Only drug dealers and it manufacturers call ir customers users, i.e. users. For example, if you are a vacuum cleaner, an electric toothbrush or a dildo, you can use se devices, but y do not belong to it. Many household appliances maintain a constant data connection to ir manufacturer and transmit what y see, hear and experience in everyday life. In turn, manufacturer can remotely control connection without buyer having any influence on it. If you do not want to be spied out of your household appliances, you should not buy m, data connection can not be turned off most of times. Unless you chop m. For example with a piece of aluminum foil.
Dennis Giese and Daniel Wegemer have done latter. The two scientists wanted to know more about data that networked household appliances collect and transfer. Their test objects were, among or things, automatic vacuum cleaners from Chinese company Xiaomi. Although y are only available for Chinese and American markets, y are much cheaper than similar products from Vorwerk or irobot, which can also be found in Germany, with around 300 euros. Since two have bought and dismantled nine self-running vacuum cleaners for ir research, price was an essential argument. In addition, all se systems work in principle: sensors in vacuum cleaners measure environment and collect information about apartment y clean and about ir inhabitants.
© Jakob Börner Kai Biermann Editor in department investigative/data, time online to authors pageAfter all, Giese and Wegemer had to make some effort to get information stored on device at all. As you showed in a lecture at 34. Chaos Communication Congress (34C3) in Leipzig, robot vacuum by Xiaomi was protected against common attacks on his inner life. Only when y came up with idea of attacking one of soldered processors on board was system beaten. The two pushed a piece of aluminum foil under chip. It made sure that processor no longer had unique data and n went into emergency mode. This emergency system could eventually use two to get to operating system, install ir own software and take over vacuum cleaner robot.
The slide sounds easier than it is. Those who do not know exactly what y are doing can easily destroy processor in this way.
Household appliances are also real computersThe whole thing refore shows, on one hand, that manufacturer has certainly thought about safety. "Internet-of-things devices from China are often better developed than those from or countries," says Giese. On or hand, it also proves that every system can be attacked and that it is hardly possible for manufacturer to foresee any attack. "Many developers of such devices do not understand that chips in ir systems are full-fledged computers and that y should be defended against attacks like a full-fledged computer," says Giese.
It would be high time now. Virtually all manufacturers try to connect ir articles to Internet, with ir own servers and with or devices, wher y are refrigerators or cars. They promise ir customers constant updates of deployed software, thus more convenience and even more security. And y hope to be able to make ir offers more attractive thanks to data collected. "Smart devices collect data without user's awareness," says Wegemer.
For example, Chinese vacuum cleaner robot places maps of locations it cleans. Ors do, like Roomba, too. Some even shoot photos of ir surroundings. If data is not only processed locally on device but transferred, manufacturer will learn about size and cut of apartment and also about living habits of inhabitants.
In order to be able to communicate with its manufacturer, vacuum cleaner uses WLAN of buyer. So it also stores all relevant information about this wireless network. The manufacturer knows exact place of residence. Because MAC address of WLAN can be used to determine exact location, as companies like Google and Apple create worldwide maps with all known WLANs, in order to use m in addition to satellite system GPS for location determination.
Date Of Update: 29 December 2017, 12:03
