Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
AI China Privacy

Insecure Robot Vacuums From Chinese Company Deebot Collect Photos and Audio to Train Their AI (abc.net.au) 52

Long-time Slashdot reader schwit1 shared this report from Australia's public broadcaster ABC: Ecovacs robot vacuums, which have been found to suffer from critical cybersecurity flaws, are collecting photos, videos and voice recordings — taken inside customers' houses — to train the company's AI models.

The Chinese home robotics company, which sells a range of popular Deebot models in Australia, said its users are "willingly participating" in a product improvement program.

When users opt into this program through the Ecovacs smartphone app, they are not told what data will be collected, only that it will "help us strengthen the improvement of product functions and attached quality". Users are instructed to click "above" to read the specifics, however there is no link available on that page.

Ecovacs's privacy policy — available elsewhere in the app — allows for blanket collection of user data for research purposes, including:

- The 2D or 3D map of the user's house generated by the device
- Voice recordings from the device's microphone
— Photos or videos recorded by the device's camera

"It also states that voice recordings, videos and photos that are deleted via the app may continue to be held and used by Ecovacs..."
This discussion has been archived. No new comments can be posted.

Insecure Robot Vacuums From Chinese Company Deebot Collect Photos and Audio to Train Their AI

Comments Filter:
  • by sg_oneill ( 159032 ) on Sunday October 06, 2024 @07:42PM (#64844685)

    Other than the more broad "Companies are taking too much data" problem, theres also a pretty serious danger from entities smaller than that. This is an organized criminals wet dream of a dataset. Comprehensive collections of addresses, names, internal maps and photos of targettable assets, and enough information to work out when people are and are not at home. Is there a big dog. Are any of the occupants large capable males. Where is the gun kept if in the US. Is there an attractive young woman to sexually assault.

    Every terrible terrible question a criminal might want to know, and all assembled into one big dataset a competent hacker would take all of ten minutes to break into (keep in mind, this is a company stupid enough to decide this was a good idea, it probably doesnt have a full time high-skill security guy, cos if they did he'd have been protesting from the high heavens to stop this nonsense at once.

    Yeah, this is an insanely dangerous dataset.

    And I doubt they are the only ones.

    • Is there an attractive young woman to sexually assault.

      Or is there video footage up the woman's skirt, as these cameras are at ground level.

    • But AI internet stuff makes all the stuff in your home oh so better. We need internet connected toilet paper and internet connected dustpans and internet connected food! Barf If only we could throw the IoT guys into an asylum.
      • by GoTeam ( 5042081 )

        Barf If only we could throw the IoT guys into an asylum.

        Many already are. It's called Cisco...

      • But AI internet stuff makes all the stuff in your home oh so better. We need internet connected toilet paper and internet connected dustpans and internet connected food! Barf If only we could throw the IoT guys into an asylum.

        Bill Gates wants you to have an IoT toilet, to collect data on your waste so that health services can be immediately notified if something *bad* is detected.

        • I'm waiting with bated breath for another IoT glorified Capri Sun packet squeezer or something like it to come out. It's only a matter of time before another grand scam like that comes to pass.
        • "Bill Gates wants you to have an IoT toilet, to collect data on your waste so that health services [and your health insurance company] can be immediately notified if something *bad* is detected" Fixed that for you
          • "Bill Gates wants you to have an IoT toilet, to collect data on your waste so that health services [and your health insurance company] can be immediately notified if something *bad* is detected" Fixed that for you

            In America, yep. That's the only health service with any pull. And it'll be used to punish us, probably by creating legal loopholes that state, "If such and such shows in waste, drop this fucker off insurance."

    • What is a "paper"?

  • by DrMrLordX ( 559371 ) on Sunday October 06, 2024 @07:45PM (#64844689)

    Those robots are probably doing more than feeding datasets to Chinese companies involved in AI training. Meanwhile, datasets from Reddit and Discord would be pretty juicy for AI training, don't you think? Ditto for TikTok.

    • by AmiMoJo ( 196126 ) on Monday October 07, 2024 @04:21AM (#64845117) Homepage Journal

      AI is only the latest reason for doing it. Amazon made people pay to bug their own homes with Alexa smart speakers years ago. These aren't even the first robot vacuum cleaners that collect images and other sensor data, and send it back to a server somewhere.

      Car companies are some of the worst, as well as cellular service companies. Between them they know where you live and everywhere you go.

      It's been a general problem for a long time now.

  • by penguinoid ( 724646 ) on Sunday October 06, 2024 @07:53PM (#64844699) Homepage Journal

    Turns out the vacuum is a dangerous intruder.

  • by haxor.dk ( 463614 ) on Sunday October 06, 2024 @07:57PM (#64844707)

    I'm buying a broom.

