Conceptually, I love robot vacuums. A little friend who cleans up my floor? Fantastic. Into it. The issue is, unfortunately, I don’t trust them. They constantly report back to the external servers, and they can be a huge security liability. I don’t want that. Someone has to have hacked these things, I reasoned. A quick search revealed I was correct. This is how I came across Valetudo, a project that aims to liberate robot vacuums from the cloud.
Valetudo is a firmware replacement for your robot. It integrates with a vacuum’s existing software and acts like a cloud replacement that allows you to control your robot vacuum locally. Instead of having to use a proprietary app on your phone, which connects to a distant server, which then connects back to your robot, you can simply control it directly with either an Android app or a simple web interface. (An iOS app is currently not available.) It also works with MQTT, and it can be controlled via the open-source home automation solution Home Assistant once properly configured.
The first thing I should stress is that this is not, in its current state, a beginner project. Installing and setting up Valetudo on a compatible vacuum requires some knowledge of Linux and the ability to patiently follow instructions. Even if you have those skills, there is still a nonzero chance you could brick your robot. It’s also unlikely that you’ll be able to revert your vacuum back to its default state once this is installed. But if you want a vacuum that is not tied to an internet connection and don’t mind getting your hands a little dirty (and voiding warranties), Valetudo does the trick.
Valetudo itself exists because of Sören Beye (AKA Hypfer) and Dennis Giese. Giese, a PhD student at Northeastern University, started hacking back in 2017, eventually found a way to root a Xiaomi robot, and wrote a cloud replacement implementation called Dustcloud. He published it at Def Con and CCC, and then someone used that to create a more lightweight implementation called Dummycloud, the concepts for which would find their way into Valetudo. (Valetudo is the Roman name for Hygieia, the Greek goddess of cleanliness, health, and hygiene.)
Beye had seen Giese’s Def Con talk and, a year later, started hacking a Roborock S5 he got from Aliexpress. Eventually, Beye put the prototype of Valetudo on GitHub and announced it on Roboter-Forum, a German forum about cleaning and mowing robots. Slowly, their work drifted together, with Beye working on a lot of Valetudo proper and Giese responsible for the image and rooting tools, as well as finding the exploits as they evolved. Giese later created DustBuilder, which streamlines the process of building firmware and rooting devices.
To decrypt firmware from new models and vendors, the keys from real devices are needed, and while some people do donate robots and Beye and Giese take donations to keep the project going, a lot of the cost comes out of pocket. Giese admits he has probably spent close to $30–$40,000 on robot vacuums. “Money donations are a bit cyclic. Sometimes, I get some cash together to buy a robot. But it’s obviously still a money pit,” he told me.
There are many advantages to using Valetudo instead of a vacuum’s default system. The big one is that your robot is not connected to the cloud, which is very important if you are overly paranoid that your vacuum might, say, take photos of you on the toilet, which then get shared by gig workers to Facebook. “All of the robots store pictures in one form or another. Some of them are uploading the stuff,” said Giese. “It’s not your devices; it’s the vendors. They have full control over the data and the device.”
Valetudo liberates a robot vacuum from the cloud, allowing you to store all of its data locally
With Valetudo, maps of your house are not stored on a remote server but locally on the vacuum’s internal storage. The interface is standardized across all the supported vacuum models, so you don’t have to relearn anything if you switch to a new robot. You are not forced to install updates to your robot. You are not subject to marketing or push notifications, and your email and phone number will not be subject to a data breach. You do not agree to an extended and unreadable corporate TOS. It does not require a smartphone app connected to a distant server, which also means better latency for commands. And even outside of what it doesn’t make you do, there’s tons of additional functionality like custom Home Assistant integration, Wi-Fi strength mapping, the ability to turn your house into a Minecraft map, and voice packs. (There is a GLaDOS pack someone made, but I am trying to hack it so it sounds like Roger from the show American Dad.)
iRobot and Roomba are almost synonymous with robot vacuums at this point; they aren’t ideal for hacking because they lack the processor overhead to run Valetudo. The most commonly used models for installing Valetudo are from Roborock and Dreame.
For this project, I used a Dreame L10S Ultra, which has recently been added to the list of compatible robots. The method of modifying the robot varies from model to model and vendor to vendor (some older robots can actually be rooted OTA, or over the air), but the easiest way to hack the Dreame requires some specific hardware and direct access to the robot. This Fastboot method uses an exploit to the Allwinner LiveSuit tool for Linux and modified LiveSuit images. “Fastboot was my solution to prevent people from bricking their device,” Giese said. “The alternative would have been real livesuit images, which are dangerous.”
To hack the robot, I acquired a $5 custom piece of hardware called the Dreame Breakout PCB through the Valetudo Telegram group, where most of the support for the process lives. Strictly speaking, you do not need this adapter to hack this model; it just makes hacking it easier and can be easily shared with hacking spaces and groups of like-minded friends. I also will never pass up an opportunity to solder a doohicky I got from GitHub.
