Yeah that issue has been around for at least a couple years now. Luckily my robovac doesn’t have WiFi or bluetooth
I used to be on a mailing list where American companies offered money to people in the third world for menial manual tasks. Like sending pictures of random crap from different angles and such. One time I got an email offering 4 of these things and $100 and all I had to do was put one of them in my home and use it for a week and give the other 3 away. Goes without saying they’re clearly a privacy nightmare.
He’s going to have a heart attack to find out that the floor plan to most houses are available online and have been for a long time.
“Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
Since I dont see it mentioned, the company is
iLife
iLife makes vacuums that map your house and can be remote controlled
Just so we are clear. You should all up your name and shame game.
For real. It’s wild how often people don’t just straight up call out bad corps.
Could ya be sued, perhaps?
No
All modern robot vacuums do this. Amazon and Zillow actually buy that data too.
Oh crap. I had one. It committed suicide off the stairs
Maybe for the best.
o7 thank you for your service
Sheeesh, his fucking mobile phone mapped and photographed his house long ago.
These arricles are meant to be rage bait for the techno-illiterate. As you said, cell phones mapped your house long ago as well as your smart TV, or any appliance that requires an internet connection.
People traded in their privacy for convenience.
+1 Indeed!
I picture the phone doing it the way it was done in The Dark Knight. That scene when Lucius Fox was in China and had to volunteer a phone to security.
I wasn’t aware about this with regards to mobile phone tbf. I know you are spied upon on your phone camera, but mapping the house with the phone? Do you mean like Dark Knight stuff?
I mean, UCSC researchers used WiFi to detect a human heartbeat.
In addition, Narayanan says he uncovered a suspicious line of code broadcasted from the company to the vacuum, timestamped to the exact moment it stopped working. “Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
They kill switched it remotely. Yikes.
All IoT devices do this to keep you from blocking their data collection. They won’t work reliably without a regular ping home. They lock up if they can’t phone home frequently enough.
More likely it killed itself after not being in contact with home base. Since it worked fine elsewhere
I don’t understand why these devices need an internet connection?
Because people are not taught the basics of Lan network vs Wan network and corporations love to exploit this.
During the aws outage i heard multiple people be upset with their isp because “the wifi is broken”
Some of these connect to a smartphone App through Wi-Fi. Connecting to internet and uploading stuff are not shown to the owner but might happen in the background.
We need bluetooth devices back, there’s no reason for 99.999999% of devices to have your network password.
Exactly. Local connection. Why the fuck does it need access to some server somewhere? I am sorry… but if they have updates for their shit available they need different ways of making it available.
Also why the fuck does the company need audio recordings from your home? That is literally spy shit. And why does it need the layout? Even if they were doing it purely to improve their products and make them be able to work around confusing layouts and obstacles then that shit needs your full knowledge and consent… and you can withdraw consent at any time for any reason.
I am too tired to rant further.
100% agree.
Unless they artifically bloat their patch/update file sizes, I’d imagine sending it through your phone to the device over bluetooth would work fine.
I’d even, personally, prefer they use a wifi link directly between my phone and the device while it updates before I give it free access to my lan.
Seriously, MQTT on your home server or router or whatever and let things talk to eachother THERE. Keep the conversation INSIDE the LAN. This cloud shit is all about building expensive, unnesscarry dependencies.
For a robot vacuum, wi-fi works best because you should be able to leave the phone in one room while the bot goes clean all the other ones. Bluetooth needs line of sight.
Never used a robot vacuum, but the idea is that you set it up once and never think about it, right?
So you’d set it up once with bluetooth, then disconnect and let it do its job.
Software updates could cause issues, though if they release a finished product it wouldn’t need any or much of those if it works for you already. And updates can be managed over bluetooth.
To upload a map of your home duh
“secret”. Sweet summer child, you’ve been mapped down to your quarks for decades, and building plans have been at Town Hall since… Louis XIV?
It reminds me of when Google added everyone’s phone numbers to search. Everyone freaked out. “What do you mean anyone can find my number?!” And this is back when phone books were ubiquitous.
It’s pointless now as anyone actually making a call (scammers) buys numbers from providers or other thieves. But it’s really interesting how publicly available data being more publicity available can be scary.
I don’t care if they map my house, just give me raw access to the data. Them having access to the speaker and mic, i’m more concerned about.
Such a boring dystopia :/
Couldn’t someone just google the photos of the house that the realtor took and then compile a map? 🤔
I bought a $300 fake Roomba thing. It was on clearance.
And i fought against it for years. But ended it up coming in clutch for a lot of reasons.
It did not have an app, just a IR controller. Its pretty dumb. It bumps into everything. It gets stuck under things. I sometimes have to create a maze so it cleans a specific spot.
Its been a habit of mines to avoid anything with an app that requires internet access. But the product lines are shrinking, and I know at some point, if I want a Roomba, I’ll need to invite always-on AI or whatever.
You can have the best of both worlds. There’s a lot of smart home stuff that isn’t owned by a corporation. For vacuums, Valetudo is amazing and fun to set up, if not a little nerve wracking risking bricking your expensive appliance.
There’s some models that work with Matter and a local home server. There’s also a couple you can flash with open source software to keep it all local.
For those interested, there are some vacuum models listed on this project: https://valetudo.cloud/
It can get technical (since they want people to learn), but the documentation is pretty detailed.
That is why I have denied internet access for my robot vacuum cleaner. Xiaomi doesn’t need to know the blueprint of my house, and if it can’t connect to the internet, there’s no need for firmware updates.
I’ll start the thing by pressing the button at the top.
I’m unfamiliar with Xiaomi “smart” products, I assume there is an app to control the vacuum, if it does have an app does it still work for you strictly behind your LAN network?
It does have an app, but I’m not using it. It also doesn’t work, because it can’t find the vacuum on the network.
The device has 2 buttons: “turn on/off” and “find home”, those are the only two I need.
A vacuum doesn’t need internet access.
Did a little digging, not sure if you’re someone who self hosts (or owns Homekit enabled devices) but Homebridge appears to offer plugins for Xiaomi smart vacuums this will give you more “smart” functionality without the cost of exposing it to the internet.
Shame they don’t offer that flexibility natively.
It would be nice if it had Bluetooth or something to control from the app. There’s no reason I’d want to run the vacuum outside a defined schedule when not at home, so the only useful feature of an app is local config.
The app talks to the servers, the servers talk to the robot
It’s Xiaomi, of course the app will not work without internet access
