One of the functions of Android TV is the ability to display your albums from Google Photos as screensavers on the TV screen. However, a vulnerability was discovered that allowed access to libraries of completely unknown users.
The error was discovered by a man using a Vu TV running on Android. When he connected to the Google Home app, he discovered that there are a huge number of items in the list of related Google accounts. By suggesting their nicknames, the user assumes that they could have been people who have ever used a Hindu brand TV set. The man could enter any account from the list and set a picture of the foreign user on the screensaver.
This error occurred on the Vu TV running on Android 7, which has not received any security patch since 2017. The error certainly does not occur on Mi Box 3 with Android Oreo. The scale of the problem has not been investigated. Despite this, Google very quickly reacted and turned off the ability to view photos from Google Photos on Android TV and stream them through your Assistant. It is not known whether the software company intends to restore this functionality.
The more home appliances we connect to the network, the greater the chance that one of them will fail in terms of privacy protection. While cyberattacks are usually referred to in the context of computers or smartphones, specialists emphasize that equipment such as televisions or routers may also have dangerous gaps, which we do not realize. The problem is also the fragmentation of Android, which means that even after detecting the danger, Google does not always update obsolete versions of the system with new patches.