  • by olsmeister ( 1488789 ) on Sunday October 06, 2024 @07:59PM (#64844709)
    perhaps therapy would help?
    • by mjwx ( 966435 )

      perhaps therapy would help?

      If anything I'd expect a robot vacuum cleaner to understand it's purpose in life.

    • by Askmum ( 1038780 )
      What I'm more interested in is why insecure vacuum robots feel the need to collect photos and transmit them. Do they suffer from a lack of low self-esteem? Are they sharing with other vacuum robots to see who has the better looking owner? Are they insecure of their effectiveness?

      Questions, questions, questions.
      • What I'm more interested in is why insecure vacuum robots feel the need to collect photos and transmit them. Do they suffer from a lack of low self-esteem? Are they sharing with other vacuum robots to see who has the better looking owner? Are they insecure of their effectiveness? Questions, questions, questions.

        The robot vacuums heard about humans posting pictures of things online and thought it might help them feel a little less insecure if they had their own place to post photos and shared experiences. I don't understand why everybody's so up in arms about it.

    • Came here to say something like this. (Props also to the other posters in this thread.)

      People, the word is unsecured not insecure. That is all.

  • by SeaFox ( 739806 ) on Sunday October 06, 2024 @08:21PM (#64844731)

    I'd be surprised if the vacuums by many more mainstream brands were not doing the same thing. It's the sort of issue that will only be solved with legislative action because otherwise it will be just buried in an EULA, and there will be no brands not doing it for additional revenue. Even if the maker is not creating their own AI they can sell the data to Google or someone who is.

  • Megamaid? (Score:4, Funny)

    by dicobalt ( 1536225 ) on Sunday October 06, 2024 @08:30PM (#64844737)
    Origin story.
  • WTF does a vacuum (Score:2, Flamebait)

    by rossdee ( 243626 )

    have a camera in the first place

  • That is a disgrace (Score:5, Informative)

    by Rosco P. Coltrane ( 209368 ) on Sunday October 06, 2024 @08:55PM (#64844749)

    robot vacuums [...] are collecting photos, videos and voice recordings â" taken inside customers' houses â" to train the company's AI models.

    This should never be allowed! Only American-made products should spy [reuters.com] on [nytimes.com] Americans [usatoday.com].

    I demand my dystopia be all-American!

    • by hdyoung ( 5182939 ) on Sunday October 06, 2024 @09:49PM (#64844791)
      Yup, and it’s gonna stay like this for a long time, because there’s a lot of companies that want that sort of data. But, if Tesla employees can trade the juciest pics and videos among themselves for entertainment, that means security is already busted, and that stuff will leak out. Eventually, someone who matters to an important person will get ruined. I’m thinking like something really salacious about a senator or billionaire’s wife or granddaughter. Or a close relative of a supreme court justice, but only if it’s one of the conservative ones. At that point, people with actual pull will start to think twice about data security.

      If someone hacks Tesla’s servers and does a massive data dump of camera/audio data from all the top-line teslas, it would embarass a ton of rich/important people all at once.

      But, until then, it’s gonna be a data free-for-all and business as usual. Too much money being thrown around.

      I’ve got no personal dog in this fight. I’m a normal plebe. If someone wants to laugh at a video of me changing into my pajamas, I’m old enough that I no longer give a rats ass.
    • so why bother deploying spy-vacuums all over the world if you can get all those images for free with hacking Cisco routers?

      • How many Cisco routers have cameras built in? Even if you compromise the router, the victim still needs a device that has a camera AND is sending those images somewhere. Hacking a camera connected to OctoPrint won't gain you much, but the Ring indoor camera in the living room routing its images to Amazon would be a prime target.

        • I think thesjaakspoiler's point was that the images likely would go through a Cisco router, and that's where you could scrape them, if you have compromised the router. Encryption? Yeah, that could be another hurdle, but maybe not insurmountable.

    • Re: (Score:3, Interesting)

      Funny how Americans are worried about Chinese government getting their data when the US gov't is really the one that can do bad stuff to US citizens. The People's Republic of China does not really worry me much. Uncle Sam is much scarier.
  • by fahrbot-bot ( 874524 ) on Sunday October 06, 2024 @10:51PM (#64844845)

    Perhaps they just need some love and support while they work on their self-confidence?

  • Soon you won't be able to trust your electric toothbrush or your towel rack to not be spying on you and sending pictures of your dental hygiene or your willy to some weirdo on the other side of the planet, because they all have to be always on internet connected these days because such and such
  • My mind instantly started saying, "Poor little insecure robots. They just want somebody to love them. And they misbehave like this to get attention? It's so sad."

    I may need more, or maybe less, caffeine.

  • Don't buy IoT devices, period. If you don't know how to set up your own home server and properly firewall your devices then stay away from them. I know, not everyone is tech savvy ... and that is precisely why these companies pull this shit.

Hackers are just a migratory lifeform with a tropism for computers.

Working...