Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Privacy Technology

LidarPhone Attack Converts Smart Vacuums Into Microphones (zdnet.com) 33

An anonymous reader quotes a report from ZDNet: A team of academics has detailed this week novel research that converted a smart vacuum cleaner into a microphone capable of recording nearby conversations. Named LidarPhone, the technique works by taking the vacuum's built-in LiDAR laser-based navigational component and converting it into a laser microphone. [...] They tested the LidarPhone attack with various objects, by varying the distance between the robot and the object, and the distance between the sound origin and the object. Tests focused on recovering numerical values, which the research team said they managed to recover with a 90% accuracy. But academics said the technique could also be used to identify speakers based on gender or even determine their political orientation from the music played during news shows, captured by the vacuum's LiDAR.

But while the LidarPhone attack sounds like a gross invasion of privacy, users need not panic for the time being. This type of attack revolves around many prerequisites that most attacks won't bother. There are far easier ways of spying on users than overwriting a vacuum's firmware to control its laser navigation system, such as tricking the user on installing malware on their phone. The LidarPhone attack is merely novel academic research that can be used to bolster the security and design of future smart vacuum robots. In fact, the research team's main recommended countermeasure for smart vacuum cleaning robot makers is to shut down the LiDAR component if it's not rotating. Additional details about the research are available in a research paper titled "Spying with Your Robot Vacuum Cleaner: Eavesdropping via Lidar Sensors."

This discussion has been archived. No new comments can be posted.

LidarPhone Attack Converts Smart Vacuums Into Microphones

Comments Filter:
  • This sucks (Score:5, Funny)

    by theshowmecanuck ( 703852 ) on Thursday November 19, 2020 @07:14PM (#60745000) Journal
    Had to...
    • by AmiMoJo ( 196126 )

      OT rant about vacuum cleaners.

      I've come to realize that power isn't all that important. I noticed that Japanese vacuum cleaners are often only 300-400W and quite quiet, yet clean better than 3000W monstrosities found in the UK. The Japanese market values "eco" products and low noise so their vacuum cleaners are actually good, where as the UK ones are just noisy.

      There are exceptions. Dyson makes good cleaners, but they are not good because they are powerful. The high level of suction just makes them harder t

      • You sure it was not robocide?

        Or, (and I hesitate to say this), self-robocide?

        I mean, if you did not give it the necessary love and attention, (you obviously failed to allow it to use the bathroom often enough, if it was full all the time), it may have decided to self terminate!
        • by AmiMoJo ( 196126 )

          I do sometimes wonder if it realized the futility of its own existence, like Sisyphus the task of cleaning was never complete. As soon as it finished one area another was ready to be cleaned again.

      • Dyson makes good cleaners, but they are not good because they are powerful. The high level of suction just makes them harder to use as more force is needed to move them around. No, it's the agitation that makes them work well.

        Bollocks. Lots of vacuums have beater brushes, they predate Dyson vacuums completely. But that's meaningless if the brush fires the dirt out from under the vacuum instead of sucking it up, which requires superior suction. Hoover invented a vacuum with a beater bar that vibrates the carpet in 1926, 21 years before the birth of James Dyson and 65 years before the founding of Dyson Ltd. And Dyson vacuums only have a brush, they don't even have a bar.

        The best vacuum cleaners have really good agitators that beat the dust out of the carpet or sweep it off the hard floor.

        Those functions are performed by two different mechanisms. Dy

        • by AmiMoJo ( 196126 )

          I'm not suggesting that Dyson invented beater brushes, or that theirs are even the very best. In fact I've found that Xiaomi ones work just as well but cost half as much, often less due to sales.

          Suction prevents the lifted dust escaping but it's as much about the design of the head as of the power. If the suction is used well it doesn't have to be massive. The EU actually tests emissions from vacuum cleaners which include the dust lost from the head and the low power ones do well.

          I've had some great LG opti

          • I've had some great LG optical drives. They were sought after back in the day because they were a few cm shorter than everyone else's, and particularly in the Amiga 4000 that was really critical.

            Back then I was using Toshiba drives, some of them were 1" high with a 5.25" footprint, optionally with a filler plate to give them a full 5.25" faceplate. They also had the added benefit of being able to be converted between a 2k sector and a 512b sector, which let you use them on Unix workstations of the day which wouldn't work with a drive with a 2k sector. You had to cut a[n obvious] trace on the PCB. This meant I could use them on my 4/260 or my SLC. Of course they were SCSI drives.

    • It was a good call.

  • I think for most people that have a smart vacuum, the far easier attack would be to hack their existing Echo/GoogleHome/AppleHomePod to use as a microphone.

