PhinMak - Slashdot User

Manufacturer Remotely Bricks Smart Vacuum After Its Owner Blocked It From Collecting Data (tomshardware.com) 123

Posted by EditorDavid on Sunday November 02, 2025 @09:34PM from the sucking-dirt-and-data dept.

"An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device," writes Tom's Hardware.

"That's when he noticed it was constantly sending logs and telemetry data to the manufacturer — something he hadn't consented to." The user, Harishankar, decided to block the telemetry servers' IP addresses on his network, while keeping the firmware and OTA servers open. While his smart gadget worked for a while, it just refused to turn on soon after... He sent it to the service center multiple times, wherein the technicians would turn it on and see nothing wrong with the vacuum. When they returned it to him, it would work for a few days and then fail to boot again... [H]e decided to disassemble the thing to determine what killed it and to see if he could get it working again...

[He discovered] a GD32F103 microcontroller to manage its plethora of sensors, including Lidar, gyroscopes, and encoders. He created PCB connectors and wrote Python scripts to control them with a computer, presumably to test each piece individually and identify what went wrong. From there, he built a Raspberry Pi joystick to manually drive the vacuum, proving that there was nothing wrong with the hardware. From this, he looked at its software and operating system, and that's where he discovered the dark truth: his smart vacuum was a security nightmare and a black hole for his personal data.

First of all, it's Android Debug Bridge, which gives him full root access to the vacuum, wasn't protected by any kind of password or encryption. The manufacturer added a makeshift security protocol by omitting a crucial file, which caused it to disconnect soon after booting, but Harishankar easily bypassed it. He then discovered that it used Google Cartographer to build a live 3D map of his home. This isn't unusual, by far. After all, it's a smart vacuum, and it needs that data to navigate around his home. However, the concerning thing is that it was sending off all this data to the manufacturer's server. It makes sense for the device to send this data to the manufacturer, as its onboard SoC is nowhere near powerful enough to process all that data. However, it seems that iLife did not clear this with its customers.

Furthermore, the engineer made one disturbing discovery — deep in the logs of his non-functioning smart vacuum, he found a command with a timestamp that matched exactly the time the gadget stopped working. This was clearly a kill command, and after he reversed it and rebooted the appliance, it roared back to life.
Thanks to long-time Slashdot reader registrations_suck for sharing the article.

New Large Coral Reef Discovered Off Naples Containing Rare Ancient Corals (independent.co.uk) 13

Posted by EditorDavid on Saturday October 11, 2025 @09:37PM from the reefer-gladness dept.

Off the southwest cost of Italy, a remotely operated submarine made "a significant and rare discovery," reports the Independent — a vast white coral reef that was 80 metres tall (262 feet) and 2 metres wide (6.56 feet) "containing important species and fossil traces." Often dubbed the "rainforests of the sea", coral reefs are of immense scientific interest due to their status as some of the planet's richest marine ecosystems, harbouring millions of species. They play a crucial role in sustaining marine life but are currently under considerable threat...

hese impressive formations are composed of deep-water hard corals, commonly referred to as "white corals" because of their lack of colour, specifically identified as Lophelia pertusa and Madrepora oculata species. The reef also contains black corals, solitary corals, sponges, and other ecologically important species, as well as fossil traces of oysters and ancient corals, the Italian Research Council said. It called them "true geological testimonies of a distant past."

Mission leader Giorgio Castellan said the finding was "exceptional for Italian seas: bioconstructions of this kind, and of such magnitude, had never been observed in the Dohrn Canyon, and are rarely seen elsewhere in our Mediterranean". The discovery will help scientists understand the ecological role of deep coral habitats and their distribution, especially in the context of conservation and restoration efforts, he added.
The undersea research was funded by the EU.

Thanks to davidone (Slashdot reader #12,252) for sharing the article.

The Toughest Programming Question for High School Students on This Year's CS Exam: Arrays 65

Posted by EditorDavid on Sunday August 03, 2025 @01:38PM from the are-you-smarter-than-a-12th-grader dept.

America's nonprofit College Board lets high school students take college-level classes — including a computer programming course that culminates with a 90-minute test. But students did better on questions about If-Then statements than they did on questions about arrays, according to the head of the program. Long-time Slashdot reader theodp explains: Students exhibited "strong performance on primitive types, Boolean expressions, and If statements; 44% of students earned 7-8 of these 8 points," says program head Trevor Packard. But students were challenged by "questions on Arrays, ArrayLists, and 2D Arrays; 17% of students earned 11-12 of these 12 points."