“[Valetudo] requires rooting. But with the builder, it’s technically not that hard to use, even for non-Linux users. We have a very big community with lots of people that have experience.” Giese told me. “You see the usual suspects in Telegram helping people.”
The next step was to actually gain root access to hack the robot. The process I followed strongly recommends using a laptop with Linux installed (Debian, for example). (A Raspberry Pi does not work in this specific case since fastboot requires x86 binaries, which the Pi can’t run.) I did not have a Linux laptop handy, so I pinged a good friend of mine from my local hacking space to help out. This was also convenient because while I am pretty good at using intermediate Linux commands, this specific method currently requires quickly inputting commands in a slightly narrow timeframe of 160 seconds or risk bricking your device, and frankly, he just types faster than me.
We installed the necessary dependencies and software, pried open the top using a couple of small flathead screwdrivers, took the breakout PCB I had soldered, and, per the instructions, plugged it into the 16-pin Dreame Debug connector. From there, we connected the laptop via USB and used the software to extract the config value of the device and input it into Dustbuilder.
Once the website generated and sent us the custom firmware images and text files, we were able to root and flash the device through a series of fastboot commands. “There are some aspects of the rooting which are black box... I don’t like that necessarily, but I did not find a better solution,” Giese told me later. Finally, we installed Valetudo using the Valetudo-Helper-HTTPbridge and backed up the calibration and identity data of the robot. Those are all the parts that were a pain; the rest is pretty easy.
After going through the rooting process, the robot appears as a Wi-Fi access point, like many smart home devices do during setup. You connect to the robot’s network, open a browser, type the local IP address into it, and then input your Wi-Fi credentials to connect it to your network. From here on out, find it on your network and open the address in a browser. Congratulations, little buddy, you’re free.
Interacting with a robot via Valetudo is, like using Home Assistant, a simple and no-nonsense affair. I typically control mine via a local browser window. The robot will start by mapping the space it is in, segmenting the space into zones, and then that map can be modified freely using the UI. You can choose to have the robot vacuum all spaces, individual segments, or even just areas you select with a lasso tool. Fan strength, manual controls, surface behaviors, docking behaviors, timers, and every granular capability you can think of are available. There’s even a way to control it with a gamepad. And while some vendor-specific features might not be present, the ability to have total access and control of your robot opens up many possibilities. While writing this article, a person on X (formerly Twitter) responded that they discovered they could pipe a voice synthesizer into their robot via SSH, allowing them to screw with their roommates by having it complain about its imprisonment. You simply can’t buy fun like that.
So much of what tech companies do, both generally and here specifically, is not particularly special and, in many ways, actively intrusive. iRobot is not some unicorn tech company at this point. It is a company with several competitors that all strive to do more or less the same thing. These robots do not strictly “need” to be connected to the cloud all the time to clean your house, but they are, and to me personally, they are worse devices as a result.
“I think that in a perfect world, Valetudo wouldn’t exist,” Beye told me over Telegram. “It fills this gap that would be technically trivial to fill by the vendors, but they simply refuse to do so because requiring the cloud makes for a better business model.”
All I wanted was a vacuum that I could trust, one that would treat me like an adult. You know, like my regular vacuum cleaner. I don’t know if any company out there would voluntarily consider offering a vacuum robot that just vacuums without phoning home, not even a solitary model marketed to weirdos like me. A Framework laptop, but for cleaning my house.
Beye believes that the most likely path to vendors offering local devices is EU regulation forcing IoT devices to give people the option to use their devices offline or without registering an account. When I asked Giese about the idea of an open-source vacuum, he believed it to be unrealistic in the current market. As it stands, if you don’t want your vacuum to narc on you and if you want respect from your tech, you have to patch it in yourself, and there’s only one place to find that: on a Telegram channel with a bunch of other friendly, opinionated nerds who will send you a circuit board in the mail.
Hacking my robot vacuum gave me flashbacks to when computers were more customizable and not sealed up boxes
Once he was liberated, my robot started making happy little laps around my house, scanning it, mapping it, and storing it locally. For now, his name is Chappie, named after the military robot that stops being a cop in the charming but bad movie of the same name. I cannot express the irrational amount of joy I felt, like a proud parent, watching this little guy go. For the hell of it, I had him start mapping my Wi-Fi signal strength so I could potentially make adjustments to my access points.
At the risk of sounding too over the top, I felt true elation and affection when I finished this project. It felt like when I was young and when computers were new and fun things before everything became gray sludge and tablets, condescending UI, and endless pages of unreadable, untrustworthy terms of service agreements. It’s that rare moment when you touch a piece of tech and know it all does what you want it to because you made it that way. It felt like a friend.
I love my dust-sucking son. And I cannot tell you how happy I am that he is finally free.