Security Risks of Household Robots

Posted 8 Oct 2009 at 21:13 UTC by steve

Tamara Denning and other researchers at the University of Washington have released a paper on the privacy and security risks of household robots, titled "A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons" (PDF format). Under the assumption that future homes will be populated with numerous commercially designed household robots, the researchers examined the security of the three currently available robots: The WowWee Rovio, the Erector Spykee, and the WowWee RoboSapien v2. What did they find?

Our experiments uncovered a number of vulnerabilities — some of which we deem to be quite serious, such as the possibility of an attacker compromising a Rovio or a Spykee and leveraging the built-in video camera to spy on a child in her bedroom

In addition to SSIDs and other leaked information over home WiFi networks, the researchers found that the Spykee, the least secure of the robots, is susceptible to Man-In-The-Middle (MITM) attacks and makes remote connections to the spykeeworld.com server in some configurations. The research use their findings to develop a set of questions designed to promote more secure household robots that will preserve their human's privacy. As an aside the research hit the usual problem of finding no adequate definition of the word robot. They choose to define it as "a cyber-physical system with sensors, actuators, and mobility".