"The most challenging AP Computer Science A free-response question was #4, the 2D array number puzzle; 19% of students earned 8-9 of the 9 points possible."
You can see that question here. ("You will write the constructor and one method of the SumOrSameGame class... Array elements are initialized with random integers between 1 and 9, inclusive, each with an equal chance of being assigned to each element of puzzle...") Although to be fair, it was the last question on the test — appearing on page 16 — so maybe some students just didn't get to it.

theodp shares a sample Java solution and one in Excel VBA solution (which includes a visual presentation).

There's tests in 38 subjects — but CS and Statistics are the subjects where the highest number of students earned the test's lowest-possible score (1 out of 5). That end of the graph also includes notoriously difficult subjects like Latin, Japanese Language, and Physics.

There's also a table showing scores for the last 23 years, with fewer than 67% of students achieving a passing grade (3+) for the first 11 years. But in 2013 and 2017, more than 67% of students achieved that passsing grade, and the percentage has stayed above that line ever since (except for 2021), vascillating between 67% and 70.4%.

2018: 67.8%
2019: 69.6%
2020: 70.4%
2021: 65.1%
2022: 67.6%
2023: 68.0%
2024: 67.2%
2025: 67.0%

Comment Re: So adjusting for (Score 0, Offtopic) 124

by ScentCone on Sunday July 13, 2025 @08:41AM (#65517086) Attached to: DC's 'Brighter' Superman Movie Smashes Box Office Expectations

Despite very credible allegations, Biden was never convicted of raping raping Tara Reade. And his daughter's recollections of him inappropriately showering with her outlasted any statute of limitations. But I see where you're going, there. The rest is a good fit, right down to the weaponized government, for sure. The plot twist is that the real kingpins are behind the scenes, using him as a puppet. It's good villain story line material fresh from real life.

Class Action Accuses Toyota of Illegally Sharing Drivers' Data (insurancejournal.com) 51

Posted by EditorDavid on Monday May 05, 2025 @02:34AM from the you'll-never-drive-alone dept.

"A federal class action lawsuit filed this week in Texas accused Toyota and an affiliated telematics aggregator of unlawfully collecting drivers' information and then selling that data to Progressive," reports Insurance Journal: The lawsuit alleges that Toyota and Connected Analytic Services (CAS) collected vast amounts of vehicle data, including location, speed, direction, braking and swerving/cornering events, and then shared that information with Progressive's Snapshot data sharing program. The class action seeks an award of damages, including actual, nominal, consequential damages, and punitive, and an order prohibiting further collection of drivers' location and vehicle data.
Florida man Philip Siefke had bought a new Toyota RAV4 XLE in 2021 "equipped with a telematics device that can track and collect driving data," according to the article. But when he tried to sign up for insurance from Progressive, "a background pop-up window appeared, notifying Siefke that Progressive was already in possession of his driving data, the lawsuit says. A Progressive customer service representative explained to Siefke over the phone that the carrier had obtained his driving data from tracking technology installed in his RAV4." (Toyota told him later he'd unknowingly signed up for a "trial" of the data sharing, and had failed to opt out.) The lawsuit alleges Toyota never provided Siefke with any sort of notice that the car manufacture would share his driving data with third parties... The lawsuit says class members suffered actual injury from having their driving data collected and sold to third parties including, but not limited to, damage to and diminution in the value of their driving data, violation of their privacy rights, [and] the likelihood of future theft of their driving data.
The telemetry device "can reportedly gather information about location, fuel levels, the odometer, speed, tire pressure, window status, and seatbelt status," notes CarScoop.com. "In January, Texas Attorney General Ken Paxton started an investigation into Toyota, Ford, Hyundai, and FCA..." According to plaintiff Philip Siefke from Eagle Lake, Florida, Toyota, Progressive, and Connected Analytic Services collect data that can contribute to a "potential discount" on the auto insurance of owners. However, it can also cause insurance premiums to be jacked up.
The plaintiff's lawyer issued a press release: Despite Toyota claiming it does not share data without the express consent of customers, Toyota may have unknowingly signed up customers for "trials" of sharing customer driving data without providing any sort of notice to them. Moreover, according to the lawsuit, Toyota represented through its app that it was not collecting customer data even though it was, in fact, gathering and selling customer information. We are actively investigating whether Toyota, CAS, or related entities may have violated state and federal laws by selling this highly sensitive data without adequate disclosure or consent...

