eventually the backend framework will be EoL/EoS and so you need to spend to upgrade. It's like saying we'll keep a Java backend running on a public facing API well beyond it's life, log4j anyone?
[0]: https://www.googlenestcommunity.com/t5/Streaming/Regarding-a...
Just keep using the expired certificate forever.
Sure - that means if someone leaks the private key that everyone worldwide needs to do a firmware update to get security.
But that's probably less user harm than everyone worldwide needing to do a firmware update to replace an expired cert, and having a dead device otherwise.
This is the result of Apple being vertically integrated and reusing components from other product lines in products like Apple TV. The SoC used in the Apple TV are from lower-tier bins of chips produced for mobile applications.
With the Apple TV, you are getting a SoC that is effectively the same as a recent-year iPhone. With most other Smart TV devices you are getting a low computational power SoC, Raspberry Pi tier, with processing blocks that are optimized for the video playback and visual processing use cases.
Apple also does this with the iPhone where the non-flagship variants will reuse components or designs from prior years.
Television/Smart TV manufacturer margins are in the single-digit percentages and the Samsung and LG tv businesses are significantly threatened since their high-volume products have been commoditized from Chinese producer competition. Most potential customers are shopping based on screen size per dollar, versus specs like peak luminance and contrast ratios. Flagship TV products like "The Wall" are low-volume halo products. Lifestyle products like "The Frame" exist because they are able to differentiate to certain segments of customers that place enough value the packaging aesthetics to buy a higher priced product with better margins for the manufacturers.
Most other hardware device manufacturers are jealous of Apple's margins. Nvidia would probably be one of the few exceptions.
Thin margins on commodity tier products drive these manufacturers to cut their BOM costs as much as possible, even if it makes the product worse in other ways. This is also the big driver for why ads are appearing as part of the Smart TV experience at the device/screen level. Vizio for example shared that they made more money from their ACR business than they did from the device sales themselves. There are companies with business models based around giving you the screen for "free" in exchange for permanent ad-space. Even adjacent products and companies like Roku have business models where they are selling their hardware at near break-even cost points because their business model is built around 'services' from having a large user audience.
Specifically I’m talking about consumer devices, which are almost always behind a NAT config + firewall. If your soundbar has a vulnerability it’s pretty much irrelevant if someone has already breached your network.
If we’re talking about enterprise networking equipment, I still stand by my concerns that the the owner should be able to revert back to stock but the burden of responsibility is on the technician configuring this device, not the manufacturer.
I reject this mentality. I don't think it's necessary or desirable to make it impossible for people to do things that have negative consequences for themselves. Put a "here there be dragons" warning on the firmware rollback, bootloader unlock, or similar dangerous operation and let people take responsibility for the outcome.
In the case of consumer devices, most people won't even try those things; those who do risk further problems for the chance of a better outcome. In the case of enterprise networking equipment, there's an IT department that, in theory has the skills and resources necessary to make good decisions about technology.
If I pay you for a product, you have no moral right to tell me what I can and cannot do with that product, up to and including messing with the firmware, installing known-bad firmwares, wiping it and building my own firmware, whatever I want. It's mine, I paid for it, stop violating my private property rights.
> There will always be security issues, so "but security" is not a reason to prevent a consumer from doing whatever they want with a thing that they purchased from you
Just because there will always be security issues doesn't mean you shouldn't try to take care of the low hanging fruit.
There is no excuse for TV manufacturers when selling premium devices costing thousands of dollars.
TV panels must have a near 0% defect rate and a single piece of dust during the manufacture will render the finished panel e-waste. The bigger the panel the risk of a defect goes up exponentially because the surface area for any defect becomes bigger. It follows the same issue as to why chip companies introduced chiplets, the smaller die sizes improves the yield and they can throw away less silicon.
A TV panel is basically a 50in chip, and a mobile phone display is a 6in chip.
Samsung's flagship mobile phone products tend to ship with Qualcomm Snapdragon SoCs in competitive markets, such as USA/North America, versus their "in-house" Exnyos SoC used in markets where consumers tend to have less choice (e.g. Samsung S-series phones with Snapdragon for USA, Exnyos for EU and KDM markets)
Like I said, automatic updates are an evil. But the general populace will absolutely defer every security update until the end of time so long as they don't have to spend five minutes waiting to get to their desktop.
