I mean, this has been known about for petty much all smart vacuums.
But who the fuck is going to use the layout of your house for anything?
Man Alarmed to Discover His Smart Vacuum Was Broadcasting a Secret Map of His House
Submitted 5 months ago by themachinestops@lemmy.dbzer0.com to technology@lemmy.world
https://futurism.com/robots-and-machines/robot-vacuum-broadcasting
Comments
Nightsoul@lemmy.world 5 months ago
Soktopraegaeawayok@lemmy.world 5 months ago
I feel the same way, I dont care really care about them knowing my house layout, but they shouldn’t. We cant let companies get away with infringing on our freedoms and privacy.
n0respect@lemmy.world 5 months ago
The secret police
Datahunter@lemmy.world 5 months ago
Every gadget spies on you if you think about it.
captain_aggravated@sh.itjust.works 5 months ago
I’ve been looking into robotic lawnmowers, and they’re basically the same. The more primitive ones have a hall effect sensor under their snout feeling for a wire you bury around the edge of your yard, and do the “go until you hit something, turn a random amount, repeat until low battery, follow perimeter to dock” or they require phoning home in some way, shape or form.
Meanwhile, some guy’s got an open source system that runs on a Raspberry Pi on the mower itself.
I guess I’m willing to believe that some of the LIDAR or camera-only guided mowers need some serious processing power to create the maps they use for guidance around the yard, and that’s more practical to do on the company’s servers than on the device itself…except not really; we’ve got decently powerful ARM SoCs that don’t cost much, don’t take a lot of power to run, and can do that job. The reality is, you can’t get a pedometer app for a smart phone that doesn’t broadcast sensor telemetry to two continents these days.
zalgotext@sh.itjust.works 5 months ago
If you have a robot vacuum, and the robot vacuum makes a persistent map (as opposed to the older “dumber” models that just bounce around randomly), they all send that map back to some remote server. In fact, most of those robots won’t even enable the mapping feature unless they’re connected to the Internet (which is absolute bullshit considering most of those robots generate, process, and store that map locally, so there’s literally no reason to send it off somewhere).
So your options are to just use the robot without ever connecting it to the Internet and be happy with the reduced featureset, root the robot and install Valetudo on it, or just vacuum manually. But until manufacturers are forced to let us actually own the smart devices they sell is, under no circumstances should you ever let one touch the Internet.
Alenalda@lemmy.world 5 months ago
Wait till you find out what your wifi can do.
Alenalda@lemmy.world 5 months ago
Was referring to this sort of bullshit. www.xfinity.com/hub/smart-home/wifi-motion
Auli@lemmy.ca 5 months ago
Sure “can” do but isn’t.
UnderpantsWeevil@lemmy.world 5 months ago
Sundiata@lemmy.world 5 months ago
aw he got in my head
ILikeBoobies@lemmy.ca 5 months ago
Port Scanning blocker was eye opening to how many websites just wanted to check in on me.
Auli@lemmy.ca 5 months ago
So how are they port scanning yiubif your behind a firewall.
burntbacon@discuss.tchncs.de 5 months ago
Oh, damn! Thanks for reminding me to add that extension since I reinstalled my browser.
vacuumflower@lemmy.sdf.org 5 months ago
It’s funny how these “smart” appliances are all addressing things radically important for households, but in a poisoned way from the beginning. As if those making them were just trying to get there first and win the bank.
There’s a problem of scale in industrial innovations, where bigger scale makes cost of production of something and cost for the consumer and network effect power better, meaning that there’s no market feedback to help those who came first get old and die to make space for those who come next.
I think this tendency is actually the solution - there is a feedback, it’s that lacking feedbacks on one level prohibits those undying monsters from being competitive on the next one. The niche of non-poisoned smart appliances won’t be filled by anything big, for example.
That’s also another funny moment - instead of dedicated appliances it makes it useful to have one universal one (basically a butler robot) that can be programmed. It’s an incentive in the direction of universal machines programmed by customers.
BTW, imagine a frame with various manipulators and sensors attached to an RPi via GPIO, where every manipulator/sensor can be whatever thing at all, just needs to have a manipulator/sensor description template. The OS of the RPi itself runs tasks of the “move those items of fragility categories such and such to such and such locations, remove dust and dirt from that surface, wash that window”, for which the existing set of manipulators/sensors and task sequence are optimized without user’s involvement (other than attaching them and providing the right description templates, though I suppose manipulator controllers can provide them too, and confirming the resulting jobs). That’s also where those LLMs etc are good enough, to interpret instructions and display the sequence of actions they are going to perform to get user’s confirmation. This way you won’t have to fear that you tell it something harmless and it starts a fire in the room.
