An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device. That’s when he noticed it was constantly sending logs and telemetry data to the manufacturer — something he hadn’t consented to. The user, Harishankar, decided to block the telemetry servers’ IP addresses on his network, while keeping the firmware and OTA servers open. While his smart gadget worked for a while, it just refused to turn on soon after. After a lengthy investigation, he discovered that a remote kill command had been issued to his device.
Pretty much everything you said is incorrect, except for the article age. Valetudo literally wrote software that does this on multiple models locally, including mapping. The response of the manufacturers whose models were capable of this was to release new versions where this wasn’t an option. As for servers and local control, there are a number of solutions for those with the knowledge and hardware to set it up, and the only thing stopping robovac companies from supporting this is (less) money.