this post was submitted on 12 Aug 2024
224 points (98.7% liked)

Technology

60106 readers
2232 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Malicious hackers can take over control of vacuum and lawn mower robots made by Ecovacs to spy on their owners using the devices’ cameras and microphones, new research has found.

Security researchers Dennis Giese and Braelynn are due to speak at the Def Con hacking conference on Saturday detailing their research into Ecovacs robots. When they analyzed several Ecovacs products, the two researchers found a number of issues that can be abused to hack the robots via Bluetooth and surreptitiously switch on microphones and cameras remotely.

“Their security was really, really, really, really bad,” Giese told TechCrunch in an interview ahead of the talk.

The researchers said they reached out to Ecovacs to report the vulnerabilities but never heard back from the company, and believe the vulnerabilities are still not fixed and could be exploited by hackers.

you are viewing a single comment's thread
view the rest of the comments
[–] RegalPotoo@lemmy.world 9 points 4 months ago (1 children)
[–] BlackEco@lemmy.blackeco.com 7 points 4 months ago (1 children)

As a note, Dennis Giese —who is the co-author of the Defcon talk mentioned in the article— is also the author of Dustcloud, which is used as the basis of Valetudo. Though I'm not aware that Valetudo will ever support Ecovacs robots.

[–] wewbull@feddit.uk 1 points 4 months ago (1 children)
[–] BlackEco@lemmy.blackeco.com 0 points 4 months ago* (last edited 4 months ago) (1 children)

AFAIK Hypfer (Valetudo maintainer) has no intention to support new robots other than Dreame

[–] NeoNachtwaechter@lemmy.world 1 points 4 months ago (1 children)

You had better read their list of supported devices instead of saying such a ....

[–] BlackEco@lemmy.blackeco.com 1 points 4 months ago

I meant add support to new robots other than Dreame. On Telegram he explicitly said he won't support any new Roborock nor Ecovacs