Since I dont see it mentioned, the company is
iLife
iLife makes vacuums that map your house and can be remote controlled
Just so we are clear. You should all up your name and shame game.
For real. It’s wild how often people don’t just straight up call out bad corps.
Could ya be sued, perhaps?
No
Just because it wouldn’t stick, doesn’t mean they can’t sue you and make your life more difficult. (Not saying you shouldn’t call out bad actors like that)
And when they sue its the time to come together and support the targets of their lawsuit to bring in the best of the best lawyers to take them down.
You always risk a punch in the face when standing up for yourself but that doesn’t mean you should just accept abuse.
Not even perhaps? Well, alrighty!
o7 thank you for your service
All modern robot vacuums do this. Amazon and Zillow actually buy that data too.
Implying the vast majority of roombas aren’t doing this
There’s no safe “opt-out” for people who cannae be arsed to vacuum lol
Oh crap. I had one. It committed suicide off the stairs
Maybe for the best.
In addition, Narayanan says he uncovered a suspicious line of code broadcasted from the company to the vacuum, timestamped to the exact moment it stopped working. “Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
They kill switched it remotely. Yikes.
All IoT devices do this to keep you from blocking their data collection. They won’t work reliably without a regular ping home. They lock up if they can’t phone home frequently enough.
Tapo’s sockets don’t - in fact they explicitly have a ‘local only’ function. All you lose is control outside your home network.
Tuya on the other hand will start leeching off the fucking Bluetooth of your pairing device if you hobble them.
tapo cameras do. mine all went offline and factory reset themselves after not having internet access or even accounts for several months, all at the same time.
Haven’t experienced that one - but your statement was “all iot devices do that” (emphasis mine)
And i haven’t even touched on Zigbee…
Haven’t had one yet. Block all IOT devices from internet all work fine.
More likely it killed itself after not being in contact with home base. Since it worked fine elsewhere
At this point, if you buy a smart thing you have to know it’s spyware.
True asf
My home assistant isn’t spying on me. My Zwave devices are not spying.
I wish I was so naïve
Home Assistant is open source and self-hosted and doesn’t require internet to operate. The z-wave devices connect directly to the device running Home Assistant. If you want Home Assistant to be private it absolutely can be.
“Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
Treasonous malware.
If he blocked the data collection how did it get the kill command?
Outgoing vs Incoming
On paper all of this stuff is a great idea that would make our appliances more functional.
In reality, the best case scenario is that it’s sold to our corporate overlords so they can slap an ad on your refrigerator and sell you more plastic waste.
Worst case, it’s sold to ICE or some other fascist regime.
Worst case, it’s sold to ICE or some other fascist regime.
Every single government that has a contract with Palantir for Gotham or even whatever the fuck they’re doing with the UK NHS data, is reason enough to know this kind of shit is a bad idea. The entire existence of Palantir makes this kind of shit a bad idea by default.
Even if they’re not using lavender or where’s daddy (yet), I do not want them to have a detailed layout of my home, in addition to all the other information already being collected.
If the day comes when any government needs to crush civil unrest, Palantir gives them an easy button to weaponize your data against you.
Wait till you find out what your wifi can do.
Port Scanning blocker was eye opening to how many websites just wanted to check in on me.
Oh, damn! Thanks for reminding me to add that extension since I reinstalled my browser.
So how are they port scanning yiubif your behind a firewall.
Your browser is the trojan here. Install the plugin ‘Port Authority’. Then browse to ebay or IMDB for a demo.
Was referring to this sort of bullshit. https://www.xfinity.com/hub/smart-home/wifi-motion
aw he got in my head
Sure “can” do but isn’t.
I used to be on a mailing list where American companies offered money to people in the third world for menial manual tasks. Like sending pictures of random crap from different angles and such. One time I got an email offering 4 of these things and $100 and all I had to do was put one of them in my home and use it for a week and give the other 3 away. Goes without saying they’re clearly a privacy nightmare.
In case anyone’s interested, there’s actually open-source self-hosted robot vacuum firmware for select models
This is great, but outside the security aspects of things. What else can this firmware do that I can’t with say, the roborock? Am I giving up functions?
I literally just installed this last weekend, so the docs are still pretty fresh in my mind. I still recommend you go read through that site to get the full picture and make your own informed decision, but here’s my tl:dr.
