> No one is going to just give Samsung free Internet except the hapless consumer by supplying Wi-Fi credentials.
I think it's implied that Samsung would pay Amazon for Sidewalk access.
> Samsung might make a deal with providers, but it would have to have unique credentials embedded in its OS and firmware, and I doubt Samsung has the ability to keep that totally secure.
I don't think this is as hard a problem as you're making it sound. Each TV ships with a serial number, let's suppose; it tries to handshake with the Sidewalk network. Sidewalk phones home to Amazon, Amazon talks to Samsung, Samsung says "yes, we sold that S/N recently and it has never connected before, here's its public key".
So if I can spoof communication with that serial number on another device, I get free Internet. Same concept as MAC filtering not being really secure because I can just change MAC addresses in my packets.
Find a remote vulnerability, or find the device on the circuit board where it's stored, connect a reader to it, and dump it. Not trivial, but not impossible. The TV software just has to have one mistake, and TV companies aren't security experts.
All of the popular embedded platforms have had scores of vulnerabilites - Qualcomm, Android, WebOS, etc. - patched over time, new ones found etc.
Heck, it even took Microsoft more than one try to start to get it right. An interesting story is Microsoft attempting to protect its first game platform--the original Xbox from the early 2000's. There were numerous security protections and all were bypassed - from encrypted boot code to a device-unique hard drive key stored in EEPROM.
Microsoft got better and smarter with the 360--this time with unique keys and eFuses in the CPU but it was still eventually bypassed--not after the effective lifetime of the platform though.
Honestly I do not think Samsung would be concerned about the single-digit number of people who manage to get free internet this way.
If you really wanted it to be secure, you could use a TPM instead of a private key in memory, but that's overkill IMO. Who wants to take their TV apart in exchange for free crappy internet?
I think it's implied that Samsung would pay Amazon for Sidewalk access.
> Samsung might make a deal with providers, but it would have to have unique credentials embedded in its OS and firmware, and I doubt Samsung has the ability to keep that totally secure.
I don't think this is as hard a problem as you're making it sound. Each TV ships with a serial number, let's suppose; it tries to handshake with the Sidewalk network. Sidewalk phones home to Amazon, Amazon talks to Samsung, Samsung says "yes, we sold that S/N recently and it has never connected before, here's its public key".