In case anyone’s interested, there’s actually open-source self-hosted robot vacuum firmware for select models
This is great, but outside the security aspects of things. What else can this firmware do that I can’t with say, the roborock? Am I giving up functions?
I literally just installed this last weekend, so the docs are still pretty fresh in my mind. I still recommend you go read through that site to get the full picture and make your own informed decision, but here’s my tl:dr.
Valetudo, first and foremost, is intended to enable select models of vacuum robots to operate cloud-free. It’s not intended (nor is it feasible) to offer feature-parity with the manufacturers’ firmware/apps/cloud services. But in my limited experience, the only feature my robot is missing after installing valetudo is the ability to live-stream video from the onboard camera, which isn’t a big deal at all for me (and is something that the dev specifically won’t support). Everything else works flawlessly so far. It also allows you to configure just about anything the robot supports configurability for, like pathing algorithm adjustments, obstacle avoidance sensitivity adjustments, and a whole host of other things. I’m not sure if the manufacturer’s app even allows that level of configurability (because I never installed it), but I definitely feel like I have full control over my robot, and it functions flawlessly at performing its job of keeping my floors clean.
I think the biggest thing to be aware of is the rooting/installation process may require some soldering (not of the robot, just some through-hole soldering on a separate breakout board to make connecting to the robot’s debug port more foolproof), and requires comfortability in a Linux terminal. If those things aren’t in your wheelhouse, I’d say this project probably isn’t for you.
Thanks. That answers my question. I already blocked my vacuum from phoning home through my pfsense. So I am mostly there. Flashing seems like extra steps for the same results.
Yeah if your vacuum does enough for you with its Internet access restricted, then there’s probably no good reason to install valetudo. I chose to install it on mine because 1. paranoia, 2. I don’t have a good firewall solution set up yet, and 3. a lot of features on my vacuum are disabled if it can’t phone home, but valetudo re-enables those features.
Unfortunately you’ll have to do your own research, I only know this exists and have never used it because my vacuum is incompatible.
Since I dont see it mentioned, the company is
iLife
iLife makes vacuums that map your house and can be remote controlled
Just so we are clear. You should all up your name and shame game.
For real. It’s wild how often people don’t just straight up call out bad corps.
Could ya be sued, perhaps?
No
Not even perhaps? Well, alrighty!
Just because it wouldn’t stick, doesn’t mean they can’t sue you and make your life more difficult. (Not saying you shouldn’t call out bad actors like that)
And when they sue its the time to come together and support the targets of their lawsuit to bring in the best of the best lawyers to take them down.
You always risk a punch in the face when standing up for yourself but that doesn’t mean you should just accept abuse.
o7 thank you for your service
All modern robot vacuums do this. Amazon and Zillow actually buy that data too.
Implying the vast majority of roombas aren’t doing this
There’s no safe “opt-out” for people who cannae be arsed to vacuum lol
Oh crap. I had one. It committed suicide off the stairs
Maybe for the best.
At this point, if you buy a smart thing you have to know it’s spyware.
My home assistant isn’t spying on me. My Zwave devices are not spying.
I wish I was so naïve
Home Assistant is open source and self-hosted and doesn’t require internet to operate. The z-wave devices connect directly to the device running Home Assistant. If you want Home Assistant to be private it absolutely can be.
True asf
Wait till you find out what your wifi can do.
Was referring to this sort of bullshit. https://www.xfinity.com/hub/smart-home/wifi-motion
Port Scanning blocker was eye opening to how many websites just wanted to check in on me.
Oh, damn! Thanks for reminding me to add that extension since I reinstalled my browser.
So how are they port scanning yiubif your behind a firewall.
Your browser is the trojan here. Install the plugin ‘Port Authority’. Then browse to ebay or IMDB for a demo.
aw he got in my head
Sure “can” do but isn’t.
At first I thought ”Well, duh!”, but the manufacturer having a remote kill switch when he network blocked his vacuum from sharing his home map data with them, as well as unprotected root access when connecting to the vacuum… urgh.
The engineer says he stopped the device from broadcasting data, though kept the other network traffic — like firmware updates — running like usual. The vacuum kept cleaning for a few days after, until early one morning when it refused to boot up.
After reverse engineering the vacuum, a painstaking process which included reprinting the devices’ circuit boards and testing its sensors, he found something horrifying: Android Debug Bridge, a program for installing and debugging apps on devices, was “wide open” to the world. “In seconds, I had full root access. No hacks, no exploits. Just plug and play,” Narayanan said.
All crappy IoT devices ever made. They aren’t used in bot nets all the time because hackers like the challenge of hacking them so much. Security simply isn’t a priority.
The ‘S’ on IoT stands for security!
There isn’t an s in IoT silly.
