— It’s been a long day at the office and all you want to do is grab a cold one and plop down in front of the TV. But just as you’re getting comfy, you notice something odd on the floor in front of you. It’s a message spelled out in your son’s Legos, only he’s not quite old enough to spell. And if he were, he certainly wouldn’t write “DIE!” on the living room floor in colorful plastic bricks.
Who would? According to researchers at the University of Washington, it might just be your household robot — or rather, whoever’s at its controls.
In a study presented at the recent International Conference on Ubiquitous Computing, researchers in the computer science and engineering department envisioned a handful of scenarios consumers could potentially encounter with various household robots, including psychological attacks (such as the one above), robot vandalism and robot spying.
“Robots may look like toys or appliances but they’re not,” says Tamara Denning, a doctoral student at the University of Washington and lead author of the study, A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons.
“They’re little computers and in some cases, little mobile computers with webcams. They have eyes and ears and hands and some can be controlled remotely. People should be aware that there may be flaws. It’s the same old idea of hackers and vulnerability, just in a new area.”
A growing industry
Household robots that perform chores, provide entertainment and monitor home security have become increasingly prevalent over the last few years.
The iRobot Corp., which manufactures Roomba (a vacuuming robot), Scooba (a floor washer) and a handful of other household chore robots, has sold more than 4 million home robots worldwide since 2002. According to a recently released earnings report, its international home robot revenue for the third quarter of 2009 increased 55 percent from the third quarter of 2008.
And in a report this week, ABI Research said this year the personal robotics market will reach $1.16 billion globally, and forecasts the market will more than quadruple by 2015, when worldwide shipments will be $5.26 billion.
“If you search for robots on Amazon.com, you’ll come up with a whole range of hits,” says Denning of the growing trend in household robotics. “There are robots that do chores, robots that mow your lawn. There are mobile webcam robots and a whole range of toys for children or hobbyists. In five years, we’ll have even more robots at home.”
But as more and more people open their homes to robots, could they also be opening their homes to robot hackers?
According to Denning, the answer could be yes.
“We’re not trying to give people ideas or scare them, but we are trying to raise awareness,” she says. “It’s very similar to computer security, the way that users of desktop computers have to worry about spam and malware (malicious software).
“One possible trajectory is that people will have to think about security with their home robots, as well. We want them to think about it now, though, before more robots come into the home.”
I spy, robot
In the study, Denning and her colleagues looked at three household robots currently on the market — a mobile webcam robot used for home surveillance, a remote-controlled robot equipped with a camera for either kids or adults, and a toy “spy” robot for kids — to determine if they could be misused.
As it turned out, the robots all had the potential to be compromised — sometimes in ways that conjured up old episodes of “The Twilight Zone.”
“The main concern was in terms of threats to the owners’ privacy, such as spying and eavesdropping,” says Denning. “Someone could log into the robot remotely and then they could drive the robot around the home and look and listen. It’s similar to the concern in the past about nanny cams being accessible over the Internet. Potentially, the robots could ‘hear’ conversations and view the residents of the home. They could be used by identity thieves.”
Acts of robot vandalism were another possible scenario envisioned by researchers.
According to the study, a remotely controlled robot could be used to damage fragile objects (such as pushing them down a flight of stairs) or toss valuable items into the trash or the toilet. It could knock a bowl of grapes off the coffee table, presenting a choking hazard for a small child or even, under the control of an outsider, commit “robot suicide,” throwing itself down a flight of stairs or off a balcony.
Other scenarios include psychological attacks, in which a robot under the control of an attacker (such as the “mean kid down the block”) could hijack the audio capabilities of a toy robot to cause distress to a child, or use the robot to “arrange objects on the floor into a threatening or offensive symbol.”
Even pets could be at risk, according to researchers, should a malicious individual choose to use a robot to “chase the family dog during the day when the homeowner is away.”
“We’re not saying that people are doing this now and we don’t know if they’ll do it in the future but since it’s a possibility, we think consumers and manufacturers should be aware and take precautions,” says Denning.
“It has the potential to be very creepy.”
Geeks and gadgets
Donna Souza, a 49-year-old business manager from Plymouth, Mass., says the idea of someone remotely controlling a household robot does seem a little creepy. Although it doesn’t seem that farfetched.
“I’m sure it’s possible down the line,” she says. “That can already happen with your remote control on your garage door or with your computer. Whenever a new technology comes out, you have to think about how someone could use it to harm you.”
Oddly enough, Souza says she’s already been tormented by a robot — although not one controlled by some evil mastermind down the block.
“A few months ago, we had an automated calling system that kept calling the house at 11 p.m.,” she says. “It took a week before they could get it to stop. It’s possible to have problems even without a bad element. Not that a robot that comes in and whistles at you in the middle of the night wouldn’t send you flying to the ceiling.”
Is it likely that the average Joe could figure out how to hack a household robot?
Emilie Kopp, a 27-year-old robotics business developer from Austin, Texas, says probably not.
“It might be more work than it’s worth,” she says. “You would basically have to get the blueprints of their software in order to do anything more than turning the robot on and off.”
More likely, she says, is someone doing it not for criminal intent but for “geek cred.”
“I think the appeal wouldn’t be in terrorizing somebody’s dog or doing something criminal but in finding out the hack,” she says. “Identity theft seems pretty farfetched. It’s really all about the geek cred. It’s about being the ubergeek.”
'Foresight is good'
Although Kopp says she finds it’s unlikely that household robots could soon be at the mercy of criminals or a creepy neighbor, she does think the study is timely.
“I think the foresight is good,” she says. “Consumers should be aware, although not necessarily wary, of their robots being misused. I appreciate that they’re basically saying these are all the scenarios that could happen.”
Of course, when it comes to poor Fido, the report may be too late.
“My sons chased the family dog with our Roomba a couple of times,” says Souza, who loves her vacuuming robot. “It was right at Christmas when we first got it. First the dog went after it and then they decided, ‘Hey, let’s see what happens when the robot goes after the dog. ’ ”