If you purchased a Toyota vehicle and have since seen your auto insurance rates increase (or been denied coverage), or have reason to believe your driving data has been sold, please contact us today or visit our website at classactionlawyers.com/toyota-tracking.
On his YouTube channel, consumer protection attorney Steve Lehto shared a related experience he had — before realizing he wasn't alone. "I've heard that story from so many people who said 'Yeah, I I bought a brand new car and the salesman was showing me how to set everything up, and during the setup process he clicked Yes on something.' Who knows what you just clicked on?!"

Thanks to long-time Slashdot reader sinij for sharing the news.

Comment Re:In other news... (Score 0) 84

by ScentCone on Sunday March 23, 2025 @02:13PM (#65254289) Attached to: NASA Considers Eliminating Its Headquarters in Washington D.C.

And, arguably, the current crisis at Tesla is because Musk is playing President rather than being "out on the factory floor".

The "current crisis" is manufactured and amplified externally. Nobody is doxxing Tesla owners with maps using Molotov cocktails as map cursors or burning lots full of vehicles in for service in some way that is a function of whether Musk is personally present on the factory floor vs doing something else he thinks is vital to our economic survival. All of it is ginned up hate based on the politics surrounding the pruning of vast left slush funds and debt-funded waste that has to go away. That's an entire industry with vested interests, and acting against it certainly brings out the coordinated hate, attacks on stock value, media smearing, and of course thousands of people who now say he's a nazi though they can't actually articulate why they think that.

No, him being "on the factory floor" or off it doesn't precipitate some "current crisis," except in the sense that entrenched interests currently having their oxen gored by drying up things like the NGO money laundering industry are doing their best to try to wreck the company to make a point.

Comment Re:"jUsT" (Score 1) 72

by ScentCone on Monday March 03, 2025 @01:42PM (#65207693) Attached to: Blender-Rendered Movie 'Flow' Wins Oscar for Best Animated Feature, Beating Pixar

It cost 3.7 million. There should be no just here. Okay that's like a tenth or less than what usually is spent but still.

So the people who made it should have been earning minimum wage, is that your point? Spread that dollar amount across five and half yeads and even modest team of people and their overhead, and they're making middle five figures after taxes. Is that a lot, to you?

Comment Re:"jUsT" (Score 1) 72

by ScentCone on Monday March 03, 2025 @09:21AM (#65206803) Attached to: Blender-Rendered Movie 'Flow' Wins Oscar for Best Animated Feature, Beating Pixar

Just 3.7 million. Just. lol.

It took five and a half years to make it. So, in perhaps over-simplified terms, that's ~$670k year working on it. Let's say you had six people working on the project, and had NO overhead at all beyond their personal income while making it. That's roughly $100k per person before they paid taxes, which is either pretty good or not very good at all, depending on where you live and how. But one supposes they also had some overhead. This wasn't done on their kids' laptops at night. There was music to compose, audio to record and design, and a lot more.

So, yeah. "Just" 3.7M is a fair characterization.

Comment Re:Starlink? No thanks. (Score -1, Troll) 211

by ScentCone on Monday February 10, 2025 @12:34AM (#65154645) Attached to: Free 'T-Mobile Starlink' for Six Months Announced During Super Bowl. Also Available to Verizon and AT&T Customers

Elon Musk, defacto member of a fascist government.

No, we just voted the tyrannical little statists out of office. And the people you're now laughably calling Fascists are busy exposing and tearing down the very tools that an actual Fascist government would (and did) use. Fascists don't cut off the cash supply to money-laundering NGOs that are making their pet politicians richer and more personally powerful. Fascists don't work to shut down the mechanisms by which the government can censor your social media use. Your case of projection is pretty impressive.

You know what Fascists do? They try to hide the money movement that keeps their circle of power functioning. Our little lefty statists are busy shrieking that the lead of the executive branch shouldn't be allowed to see the records showing where the executive branch has been writing checks. Gee, what would they be hiding? Their little circle of industrial-scale grift and waste and abuse is getting exposed, and they're furious about it. And here you are having their backs. Pretty ugly. Do you live off of dubious international grant kickbacks or something?

DeepSeek IOS App Sends Data Unencrypted To ByteDance-Controlled Servers (arstechnica.com) 68

Posted by EditorDavid on Saturday February 08, 2025 @01:34PM from the you-hear-that-mr-anderson dept.

