Two trends, one vacuum cleaner

A software engineer wanted to control his robot vacuum with a PS5 controller. He used an AI coding assistant to reverse-engineer how the device talked to its cloud servers. Within hours, he had accidentally gained access to live camera feeds, microphone audio, and floor plans from nearly 7,000 devices across 24 countries.

He wasn't a security researcher. He just thought it would be fun to drive his vacuum with a joystick.

Two things made this possible:

1. AI coding tools are collapsing the barrier to work that used to require deep specialised knowledge. Reverse-engineering a device protocol is no longer a months-long project. It's an afternoon.

1. We are voluntarily placing internet-connected cameras, microphones, and mapping sensors inside our homes (on wheels) and trusting that the manufacturer got security right.

The person who finds the vulnerability is no longer necessarily someone with years of exploit experience. It might be someone building a side project on a Sunday. Fingers crossed they are responsible.

Hacking used to be hard. We also didn't used to put cameras on wheels and invite them into our living rooms.