New gadgets unveiled at CES 2025, and their impact on security | Kaspersky official blog

New gadgets unveiled at CES 2025, and their impact on security | Kaspersky official blog

/in

One of the world’s premier tech events traditionally takes place every year in Las Vegas in early January. Sure, the Consumer Electronics Show (CES) pays attention to cybersecurity, but by no means is it top of the agenda. Looking for a giant monitor or AI washing machine? You’re in luck! Smart home protection against hackers? Might have to shop around a bit…

We’ve picked out the top trending announcements at CES 2025, with a focus on what new cyberthreats to expect as the latest innovations hit the shelves.

NVIDIA Project DIGITS: your own mini supercomputer for running AI locally

NVIDIA founder Jensen Huang unveiled the company’s Mac-Mini-sized supercomputer to CES visitors. Powered by the GB10 Grace Blackwell “superchip” with a minimum 128 GB of memory, the device is capable of running large language models (LLMs) with 200 billion parameters. Connect two such computers, and you can run even larger models with up to 400 billion parameters! However, the US$3000 price tag will limit the buyer audience.

Cybersecurity aspect: running LLMs locally stops confidential information from leaking to OpenAI, Google Cloud, and other such services. Until now, this wasn’t very practical: on offer were either greatly simplified models that struggled to run on gaming computers, or solutions deployed on powerful servers in private clouds. “NVIDIA Project DIGITS” now made it easier for both small companies and wealthy hobbyists to run powerful local LLMs.

The GB10 Grace Blackwell superchip, 128 GB of RAM, and 4 TB of SSD storage make this NVIDIA offer a decent platform for a local neural network.

The GB10 Grace Blackwell superchip, 128 GB of RAM, and 4 TB of SSD storage make this NVIDIA offer a decent platform for a local neural network. Source

Roborock Saros Z70: a “handy” vacuum cleaner

The inability of robot vacuum cleaners to cope with stairs and other obstacles, including things lying around, greatly limits their usefulness. Roborock’s new model solves the latter issue with an extensible arm that picks up small and light objects from the floor.

Cybersecurity aspect: the Saros Z70’s object-rearranging ability is very limited, and Roborock has not been involved in any major cybersecurity scandals. So we’re unlikely to see any game-changing risks compared to existing vacuum cleaners. But later models or competitors’ products can theoretically be used in cyberphysical attacks such as burglary. For instance, researchers recently showed how to hack Ecovacs robot vacuums.

But the Saros Z70 is notable for more than just its mechanical hand. Another of its officially announced features is video surveillance. The vendor claims that camera footage never leaves the device, but we’ll believe that when we see it. After all, you’ll probably at least need a separate device to view the footage. The StarSight 2.0 system, due with a later software update, will let you train the robot to recognize specific household objects (for example, favorite toys) so that it can show where it last saw them on a map of your home. As to whether this handy feature works entirely on the device — or data about things in your home gets fed to the cloud — press releases are maintaining a tactful silence.

The Roborock Saros Z70 can lift and carry objects weighing up to 300 grams.

The Roborock Saros Z70 can lift and carry objects weighing up to 300 grams. Source

Bosch Revol: preying on parental fear

How did a baby rocker manage to take home the “Least private” mock award for gadgets at CES 2025, as judged by Electronic Frontier Foundation and iFixIt? The Bosch Revol Smart Crib not only automatically rocks the crib, but continuously collects video and audio data, while simultaneously scanning the baby’s pulse and breathing rate using millimeter-wave radar. It also monitors temperature, humidity and fine-particle pollution levels. The camera is equipped with object recognition to detect toys, blankets and other potentially dangerous objects near the infant’s face. All data is instantly streamed to a parental smartphone and to the cloud, where it remains.

Cybersecurity aspect: other vendors’ video baby monitors have been dogged by scandals, and hacked to conduct nasty pranks and spy on parents. In the case of the Revol, not only video, but medical data could end up in cybercriminal hands. When it comes to child and health-related tech, a cloud-free setup as part of a well-protected smart home is the way to go.

TP-Link Tapo DL130: in the same vein?

