> We’ve normalised the idea that Bluetooth is always on. Phones, laptops, smartwatches, headphones, cars, and even medical devices constantly broadcast their presence. The standard response to privacy concerns is usually “nothing to hide, nothing to fear.”
I guess anything you send out can be used to profile you.
Some of my friends live on a farm near a semi busy road, however far enough from other farms to not be able to receive their wifi. They showed me their router logging all the wifi accesspoints that appear/disappear. There where A LOT of access points named "Audi", "BMW", "Tesla" etc. similar to those devices leaking bluetooth data. We had a discussion that it would be easy to determine who was passing by at what times due to these especially when you can "de-anonymize" the data for example link it to a numberplate.
I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
You can do this for much cheaper - all four of your tires are broadcasting a unique ID to report tire pressure, the radio to pick it up is cheap (because cars), and TPMS has no facility to randomize or otherwise secure this.
>There where A LOT of access points named "Audi", "BMW", "Tesla" etc.
That's one of the funniest things about wardriving with Wigle on your phone. I can often see the SSID of "Jennifer's Equinox", "Jacks Suburban" right after I get cut off by someone in said vehicle. The vast majority of car bluetooth/wifi I see tends to have varying amounts of identifying information. It's almost as bad as the fact that apple still defaults to Jacks iPhone/iPad etc with no option to rename the device until you've finished setting it up.
Companies are not out to protect us with default settings and the majority of users need to wake up to this fact.
Don't worry about Tesla's being tracked. Via Bluetooth this has existed for at least 7 years [1] (was mentioned on HN as well). Tesla know (also for 7 years), Musk doesn't care 'since license plates can also be tracked'.
I used it in train stations, and get hits when passing highways via train or bus. Esp. fun if you stand still due to traffic lights or traffic jam, since you can try to get a visual.
The only lesson to be learned here is that it allowed one to learn in 2019 Musk is overrated. But you can also learn that lesson from the book The PayPal Wars which predates this by 15 years.
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
There's an Android app that can find devices, make profiles, and you can track location for as long as they're connected. So you can profile passerbys and even get notified when the profile passes through again. I forgot what is was called
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at
In the EU this is forbidden unless they explicitly ask your permission. They can still gather aggregate stats but they cannot build a profile on you.
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
Yes, I remember Cisco had a product like this all the way back in 2011. They could pinpoint a customer to an exact position inside a store using triangulation, they would know which shelf you spent time in front of etc. In the 15 years since then, I expect the technology is much scarier and intrusive.
> We had a discussion that it would be easy to determine who was passing by at what times due to these especially when you can "de-anonymize" the data for example link it to a numberplate.
You could also read the numberplate directly with OpenALPR. It can be finicky to set up a camera to do this reliably in all conditions (particularly at night and high speed) but once done you could detect any car passing, not just ones with wifi access points.
When the law requires us to have numberplates, I think this just has to be considered public information for anyone who is nearby or can leave a camera nearby. It's not ideal to leak it in additional forms that might be easier for people to grab (say, with an ESP32), but it's a matter of degree rather than of kind.
But yeah, I'm with you on some of these others, particularly the medical devices. That's not great.
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall
They do but most phones rotate the mac adress these days. So while they can still track you through the store (sadly) they don't have the ability to track your recurring visits.
I wish phones had the option to constantly spam broadcasts with random MAC ids. That would make the practice useless.
>I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
hmm, I wonder if there is anything about using this to combat shoplifting...
short google later, seems there is, but mostly everything I'm finding is just brochures and breathless corporate announcements.
What's more insidious than just tracking people through the store is that the beacons can collect the bluetooth IDs of the devices they've seen and send it off to advertisers, who can use the UUID to connect a person's offline shopping with the online advertising profile they've built up for the person.
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is.
I worked for a company about 18 years ago where we did just this. We also sold the technology to car dealerships who were very interested in our silent salesman stuff where you could tie interactions with your web campaign directly to the person walking past the dealership and preload the salesman with all their details.
Sure, stores use WiFi access points and BT to track MAC addresses and BT device IDs. Google does something similar with location and it provides in real time how busy a location is which I find super convenient. It’s a shame that shaping data into useful information also means it can weaponized.