Valetudo, first and foremost, is intended to enable select models of vacuum robots to operate cloud-free. It’s not intended (nor is it feasible) to offer feature-parity with the manufacturers’ firmware/apps/cloud services. But in my limited experience, the only feature my robot is missing after installing valetudo is the ability to live-stream video from the onboard camera, which isn’t a big deal at all for me (and is something that the dev specifically won’t support). Everything else works flawlessly so far. It also allows you to configure just about anything the robot supports configurability for, like pathing algorithm adjustments, obstacle avoidance sensitivity adjustments, and a whole host of other things. I’m not sure if the manufacturer’s app even allows that level of configurability (because I never installed it), but I definitely feel like I have full control over my robot, and it functions flawlessly at performing its job of keeping my floors clean.
I think the biggest thing to be aware of is the rooting/installation process may require some soldering (not of the robot, just some through-hole soldering on a separate breakout board to make connecting to the robot’s debug port more foolproof), and requires comfortability in a Linux terminal. If those things aren’t in your wheelhouse, I’d say this project probably isn’t for you.
Thanks. That answers my question. I already blocked my vacuum from phoning home through my pfsense. So I am mostly there. Flashing seems like extra steps for the same results.
Yeah if your vacuum does enough for you with its Internet access restricted, then there’s probably no good reason to install valetudo. I chose to install it on mine because 1. paranoia, 2. I don’t have a good firewall solution set up yet, and 3. a lot of features on my vacuum are disabled if it can’t phone home, but valetudo re-enables those features.
Unfortunately you’ll have to do your own research, I only know this exists and have never used it because my vacuum is incompatible.
Yeah that issue has been around for at least a couple years now. Luckily my robovac doesn’t have WiFi or bluetooth
It has a clock display for time?
Why would anyone need a moving clock?
I meant on the station to schedule cleanups, e.g. recurring ones. Useful if the noise distracts you and you want it done when you’re not home kinda thing
That makes more sense.
To display time?
Nope. Just blacknwhite bezel face cover with a start button
Same. I will service and repair my goddamn 880 until it is DUST, dammit.
Sheeesh, his fucking mobile phone mapped and photographed his house long ago.
These arricles are meant to be rage bait for the techno-illiterate. As you said, cell phones mapped your house long ago as well as your smart TV, or any appliance that requires an internet connection.
People traded in their privacy for convenience.
Both can be true. Probably shouldn’t make a regular practice of numbing out to this sort of info with the platitude “Big deal, my phone and facebook already have my data anyway. Might as well give you my mother’s maiden name.”
Privacy is not worthless just being one bad actor took it. It still is worth pursuing in all layers where possible.
Privacy may be dead as you suggest, but that doesn’t compel me to dance on its grave.
Phones have never mapped your house and how would they do that? Tvs don’t think it would map but yes they watch you.
+1 Indeed!
Do you have any source on this? I have never seen a similar article about phones sending a 3D map of your home to the manufacturer.
I wasn’t aware about this with regards to mobile phone tbf. I know you are spied upon on your phone camera, but mapping the house with the phone? Do you mean like Dark Knight stuff?
Your phone camera is not spying on you.I mean this stuff is not hard to prove why doesn’t one of these people who think this prove it.
Mapping like that is probably mostly done through bluetooth and wifi triangulation.
So my Bluetooth is triangulation with what. The signal bouncing around.
Other bluetooth devices in your area
I picture the phone doing it the way it was done in The Dark Knight. That scene when Lucius Fox was in China and had to volunteer a phone to security.
I remember about news of some Israeli intelligence operatives who jogged around their HQ only to be outed by their tracks on Strava.
I remember army officers and cia folks, specifically. It wouldn’t surprise me that israel got caught as well.
If you have a robot vacuum, and the robot vacuum makes a persistent map (as opposed to the older “dumber” models that just bounce around randomly), they all send that map back to some remote server. In fact, most of those robots won’t even enable the mapping feature unless they’re connected to the Internet (which is absolute bullshit considering most of those robots generate, process, and store that map locally, so there’s literally no reason to send it off somewhere).
So your options are to just use the robot without ever connecting it to the Internet and be happy with the reduced featureset, root the robot and install Valetudo on it, or just vacuum manually. But until manufacturers are forced to let us actually own the smart devices they sell is, under no circumstances should you ever let one touch the Internet.
He’s going to have a heart attack to find out that the floor plan to most houses are available online and have been for a long time.
With possibly objects in the house identified?
Sure. Including pictures of people shitting.
Yeah, but without the correlation that this particular fella is living there. That vacuum might’ve been the missing link in someone’s data collection.
Houses renovate doesn’t mean it’s accurate.
I don’t care if they map my house, just give me raw access to the data. Them having access to the speaker and mic, i’m more concerned about.