    • Or as TFS says, attack their phone. The summary is outstanding for pointing this out. So many articles omit any sense of greater perspective these days. I remember when that was an essential part of journalism...or am I just getting old and imagining things?

  • Is this something other than a roomba type robot vacuum device? I had never heard the term used before.
    • "Smart" is a euphemism for "connected"
      • In the case of vacuums it's actually a euphemism for "robot[ic]".

        There's no need for them to be connected, although many of them are anyway. It's not a big chore to look at a light to see if the bin needs emptying.

  • I know! There's an app for that (or there will be!)
  • hell does a vacuum need to be "smart" or connected to the Internet. Google, Amazon, and Facebook don't need any help in making it suck further! Seriously, a "smart" vacuum. LOL
    • hell does a vacuum need to be "smart" or connected to the Internet. Google, Amazon, and Facebook don't need any help in making it suck further! Seriously, a "smart" vacuum. LOL

      I don't know about connected vacuums that are microphones but I definitely know of quite a few pod cast connected microphones that really suck. The Amazon is awash with cheap microphones that suck. So why waste your money on a vacuum cleaner when you can get a real microphone that sucks even more dirt cheap? If you put a swiffer duster refill on them as a wind sock they work really well cleaning up dirt off the floor, that is about all they are good for. With cheap usb ones like this, [amazon.com] converting them into

    • Connectivity is nice so you can tie it into a home automation system. It shouldn't need to be connected to the Internet though.
  • What is this fascination with "smart" appliances? Fridge? I can see the point in it alerting you that the temperature is above what it should be, whether it be due to an open door, or you're on vacation and your frozen meat melts and then refreezes, and shit like that which can kill you, or make you very sick.

    But a vacuum cleaner? Really? I mean my vacuum cleaner isn't even plugged in most of the time. What is it gonna do? Remind you that you haven't vacuumed for 2 weeks? Or that it thinks it sucked

  • by Burdell ( 228580 ) on Thursday November 19, 2020 @08:36PM (#60745254)

    This falls more into the category of "neat hack", with the original meaning of "hack" (more like "repurposing a thing to do something the designer never intended") than "crack".

  • Smart devices (Score:5, Interesting)

    by jenningsthecat ( 1525947 ) on Thursday November 19, 2020 @08:46PM (#60745270)

    are generally allowed to connect to the Internet only when they're operated by dumb people. I'm constantly amazed by the droves of people who pay lots of money for devices that can spy on them, can be bricked at will by manufacturers, can be easily hacked, and can become paperweights when the provider gets tired of maintaining the cloud infrastructure.

    As far as the corporatocracy is concerned, rental is the new ownership, and what we used to know as ownership is approaching extinction. And all these fucktards who keep buying this crap are putting the noose around their own necks. Unfortunately, they're to some extent putting it around our necks as well.

    The next time you hear somebody singing the praises of what currently passes for capitalism while they damn the evils of collectivism, just point out how collectivist our lot as consumers currently is and listen to them stammer. Individualism doesn't count for much when individuals are herded into the same sinking boats that the sheeple are happily boarding.

    • "allowed to connect to the Internet only when they're operated by dumb people"

      Or if they are left powered on long enough to crack the neighbors wifi password.

  • In a vacuum (Score:5, Funny)

    by Drishmung ( 458368 ) on Thursday November 19, 2020 @09:00PM (#60745306)
    I thought sound didn't propagate in a vacuum...

    (I'm sorry, I'll get my coat)

  • Back in the 70s, I think it was, someone figured out how to listen to voices in a room by bouncing a laser off the window.

    Hal reading lips was doing it the hard way.

  • But academics said the technique could also be used to identify speakers based on gender ...

    My speakers are self built and have no gender. Now please take your wokeness and get off my lawn!

  • We will only have to worry if the Internet becomes conscience and it becomes the one doing the snooping.
  • The LidarPhone attack is merely novel academic research that can be used to bolster the security and design of future smart vacuum robots.

    James Bond would beg to differ.

  • Many autonomous cars depend on LIDAR to get a 3D map of the surroundings. I know that most of them most likely already have a microphone built in, but with this approach parked cars could also eavesdrop on the outside. They have a huge battery and an uplink to the manufacturer's server. What could go wrong?

  • It's doubtful that any additional data on people's political orientation is going to matter, especially when this data has been gathered through a hacked LiDAR sensor.

    People do voice their political orientation in polls and by voting. And if it needs to be any louder then people can be found at rallies or demonstrating on the streets. One doesn't first need to spy on people using their vacuums to find out what they're political orientation is.

    The data that gets gathered ahead of elections is also always hea

If all else fails, lower your standards.

Working...