Obviously vendors enshitify their products via firmware updates and potentially brick devices or introduce new vulnerabilities but, it's ludicrous to pretend that the general populace are good stewards of their internet connected devices or that they ever will be. They simply do not care, they never will, and its up to the rest of us to design products for the lowest common denominator if we want protect end users and have a safer internet.
Because the alternative is worse. It's up to companies to provide security-only updates that customers can trust and will CHOOSE to install.
Mentioning that certificates expire was directed against GP’s unreasonable demand that the vendor "do not touch the backend service." This doesn’t have to do anything with the buyer.
I wish there was some trivial real-life applicable solution to this that big companies would be motivated to follow, but I don't see it. Asking for most users to be tinkering techies or outright hackers ain't realistic, many people these days often don't accept basic aspects of reality if it doesn't suit their current comfy view, don't expect much.
Don’t get me wrong, allowing users to add their own trust anchors is absolutely a good thing. But it wouldn’t change anything if the vendor did what GP suggested, which is that the vendor "[does] not touch the backend service." Because one day, their TLS certificate would expire, and they would technically no longer be able to deliver security updates even if the user wanted them.
My anecdote is the opposed of yours: they were interested in knowing why something wasn't working, but only as long as you're willing to be patient, talk slowly, and explain any unknown concepts to them, if required.
Insulting them, or just telling them it's their fault something wasn't working would be a sure way to get a negative reaction instead.
Additionally, I don't think these people are stupid, and I'm not demeaning them. They simply do not care to know and that's perfectly fine. I wouldn't demean someone for not understanding how their car works, or even failing to get their oil changed. The computer is a tool to file taxes and shop on amazon for most people, they have a million other priorities in their lives that come before making sure windows is up to date, let alone actually considering its security. It's the job of these companies to ensure their technology can be used safely without consideration by the end user.
Sorry if it sounded like I was implying you thought that, or called them stupid, I didn't mean it that way. That statement wasn't trying to 'refute' anything you said either - it was just expanding on my anecdote of what I saw that it worked or not, whether in a professional environment or somewhere else.
Now, replying to your recent post,
> It's the job of these companies to ensure their technology can be used safely without consideration by the end user.
I think we just hard disagree here. I believe ultimately the user is/should be on control of how their own computer is used.
In France, we have mandatory car checkup every few years where they test the pollution from the back of the car.
My old car, made in early 90 barely emitted more pollutant than regulation allow.
Ended up buying a Volkswagen Passat, very impressive it emitted a lot less. Then dieselgate happened... Now it's barely under what the regulation allow.
Keep your old polluting car, in the grand scheme of things it is better than buying a new one that end up polluting much more to build than what you would gain in everyday emission.
i can still remember avoiding road too steep lol.
Beside, when i am saying that keeping the older car is better for environment, i am not theorizing but speaking about things that have been studied.
https://www.sciencedirect.com/science/article/pii/S095965262...
https://onlinelibrary.wiley.com/doi/10.1111/jiec.13190
> Specifically, researchers find keeping older fuel efficient cars on the road longer reduces CO2 emissions significantly more than speeding up the global transition to green technology.
$OLDGUY_CUSTOMER (to my coworker): "Wow, I just saw a big crash on [nearby arterial road]! The entire front of the car was smashed in!"
$COWORKER: "Oh no! Was the driver alright?"
$OLDGUY: "Yeah, he seemed fine. There wasn't an ambulance or anything." [beat] "Man, they don't make them like they used to. When I was young, cars didn't crumple like that - it was much safer!"
Ugh.
(My semi-daily driver is over 50 years old.)
To recognize what you listen to, build a profile, feed it back to Samsung, which will use it in deciding what crap to display on your Samsung TV (and any other devices) associated to the same profile. For all we know it's even listening to your conversation in the room, I mean, it's Samsung - they literally do this:
https://entertainment.ie/trending/yes-your-samsung-smart-tv-...
https://www.cnet.com/news/privacy/samsungs-warning-our-smart...
It's so out in the open if you know, or more likely, worked in media advertising.
Their competitor, Vizio, owns iSpot[1] which is, in my opinion, the best in the space.
