"Vacuum robot security and privacy - prevent your robot from sucking your data" Dennis Giese

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • number6
    404 Image not found
    • Apr 2019
    • 2172
    #1

    "Vacuum robot security and privacy - prevent your robot from sucking your data" Dennis Giese


    Vacuum robot security and privacy - prevent your robot from sucking your data

    Dennis Giese, Hacker, He/Him

    Demo, Tool, Exploit

    45



    Exactly 5 years ago we were presenting ways to hack and root vacuum robots. Since then, many things have changed. Back then we were looking into ways to use the robots' "dumb" sensors to spy on the user (e.g. by using the ultrasonic sensor). But all our predictions were exceeded by the reality: today's robots bring multiple cameras and microphones with them. AI is used to detect objects and rooms. But can it be trusted? Where will pictures of your cat end up?

    In this talk we will look at the security and privacy of current devices. We will show that their flaws pose a huge privacy risk and that certification of devices cannot be trusted. Not to worry, though - we will also show you how to protect yourself (and your data) from your robot friends.

    You will learn on how you can get root access to current flagship models of 4 different vendors. Come with us on a journey of having fun hacking interesting devices while preventing them from breaching your privacy. We will also discuss the risks of used devices, for both old and new users.

    Finally, we will talk about the challenges of documenting vacuum robots and developing custom software for them. While our primary goal is to disconnect the robots from the cloud, it is also for users to repair their devices - pwning to own in a wholesome way.

    Dennis Giese is currently a PhD student at Northeastern University and focuses on the security and privacy of IoT devices.
    While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices.

    His most known projects are the documentation and hacking of various vacuum robots. His current vacuum robot army consists of over 45 different models from various vendors.

    dgi_DE

    https://dontvacuum.me

    https://valetudo.cloud

    https://dontvacuum.me/robotinfo/

    Robots with lasers and cameras (but no security): Liberating your vacuum from the cloud
    https://dontvacuum.me/talks/DEFCON29...d_cameras.html

    Unleash your smart-home devices: Vacuum Cleaning Robot Hacking (34C3)
    https://dontvacuum.me/talks/34c3-2017/34c3.html

    Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices
    https://dontvacuum.me/talks/DEFCON26...oT-Xiaomi.html

    https://www.technologyreview.com/202...-data-privacy/

    https://linux-sunxi.org/Main_Page
    Tags: None
    Previous template Next
    Working...