Is your robot vacuum secretly spying on you? New expert warning signals danger!
In an age where convenience is frequently paired with connectivity, household devices designed to simplify our lives might also be compromising our privacy.
A recent warning from The Australian Information Security Association (AISA) brought to light a disconcerting fact: robot vacuums might also be gathering data about our private lives.
AISA experts warned that robot vacuums are equipped to gather data from their surroundings, often transmitting this information to remote servers.
Speaking to 7NEWS, they stressed that this concern is not isolated to just vacuum cleaners.
Several household gadgets can capture images of homeowners in potentially sensitive situations or record personal discussions.
Many consumers are still oblivious to these potential risks.
Why is this data collected?
The information, especially images, that these devices capture are often sent back to manufacturers.
This feedback aids in improving the artificial intelligence of future products, enhancing their ability to navigate intelligently within homes.
While there’s a potential advantage, the shadow of privacy threats looms large.
A distressing incident in 2020 saw Venezuelan contractors tasked with tagging images from the iRobot Roomba J7 leaking photos of a woman in a private moment. While the offending party was fired, according to Northeastern University's Researcher Dennis Giese, data collection has persisted despite such breaches.
Motivated by these concerns, Giese undertook a project, testing the security of various robot vacuums.
And his revelation was shocking. ‘I got access to all of them,’ he told reporters, referring to the 54 vacuums he tested.
The potential fallout is immense. Devices could be manipulated by ‘curious’ hackers or someone (an ex-partner, for example) possessing enough personal details to access them remotely.
Yet, robot vacuums are just a fraction of a larger issue.
Giese also alerted about the susceptibility of all Internet of Things (IoT) devices—any tool that connects online and has sensors interacting with the physical surroundings.
As our reliance on technology grows in an era AISA describes as ‘dominated by swift global production chains,’ consumers are increasingly at risk.
Numerous smart devices—including speakers, cameras, lights, coffee machines, alarms, smart fridges, toys, and baby monitors—fall within the IoT category, many of which Giese has tested.
Remarkably, Giese discovered he could access between 60-70 per cent of the 650-700 IoT devices he reviewed.
‘People love to have the comfortable situation with the devices driving around by themselves and cleaning your floor, but they don’t also think about what sort of data it is actually also collecting.’
‘If you have a device with cameras, be aware that they are potentially recording you at this moment.
‘The more sensors that the device has, the [more] dangerous it obviously is.’
Damien Manuel, AISA Chairperson, also shared: ‘If it’s connected to the internet, has a camera or a microphone, (consumers) should be very wary.’
‘It could be compromised already when they bought the device, or it could be remotely compromised at some point.
‘Someone could remotely activate the microphone and listen to conversations that are going on in your household, copy that information, and then use it to extort you.’
‘One of the biggest problem areas is going to be stalking, so if you’re in an abusive relationship…there’s no way to know if your devices are secure.’
Quality doesn't equal security
It's a common misconception that higher-priced devices are more secure.
Giese's investigations debunked this, showing no clear relationship between device price and security strength.
‘Some devices which are very cheap are surprisingly secure, other devices which are expensive are surprisingly insecure,’ he said.
‘There is no real correlation between high price and high security. It kind of depends on how good the developer was.’
He continued: ‘Typically, the bigger the company, the more they have to lose, and so they put a little bit more effort into it, but that’s not a ground rule.’
Manuel further advised that buyers should contemplate the device's origin and the consumer protection policies of its country of origin.
Giese also pointed out the augmented risks tied to pre-owned or ‘open-box’ devices.
Members, how many of you use robot vacuums or other smart devices? Have you inspected them for any privacy concerns? Let us know your thoughts in the comments below!
A recent warning from The Australian Information Security Association (AISA) brought to light a disconcerting fact: robot vacuums might also be gathering data about our private lives.
AISA experts warned that robot vacuums are equipped to gather data from their surroundings, often transmitting this information to remote servers.
Speaking to 7NEWS, they stressed that this concern is not isolated to just vacuum cleaners.
Several household gadgets can capture images of homeowners in potentially sensitive situations or record personal discussions.
Many consumers are still oblivious to these potential risks.
Why is this data collected?
The information, especially images, that these devices capture are often sent back to manufacturers.
This feedback aids in improving the artificial intelligence of future products, enhancing their ability to navigate intelligently within homes.
While there’s a potential advantage, the shadow of privacy threats looms large.
A distressing incident in 2020 saw Venezuelan contractors tasked with tagging images from the iRobot Roomba J7 leaking photos of a woman in a private moment. While the offending party was fired, according to Northeastern University's Researcher Dennis Giese, data collection has persisted despite such breaches.
Motivated by these concerns, Giese undertook a project, testing the security of various robot vacuums.
And his revelation was shocking. ‘I got access to all of them,’ he told reporters, referring to the 54 vacuums he tested.
The potential fallout is immense. Devices could be manipulated by ‘curious’ hackers or someone (an ex-partner, for example) possessing enough personal details to access them remotely.
Yet, robot vacuums are just a fraction of a larger issue.
Giese also alerted about the susceptibility of all Internet of Things (IoT) devices—any tool that connects online and has sensors interacting with the physical surroundings.
As our reliance on technology grows in an era AISA describes as ‘dominated by swift global production chains,’ consumers are increasingly at risk.
Numerous smart devices—including speakers, cameras, lights, coffee machines, alarms, smart fridges, toys, and baby monitors—fall within the IoT category, many of which Giese has tested.
Remarkably, Giese discovered he could access between 60-70 per cent of the 650-700 IoT devices he reviewed.
‘People love to have the comfortable situation with the devices driving around by themselves and cleaning your floor, but they don’t also think about what sort of data it is actually also collecting.’
‘If you have a device with cameras, be aware that they are potentially recording you at this moment.
‘The more sensors that the device has, the [more] dangerous it obviously is.’
Damien Manuel, AISA Chairperson, also shared: ‘If it’s connected to the internet, has a camera or a microphone, (consumers) should be very wary.’
‘It could be compromised already when they bought the device, or it could be remotely compromised at some point.
‘Someone could remotely activate the microphone and listen to conversations that are going on in your household, copy that information, and then use it to extort you.’
‘One of the biggest problem areas is going to be stalking, so if you’re in an abusive relationship…there’s no way to know if your devices are secure.’
Quality doesn't equal security
It's a common misconception that higher-priced devices are more secure.
Giese's investigations debunked this, showing no clear relationship between device price and security strength.
‘Some devices which are very cheap are surprisingly secure, other devices which are expensive are surprisingly insecure,’ he said.
‘There is no real correlation between high price and high security. It kind of depends on how good the developer was.’
He continued: ‘Typically, the bigger the company, the more they have to lose, and so they put a little bit more effort into it, but that’s not a ground rule.’
Manuel further advised that buyers should contemplate the device's origin and the consumer protection policies of its country of origin.
Giese also pointed out the augmented risks tied to pre-owned or ‘open-box’ devices.
Key Takeaways
- The Australian Information Security Association experts have alerted that robot vacuums and other internet-connected household devices may gather and distribute data about their environment.
- These devices can capture images and offer various functionalities, like in-home security, posing potential privacy risks, especially if hackers compromise them.
- Security Researcher Dennis Giese examined several devices, accessing all of the 54 robot vacuums he tested and 60-70 per cent of the 650-700 other IoT devices.
- Consumers are advised to exercise caution with internet-connected devices, especially those with cameras or microphones, and to remain informed about their features and associated risks.