Samba TV[2] is it's nearest competitor and they have their hooks into 24 Smart TV brands globally[3]. These brands are listed on their website as Philips, Sony, Toshiba, beko, Magnavox, TCL, Grundig, Sanyo, AOC, Seiki, Element, Sharp, Westinghouse, Vestel, Panasonic, Hitachi, Finlux, Telefunken, Digihome, JVC, Luxor, Techwood, and Regal.
It's a pity because I liked some of their hardware in the past (an NX camera I still have, hard disks back in the IDE stone age, 3 LCD screens back from when they were a novelty - they only had a VGA connector) but I just stay away from them now. But 0.01% of their customers staying away is completely insignificant when they consider the profit opportunity of violating our privacy.
> Samsung's spokeswoman continued: " Should consumers enable the voice recognition capability, the voice data consists of TV commands, or search sentences, only. Users can easily recognize if the voice recognition feature is activated because a microphone icon appears on the screen."
So it is not like it was listening without your knowledge. Only when you use the voice features is the data being sent over. Like with every other online service. As much as I don't like samsung, this is a bullshit reason to hate them.
And why provide two links basically saying the same about the same story?
It's much more reliable and precise than the familiar Nielsen ratings: since you know the total audience of X% TV households in a zipcode (which you know demographics of race/income/household size based upon), and Vizio TVs account for Y% of all TVs sold for households with incomes between A and B, and C and D you can get a confidence interval of how many people ACTUALLY saw your TV advertisement.
Samsung was/is probably trying to do something similar: All sound in your TV pipes through their home theater system, so they can "Shazam" whatever media you're watching, regardless of the source (OTT, OTA, hell even YouTube or a Downloaded Torrent on your laptop hooked up via HDMI) and phone home.
Pixel tracking works better if the TV is connected to the internet. I remember samsung as one of the companies, where, if your TV was not ever given a wifi connection, it would attempt to connect to any open network to do what it needed to do. This sounds unlawful, so i don't know the veracity, but anyhow - if the TV is online, it can just send a half dozen pixels at known locations back home and there is a database of "content pixels at timestamps" and they match the half dozen pixel values to the database and know what you're watching to some degree of certitude.
but for things like dumb panels older TVs and the like, ultrasonics still work.
You can just use regular math to do this. We've been doing it for 30 years now. You don't need a trumped up overpriced garbage LLM to do anything for you here.
Sure, you got your $2,000 out of the customer. But what about the money you could be making between now and the next time the customer buys something?
You're giving up on tens of dollars a year by not tormenting the people who gave you money already and might do so again.
Beyond that I think total control can still be achieved in the realm of hobbyists who can run Linux or flash alternative firmwares etc.
Most of these expensive things also have wifi, though, don't they?
> Connect your devices and control everything with our soundbar that integrates your favorite voice assistants and smart services like Built-in Alexa², Chromecast³, Airplay 2⁴ and more.
> 802.11ac
https://www.samsung.com/us/televisions-home-theater/home-the...
yeah, they have wifi, so they don't even need bluetooth hacks.
Updates for these types of things always fall into three categories. Either they’re gimping some unanticipated usage, they’re trying to insert ads, or they’re trying to gather more usage data.
I feel like CEC tried way too hard to be magical instead of exposing enough control for the user to be able to block certain commands from problematic devices, or even just designate that device X will always be the boss in a particular setup.
The frustration when I turn on the Steam Deck and the Apple TV goes
"Look at me. Look at me! I'm the output now"
Unfortunately there are soooo f..ing many devices out there that don't follow the specs, no wonder given how long and complex alone the Bluetooth specifications are, and HDMI/HDCP (which a soundbar with ARC support needs...) is even worse, and don't even try to get me started on CEC because that is an even bigger pile of dung, or stuff like GPUs that run HDMI over DVI, MHL or USB-C in DP mode and god knows what else people expect to "magically work" with a 5 dollar adapter they got off of Alibaba. And no, "audit products to follow the specs" isn't a foolproof solution either. That means that everyone has to deal with everyone else's quirks and at least the most popular devices and their manufacturers have to supply firmware updates to react upon reports of quirks.
> [...] GPUs that run HDMI over DVI [...]
I thought HDMI and DVI use the same signalling (at least the 'digital part' of DVI, was it DVI-D?), just over a different connector?
