I suspect docbert isn't talking about the ads (at least primarily). Roku collects lots of other data from you. The ads are just the cherry on top. You've got lots of metadata potentially leaking. Viewing patterns, viewing habits, clicking patterns, location data, apps usage, voice usage (if enabled), etc. Ads are usually the least of your concerns.

Well, yeah. Ok sure. I block a LOT of that with PiHole, but, you are probably not wrong. BUT, all my streaming is tracked and sold anyway. Netflix, HBO, Kanopy, Disney. They are all tracking it no matter what. The only way to not get tracked is by watching Blu-Ray or DVD. And hopefully you paid cash for them as well.

https://cimg1.ibsrv.net/gimg/www.fly...b5ed4ece8.jpeg

Oh I'm sure everything is tracked in one form or another. The trick is to make it more difficult. Not sure what you can do on a Roku device to make it more difficult except for connecting via a VPN... There would definitely be some effort of some sort involved.

Man the barricade.
 

You are absolutely doing it right by not allowing your "smart" television set to connect to the internet.
Don't be a lemming.
Just because everyone else is leaping off the cliff is no reason for you to do so.
Can you change the DNS server to your main internet web browser? Jist from memory I know that 8.8.8.8 and 8.8.4.4. are Google's DNS servers.
When I was on v.92 {up to Sep. 2021}, I used this W-WW page to set the DNS servers in Firefox.

But when I did buy a 55-inch TV: It did not require an internet connection to set up. As what was scribed previously, this would have caused an immediate return to the store.
Everyone is trying to get you hooked to the internet, but everyone should resist.
It is possible to download a streaming video, using either your browser or an external downloading program.
This is something everybody needs to learn.
Because otherwise, the video in your stream queue could be there today and gone tomorrow.
Could you withstand the flak if someone you did not know decided to contest you for viewing "Beach Babes From Beyond" (1993)? Your "connected" TV would blab that to everyone and every agency on the entire W-WW.
So yes, do not let them command this.

Depends on your router. Some are capable of blocking IPs. But often for IoT devices, they're hard coded into the firmware and there's no easy way to change them (if at all). That's why you want to segregate them (if at all possible) into their own zone so they can't interfere with your other devices. For example, my cameras are all locked out of my own internal environment. I also only have them pointed at entrances instead of into the house (but I'm wacky that way).

I’ve got a closed circuit wifi network just for the indoor camera that points out of a window at the path to my house. Camera has the wifi off and is connected by wire to the router which only normally has that one device on it and no internet connection. If expecting a delivery I can PiP it on my tv as wellI connect to that to see who is coming to the door, was extremely useful when self isolating.

It's interesting what you catch with cameras. I want to set up something for my backyard. I've got something eating up my garden (lost five good sized watermelons over a few days due to a rodent(s) or pest of some sort. I wish I could set up something to let me know if a new address request is received.

We have a Wyze Cam outdoor to catch all the skunks and raccoons walking thorough our backyard. I like them just fine, but I am going to guess that the next 4 post on here are about how insecure they are.

To Preempt that :

* I REALLY don't care if "insert current Big Brother Villain" can spy on the raccoons in my backyard.

There's nothing wrong with Wyze cams per se. They did have that vulnerability (or was it a breach) a few years ago. I just don't like the privacy issues with them, hence why they're pointed outwards for the entrances. I mean think about it. The baby cams out there on the market are even worse. They're UHF broadcasters... Maybe not really long range, but still.... and no encryption possible.

My concern right now is that they could become lightweight DDOS boxes. It's possible they could be used to easedrop on people, but like Jimmie76, not sure anyone is too interested in listen to a fan running as the cameras aren't pointing in and they're in places like the "mud room" so not quite a lot of noise. They can also hear me carry the garbage out to the green/black/blue bins. Riveting theatre right? :)

The Ubiquiti doorbell chimes I had at my old house were always trying to look up pool.ntp.org hosts that were also Tor endpoints which my firewall would block and alert.

After determining there was no configuration change I could make that would tell these stupid doorbell chimes to use a different NTP server I had to use my DNS server to MITM and redirect the NTP traffic to a different server.

Unfortunately pool.ntp.org is just polluted with servers that are also Tor servers. This being an attempt to fatigue administrators into whitelisting the IP address of their Tor server to silence the unrelenting alerts. Unfortunately the people who run the cluster are of the "That Tor server could just be like Chinese dissidents maaaan." perspective and refuse to act upon obvious abuse.

The number of DNS queries my girlfriend's TV generates is staggering, sometimes more than a thousand a minute. I wonder if the Samsung TV is using a pinned DNS server because the ridiculous volume of lookups would alert in just about any local DNS server as potential malware activity.

Usually this happens when the TV (or IOT device) cant connect to the Host or DNS server its trying to connect to. You can quiet it down by faking it in a HOST file usually.

This thread is not what I was expecting when I clicked on it. Disappoint.

LOL

Well that is a Google search I wish I didn't make...

I might be a bit extreme, but we have a separate VLAN/SSID for IoT stuff. It's blocked from communicating with any of the other VLANs unless absolutely needed (I do allow our main VLAN to reach the IoT VLAN. All our VLANs have port 53 outbound blocked. I also use pfBlocker-ng to avoid ads and malicious sites, although my wife decided she likes ads, so I have a separate rule for her devices.

I can't stand "Smart TVs". I have them blocked from any traffic (if they're put on wifi at all). Since the "Smart" part of a TV will have a significantly shorter lifespan than the TV itself*, I prefer to use STBs (set top boxes i.e. Apple TV, Roku, etc.). All Smart TVs I've ever seen have atrocious privacy "agreements". Now some of them are starting to show ads over the user's input (supposedly only when it's paused, but who really knows).

*A good example of this was when root certificates expired on a bunch of older major-brand tvs a few years ago, rendering major parts of the tv unusable. This is not something your average user can fix.