X

Weeping Angel: Did the CIA really hack into TVs?

Don't blink.

Sean Hollister Senior Editor / Reviews
When his parents denied him a Super NES, he got mad. When they traded a prize Sega Genesis for a 2400 baud modem, he got even. Years of Internet shareware, eBay'd possessions and video game testing jobs after that, he joined Engadget. He helped found The Verge, and later served as Gizmodo's reviews editor. When he's not madly testing laptops, apps, virtual reality experiences, and whatever new gadget will supposedly change the world, he likes to kick back with some games, a good Nerf blaster, and a bottle of Tejava.
See full bio
Sean Hollister
3 min read

Weeping Angel (noun):

1. A terrifying monster from the popular UK sci-fi series "Doctor Who," which resembles a harmless winged statue -- until you blink or look away.

2. An alleged spying tool, co-developed by the CIA and the UK's MI5 security agency, which lets a Samsung Smart TV (specifically, the F8000 Smart TV) pretend to turn itself off -- and record your conversations -- when you're not using the screen.

On Tuesday, WikiLeaks released thousands of documents that purportedly show how the CIA is able to spy on our phones, computers and other gadgets. CNET is unable to verify if the documents are real or have been altered, so we're not jumping to conclusions.

But clearly, the idea that your Samsung TV might be spying on you is one of the more startling claims. And yet it may not be that simple. If we're reading the WikiLeaks documents correctly, there's no proof that the CIA ever finished refining this tool.

Here's what we do and don't know about the so-called "Weeping Angel" hack.

What we 'know' about the Samsung TV hacks

Assuming the WikiLeaks documents are entirely legit, here's what we know:

    In June 2014, the CIA and UK's MI5 held a joint workshop to improve the "Weeping Angel" hack, which appears to have specifically targeted Samsung's F8000 series TVs released in 2013.

    A "Fake-Off" mode was developed to trick users into thinking their TV was off (by turning off the screen and front LEDs), while still recording voice conversations. Based on what we know about the TV, the hack would have tapped into the microphone located in a TV's accompanying remote.

    The good news is that as of June 2014, the TVs couldn't be hacked remotely, over the internet. The group was installing the hack by physically plugging a USB cable (or thumb drive, we're not sure which) into the TV. In addition:

    • The hack only worked on certain firmware versions of the same TV. It was successfully tested on TVs running firmware versions 1111, 1112, and 1116, but there wasn't yet a way to hack version 1118 and newer.
    • They had not yet figured out a way to turn off the blue LED on the back of the TV, or show the traditional Samsung logos -- which might tip off a user who tried to "turn the TV back on."
    • The TV's Wi-Fi connection couldn't be forced to remain on when the screen was off -- which meant the TV would either have to be physically plugged into the network, or else the CIA would have to wait for the TV to be on before transmitting a recorded conversation.
    • The CIA was working on a way to keep the TV from automatically updating itself -- and thus patching the vulnerability -- but hadn't yet implemented it.
    • They couldn't yet eavesdrop in real time, or take screenshots of what a user was looking at on the TV, but they were planning both of those features.

    In 2015, Samsung caught flak when it was revealed that some of their Smart TVs listened to your conversations. Back then, we described a way to turn that feature off.

    What we don't know

    Literally anything that might have happened with Weeping Angel after 2014. We don't know...

    • If the CIA and MI5 decided to target newer Samsung TVs as well, or TVs from other brands.
    • If they found ways to hack TVs over the internet and keep them hacked indefinitely.
    • If they found workarounds for newer firmware versions.
    • If they have other capabilities.
    • If the CIA or MI5 ever actually used the hack to spy on people.
    • If Samsung might have patched the original vulnerabilities entirely by now.
    • If the CIA gave up entirely on the project after June 2014.
    • If turning off your Samsung's voice-recognition feature or its Wi-Fi connection would do anything to stop the hack (though it probably can't hurt).

    Assuming the documents are legit, we only have a nearly three-year-old snapshot of what two spy agencies were doing to a single range of TVs, back in the day.

    It's not a lot to go on, but we'll let you know if we get more info.

    Update, March 8 at 10:30a.m. PT: Samsung has issued the following statement: "Protecting consumers' privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter."

    CNET TV Coverage

    TV Types
    TV Sizes
    Streaming & TV Accessories
    TV Information
    TV & Streaming Coupons