Woosh? Either Yours or mine :)
I keep seeing you everywhere and the only reason I won’t block you is because of your username brightening my day every time I see it. Curse you!
When that is the light in your day…
A few years ago I noticed an annoyance with a soundbar I had. After allowing it onto my WiFi network so we could stream music to it, it still broadcast the setup WiFi network.
While dorking around one day, I ran a port scan on my network and the soundbar reported port 22 (ssh) was open. I was able to log in as root and no password.
After a moment of “huh, that’s terrible security.” I connected to the (publicly open) setup network, ssh’d in, and copied the wpa_supplicant.conf file from the device to verify it had my WiFi info available to anyone with at least my mediocre skill level. I then factory reset the device, never to entrust it with any credentials again.Name and shame, what make and model was it?
It was a TCL Alto 9+.
A quick internet search reveals that this issue was known about at least three years ago.
Another model, the 8i was reported to have a root password of “12345678” - which is partially how I got the idea to start seeing if I could gain root.
TCL
The Chinese company that steals corporate secrets (I kicked a bunch of their devs once when they were trying to take pictures of prototypes and copy source code on USB keys) and send everything to China? Who would have thought.
Is it just me, or is having ADB exposed physically not that big a deal?
Tend to agree, security is always the goal but if someone is in my house hacking my vacuum, I have bigger issues. The no-notice remote kill is the bigger issue to me.
The much bigger concern is that the pathway used to send the remote kill command could very easily be utilized by nefarious actors.
To do what, wear out one section of carpet faster than the rest of your house?
If a hacker can get into the device remotely it can be an entry point to your home network.
Remote “kill”
Where does it end? First it wears down your carpets and then we’re in Maximum Overdrive.
It finds a sharp corner to rub against and hones itself into a stabby bot.
It could overcharge and overheat the battery, leading to explosion or at least fire.
It is not good. But in most cases just adb doesnt grand root access. That’s just bad.
NO! It’syour device, you should have root! The fact that the manufacturer gives their product owners root is a good thing, not bad!
I will die on this fucking hill.
I agree with you. But granting root straight from adb with 0 auth is not good.
But on this threat model? Why would it not be good?
It has to physically accessed on the PCB itself from what I gather.
There are 2 “threats” from what I see:
-
someone at the distribution facility pops it open and has the know how to install malware on it (very very unlikely)
-
someone breaks into your home unnoticed and has the time to carefully take apart your vacuum and upload pre-prepared malware instead of just sticking an IP camera somewhere. If this actually happens, the owner has much much bigger problems and the vacuum is the least of their worries.
The homeowner is the other person that can access it and it is a big feature in that case.
-
yes and no… i agree with the sentiment, but with root you can extract wifi credentials and various other secrets… you shouldn’t be able to get these things even when you have physical access to the device… the root access itself isn’t the problem
If I broke into your home, why TF would I carefully take apart your robot vacuum in order to copy your wifi credentials‽
Also, WTF other “secrets” are you storing on your robot vacuum‽
This is not a realistic attack scenario.
you’re on programming.dev so i assume you know that secrets is a generic term to cover things like your cloud account login (whatever form that may take - a password, token, api key, etc) for the robot vacuum service and you’re being intentionally obtuse
it’s a realistic attack scenario for some people - think celebrities etc, who might be being targeted… if someone knows what type of vacuum you have, it’s not “carefully take apart” - it’d take 30s, and then you have local network access which is an escalation that can lead to significantly more surveillance like security cameras, and devices with unsecured local access
just because it doesn’t apply to you doesn’t mean it doesn’t apply to anyone… unsecured or default password root access, even with physical access, is considered a security issue
Listen, if someone gets physical access to a device in your home that’s connected to your wifi all bets are off. Having a password to gain access via adb is irrelevant. The attack scenario you describe is absurd: If someone’s in a celebrity’s home they’re not going to go after the robot vacuum when the thermostat, tablets, computers, TV, router, access point, etc are right there.
If they’re physically in the home, they’ve already been compromised. The fact that the owner of a device can open it up and gain root is irrelevant.
Furthermore, since they have root they can add a password themselves! Something they can’t do with a lot of other things in their home that they supposedly “own” but don’t have that power (but I’m 100% certain have vulnerabilities).
At first I thought ”Well, duh!”
There was an ARS article years ago about it…
I mean, this has been known about for pretty much all smart vacuums.
But who the fuck is going to use the layout of your house for anything?
I feel the same way, I dont care really care about them knowing my house layout, but they shouldn’t. We cant let companies get away with infringing on our freedoms and privacy.
The secret police
On paper all of this stuff is a great idea that would make our appliances more functional.
In reality, the best case scenario is that it’s sold to our corporate overlords so they can slap an ad on your refrigerator and sell you more plastic waste.
Worst case, it’s sold to ICE or some other fascist regime.