In my memory only the connectors competed for adoption, and Home Entertainment industry opted for HDMI and the PC-industry opted for DVI, while the signalling was not contested (besides DVI also being able to carry analog signalling with full spin-out, and HDMI carrying audio instead). My memory might not serve me well here though.
I never thought HDMI would win :( but it makes sense I guess - Computers/their use changed :(
> Why else would a soundbar need updates anyway?
Not because the device changes, not because the software changes, but because the world does
In my experience, products like this are only get updates when the company finds a way to extract more money:
- add more ads
- add more ads that pretend not to be ads
- to remove functionality, so it won't cannibalize sales of more expensive product
I owned it for at least six months before this occurred the first time.
In theory, I could do a USB update of the firmware and hope that fixes it. In practice, they want my serial number to let me download it. No thanks, I'll pass, even though it's never been connected to WiFi or Ethernet and never will be. I'll just reset it every once in a while.
Out of curiosity, why is that a problem to you? Granted, it is strange; I went through the process for my TCL Roku who's wifi stopped working (still not fixed, and now a second, 3yo TCL Roku has bricked itself. nice!)
Because for free you only get the first 15 levels of volume. If you want to get to 25, you need to pay a subscription.
I thought it was obvious... how does the seat heating work in your car? /s
It's not only media companies with DRM
IoT integrations like Alexa come with numerous security requirements that are often good ideas in theory but lead to hacky workarounds to meet certification requirements
My point is, it (and Youtube) killed piracy for the most part when it comes to music. Trading CDs full of mp3s used to be a sport in school a decade or two ago, these days why would anyone even want to invest the time when Spotify has everything anyway at a price point school kids can afford it?
Netflix used to become the same thing for movies, but the greed of studios killed it and now it's more expensive to have the large stream services than cable TV.
I'm not sure that's really a memo I'd like them to get. We don't need more subscription services where you don't get to own you content and everything can be taken away at any time.
Of course then you have MS which basically just turned XBox into a cheap but totally locked down gaming PC (since there are very few Xbox exclusives these days).
But in any case, students are usually NOT the customer here even if they are the end user.
Same thing.
> deemed inappropriate
Ooh! Deeming! Can I deem too? Huh? Can I? I have a number of candidates.
I don't know what's in that data. And if I don't know what's in it, I'm not inclined to proceed; you might need my serial number to know if you're giving me the right software, but you don't need challenge/response for that. They sold me a cheap TV in hopes of collecting info on everything I watch, whether via Roku or just screen analysis. No thanks, and I have no interest in making it easier for them to break into my WiFi. I'm sure it would connect itself automatically to an open WiFi.
It's a little paranoid, but they really are out to get us (or at least our data).
It also doesn't cause (intentional) incompatibility problems like HDMI DRM does.
Now Display Port vs HDMI is a more interesting competition and it would have been nice to have a clear DP victory here.
The alternative to an all-in-one sound bar is having regular 5.1 speakers, a nice receiver, a nice streaming box, and maybe a dumber TV and you will have absolutely the best setup but it’s a lot of putting pieces together, more space usage, and either money (if you want it right away) or a lot of waiting (if you want to get it used).
Sennheiser Max has a full computer and os running inside, they can upgrade it quite a bit. Biggest limitation on the device is HDMI 2.0 preventing 20gbps video passthrough of hdmi 2.1, however they should be able to add new audio codecs.
Considering the soundbar connects to a TV, console, phone, etc that are constantly releasing new versions and upgrades it makes sense to build in the function to something as simple as a soundbar to fix bugs and compatibility issues.
Samsung doesn't have the greatest track record with updates though so obviously you don't want to jump the gun on these. Hopefully not a Galaxy Watch 4 situation where they need to be mailed to Samsung to be reset because they didn't think about this during the design phase.
If price isn't the only factor for some, it is for many who would otherwise not buy these things. Sellers picked up on that long ago.
Other comments wish to see regulations, they can't outwit those marketing tricksters. For profit enterprise can, and will offer more alternatives with bigger stamps about privacy, ad-less certified and whatnot.
My Sony UHD player also seems to want to grab the input sometimes too, so maybe it's Sony that's the source of the problems haha.
And again, it's all just so maddening because it feels like it would go away if I could be like "Hey, AVR should never send power-on messages to its input devices." Because then I would just power on the device I actually want to use, it would turn on the AVR and TV, and we'd be golden.
