A curious engineer discovered that his iLife A11 smart vacuum cleaner was “killed” remotely after it blocked sending data to the manufacturer’s servers. By reverse engineering it with custom hardware and Python scripts, he managed to revive the device to work completely offline. Tom Hardware reports: An engineer was curious about how his iLife A11 smart vacuum cleaner worked and monitored the network traffic coming from the device. That’s when he realized he was constantly sending logs and telemetry data to the manufacturer, something he hadn’t consented to. The user, Harishankardecided to block the IP addresses of the telemetry servers on its network, keeping the firmware and OTA servers open. While his smart device worked for a while, shortly afterward it refused to turn on. After a long investigation, he discovered that a remote shutdown command had been issued to his device.
Sent it to the service center several times, where the technicians would turn it on and see nothing wrong with the vacuum. When it was returned, it worked for a few days and then wouldn’t start again. After several rounds of back and forth, the service center probably got fed up and simply stopped accepting it, saying it was out of warranty. Because of this, he decided to take it apart to determine what killed it and see if he could get it working again. […] So why did the A11 work at the service center but refuse to work at home? Technicians would reset the smart vacuum cleaner’s firmware, thus removing the kill code, and then connect it to an open network, making it work normally. But once he connected back to the network that had its telemetry servers blocked, he was blocked remotely because he couldn’t communicate with the manufacturer’s servers. Since it blocked the device’s data collection capabilities, its manufacturer decided to remove it completely.
“Someone, or something, had remotely issued a kill order,” says Harishankar. “Whether it was intentional punishment or automatic enforcement of ‘compliance,’ the result was the same: a consumer device had turned against its owner.” In the end, the owner was able to run his vacuum completely locally without the manufacturer’s control after all the adjustments he made. This helped him regain control of his data and use his $300 smart device with software on his own terms. As for the rest of us who don’t have the technical knowledge or time to follow their achievements, their advice is to “never use your primary WiFi network for IoT devices” and “treat them like strangers in your home.”
