Unitree Humanoid Robot Exploit Looks Like a Bad OneUnitree have a number of robotic offerings, and are one of the first manufacturers offering humanoid robotic platforms.
Uncategorized
1
Posts
1
Posters
6
Views
-
Unitree Humanoid Robot Exploit Looks Like a Bad One
Unitree have a number of robotic offerings, and are one of the first manufacturers offering humanoid robotic platforms. It seems they are also the subject of UniPwn, one of the first public exploits of a vulnerability across an entire robotic product line. In this case, the vulnerability allows an attacker not only to utterly compromise a device from within the affected product lines, but infected robots can also infect others within wireless range. This is done via a remote command-injection exploit that involves a robot’s Bluetooth Low Energy (BLE) Wi-Fi configuration service.
Unitree’s flagship G1 humanoid robot platform (one of the many models affected)
While this may be the first public humanoid robot exploit we have seen (it also affects their quadruped models), the lead-up to announcing the details in a post on X is a familiar one. Researchers discover a security vulnerability and attempt responsible disclosure by privately notifying the affected party. Ideally the manufacturer responds, communicates, and fixes the vulnerability so devices are no longer vulnerable by the time details come out. That’s not always how things go. If efforts at responsible disclosure fail and action isn’t taken, a public release can help inform people of a serious issue, and point out workarounds and mitigations to a vulnerability that the manufacturer isn’t addressing.The biggest security issues involved in this vulnerability (summed up in a total of four CVEs) include:
- Hardcoded cryptographic keys for encrypting and decrypting BLE control packets (allowing anyone with a key to send valid packets.)
- Trivial handshake security (consists simply of checking for the string “unitree” as the secret.)
- Unsanitized user data that gets concatenated into shell commands and passed to
system().
The complete attack sequence is a chain of events that leverages the above in order to ultimately send commands which run with root privileges.
We’ve seen a Unitree security glitch before, but it was used to provide an unofficial SDK that opened up expensive features of the Go1 “robot dog” model for free. This one is rather more serious and reportedly affects not just the humanoid models, but also newer quadrupeds such as the Go2 and B2. The whole exploit is comprehensively documented, so get a fresh cup of whatever you’re drinking before sitting down to read through it.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@tfb it was! And I was so surprised!
-
Dopo 16 anni passati con noi la mia piccola Margot questa sera ha passato il Ponte dell'Arcobaleno.
Ciao piccola pazza, grazie di tutto il tempo passato assieme.
-
Zapp: There's only one surefire way back into a woman's heart and
parts beyond. I speak, of course, of Karaoke.
-
@DarioZanette ah per quello, MAMiL come se piovesse, tra l'altro odiati da pedoni ed altri ciclisti urbani tanto quanto dagli automobilisti.
-
GIORNATA DI ARTIVISMO
Domenica 22 marzo, dalle 14:30 alle 23:00, presso LOCK - Laboratorio Occupato Kasciavìt, Via San Faustino 62, Milano
UNA GIORNATA DI ARTIVISMO
🗓️ (questa) Domenica 22 marzo dalle 14:30 alle 23
📍@collettivo_kasciavit - Via S. Faustino 62 - in occasione del Mercato Lockale
Dove siamo? Come stiamo? Cosa desideriamo?
Come rete di Artivismo ci siamo posti queste e altre domande per creare insieme una giornata dedicata all’Arte resistente dove condividere pratiche e parlare di espressione, dissenso creativo, utopie e immaginazione.
Nel corso del pomeriggio, fino a tarda sera, si alterneranno reti, collettivi e artistə che abitano le arti con valenza politica: dalla fotografia al fumetto, dal rap all’electropunk, dal teatro alla poesia.
✨ Con Andrea Bellaroto · Apollineo · ArT* Festival · Casa per la Pace · Freevan · Hurricane Ivan · Inmotulus · Kamera Lab · Mattia L. · Nebüla · No Kings Milano · RAVE OVER · Rete No CPR · Rocks Against Fascism · Scate · Tempi DiVersi · Timidoceleste · Una Finestra Sbagliata
🍽️ Fermati a cena! Troverai un apertivo/cena vegan per smangiucchiare tutto il pomeriggio, a sostegno delle spese dellə artistə e dei collettivi presenti.
Ti aspettiamo!
🎨 @grafica_x e @ele_vi
#musica #mercatino #laboratorio #interventi #intersezionalità #fotografia #MusicaLive #Poesia #Teatro #banchetti
-
@crc i can't find description of Pali on your site.
nevermind, this language is pretty straightforward. i would read sequences of insructions like "lisuli" and interpret them as phrases.
-
@RnDanger @tess that's a good idea, «How much care goes into avoiding strain on the affected part.» as a gauge of the pain (at least where possible, so not for teeth abscesses, probably, but now that you make me think about it it's probably why I decided to go get an Xray of the wrist when I fell down skating).
-
I have the following set in my .kshrc to do exactly that.
# coloured man pages
man() {
sh -c "man '$@' | col -bx | bat -l man"
}