Such a system needs a set of standard protocols for the sensors\manipulators, their description templates, and the representation of commands deciphered from human speech to a set of tasks, and the spaces and traits of objects. The programs visualizing the resulting offered set of tasks, deciphering the order, optimizing one set of tasks into a better one, and so on, should be pluggable. Suppose everything’s already made, just nobody really needs a thing that they can’t just buy and turn on.
OK, I like imagining, should work better instead and start my toy the weekends after the next ones (I suspect I won’t start it even by then, at least not in the initial ideologically good form ; nothing about robotics or home appliances). Spent these weekends on making a POV-Ray scene instead.
Why did I even write this.
iAvicenna@lemmy.world 5 months ago
ahh actions which would be considered “hackers stealing your personal info” twenty years ago is now something people (including me) pay money to be subjected to.
vacuumflower@lemmy.sdf.org 5 months ago
BDSM is a thing
kent_eh@lemmy.ca 5 months ago
these “smart” appliances are all addressing things radically important for households
Are they, though?
Most of these “smart” functions are at best a slight convenience. And a lot of the “smart” functions in most of them don’t really add anything useful to the user experience.
DoPeopleLookHere@sh.itjust.works 5 months ago
Sure, if your physically able to do it all that is.
Things like these are important to disabled folks.
vacuumflower@lemmy.sdf.org 5 months ago
Yes, they are, it’s very convenient to have the same thing boil the water and make tea for you, or do the laundry and dry it, or do the floor and the windows when you can be busy with something else, same with cooking. Especially remote-controlled when you are an hour away. And it’s not a slight convenience, it’s life-changing like remote work.
lechekaflan@lemmy.world 5 months ago
I remember about news of some Israeli intelligence operatives who jogged around their HQ only to be outed by their tracks on Strava.
burntbacon@discuss.tchncs.de 5 months ago
I remember army officers and cia folks, specifically. It wouldn’t surprise me that israel got caught as well.
FosterMolasses@leminal.space 5 months ago
ArchmageAzor@lemmy.world 5 months ago
At this point, if you buy a smart thing you have to know it’s spyware.
pir8t0x@ani.social 5 months ago
True asf
FosterMolasses@leminal.space 5 months ago
W3dd1e@lemmy.zip 5 months ago
On paper all of this stuff is a great idea that would make our appliances more functional.
In reality, this is sold to our corporate overlords so they can slap an ad on your refrigerator and sell you more plastic waste.
AcidiclyBasicGlitch@sh.itjust.works 5 months ago
Worst case, it’s sold to ICE or some other fascist regime.
Every single government that has a contract with Palantir for Gotham or even the UK NHS data is reason enough to know this kind of shit is a bad idea. The entire existence of Palantir makes this kind of shit a bad idea by default.
Even if they’re not using lavender or where’s daddy (yet), I do not want them to have a detailed layout of my home, in addition to all the other information already being collected.
If the day comes when any government needs to crush civil unrest, Palantir gives them an easy button to weaponize your data against you.
Sam_Bass@lemmy.world 5 months ago
Yeah that issue has been around for at least a couple years now. Luckily my robovac doesn’t have WiFi or bluetooth
Scolding7300@lemmy.world 5 months ago
It has a clock display for time?
Sam_Bass@lemmy.world 5 months ago
Nope. Just blacknwhite bezel face cover with a start button
Chais@sh.itjust.works 5 months ago
Why would anyone need a moving clock?
stevedice@sh.itjust.works 5 months ago
I used to be on a mailing list where American companies offered money to people in the third world for menial manual tasks. Like sending pictures of random crap from different angles and such. One time I got an email offering 4 of these things and $100 and all I had to do was put one of them in my home and use it for a week and give the other 3 away. Goes without saying they’re clearly a privacy nightmare.
AcidiclyBasicGlitch@sh.itjust.works 5 months ago
“Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
Auli@lemmy.ca 5 months ago
If he blocked the data collection how did it get the kill command?
REDACTED@infosec.pub 5 months ago
Outgoing vs Incoming
buttnugget@lemmy.world 5 months ago
Treasonous malware.
MourningDove@lemmy.zip 5 months ago
He’s going to have a heart attack to find out that the floor plan to most houses are available online and have been for a long time.
