13
Since I dont see it mentioned, the company is
iLife
iLife makes vacuums that map your house and can be remote controlled
Just so we are clear. You should all up your name and shame game.
For real. It's wild how often people don't just straight up call out bad corps.
Could ya be sued, perhaps?
No
Just because it wouldn't stick, doesn't mean they can't sue you and make your life more difficult. (Not saying you shouldn't call out bad actors like that)
Implying the vast majority of roombas aren't doing this
There's no safe "opt-out" for people who cannae be arsed to vacuum lol
o7 thank you for your service
All modern robot vacuums do this. Amazon and Zillow actually buy that data too.
I used to be on a mailing list where American companies offered money to people in the third world for menial manual tasks. Like sending pictures of random crap from different angles and such. One time I got an email offering 4 of these things and $100 and all I had to do was put one of them in my home and use it for a week and give the other 3 away. Goes without saying they're clearly a privacy nightmare.
At first I thought ”Well, duh!”, but the manufacturer having a remote kill switch when he network blocked his vacuum from sharing his home map data with them, as well as unprotected root access when connecting to the vacuum… urgh.
The engineer says he stopped the device from broadcasting data, though kept the other network traffic — like firmware updates — running like usual. The vacuum kept cleaning for a few days after, until early one morning when it refused to boot up.
After reverse engineering the vacuum, a painstaking process which included reprinting the devices’ circuit boards and testing its sensors, he found something horrifying: Android Debug Bridge, a program for installing and debugging apps on devices, was “wide open” to the world. “In seconds, I had full root access. No hacks, no exploits. Just plug and play,” Narayanan said.
All crappy IoT devices ever made. They aren't used in bot nets all the time because hackers like the challenge of hacking them so much. Security simply isn't a priority.
The 'S' on IoT stands for security!
There isn’t an s in IoT silly.
Woosh? Either Yours or mine :)
He’s going to have a heart attack to find out that the floor plan to most houses are available online and have been for a long time.
In case anyone's interested, there's actually open-source self-hosted robot vacuum firmware for select models
At this point, if you buy a smart thing you have to know it's spyware.
My home assistant isn't spying on me. My Zwave devices are not spying.
I wish I was so naïve
Home Assistant is open source and self-hosted and doesn’t require internet to operate. The z-wave devices connect directly to the device running Home Assistant. If you want Home Assistant to be private it absolutely can be.
Sheeesh, his fucking mobile phone mapped and photographed his house long ago.
These arricles are meant to be rage bait for the techno-illiterate. As you said, cell phones mapped your house long ago as well as your smart TV, or any appliance that requires an internet connection.
People traded in their privacy for convenience.
I mean, this has been known about for pretty much all smart vacuums.
But who the fuck is going to use the layout of your house for anything?
The secret police
This article just screams rage-bait. Not that I am against making people aware of this kind of privacy invasion, but the authors did not bother to do any fact checking.
Firstly, they mention that the vacuum was "transmitting logs and telemetry that [the guy] had never consented to share". If you set up an app with the robot vacuum company, I'm pretty sure you'll get a rather long terms and services document that you just skip past, because who bothers reading that?
Secondly, the ADB part is rather weird. The person probably tried to install Valetudo on it? Otherwise, I have no clue what they tried to say with "reprinting the devices’ circuit boards". I doubt that this guy was able to reverse engineer an entire circuit board, but was surprised when seeing that ADB is enabled? This is what makes some devices rather straight forward to install custom firmware that block all the cloud shenanigans, so I'm not sure why they're painting this as a horrifying thing. Of course, you're broadcasting your map data to the manufacturer so that you can use their shitty app.
The part saying that it had full root access and a kill-switch is a bit worse, but still... It doesn't have to be like this. Shout-out to the people working on the Valetudo project. If you're interested in getting a privacy-friendly robot vacuum, have a look at their website. It requires some know-how, but once it's done, you know for sure you don't need to worry about a 3rd party spying on you.
this post was submitted on 27 Oct 2025
13 points (93.3% liked)
Technology
78582 readers
503 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS