Despite the slurs, Mr Swenson was glad that the hackers had announced their presence so loudly. It would have been much worse, he said, if they had decided to quietly observe his family inside their home. They could’ve peered through his robot’s camera, and listened through the microphone, without him having the slightest clue.
Who says they didn’t???
Even if Mr Swenson had used the same username and password on other sites, and if those credentials had been leaked online, that still should not have been enough to access the video feed or to control the robot remotely. These features are supposed to be protected by a four-digit PIN. The PIN code was only checked by the app, rather than by the server or robot.
I don’t even…
On May 24, the same day that Mr Swenson’s device was hacked, a Deebot X2 went rogue, and chased its owner’s dog around their Los Angeles home.
The robot was being steered from afar, with abusive comments coming through the speakers.
…
Late at night, an Ecovacs robot in El Paso started spewing racial slurs at its owner until he unplugged it.
The future is stupid.
These hackers are stupid.
I dint understand how you have the intelligence and patience to learn enough to hack one of these, but the go with some unoriginal racist bullshit.
Could’ve actually made it fun and original.
I’ve no idea how they hacked. But most likely the vulnerability was a mistake the vacuum cleaner manufacturer did, after using second tier software to “save costs”. And they probably skimped on paying the coders, if any
Most likely someone more sophisticated found the exploit, tried to get a bug bounty , was declined by the penny pinching company, and they posted to a place people like your comment inhabit.
If I’m right, this is only the start of problems with this cleaner, because it will happen over and over?
There’s different types of hacking. Finding and coding up an exploit? That takes skill
Then, they post it in a corner of the Internet somewhere to get appreciation for their achievement, or maybe even sell it on the dark web (or someone else sees it and packages it up in a state to sell/share)
Now, using the exploit? That’s pretty easy. It requires some technical ability, but not much. It’s just installing and configuring stuff, then using an app
So here’s what I think happened. Someone found the exploit, and posted about it in a hacker community off the beaten path. One thing led to another, and somehow a group of edgelords get a hold of it. As a group, they manage to get it working, and act like edgelords
The original hacker might have been related, but real hackers are cautious or quickly caught - they probably solved the puzzle, maybe played with it a bit, then posted their findings and moved on to the next puzzle
Thank god for projects like Valetudo thar let you break your stuff away from the cloud.
Semi-related story time. I bought a Midea Cube dehumidifier for my laundry room. My dryer has been broken for years, and I’ve found that air drying clothes makes them last a lot longer. It’s hard to air dry inside, hence the dehumidifier. My plan was to control the dehu automagically with Home Assistant along with some fans, so people could just click a button to turn all the shit on to dry their clothes.
After buying it, I realized that the dehumidifier could only be controlled via the cloud, and the cloud control was unreliable as fuck. With the exception of tech people, nobody is willing to deal with my flaky bullshit. If the button doesn’t work consistently, my partner, her other partner, and my FIL aren’t going to bother. Luckily, a very industrious person made this thing that let me rip out the hardware responsible for cloud connectivity and replace it with a cheap microcontroller. Now, my dehumidifier talks to my Home Assistant server directly via MQTT and it just fucking works.
Give me local-only control or fuck off, I’ll take control myself. It’s not much to demand, and shit like what this article describes absolutely deepens my conviction around local-only control.
Super cool! Apparently the same guy developed both Valetudo and the Midea dehumidifier project you linked.
It’s a good thing none of them were armed…
My take away from this image is that this person only owns 3 kitchen knives…
I thought the deal I got on my KuKluxKlean was too good to be true!
