Posted by toomanyrichies 11/1/2025
I'm reminded of when AWS us-east-1 went down and all the beds made by EightSleep (business model: Juicero for beds) became disabled. EightSleep put all the significant control for their beds in the cloud, doubtless because they couldn't or didn't know how to hire embedded engineers, and the only devs they could find were node.js flunkies who only knew how to do cloud. Looks like the makers of this vacuum did the same thing; they didn't know how or didn't want to build just enough smarts to do the localization and mapping itself, and said "fuck it, we'll do it in the cloud".
Clearly automatic beds have some degree of embedded software. The decision to put the controls in the cloud was certainly a conscious one.
Isn't that the inverse of the Hanlon's razor? But I agree - the Occam's razor says that the inverse Hanlon's razor is most likely the case here.
I don't own a smart vacuum cleaner because the trouble is not worth it to me. However, I can see smart vacuum cleaners being very good for elderly or disabled people, or someone who has very limited free time and could let the robot clean the house on its own while the owner is out. It is really disgusting that scumbag manufacturers are exploiting those people.
You see the same everywhere. Lawnmowers even. A goat is more user friendly.
There's no sane world where it is defensible to remotely brick a device because it can't communicate with a telemetry server.
Just today: Setting up an old smartphone: "Google assistant cannot work on this device." The only choice was "back". Had to search on the internet the solution: do not connect to wi-fi.
If you want to block a device from accessing your servers because it's behaving in an odd way, such as this one that was contacting the update server but not the telemetry server, that's not entirely unreasonable. Sending it a command to modify its software to stop it from operating entirely is outrageous.
Why would a business have the power to decide what should and what shouldn't be homogeneous about the property of others? A transaction took place, property has legally changed hands and the former owner is exerting control over property that isn't theirs any more.
How about if the builder of your house comes into your home via an access route unknown to you, and starts rearranging where things are placed, or where you and your wife are placed, etc. in order to maintain homogeneous layout?
And if you complain he kicks you and your wife out of the house you bought. And if you dare to close off the backdoor he sends you to jail.
I've seen this movie. Only, the twist was that the home was built 100+ years ago and the builder long since dead. The family living in the home currently had to resort to an exorcist.
Edit to say that the sarcasm is direct rebuttal with the preposterous nature of the hypothetical.
One thing that is odd - if he blocked it calling home, it doesn't make sense that the kill code was issued remotely. It makes more sense that there is a line of code internally that kills the machine when it can't call home (which would be far less malicious).
Would it be? Whether the line of code is on the server or the device, what's the difference?
(CFAA charges)
It's funny you think a vacuum automatically bricking itself if you try to prevent its connection to the mothership is at all equivalent to someone choosing to give someone silverware.
How has making up things that other people haven't said been working out for you?
How's that backpedaling working out for you?
The contrast is that the vacuum isn't a sentient being, and so from there, you don't see the device reaching out, vs being told what to do, as being any different. I'm not a judge in overseeing a court case in your jurisdiction though, so no matter how much of a distinction I personally may think there is, is irrelevant.
Also doesn't Apple, Google, & other remove features from people's smartphones after release all the time in the EU?
Google and Apple can change the future set but they do not brick the device which was discussed and it works as advertised at the moment of purchase.
“The notion of goods with digital elements should refer to goods that incorporate or are inter-connected with digital content or a digital service in such a way that the absence of that digital content or digital service would prevent the goods from performing their functions.” — Recital 14, Directive (EU) 2019/771.
What what makes you think it was manual?
> That makes me think that this device was doing something malicous to their servers, enough to trip an alert.
Sounds like a them problem, and not a problem that should affect the consumer (beyond losing functionality directly tied to the server, which bricking of any kind goes far beyond)
The article said that someone from the company logged in to his device and edited a file on it to disable it. Even if it was automatic someone would manually have to write a script to login and edit a file.
I can't find that in the article. Could you quote it?
The closest I got to finding this is:
> The manufacturer added a makeshift security protocol by omitting a crucial file, which caused it to disconnect soon after booting, but Harishankar easily bypassed it.
> deep in the logs of his non-functioning smart vacuum, he found a command with a timestamp that matched exactly the time the gadget stopped working. This was clearly a kill command
> So, why did the A11 work at the service center but refuse to run in his home? The technicians would reset the firmware on the smart vacuum, thus removing the kill code, and then connect it to an open network, making it run normally. But once it connected again to the network that had its telemetry servers blocked, it was bricked remotely because it couldn’t communicate with the manufacturer’s servers.
Which to me reads 'automatic script on the server tells device to delete file and reboot, causing it to brick', using the same kind of mechanism that an automatic firmware update would use, not 'human at company logs into device and tells it to brick'.