Yarbo has announced it will permanently remove the intentional backdoor from its robotic lawn mowers—a vulnerability that allowed remote hijacking and data exposure. The company now says customers will have the final say on whether the controversial feature is ever activated.
“We are completely removing the remote backdoor access from all units and will give customers the option to install it later if they choose,” Yarbo co-founder Kenneth Kohlmann told The Verge in an exclusive interview. “We want to restore trust and ensure safety.”
Background: A Hacker’s Wake-Up Call
The reversal follows a stunning demonstration by security researcher Andreas Makris, who remotely hijacked multiple Yarbo mowers from thousands of miles away. Makris also exposed users’ email addresses and GPS locations, raising alarms about the company’s security practices.
Yarbo initially promised on Friday to address the issues by closing the holes Makris exploited. But the new pledge goes much further—eliminating the backdoor entirely rather than just patching it.
What This Means for Customers and Security
The decision marks a significant shift for Yarbo, which had embedded the backdoor for remote access and troubleshooting. Now the company is treating it as an optional, user-controlled feature that must be deliberately enabled.
“This is a win for consumer safety,” said cybersecurity analyst Dr. Elena Torres. “By removing the default backdoor, Yarbo is reducing the attack surface and giving power back to the owner.”
However, some experts caution that the opt-in model could still create risks if not properly implemented. “Even optional features need strong encryption and authentication,” Torres added. “Yarbo must prove it can secure the system from the ground up.”
Industry Reaction and Next Steps
Yarbo plans to roll out the change via a firmware update in the coming weeks. Customers will be notified when the update is available and will have the option to skip or enable the remote access feature during setup.
The company has not disclosed whether the revised firmware will be audited by a third party. Makris, who exposed the flaw, urged Yarbo to “go further” by implementing end-to-end encryption and public vulnerability reporting.
“We are listening,” Kohlmann responded. “We will share more details on our security roadmap soon.”
For now, owners are advised to update their mowers as soon as the patch arrives and to disable any existing remote access until the new firmware is installed.
This is a breaking news story. Check back for updates.