The smart vacuum cleaner was remotely bricked for not collecting data.

An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device. That’s when he noticed it was constantly sending logs and telemetry data to the manufacturer — something he hadn’t consented to. The user, Harishankar, decided to block the telemetry servers’ IP addresses on his network, while keeping the firmware and OTA servers open. While his smart gadget worked for a while, it just refused to turn on soon after. After a lengthy investigation, he discovered that a remote kill command had been issued to his device.

  • spaghettiwestern@sh.itjust.worksOPEnglish
    53·
    5 days ago

    My robot vac will only operate when connected to the Internet so it’s only allowed to communicate when actually in use. As soon as it returns to the charger Internet access is automatically blocked.

    Unfortunately the manufacturer has deliberately made this as inconvenient as possible. If communication is blocked for more than a few hours the vacuum loses all maps and will no longer even load saved maps from the Tuya app. To use it the vac must be powered down and the app killed. Only then can a saved map be restored.

    It’s too bad it’s so useful.

    • ExLisper@lemmy.curiana.netEnglish
      156·
      5 days ago

      it’s only allowed to communicate when actually in use.

      What’s the point? The manufacturer is interested in the map of your apartment and usage statistics. What do you think it’s sending when not in use? Does it have a microphone or something?

      • spaghettiwestern@sh.itjust.worksOPEnglish
        18·
        3 days ago

        Since I haven’t pulled it apart or tried to decrypt the ssl traffic I have no idea whether it has “a microphone or something.” That’s the point.

        • everett@lemmy.mlEnglish
          11·
          5 days ago

          Keeping it offline some of the time isn’t effective against passive data collection unless you’re willing to take the inconvenient step of factory-resetting it each time you’re about to use it. Anything it collects it can just hold onto until it next gets the chance to upload.

          • FauxLiving@lemmy.worldEnglish
            8·
            5 days ago

            SmartTVs will hold onto your data as long as they have storage, even through a factory reset. So if you sell it and the next person hooks it up to the Internet then the data is uploaded.

            • everett@lemmy.mlEnglish
              5·
              5 days ago

              I know it can be done, so it wouldn’t shock me at all to find out that it does happen, but do you know of any manufacturers who have been proven to do this?

    • kent_eh@lemmy.caEnglish
      4·
      5 days ago

      My robot vac will only operate when connected to the Internet

      That would trigger me to return it to the store. “It doesn’t work”