Yeah, that sounds a weird "feature" in the first place.
If I manually turn on the UHD player/Chromecast/PS5/whatever, it makes sense that the TV also turns on and switches to the respective input.
I could also sort of imagine that if I switched the TV to some input source, it might be convenient if the device connected to that input turns on. (Not by a lot, though. You need the device's remote/gamepad/whatever anyway to tell it what to do, so the one button press saved doesn't really buy you much.)
But what makes no sense for me is the TV turning on all input devices when it's being turned on itself. When would you ever want to have the PS4, the PS5 and the HD player running, let alone as the default behavior?
That sounds like a genuine bug in the TV.
(Also, you sound as if you have some sort of "2 <-> n" setup with n input and 2 output devices. I have no idea how CEC would even be supposed to behave in such a setup. Would an input device turn on both output devices?
TV <- AVR <- PS4, PS5, Switch, UHD
I suspect the issue is largely with the receiver (a VSX-935), as that's seemingly the component sending a turn-on signal to its inputs.
If I could, I would have probably run everything to the TV and just done all the audio over eARC, but the TV is on the other end of a 50' HDMI cable, so I definitely need the receiver as an in-rack multiplexer.
Even if it doesn't need to contact the internet you're still going to want it to connect through cables. There's good reason to connect through bluetooth.
But why should it contact over the internet? Well it sure is nice to be able to stream music from my NAS. There's utility in that. There's also utility in the parent company updating firmware to support new audio codecs. Or to support new algorithms. If my device is gaining more utility, that's a great thing! And of course, if it is connected wirelessly in any way (including bluetooth) I sure as hell would like updates with respect to security.
Without this, the thing becomes e-waste. The environment moves. Time marches on. No thing can exist in isolation, no matter how hard you try. Again, software rots, not because the software changes, but because the world does.
But that's not the problem here. The problem is abuse of that power. It isn't for the benefit of the customer. The problem is managers pushing to release before things are ready. The need for speed with no direction. To not even consider in the calculus of decision making the tremendous costs of when things go wrong. And how this lesson is never learned despite facing the problem time and time again. Issues like this now cost tons of engineering hours, tons of lawyer hours, and ultimately will cost tons in rebates and refunds. How many weeks of work is that equivalent to? Sure, it doesn't always result in catastrophic failure like this, sometimes it results in smaller failures, sometimes small enough they can be brushed off. But those are still costs that no one considers. That's the problem here.
So I do get all the advantages of a connected device, but if the adapter is bricked, I can easily replace just that small device. And more likely, when there’s a new standard, most of my equipment is unaffected.
I believe you're missing the forest for the trees. My argument is invariant to the specific device we're talking about.
Of course they could be designed to be simpler and have whatever input device is used (e.g. the TV) handle fancy features like mobile phone support.
Sure, you could do everything through a static circuit and require things being fed with speaker wire. But if you add a microcontroller you're going to be able to do much more, get better sound quality, and protect your equipment. Do your speakers have batteries? Do they plug into wall? Either way you can better control power levels. Do you want to boost bass? Fix corrupted signals? Do you want to process signals from anything other than a bare wire?
Sure, you don't need a microcontroller in a speaker. But we also don't need them in our cars. You don't need them in your fucking kettle. But personally, I find them useful and considering how cheap they are it's worth the basically $0 increased price.
See my other argument. The issue isn't that there's a microcontroller in the speaker. The issue is bricking the device. Don't confuse the means in which a bad actor operates with the bad actor themselves. You'll never stop the bad actor by just banning everything tool they abuse. You'll end up with nothing.
That just isn't true though, is it? How would a microcontroller add sound quality?
There's much more signal processing you can do besides FFT btw and many can improve signal quality and thus sound quality. Even something like a built in equalizer. Sure, you can do this all with hardware by creating all the right filters but you can do more in a smaller package with a computer
With electronics you can still isolate functionality like in software how we wrap things into functions. But like software sometimes we need to break that for optimization. Think like Apple M chips. They do it in the most annoying way, but integration is helpful. Ideally in a speaker though you should be able to fuck everything up and still allow for raw input.
As for the Apple thing, well that's a bigger issue because we really should be using open protocols and fuck walled gardens. Walled gardens are part of the problem we're talking about