What happens when you create a rather powerful robot dog (the Unitree Go1), which is being used in all kinds of real-world applications – from surveillance and security to disaster recovery and beyond – and put a backdoor for easy corporate access?
Unitree did pre-install a tunnel without notifying its customers. Anybody with access to the API key can freely access all robot dogs on the tunnel network, remotely control them, use the vision cameras to see through their eyes or even hop on the RPI via ssh.
Not concerning at all…
These robot dogs are marketed at a wide spectrum of use-cases, from research in Universities, search and rescue missions from the police to military use cases in active war. Imagining a robot dog in this sensitive areas with an active tunnel to the manufacturer who can remotely control the device at will is concerning.