Among the many smart locks unveiled at CES 2025, it was TP-Link’s model that stood out for a feature that’s still quite rare — biometrics based not only on face/fingerprint recognition, but also on palm veins matching. Simply wave your hand in front of the sensor, and the system will identify you as the owner with high accuracy. Unlike more common biometric factors, this method doesn’t depend on lighting conditions, and works well even with wet and dirty hands. Plus, it’s more difficult to fake.

Cybersecurity aspect: smart locks can be integrated into your home network and interact with your smart home (such as Alexa or Google Home), which creates a wide cyberattack surface. Given the numerous critical vulnerabilities in other TP-Link equipment, there’s a risk that flaws in smart locks will allow attackers to open them in unconventional ways.

Security researchers are sure to put TP-Link's smart lock under the microscope once it goes on sale.

Security researchers are sure to put TP-Link’s smart lock under the microscope once it goes on sale. Source

Google Home + Matter: a cloud-free sky home

A major update to Google’s smart home hubs means they can now control curtains, sockets, light bulbs and other devices via the Matter protocol without connecting to a cloud server. At the heart of your smart home can be a Google Nest — an Android 14 smart TV or even a Chromecast device. Tell Google Assistant to “switch on the bedroom light”, and the command will be carried out even without an internet connection, and with minimal delay.

If a staunch advocate of a cloud-based future like Google has implemented such offline scenarios, the demand for such functionality must be huge.

Cybersecurity aspect: local control of your smart home reduces the risk of compromise and improves privacy — less data about what goes on in your home will leak to equipment vendors.

Halliday Glasses: improve your AI-sight

We chose Halliday AR glasses for the innovative image projection system that makes them lighter and more compact — though our takeaways also apply to dozens of other smart glasses presented at CES 2025. While some models address a simple and specific issue — such as combining glasses with a hearing aid or serving as a near-eye display for computer users on board a plane — quite a few of them come equipped with an AI assistant, camera, ChatGPT integration, and other features that potentially can be used to spy on you. They’re used for live translation, teleprompting and other productivity-boosting tasks.

Cybersecurity aspect: all AI features involve shifting large amounts of data to the makers’ servers for processing, so local AI in glasses is still a long way off. But unlike with computers and smartphones, the voices, photos and videos of all those around you will be included in the information flow generated by the glasses. From an ethical or legal standpoint, wearers of such glasses may have to continuously ask permission from everyone around to record them. And those who don’t want to pose for Sam Altman should look out for wearers of smart glasses among their peers.

Sony Honda AFEELA: I feel it’s going to be driving by subscription

This luxury electric car from two Japanese giants is available to preorder — but only to California residents and with rollout scheduled for 2026 or later. Nevertheless, the Japanese vision could become the envy even of Google: the price of the vehicle includes a “complimentary three-year subscription” to a variety of in-car features, including Level 2+ ADAS driver-assist and an AI-powered personal assistant, and a choice of interactive car design and entertainment features such as augmented reality and “virtual worlds”.

At the CES 2025 demonstration, the car was summoned onstage by the voice command “Come on out, Afeela” — but it remains unclear whether this handy feature will be available to drivers.

Cybersecurity aspect: we’ve spotlighted the risks and vulnerabilities of “connected” cars many times. Whether manufacturers will be able to keep the security bar high, not only for vehicles, but also for telematics systems (especially critical if smart driving becomes subscription-based), is a big question for the future. Those who don’t like the idea of their car suddenly turning into an iron pumpkin pending a software update or after a cyberattack are advised to refrain from splashing out… at least for another decade or so.

BenjiLock: a biometric padlock

Now you can lock up your bike (or barn or whatever) without memorizing a code or carrying around a key. As the name suggests, the BenjiLock Outdoor Fingerprint Padlock is a padlock that stores and recognizes fingerprints — up to ten of them. No smartphone or Wi-Fi required, all the magic happens inside the lock itself. The device is resistant to both moisture and dust, and (according to the manufacturer) works on one charge for up to a year.

Cybersecurity aspect: only real-world tests can prove resistance to old-school lock picking and inexpensive fingerprint faking. Smart locks are often vulnerable to both.

Kaspersky official blog – ​Read More