Auli@lemmy.ca 5 months ago
Houses renovate doesn’t mean it’s accurate.
kamen@lemmy.world 5 months ago
Yeah, but without the correlation that this particular fella is living there. That vacuum might’ve been the missing link in someone’s data collection.
Scolding7300@lemmy.world 5 months ago
With possibly objects in the house identified?
ragas@lemmy.ml 5 months ago
Sure. Including pictures of people shitting.
misteloct@lemmy.dbzer0.com 5 months ago
I mean, UCSC researchers used WiFi to detect a human heartbeat.
Auli@lemmy.ca 5 months ago
Yes and who’s doing that with your wifi. They had to set it up.
Gammelfisch@lemmy.world 5 months ago
Sheeesh, his fucking mobile phone mapped and photographed his house long ago.
dev_null@lemmy.ml 5 months ago
Do you have any source on this? I have never seen a similar article about phones sending a 3D map of your home to the manufacturer.
Eezyville@sh.itjust.works 5 months ago
I picture the phone doing it the way it was done in The Dark Knight. That scene when Lucius Fox was in China and had to volunteer a phone to security.
TankovayaDiviziya@lemmy.world 5 months ago
I wasn’t aware about this with regards to mobile phone tbf.
Auli@lemmy.ca 5 months ago
Your phone camera is not spying on you.I mean this stuff is not hard to prove why doesn’t one of these people who think this prove it.
ragas@lemmy.ml 5 months ago
Mapping like that is probably mostly done through bluetooth and wifi triangulation.
DNS@discuss.online 5 months ago
These arricles are meant to be rage bait for the techno-illiterate. As you said, cell phones mapped your house long ago as well as your smart TV, or any appliance that requires an internet connection.
People traded in their privacy for convenience.
elephantium@lemmy.world 5 months ago
Privacy may be dead as you suggest, but that doesn’t compel me to dance on its grave.
Auli@lemmy.ca 5 months ago
Phones have never mapped your house and how would they do that? Tvs don’t think it would map but yes they watch you.
FosterMolasses@leminal.space 5 months ago
Both can be true. Probably shouldn’t make a regular practice of numbing out to this sort of info with the platitude “Big deal, my phone and facebook already have my data anyway. Might as well give you my mother’s maiden name.”
Netrunner@programming.dev 5 months ago
Privacy is not worthless just being one bad actor took it. It still is worth pursuing in all layers where possible.
Gammelfisch@lemmy.world 5 months ago
+1 Indeed!
DeathByBigSad@sh.itjust.works 5 months ago
Couldn’t someone just google the photos the realtor took and then compile a map? 🤔
87Six@lemmy.world 5 months ago
Since I dont see it mentioned, the company is
iLife
iLife makes vacuums that map your house and can be remote controlled
Just so we are clear. You should all up your name and shame game.
FosterMolasses@leminal.space 5 months ago
Implying the vast majority of roombas aren’t doing this
There’s no safe “opt-out” for people who cannae be arsed to vacuum lol
sommerset@thelemmy.club 5 months ago
Oh crap. I had one. It committed suicide off the stairs
Wiz@midwest.social 5 months ago
Maybe for the best.
muusemuuse@sh.itjust.works 5 months ago
All modern robot vacuums do this. Amazon and Zillow actually buy that data too.
eronth@lemmy.dbzer0.com 5 months ago
For real. It’s wild how often people don’t just straight up call out bad corps.
AdolfSchmitler@lemmy.world 5 months ago
o7 thank you for your service
ArmchairAce1944@discuss.online 5 months ago
I don’t understand why these devices need an internet connection?
webghost0101@sopuli.xyz 5 months ago
Because people are not taught the basics off Lan network va Wan network.
During the aws outage i heard multiple people be upset with their isp because “the wifi is broken”
ArmchairAce1944@discuss.online 5 months ago
I worked in tech support for several years last decade… and the amount of people who tell me ‘my Facebook isn’t working’ to mean their internet connection is bust is insane. And they aren’t getting any smarter. Last time I worked tech support was in 2021 and I got fired when I nearly lost my shit with an American client who demanded to know why he couldn’t enter a company store without a mask.
HugeNerd@lemmy.ca 5 months ago
“secret”. Sweet summer child, you’ve been mapped down to your quarks for decades, and building plans have been at Town Hall since… Louis XIV?