An anonymous Slashdot reader quotes a new article from Ars Technica: On Thursday, mobile security company NowSecure reported that [DeepSeek] sends sensitive data over unencrypted channels, making the data readable to anyone who can monitor the traffic. More sophisticated attackers could also tamper with the data while it's in transit. Apple strongly encourages iPhone and iPad developers to enforce encryption of data sent over the wire using ATS (App Transport Security). For unknown reasons, that protection is globally disabled in the app, NowSecure said. What's more, the data is sent to servers that are controlled by ByteDance, the Chinese company that owns TikTok...

[DeepSeek] is "not equipped or willing to provide basic security protections of your data and identity," NowSecure co-founder Andrew Hoog told Ars. "There are fundamental security practices that are not being observed, either intentionally or unintentionally. In the end, it puts your and your company's data and identity at risk...." This data, along with a mix of other encrypted information, is sent to DeepSeek over infrastructure provided by Volcengine a cloud platform developed by ByteDance. While the IP address the app connects to geo-locates to the US and is owned by US-based telecom Level 3 Communications, the DeepSeek privacy policy makes clear that the company "store[s] the data we collect in secure servers located in the People's Republic of China...."

US lawmakers began pushing to immediately ban DeepSeek from all government devices, citing national security concerns that the Chinese Communist Party may have built a backdoor into the service to access Americans' sensitive private data. If passed, DeepSeek could be banned within 60 days.

Hydroxychloroquine-Promoting COVID Study Retracted After 4 Years (nature.com) 110

Posted by EditorDavid on Saturday December 21, 2024 @01:34PM from the following-the-science dept.

Nature magazine reports that "A study that stoked enthusiasm for the now-disproven idea that a cheap malaria drug can treat COVID-19 has been retracted — more than four-and-a-half years after it was published." Researchers had critiqued the controversial paper many times, raising concerns about its data quality and an unclear ethics-approval process. Its eventual withdrawal, on the grounds of concerns over ethical approval and doubts about the conduct of the research, marks the 28th retraction for co-author Didier Raoult, a French microbiologist, formerly at Marseille's Hospital-University Institute Mediterranean Infection (IHU), who shot to global prominence in the pandemic. French investigations found that he and the IHU had violated ethics-approval protocols in numerous studies, and Raoult has now retired.

The paper, which has received almost 3,400 citations according to the Web of Science database, is the highest-cited paper on COVID-19 to be retracted, and the second-most-cited retracted paper of any kind....

Because it contributed so much to the HCQ hype, "the most important unintended effect of this study was to partially side-track and slow down the development of anti-COVID-19 drugs at a time when the need for effective treatments was critical", says Ole Søgaard, an infectious-disease physician at Aarhus University Hospital in Denmark, who was not involved with the work or its critiques. "The study was clearly hastily conducted and did not adhere to common scientific and ethical standards...."

Three of the study's co-authors had asked to have their names removed from the paper, saying they had doubts about its methods, the retraction notice said.
Nature includes this quote from a scientific-integrity consultant in San Francisco, California. "This paper should never have been published — or it should have been retracted immediately after its publication."

"The report caught the eye of the celebrity doctor Mehmet Oz," the Atlantic reported in April of 2020 (also noting that co-author Raoult "has made news in recent years as a pan-disciplinary provocateur; he has questioned climate change and Darwinian evolution...")

And Nature points out that while the study claimed good results for the 20 patients treated with HCQ, six more HCQ-treated people in the study actually dropped out before it was finished. And of those six people, one died, while three more "were transferred to an intensive-care unit."

Thanks to Slashdot reader backslashdot for sharing the news.

Australia Struggling With Oversupply of Solar Power (abc.net.au) 203

Posted by msmash on Tuesday December 03, 2024 @03:32AM from the like-tears-in-the-rain dept.

Mirnotoriety writes: Amid the growing warmth and increasingly volatile weather of an approaching summer, Australia passed a remarkable milestone this week. The number of homes and businesses with a solar installation clicked past 4 million -- barely 20 years since there was practically none anywhere in the country. It is a love affair that shows few signs of stopping.

And it's a technology that is having ever greater effects, not just on the bills of its household users but on the very energy system itself. At no time of the year is that effect more obvious than spring, when solar output soars as the days grow longer and sunnier but demand remains subdued as mild temperatures mean people leave their air conditioners switched off.

Such has been the extraordinary production of solar in Australia this spring, the entire state of South Australia has -- at various times -- met all of its electricity needs from the technology.

[...] [T]here is, at times, too much solar power in Australia's electricity systems to handle.

Comment Re:Seems only the hate-mongers will remain on Twit (Score -1, Troll) 86

by ScentCone on Saturday November 30, 2024 @02:46PM (#64981715) Attached to: Threads Adds 35 Million More Members in November - But Bluesky's Traffic is Surging

Difficult to have open conversations with bots, russian psyops, and actual Nazi's, along with actual sexist people ("Your body, my choice", isn't something we can really have an open conversation about).

