Researcher add salt to Pepper

A recent study by Scandinavian researchers shows that “Pepper” from the manufacturer Softbank Robotics is frighteningly easy to hack. According to Alberto Giaretta from the Örebro University and his colleagues from the Technical University of Denmark, Pepper has many serious security flaws which include, among other things, an administration via an unsecured HTTP connection and a hard-to-change default password for root access.

Sascha Keutel

Photo
Study shows that Pepper catastrophically bad safety precautions.
Source: Softbank Robotics

Pepper is a human-shaped robot that is designed to be a genuine day-to-day companion. According to Softbank Robotics, “Pepper is the first humanoid robot capable of recognising the principal human emotions and adapting his behaviour to the mood of his interlocutor.” Therefore Peppers primary use in healtcare is to be used in nursing homes to entertain the elderly, doing puzzles with them, playing music and passing the time when the caregivers are busy with other tasks.

There had been isolated reports of Pepper hacks in the past. The current study, however, focused on the safety of the robot – and paints a devastating picture.


For example, Pepper offers users a simple web interface for administrative tasks. Access is granted via an unsecured HTTP instead of encrypted HTTPS connection, so attackers can easily steal information such as standard user credentials. Worse, Pepper uses a default password for root privileges, which is relatively difficult to change. In many cases, an attacker could easily gain full access to the robot after logging in as a normal user. It even wouldn’t matter, if a hacker was unable to steal the password for the default user – because a brute force attack works great, the stidy says.

However, the researcher had a bright spot for the manufacturer: According to them the problems should be easy to solve.

Subscribe to our newsletter

Related articles

Robot toys provide clues about infant development

Robot toys provide clues about infant development

New research shows that using robots could help detect early signs of autism or ADHD in infants.

Interactive robot ‘Pharos’ helps the elderly exercise

Interactive robot ‘Pharos’ helps the elderly exercise

Researchers are working on an interactive robot called Pharos that will help the elderly with their daily household chores.

Personalized deep learning equips robots for autism therapy

Personalized deep learning equips robots for autism therapy

Machine learning network offers personalized estimates of children’s behavior.

Robots can draw out reluctant participants in groups

Robots can draw out reluctant participants in groups

Can a robot draw a response simply by making “eye” contact, even with people who are less inclined to speak up. A recent study suggests that it can.

Robots encourage risk-taking behaviour in humans

Robots encourage risk-taking behaviour in humans

“The Robot made me do it” - research has shown robots can encourage humans to take greater risks in a simulated gambling scenario than they would if there was nothing to influence their behaviours.

Could robots replace real therapy dogs?

Could robots replace real therapy dogs?

According to new research, robotic animals could be the 'pawfect' replacement for our real-life furry friends.

A smooth interaction between humans and robots?

A smooth interaction between humans and robots?

Making eye contact with a robot may have the same effect on people as eye contact with another person - interaction between humans and humanoid robots could be surprisingly smooth.

Magnetic spray transforms objects into millirobots

Magnetic spray transforms objects into millirobots

Scientists have developed an easy way to make millirobots by coating objects with a glue-like magnetic spray.

An ankle exoskeleton aids running

An ankle exoskeleton aids running

Researchers find that a motorized device that attaches around the ankle and foot can drastically reduce the energy cost of running.

Popular articles

Subscribe to Newsletter