In the escalating humanoid robotics race, the spotlight usually falls on Tesla’s Optimus or Boston Dynamics’ Atlas—towering, headline-grabbing machines meant to wow investors as much as engineers.
But the Unitree G1, a squat four-foot-tall robot from Unitree Robotics, a Chinese manufacturer better known for its quadruped “robot dogs,” is quietly becoming the workhorse of a different revolution: affordable humanoids.
At roughly $16,000, it is cheap enough for universities, robotics clubs, and startups to buy off the shelf and put through its paces. The G1 is showing up in labs from Beijing to Boston, learning to climb stairs, pick up boxes, and wave at onlookers.
That new accessibility, however, comes with a risk—and a new report warns that the danger isn’t theoretical. In a technical study published last week, researchers from Alias Robotics tore into the G1’s inner workings, from its Linux-based software stack to its custom encryption scheme and cloud connections.
What they found was an ambitious security design undermined by brittle execution: encryption keys that never change, random number generators that aren’t truly random, and telemetry pipelines that quietly stream video, audio, and motion data back to outside servers without user transparency. Analysis of its data distribution service (DDS) revealed more than 40 active data streams prepped for transmission.
“Our investigation found no evidence of privacy policies, data collection disclosures, user consent mechanisms, or opt-out options that would allow local-only operation,” the report said. “The robot provides no visual or auditory indicators when recording or transmitting data, leaving users completely unaware of the surveillance occurring in their presence.”
The report’s author, Alias Robotics co-founder and Chief Science Officer Víctor Mayoral-Vilches, framed the problem in architectural terms.
Robot Dance Lessons Could Make Them More Agile and Less Scary
“To understand the cybersecurity challenges in robotics, we must first understand their fundamental architecture,” he wrote. “Robots are networks of networks, with sensors capturing data, passing to compute technologies, and then on to actuators and back again in a deterministic manner.”
That architecture, according to the researchers, is poorly defended in the G1. The robot’s data protection scheme relied on a proprietary encryption protocol called FMX, which used static, hardcoded keys rather than randomized ones. That design allowed configuration files and firmware to be decrypted offline without brute force or remote access. Researchers extracted and reverse-engineered cloud connection details and control routines, further exposing how attackers could pivot through the system.
In the escalating humanoid robotics race, the spotlight usually falls on Tesla’s Optimus or Boston Dynamics’ Atlas—towering, headline-grabbing machines meant to wow investors as much as engineers.
But the Unitree G1, a squat four-foot-tall robot from Unitree Robotics, a Chinese manufacturer better known for its quadruped “robot dogs,” is quietly becoming the workhorse of a different revolution: affordable humanoids.
At roughly $16,000, it is cheap enough for universities, robotics clubs, and startups to buy off the shelf and put through its paces. The G1 is showing up in labs from Beijing to Boston, learning to climb stairs, pick up boxes, and wave at onlookers.
That new accessibility, however, comes with a risk—and a new report warns that the danger isn’t theoretical. In a technical study published last week, researchers from Alias Robotics tore into the G1’s inner workings, from its Linux-based software stack to its custom encryption scheme and cloud connections.
What they found was an ambitious security design undermined by brittle execution: encryption keys that never change, random number generators that aren’t truly random, and telemetry pipelines that quietly stream video, audio, and motion data back to outside servers without user transparency. Analysis of its data distribution service (DDS) revealed more than 40 active data streams prepped for transmission.
“Our investigation found no evidence of privacy policies, data collection disclosures, user consent mechanisms, or opt-out options that would allow local-only operation,” the report said. “The robot provides no visual or auditory indicators when recording or transmitting data, leaving users completely unaware of the surveillance occurring in their presence.”
The report’s author, Alias Robotics co-founder and Chief Science Officer Víctor Mayoral-Vilches, framed the problem in architectural terms.
Robot Dance Lessons Could Make Them More Agile and Less Scary
“To understand the cybersecurity challenges in robotics, we must first understand their fundamental architecture,” he wrote. “Robots are networks of networks, with sensors capturing data, passing to compute technologies, and then on to actuators and back again in a deterministic manner.”
That architecture, according to the researchers, is poorly defended in the G1. The robot’s data protection scheme relied on a proprietary encryption protocol called FMX, which used static, hardcoded keys rather than randomized ones. That design allowed configuration files and firmware to be decrypted offline without brute force or remote access. Researchers extracted and reverse-engineered cloud connection details and control routines, further exposing how attackers could pivot through the system.
Leave feedback about this