Remotely triggered security updates are very common. But my experience in seeing remote command execution to disable a device is bit concerning. Having rtty software installed is another nightmare. Not sure if you call all these mentioned in the article mundane

You are letting it connect to manufacturer's servers, and allow it to execute unknown commands. You know that one command, "501", disables vacuum. There is a very good chance that there is some other remote command with "remote exec random command" functionality, you just didn't see it. There is also a good chance that there are already commands for any creepy things you might want to be worried about (like send camera video).

So, given that, why are you worried about rtty specifically? It's likely a redundant debugging channel in case the main app crashes. It does not add any special functionality that main app does not have.

Now re "disabling the device" - I wonder what command means? Could it be something like "local logs buffer full, pausing operation until upload is done"? Thinking about this more, your blog basically says:

1. vacuum works fine

2. you disable half of the ports on the firewall

3. vacuum stops working

4. you send it for warranty repair

I was very surprised to see that 4 was "send it to warranty repair", instead of "re-open ports on firewall and see if it starts to work now". Did you try this? If not, then it's pretty likely the vacuum was not "bricked" in any sense, but rather was waiting forever for its logs to get uploaded.

> Very dramatic presentation for something very mundane

In what way is this mundane? The writer purchased a device, and after purchase the device was remotely disabled.

Terrifying - that it happened is alarming but that it is now "mundane" is utterly chilling

Allegedly. The article while extremely heavy on the drama provides no real details at all apart from one log message. And they're totally extrapolating out what the start of the log message might mean.