Worst case, it’s sold to ICE or some other fascist regime.
Every single government that has a contract with Palantir for Gotham or even whatever the fuck they’re doing with the UK NHS data, is reason enough to know this kind of shit is a bad idea. The entire existence of Palantir makes this kind of shit a bad idea by default.
Even if they’re not using lavender or where’s daddy (yet), I do not want them to have a detailed layout of my home, in addition to all the other information already being collected.
If the day comes when any government needs to crush civil unrest, Palantir gives them an easy button to weaponize your data against you.
In addition, Narayanan says he uncovered a suspicious line of code broadcasted from the company to the vacuum, timestamped to the exact moment it stopped working. “Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
They kill switched it remotely. Yikes.
All IoT devices do this to keep you from blocking their data collection. They won’t work reliably without a regular ping home. They lock up if they can’t phone home frequently enough.
Tapo’s sockets don’t - in fact they explicitly have a ‘local only’ function. All you lose is control outside your home network.
Tuya on the other hand will start leeching off the fucking Bluetooth of your pairing device if you hobble them.
tapo cameras do. mine all went offline and factory reset themselves after not having internet access or even accounts for several months, all at the same time.
Haven’t experienced that one - but your statement was “all iot devices do that” (emphasis mine)
And i haven’t even touched on Zigbee…
Haven’t had one yet. Block all IOT devices from internet all work fine.
More likely it killed itself after not being in contact with home base. Since it worked fine elsewhere
“Someone — or something — had remotely issued a kill command,” he wrote.
“I reversed the script change and rebooted the device,” he wrote. “It came back to life instantly. They hadn’t merely incorporated a remote control feature. They had used it to permanently disable my device.”
In short, he said, the company that made the device had “the power to remotely disable devices, and used it against me for blocking their data collection… Whether it was intentional punishment or automated enforcement of ‘compliance,’ the result was the same: a consumer device had turned on its owner.”
Treasonous malware.
If he blocked the data collection how did it get the kill command?
Outgoing vs Incoming
If you have a robot vacuum, and the robot vacuum makes a persistent map (as opposed to the older “dumber” models that just bounce around randomly), they all send that map back to some remote server. In fact, most of those robots won’t even enable the mapping feature unless they’re connected to the Internet (which is absolute bullshit considering most of those robots generate, process, and store that map locally, so there’s literally no reason to send it off somewhere).
So your options are to just use the robot without ever connecting it to the Internet and be happy with the reduced featureset, root the robot and install Valetudo on it, or just vacuum manually. But until manufacturers are forced to let us actually own the smart devices they sell is, under no circumstances should you ever let one touch the Internet.
I remember about news of some Israeli intelligence operatives who jogged around their HQ only to be outed by their tracks on Strava.
I remember army officers and cia folks, specifically. It wouldn’t surprise me that israel got caught as well.
I used to be on a mailing list where American companies offered money to people in the third world for menial manual tasks. Like sending pictures of random crap from different angles and such. One time I got an email offering 4 of these things and $100 and all I had to do was put one of them in my home and use it for a week and give the other 3 away. Goes without saying they’re clearly a privacy nightmare.
iLife A11 smart vacuum
Well, yes, that’s what those cheap “smart” devices do. Or does anyone think cheap smart would fit into that device? Rule of thumb: if a device needs internet access, it is spying on you.
!homeassistant@lemmy.world on a isolated vLAN is my goal for “Smart” devices.
Yes, but some devices simply don’t work without calling home, or have 99% of their brain in a cloud. For those cases, the vLAN does not help.
Then don’t buy those devices. If you have any excuse as to why you “can’t do that”, then there’s zero point in complaining. I’m not saying your complaints are invalid, and companies should be held accountable and criticised. But as long as people buy privacy violating products, companies will continue to violate privacy.
Very valid and true point, but that requires companies to openly admit that they’ve made their devices to not work if it can’t phone home, and no company is gonna do that. At best, they’ll tell you it needs internet access, but even then they’ll probably downplay it.
Either that or some poor sacrifice will have to be the guinea pig and buy the thing to test it and tell others. Ah, I guess Consumer Reports could do that at least.
valetudo.cloud/
Thankfully there are groups to replace boards or flash some devices. I need to keep better bookmarks to plug them.
There’s a version of every device that doesn’t phone home. I switched to HomeAssistant a couple years ago now, and I think all of my stuff is finally local as of a few months ago, including my robot vacuum.
I know very well why I installed valetudo before I even started my new vac for the first time 😁
I received a Tikom vacuum as a gift and was so sad to see I couldn’t installed Valetudo.
On the plus side, it works with no connection and so it’s only slightly less covenient to just…press the button on the vacuum itself when I take my dog for a walk. Gotta dump the tray from last time anyway
This is the way. It works great, I’ve been running it for years.