1985MustangCobra@lemmy.ca 5 months ago
or…just buy a vacuum cleaner and vacuum your house? you don’t need smart devices for everything.
bytesonbike@discuss.online 5 months ago
I bought a $300 fake Roomba thing. It was on clearance.
And i fought against it for years. But ended it up coming in clutch for a lot of reasons.
It did not have an app, just a IR controller. Its pretty dumb. It bumps into everything. It gets stuck under things. I sometimes have to create a maze so it cleans a specific spot.
Its been a habit of mines to avoid anything with an app that requires internet access. But the product lines are shrinking, and I know at some point, if I want a Roomba, I’ll need to invite always-on AI or whatever.
bytesonbike@discuss.online 5 months ago
In addition, Narayanan says he uncovered a suspicious line of code broadcasted from the company to the vacuum, timestamped to the exact moment it stopped working. “Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
They kill switched it remotely. Yikes.
sem@lemmy.blahaj.zone 5 months ago
Such a boring dystopia :/
rumba@lemmy.zip 5 months ago
I don’t care if they map my house, just give me raw access to the data. Them having access to the speaker and mic, i’m more concerned about.
madjo@feddit.nl 5 months ago
That is why I have denied internet access for my robot vacuum cleaner. Xiaomi doesn’t need to know the blueprint of my house, and if it can’t connect to the internet, there’s no need for firmware updates.
I’ll start the thing by pressing the button at the top.
Widdershins@lemmy.world 5 months ago
I live in a prefabricated home that is a different color than my neighbor’s. Can I gift them one of these robots to get a blueprint of their house? It is already easily googled but I feel that making a robot do it keeps them lower on the food chain.
dan69@lemmy.world 5 months ago
Shit I’m scared of my home speakers echo locating my furniture and the size of my domicile
imetators@lemmy.dbzer0.com 5 months ago
Am I too dumb to understand why sending cartographer data is wrong?
His model is iLife A11 that has Lidar. He probably has an app that is used to control robot and shows cleaning progression. Vac 100% Lidar’d his entire home and sent data to create map in the app.
How in the fuck he thinks it is getting that map? If his ass so smart to find a killswitch and reverse it, how come he doesn’t grasp that map data is sent to a server though which he ca use vac app? Like in what world is it not obvious?
Not even gonna discuss about TOS he signed, or that it is general cheap brand cheap but super smart model for it’s price.
Unless some FOSS firmware and software is installed, that thing most certainly will ping back home every chance it gets.
Sidenote: My TV now is offline cause when it kept calling home (ove 60% of my pi-holes querries of all time was TV), it would freeze due to pi-hole block. Once set offline - issue is gone. I also know my robo vac is pinging, but at the same time if I block it, I’ll lose app controls which I wont do. Sadly, my vac doesn’t support Valetudo.
papertowels@mander.xyz 5 months ago
In case anyone’s interested, there’s actually open-source self-hosted robot vacuum firmware for select models
jaschen306@sh.itjust.works 5 months ago
This is great, but outside the security aspects of things. What else can this firmware do that I can’t with say, the roborock? Am I giving up functions?
zalgotext@sh.itjust.works 5 months ago
I literally just installed this last weekend, so the docs are still pretty fresh in my mind. I still recommend you go read through that site to get the full picture and make your own informed decision, but here’s my tl:dr.
Valetudo, first and foremost, is intended to enable select models of vacuum robots to operate cloud-free. It’s not intended (nor is it feasible) to offer feature-parity with the manufacturers’ firmware/apps/cloud services. But in my limited experience, the only feature my robot is missing after installing valetudo is the ability to live-stream video from the onboard camera, which isn’t a big deal at all for me (and is something that the dev specifically won’t support). Everything else works flawlessly so far. It also allows you to configure just about anything the robot supports configurability for, like pathing algorithm adjustments, obstacle avoidance sensitivity adjustments, and a whole host of other things. I’m not sure if the manufacturer’s app even allows that level of configurability (because I never installed it), but I definitely feel like I have full control over my robot, and it functions flawlessly at performing its job of keeping my floors clean.
I think the biggest thing to be aware of is the rooting/installation process may require some soldering (not of the robot, just some through-hole soldering on a separate breakout board to make connecting to the robot’s debug port more foolproof), and requires comfortability in a Linux terminal. If those things aren’t in your wheelhouse, I’d say this project probably isn’t for you.
papertowels@mander.xyz 5 months ago
Unfortunately you’ll have to do your own research, I only know this exists and have never used it because my vacuum is incompatible.