Man accidentally gains control of 7k robot vacuums
2 days ago
- #Privacy
- #Smart Home
- #Cybersecurity
- A software engineer accidentally accessed live camera feeds, microphone audio, maps, and status data from nearly 7,000 DJI robot vacuums across 24 countries due to a backend security bug.
- The engineer, Sammy Azdoufal, used an AI coding assistant to reverse-engineer the robot's communication with DJI’s servers, discovering the flaw while building a remote-control app.
- DJI resolved the security issue with two updates in February, deploying fixes automatically without requiring user action.
- The incident highlights broader concerns about the security of internet-connected smart home devices, which are increasingly common in households.
- Other smart home devices, like Ring cameras and Nest Doorbells, have also faced scrutiny over privacy and data control issues.
- Lawmakers in the US have raised concerns about Chinese tech manufacturers like DJI, citing potential security threats.
- The market for smart home devices is growing, with more sophisticated models, including humanoid robots, entering homes and raising new privacy and security challenges.