In a significant policy shift, Yarbo has announced plans to permanently remove a controversial remote access feature from its automated lawn mowers. The decision follows intense scrutiny after security researchers exposed vulnerabilities that could have allowed unauthorized control over the devices.
Co-founder Kenneth Kohlmann confirmed to The Verge that future installations will no longer include the remote backdoor, giving customers full control over whether to enable remote connectivity at all. This move marks a sharp departure from Yarbo’s initial approach to remote access, which had sparked widespread concern about potential misuse.
The security flaw that raised alarms
Last week, a security researcher demonstrated how easily malicious actors could exploit Yarbo’s remote access to take control of the lawn mower from anywhere in the world. The vulnerability stemmed from an intentional backdoor designed to allow remote reprogramming via the internet. While Yarbo marketed this feature as a convenience for maintenance, researchers quickly identified its potential for abuse.
Andreas Makris, the researcher who uncovered the flaw, highlighted not only the risk of unauthorized control but also the exposure of sensitive user data. His findings included the disclosure of email addresses and GPS locations tied to affected devices. The exposure raised serious questions about Yarbo’s commitment to customer privacy and security.
Yarbo’s rapid response to criticism
Facing mounting backlash, Yarbo initially defended the remote access feature but later pledged to address the security concerns. In a statement released on Friday, the company acknowledged the vulnerabilities and outlined plans to close the gaps. However, the latest announcement goes further by eliminating the backdoor entirely.
"Customer trust is our top priority," Kohlmann stated. "We’ve listened to the feedback and are taking decisive action to remove the feature that caused the most concern." The company also committed to implementing stricter security protocols for any future remote access features.
What this means for existing customers
Yarbo’s decision to remove the backdoor applies to new installations, but existing customers may still have the feature enabled. The company has not yet announced a timeline for retroactive removal or opt-out options for current users. Customers are advised to monitor Yarbo’s official channels for updates on security patches and firmware revisions.
For those concerned about privacy, Kohlmann suggested disabling remote access in the device settings if available or contacting Yarbo support for guidance. The company has also emphasized its ongoing collaboration with security experts to identify and resolve potential vulnerabilities.
A lesson in transparency and accountability
Yarbo’s reversal underscores the growing importance of transparency in the tech industry, particularly for companies handling IoT devices. The incident serves as a case study in how rapid responses to security flaws can rebuild—or erode—customer trust. As automated home devices become more prevalent, manufacturers must prioritize robust security measures to prevent similar controversies.
Moving forward, Yarbo’s ability to regain confidence will depend on its consistency in addressing security concerns and communicating openly with users. The company’s willingness to remove the backdoor entirely sets a new standard for accountability in the smart home sector.
AI summary
Yarbo, uzaktan erişim yoluyla hacklenebilen robot çim biçme makinelerindeki arka kapıyı tamamen kaldırma kararı aldı. Kullanıcılara seçim hakkı sunulacak.
