After the recent issues with Eufy/Anker. Anker’s Eufy admits unencrypted videos could be accessed, plans overhaul | Ars Technica
I was wondering, where are Wyze Robot Vacuum’s camera videos stored?
Also, why don’t we have access to view these videos in the app?
Are there even visible cameras on the vac? I would assume proximity sensors rather than cameras.
As far as I know, there are no cameras on the Wyze robovac. They use Lidar, proximity sensors, and bumper guards when mapping.
This is why it cannot avoid things like wires.
Yeah, turns out what I thought was a “camera” on the front is just a sensor for detecting the base station. As depicted in the design diagram. I think Wyze should add this information more clearly to the product page.
I did some further research, found this https://foundation.mozilla.org/en/privacynotincluded/wyze-robot-vacuum/#:~:text=This%20robot%20vacuum%20from%20Wyze,than%20cameras%20in%20your%20home.
I wonder if the lidar data is stored? Or if this would have to be intercepted in real-time. Specifically, around the audio data.
The raw LIDAR data is not stored. It does create the map, however.
The LIDAR data is interpreted by the Vac and translated into a 2D map. The map is stored on the Vac and on the Wyze server. While cleaning, the LIDAR data is again interpreted and translated by the Vac each time and compared to the stored map for variations. It is only uploaded and saved as an updated 2D map if confirmed by the user.
The modification and use of the LIDAR as a modified Laser Microphone Listening Device thru a firmware hack on a Vac installed to a secured network would require a brute force direct access attack thru your network security and into your Wyze account thru your credentials and two factor authentication. The proof of concept in executing this hack was performed by the University of Maryland in a lab environment with direct access to the hardware, firmware and LIDAR metadata being produced by the Vac in real time, not thru a network hack of transmitted data. Also, the LIDAR metadata was used in it’s raw form and passed through deep learning algorithms on external computers from within the same network to render the produced audio stream.