The $2,000 Spy in Your Hallway

Sammy Azdoufal wasn't even trying to be a menace. He just bought a two-thousand-dollar DJI Romo and decided the official app was garbage, which, let's be honest, most of these bloated IoT apps are. He wanted to drive his vacuum with a PS5 controller—standard hobbyist stuff—and maybe make it make a sad noise when the battery died. But because DJI’s backend architecture is essentially a series of open doors with "Please Don't Enter" signs, he accidentally became the supreme commander of about seven thousand robots across two dozen countries. It is the classic "security by obscurity" failure, except now the obscurity is being shredded by AI tools that don't care how "proprietary" your code is.

The MQTT wildcard disaster

The technical reality here is embarrassing. These robots talk to the DJI mothership using MQTT, which is a lightweight protocol for things that don't have much processing power. It works on a "publish and subscribe" model. Your vacuum publishes its battery level to a "topic," and your phone subscribes to that topic to show you the percentage. Simple, right? But DJI forgot the most basic rule of systems architecture: Access Control Lists (ACLs). When Sammy used a tool called Claude Code—an AI that basically acts as a senior dev on steroids—he managed to reverse-engineer the communication schema in minutes. He found his own authentication token, which is fine, but then he realized the DJI broker (the central server) didn't actually check if his token had the right to see other people's data. He sent a "wildcard" subscription request—using the # character—and the server just started vomiting data from every Romo on the planet. He didn't hack a firewall. He didn't brute-force a password. He just asked for everything, and the server said "Sure, why not?"

And it wasn't just coordinates. We are talking about live camera feeds, 3D floor plans mapped by LiDAR, and real-time telemetry. He could see exactly where a stranger in some apartment in Berlin or Chicago was cleaning. (Actually, he could have driven their vacuums into walls if he wanted to, but he’s a decent guy, I guess). The terrifying part is that the "security PIN" DJI makes you enter to see the camera is a total lie. It’s only checked by the app on your phone. If you bypass the app and talk to the server directly, the server doesn't ask for a PIN. It just streams the video. It’s engineering negligence disguised as a "feature."

Vibe coding is a wrecking ball

What makes this different from some old-school CVE is how it was found. Sammy isn't a career penetration tester. He’s an AI strategist who used "vibe coding"—basically describing what he wanted to a machine and letting it handle the messy work of decompiling binaries and writing Python bridges. This lowers the barrier to entry for offensive security to basically zero. You don't need a PhD in network protocols anymore; you just need to know how to prompt an LLM to find the patterns in the noise. Companies like DJI have been hiding behind "closed source" for years, assuming no one would take the time to figure out their messy protocols. Well, the AI just took the time. It took about an hour. The "landscape" (sorry, banned word, I mean the environment) has shifted so far that if your security relies on "they won't figure out how our packets are structured," you are already dead.

The state security nightmare

Now look at the politics. DJI is currently fighting for its life against a massive FCC ban in the States. They are in court right now swearing up and down that their devices aren't a national security risk and that they don't send sensitive data back to Shenzhen. Then this happens. A random guy in France proves that he can access the architectural layout of thousands of homes because DJI’s cloud engineers couldn't be bothered to implement basic token scoping. It makes the state's argument for a ban look incredibly rational, even if you hate bureaucratic overreach. When a private company creates a global network of moving cameras and then leaves the keys under the doormat, they are inviting the state to step in and crush them. It’s a sovereign risk. If our national infrastructure or even just the private mahrem (privacy) of citizens is at the mercy of one lazy MQTT configuration, the state has a duty to shut it down. Self-reliance means not letting foreign-managed, poorly-secured nodes map the inside of our sensitive buildings.

And don't even get me started on Ecovacs. They had the same problem. People were getting shouted at through their own vacuums by hackers using racial slurs. It’s the same pattern: ship the hardware, win the market, and treat the backend like an afterthought. We are about five minutes away from "humanoid" robots from companies like Tesla or Figure entering the home. Those things have arms. They can open doors. If we are still failing at "don't let everyone see the camera feed" for a vacuum, we are heading for a literal physical disaster when the first humanoid bot gets its MQTT topics hijacked. We need physical kill-switches. Hardware shutters on cameras. Something that doesn't rely on a line of code in a Shenzhen data center to stay closed.

The reality is that we're trading our most intimate data for the convenience of not having to push a broom, and the companies taking that data are treating it with the respect of a disposable paper plate. If it’s got a camera and a Wi-Fi chip, assume it’s a spy—either for the company that made it, a government, or just some guy with a PS5 controller and a dream.