Menu Close

Robot Vacuums Suck Up Private Audio in ‘Lidar Phone’ Hack – Really!

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Suspend your incredulity – this is not fake news!

We have all heard of circulating stories (true or otherwise) of networks betrayed by a remote kettle, but now a new IoT danger needs addressing!

Researchers have unveiled an attack that allows attackers to eavesdrop on homeowners inside their homes, through the LiDAR sensors on their robot vacuums.


The vacuums, which utilise smart sensors in order to autonomously operate, have gained popularity in recent years. This writer was amazed when one was demonstrated to him at a friend’s house, some years ago.

The attack, called “Lidar Phone” by researchers, in particular targets vacuums with LiDAR sensors, as the name suggests. LiDAR, which stands for Light Detection & Ranging, is a remote sensing method that uses light in the form of a pulsed laser to measure distances to or from nearby objects.

The technology helps vacuums navigate around obstacles on the floor while they clean.

Local Network

The good news is that the attack is complicated: Attackers would need to have already compromised the device itself (in their attack, researchers utilised a previously discovered attack on the vacuum cleaners). Also, attackers would need to be on the victim’s local network to launch the attack.

“We develop a system to re-purpose the LiDAR sensor to sense acoustic signals in the environment, remotely harvest the data from the cloud & process the raw signal to extract information. We call this eavesdropping system Lidar Phone,” commented the team of researchers from the University of Maryland, College Park & the National University of Singapore, in Wed. research.

Xiaomi Roborock

The idea is to remotely access the vacuum cleaner’s LiDAR readings, & analyse the sound signals collected. This would let an attacker to listen in on private conversations, explained researchers, which could reveal their credit-card data or deliver potentially incriminating information that could be used for blackmail.

Researchers were able to Lidar Phone on a Xiaomi Roborock vacuum cleaning robot as a proof of concept (PoC). 1st, they reverse-engineered the ARM Cortex-M based firmware of the robot.

They then used an issue in the Dustcloud software stack, which is a proxy or endpoint server for devices, in order to gain root access to the system. That’s an attack based on prior research released at DEFCON 26 in 2018.

Valetudo Software

“The robot is typically connected to the Xiaomi cloud ecosystem for its standard operations and data exchange,” outlined researchers. “We override this interface with the Valetudo software stack on the rooted device and control the robot over a local network.”

Then, researchers collected both spoken digits – along with music played by a computer speaker & a TV sound bar – totalling more than 30,000 utterances over 19 hours of recorded audio. They claimed that Lidar Phone achieves approximately 91% & 90% average accuracies of digit and music classifications, respectively.


For example, researchers were able to detect different sounds around the household – from a cloth rug, to the trash, to various intro music sequences for popular US news channels on TV like FOX, CNN & PBS – even predicting the gender of those who were talking.

However, various setbacks still exist with the attack. For instance, several conditions in the household could render an attack less effective.

Also, the distance away from the vacuum cleaner, & volume, of different noises has an impact on the overall effectiveness. Background noise levels & lighting conditions also have an impact on the attack.

Hardware Interlock

Researchers commented that the attack can be mitigated by reducing the signal-to-noise ratio (SNR) of the LiDAR signal: “This may be possible if the robot vacuum-cleaner LiDARs are manufactured with a hardware interlock, such that its lasers cannot be transmitted below a certain rotation rate, with no option to override this feature in software,” they commented.

Regardless, the attack serves as an important reminder that the proliferation of smart sensing devices in our homes opens up many opportunities for acoustic side-channel attacks on private conversations.

Infrared Rays

“While we investigate LiDAR on robot vacuum cleaners as an exemplary case, our findings may be extended to many other active light sensors, including smartphone time-of-flight [ToF] sensors,” suggested researchers.

ToF cameras use infrared rays that bounce off objects & return to the hardware.

The time that this light takes to leave and then return to the device (the time of flight) allows the camera to sense depth, thus creating a 3D ‘map’ of a space.

Virtual Conference January 2021


More To Explore

Community Area


Home Workouts


spaghetti Bolognese