- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
Am I the only one confused by why a vacume needs a live video feed? Who’s sitting there thinking “I want to watch what my vacume sees!”
A speaker too. So you can mess with your pets while away or spy on your spouse. What an amazing product idea /s
I mean, the speaker part makes sense. The vacuum has a speaker so it can make an alert sound of something’s wrong. The most common ones I hear are “please charge Roomba” and “error, please move Roomba” (that’ll happen if it rolls over a grate or something and the wheel gets stuck).
But a cheap speaker is a pretty sensible feature.
At minimum, it might also have it for the “turning on” noise.
It might also just be the default beeper for the motherboard, and it’s just been reconfigured to make a particular noise instead of the usual beep.
Ok so I used to work for iRobot, the OG robot vacuum maker. Robot vacuums used to vacuum randomly. To make them vacuum systematically, they need to map your house. One cheap way to do that is to use a camera roughly pointing at your ceiling and do Video SLAM. The camera identifies features on your ceiling and how they are changing to know where the robot is and map the room.
I guess ecovac thought they could add a camera feed feature for free since they already had a camera on the robot.
For the non-roboticists: SLAM = Simultaneous Localization And Mapping.
In robot navigation problems we often face the problem to get a grasp of the environment and the robot’s position in it. It’s easier if there’s already a map provided and some sort of external observer who knows where the robot is relative to the map.
Since people don’t usually go into your home to map it out and install some sensors in order to locate the robot, SLAM is the way to go. While moving through an environment, a map of the environment is created and by utilzing some fancy techniques based on sensor data like from cameras, mic+loudspeaker, LIDAR or whatever, it is possible to also infer the robot’s position.
Huh, I thought they were “dog poop sensors”
It’s both, I have the Roomba with the camera on the front and it can sometimes avoid dog poop and wires on purpose (and sometimes navigate, but it mostly seems like it navigates like the other models with no cameras by bumping into things that don’t ever move)
The problem isn’t the video feed per se, it’s that the business model of IoT companies, especially cheap IoT companies, include selling off customer data to advertising and other surveillance capital type entities.
So, cheap hardware, lax security at best, and a business model that requires all their devices to have an internet connection to function properly, or access its full feature set.
Probably to map the room and avoid obstacles like Chairs and pets. Low res cameras are probably the cheapest option for hardware.
The unfortunate, actual reason is that people will pay more markup on the vacuum with useless shit added than it costs to add it. Explaining why humans are like this is unfortunately a less tidy and much more disappointing endeavour.
This is the reason I don’t get PS+.
I see the cheapest option, and think “oh…but I don’t go online much, and thats too little value for that high price.”
Then for a little more money you get a little more value.
Then for a little MORE value, you get the retro games from PS1 and PS2.
And then I realize that’s DOUBLE the cheapest option, to play games that are 20-30 years old.
So I put 2 and 2 together, and decide this whole thing is pissing me off. Fuck it, I’ll just emulate the damn things…
So I put 2 and 2 together, and decide this whole thing is pissing me off.
Still waters run deep.
People that have no opinions of their own and have personalities that are shaped entirely by the things they consoom.
Yet when I wanted to make my vacuum speak like Consuela from Family Guy I couldn’t do it.
You need to supply more lemon pledge.
That whole racist bit was the reason I stopped watching Family Guy.
Latino cleaners arent stupid. Their working conditions are terrible, and they have actual demands.
although Ecovacs accounts are password-protected, and a further four-digit PIN code is required to access the video feed, that PIN code is not validated server-side—meaning anyone with the basic know-how of a tool like Chrome web inspector could bypass it
Wow, that PIN code is really on the honor system, isn’t it?
Reminds me of how Xiaomi password protected smart kettle was only password protected in the UI. I think, it’s an industry standard nowadays 🥲
I guess he wasn’t naked at the time (camera was hijacked too, according to the article).
And people wonder why I go out of my way to obtain equipment that doesn’t have a bloody app or connect to anything.
And nobody posted This yet!? The Roomba That Screams When it Bumps Into Stuff
imagine now somehow combining its sensor data with outputs from a LLM everyone would think that their roomba has become sentient
True supervillain stuff. :-D
Since no one said it yet: Valetudo
Unfortunately no support for Ecovacs.
I never thought I’d read about a vacuum being hacked one day.
Seems that blocking my robot vac’s Internet access when it’s not in use is not so paranoid after all.
“I suck!”
— robot vacuum (probably)How could it have been worse. A fucking basic appliance was hijacked. Ofc its not weaponized, that would have made it worse I guess
Did you see the one with a gun that fired any time it bumped into something?
It could have been worse.
Why won’t they say the brand? Which brand are they?
It’s in the first paragraph of the article.
Robot vacuums made by Ecovacs have been reported