Insecure Robot Vacuums From Chinese Company Deebot Collect Photos and Audio to Train Their AI (abc.net.au)
- Reference: 0175202467
- News link: https://yro.slashdot.org/story/24/10/07/008247/insecure-robot-vacuums-from-chinese-company-deebot-collect-photos-and-audio-to-train-their-ai
- Source link: https://www.abc.net.au/news/2024-10-05/robot-vacuum-deebot-ecovacs-photos-ai/104416632
> Ecovacs robot vacuums, which have been found to [3]suffer from critical cybersecurity flaws , are collecting photos, videos and voice recordings — taken inside customers' houses — to train the company's AI models.
>
> The Chinese home robotics company, which sells a range of popular Deebot models in Australia, said its users are "willingly participating" in a product improvement program.
>
> When users opt into this program through the Ecovacs smartphone app, they are not told what data will be collected, only that it will "help us strengthen the improvement of product functions and attached quality". Users are instructed to click "above" to read the specifics, however there is no link available on that page.
>
> Ecovacs's privacy policy — [4]available elsewhere in the app — allows for blanket collection of user data for research purposes, including:
>
> - The 2D or 3D map of the user's house generated by the device
> - Voice recordings from the device's microphone
> — Photos or videos recorded by the device's camera
>
"It also states that voice recordings, videos and photos that are deleted via the app may continue to be held and used by Ecovacs..."
[1] https://www.slashdot.org/~schwit1
[2] https://www.abc.net.au/news/2024-10-05/robot-vacuum-deebot-ecovacs-photos-ai/104416632
[3] https://www.abc.net.au/news/2024-10-04/robot-vacuum-hacked-photos-camera-audio/104414020
[4] https://gl-us-wap.ecovacs.com/content/agreementNewest/PRIVACY/DEFAULT/DEFAULT
If you think that Ai training is all... (Score:2)
Those robots are probably doing more than feeding datasets to Chinese companies involved in AI training. Meanwhile, datasets from Reddit and Discord would be pretty juicy for AI training, don't you think? Ditto for TikTok.
My dog was right (Score:5, Funny)
Turns out the vacuum is a dangerous intruder.
That's it. I've had it with this spy-tech. (Score:3)
I'm buying a broom.
If they're insecure (Score:4, Funny)
perhaps therapy would help?
Only the Chinese companies? (Score:5, Insightful)
I'd be surprised if the vacuums by many more mainstream brands were not doing the same thing. It's the sort of issue that will only be solved with legislative action because otherwise it will be just buried in an EULA, and there will be no brands not doing it for additional revenue. Even if the maker is not creating their own AI they can sell the data to Google or someone who is.
Megamaid? (Score:2)
Origin story.
WTF does a vacuum (Score:2)
have a camera in the first place
Re: (Score:2)
Could be using it to for navigation. What it "sees" is interpreted so it knows where a wall is without running into it, or move around furniture.
Re: (Score:3)
Forget the camera. Why does it have a microphone?
"WHRRRRR!!!"
Re: (Score:2)
If it actually worked I can actually see a robot vacuum being something I'd find voice controls useful for. If i could just tell it start or stop for a minute or go back home for the day without opening an app or having to track it down.
But we can't have nice useful things like that since any data nowadays is going to mined and financialized to the nth degree.
That is a disgrace (Score:3)
> robot vacuums [...] are collecting photos, videos and voice recordings â" taken inside customers' houses â" to train the company's AI models.
This should never be allowed! Only American-made products should [1]spy [reuters.com] [2]on [nytimes.com] [3]Americans [usatoday.com].
I demand my dystopia be all-American!
[1] https://www.reuters.com/technology/tesla-workers-shared-sensitive-images-recorded-by-customer-cars-2023-04-06/
[2] https://www.nytimes.com/wirecutter/blog/amazons-alexa-never-stops-listening-to-you/
[3] https://eu.usatoday.com/story/tech/columnist/2019/12/19/your-smartphone-mobile-device-may-recording-everything-you-say/4403829002/
Re: (Score:2)
Yup, and it’s gonna stay like this for a long time, because there’s a lot of companies that want that sort of data. But, if Tesla employees can trade the juciest pics and videos among themselves for entertainment, that means security is already busted, and that stuff will leak out. Eventually, someone who matters to an important person will get ruined. I’m thinking like something really salacious about a senator or billionaire’s wife or granddaughter. Or a close relative of a supreme
Insecure Robot Vacuums ... (Score:2)
Perhaps they just need some love and support while they work on their self-confidence?
BIg guy and small guy dangers. (Score:5, Insightful)
Other than the more broad "Companies are taking too much data" problem, theres also a pretty serious danger from entities smaller than that. This is an organized criminals wet dream of a dataset. Comprehensive collections of addresses, names, internal maps and photos of targettable assets, and enough information to work out when people are and are not at home. Is there a big dog. Are any of the occupants large capable males. Where is the gun kept if in the US. Is there an attractive young woman to sexually assault.
Every terrible terrible question a criminal might want to know, and all assembled into one big dataset a competent hacker would take all of ten minutes to break into (keep in mind, this is a company stupid enough to decide this was a good idea, it probably doesnt have a full time high-skill security guy, cos if they did he'd have been protesting from the high heavens to stop this nonsense at once.
Yeah, this is an insanely dangerous dataset.
And I doubt they are the only ones.
Re: (Score:2)
> Is there an attractive young woman to sexually assault.
Or is there video footage up the woman's skirt, as these cameras are at ground level.
Re: (Score:2)
> Or is there video footage up the woman's skirt
That's terrible! Where?