Yes, Twitter was much better when someone in the Biden administration could write an email to a partisan activist working there and get people perma-banned for expressing doubt that Biden was handling things well. The good ol' days, right? Or are you just mad that now there are Community Notes calling the lying left out on the propaganda BS they used to choke Twitter with, and had Twitter staff available to ban anyone who called them out on it? Yeah, that must be frustrating for you.

There's disagreements and there's "You don't have any right to exist" and "Status quo is just fine, just shutup and tolerate being denigrated as subhuman for merely EXISTING, without any action

Every single bit of shrill shriekery I hear that comes anywhere close to that on my X feed comes from the wanna-be tyrants on the left who crave the power to silence other people rather than counter things they don't want to hear with better thoughts of their own. Your own absurd ad hominem right here in this post is a great example of the craven screaming. I'm sure you liked that the Democrats - who called people deplorable garbage - used to be able to silence anyone who pointed out their duplicity and corruption.

I imagine you will be arguing people should be having open conversations on who will be rounded up and put into concentration camps?

Yes, when prominent Democrats talk out loud about sending people away for reprogramming, it's nice indeed to be able to speak out loud about it. Obviously, you'd prefer that people talking about that and sharing videos of people like Clinton saying it were silenced, just the way those prominent Democrats like it. Someone pointed out their creepy policy wishes? Cancel them! Just they way YOU'D like it, right?

Or perhaps open conversations on how much fraud should be permitted because of how wealthy someone is?

Yes, when the Biden family rakes in millions of dollars from China and Russia and spreads it around the in-laws and the kids and dodges taxes on it while visibly selling federal policy actions, or the DNC launders millions of dollars in foreign money through Act Blue to try to buy Harris a presidency, or Nancy Pelosi becomes worth untold millions through blatant insider trading, it's nice to be able to talk about it instead of being silenced. I know, you'd prefer such conversations were silences, like in the good ol' days when Twitter had federal agents with offices in their HQ, ready to Orwell for you.

Or perhaps open conversations on how many deaths are acceptable in the pursuit of right wing ideals?

What are you talking about? Tens of thousands of deaths from fentanyl, crime, and human trafficking over the border deliberately opened wide by Biden's handlers? Untold thousands dead in wars that broke out only once his handlers signaled weakness and wars broke out on his watch? Yes, it's nice to be able to have open conversations about all of those lives lost, instead of such speech being muzzled by people like you, and those you obey.

Comment Re:Rocket people have different standards to the r (Score 1) 50

by ScentCone on Tuesday September 24, 2024 @11:13AM (#64813171) Attached to: Deep Blue Aerospace Hop Test Suffers Anomaly Moments Before Landing

You think SpaceX faked videos of their failures?

I assume you have some evidence for this extraordinary claim.

What a ridiculous take on what he said. His point isn't that SpaceX faked anything, it's that China's quest for street cred in their scramble to catch up means making it look like they're hip, and honest, and open about their process (in, of course - it being China - the most controlled and dishonest way imaginable). Right up to and including faking R&D mishaps to show how hard they're working.

Anyone even remotely connected to contemporary image making can see that's obviously CGI. Looks like something straight out of DCS or the like. No chance that's real. Might be based on actual telemetry, but it's deep, deep down in the Uncanny Valley, and any reasonably worldly person can see that in an instant. Their motivation for showing the the challenges of developing such a program - including faking something like this to perhaps skew perceptions of how far along they actually are - are up for debate and academic. The footage is plainly fake.

Comment Synology DS3617xs w/ 10Gbe network adapter (Score 1) 135

by naibas on Saturday August 17, 2024 @04:10PM (#64714320) Attached to: Ask Slashdot: What Network-Attached Storage Setup Do You Use?

Standard disclaimer: make sure to follow a 3-2-1 backup strategy to protect data you care about!

I'm a big fan of Synology, as they prioritize reliable, quiet, power-efficient hardware that is easy to leave on 24/7 in a home.

Additionally, I love their software, and find Synology Drive to be great at syncing folders across multiple devices and operating systems (ala dropbox), and Hyper Backup to be a great way to do nightly offsite backups with a Time Machine style history of changes over time.

And under the hood it is just running Linux/mdadm, so I expect data recovery is possible to do on any linux machine with enough SATA ports, although I haven't tried it.

Slashdot Top Deals