> even medical devices constantly broadcast their presence
I mean yes, said medical devices are a whole lot less useful to me if they are not transmitting data. For some of this stuff you can't have your cake and eat it too.
I am personally aware that Washington DC, same areas of Maryland, Virginia and Delaware have been tracking car Bluetooth (and EZ-Pass) for decades for "traffic management". The more BT detected the heavier tracking. The longer time between detectors for the unique BT/EZ-Pass, the slower the traffic. Adjust traffic lights down the road to improve traffic flow. (when I write Ez-Pass, i mean the toll transponder, but not detected by a toll booths or overhead arches.)
Tangential, sort of: in the early days of mobile phones for the masses, when there was no WiFi/3G in the underground, I will often enable Bluetooth in my phone, look for nearby devices and try to match names and looks.
That was before everyone had their "John's IPhone" or "Samsung A55" boring names everywhere and some of us cared to personalise our device's name.
2006, sat in a job interview. Interviewer says he'll Bluetooth over a file to me - what's by phone's name?
2006, the year that Tool's 10,000 Days had been released, which I was enjoying and, being a bit of an Edge Lord, I'd named my device after a lyric from Vicarious - which, IIRC fit perfectly into the name space and made me very happy:
What I remember is that you could push OBEX calendar objects without much refusal from the phones and make people have alarms ringing at 3am, fun times!
Yeah, but it stopped pretty soon stores figured out that they could flood you with advertisements over Bluetooth. In some places it was bad enough that I had to turn off Bluetooth.
When I set up my iPhone and it asked who's iPhone it is, I thought it would be funny to put in Kim Jong Un. Now it shows up as "Kim Jong Un's iPhone" when I enable my hotspot. Or even better, it says it out loud when I connect to some Bluetooth speakers.
It was interesting to see what people named stuff as even back then I figured you could use that metadata for tracking devices...but even more interesting was looking at the Mac address to see the manufacturer and try and find some rare or cool device.
Introducing the „are they home“ device to assist burglars. Just slap that miniature device somewhere non-suspicious on the place of your potential marks and let it run for the battery life of 7 days. Afterwards you collect it and know movements patterns.
Features automatic notifications if no movement detected for more than two days.
This is not very different from collecting visual cues. You can notice a delivery van arriving. You can see the driver's face, same with passers-by. The biggest difference is that a camera needs to be more conspicuous, while a BT receiver can be invisible and undetectable. Much cheaper, too.
I have an ESP32 Cam in front of me right now. I think I paid maybe 8 bucks for it. If I wanted to, I could very easily hide the tiny camera in my front door, and use it to both collect bluetooth and wifi metadata (including MAC addresses) and correlate images/faces to MAC addresses when people pass by close enough so that I can identify them later from longer range wifi/ble detections.
(I actually do plan to install this at my front door, but aimed mainly to detect when a deliver/parcel in on my doorstep, and I don't (yet?) plan on sniffing bluetooth/wifi with it)
Ring: thank you for the idea, "Introducing Ring Face-Off, face masks covering faces during a break-in is no an issue for Ring, we will track the thieves until they reveal their face to our Ring network."
For immediate release: BLE N95 Facemasks Inc (YCombinator Summer 2025) is proud to come out of stealth mode and announce our acquisition by Ring. This follows a major private angel investment by Palintir with a post money valuation of $500 million.
Bluetooth, Wi-Fi, even things like tire pressure sensors... they were designed primarily for convenience and interoperability, not adversarial environments. Now we're retrofitting privacy onto systems that were never really built with that as a first principle
Bluetooth desperately needs mac randomization. Wifi mac randomization is welcome, but it doesn't do much when many (most?) people have bluetooth accessories broadcasting a persistent identifier whenever they're on.
Bluetooth already has a well developed MAC randomization scheme.
Lookup "resolvable private address". The short of it is, your phone can find your headphones or vice-versa, despite one or both having random addresses. The addresses can be regenerated or rotate at an interval (say 15 minutes). The first part of the address is a nonce (pRand), and the rest of the address is a 24-bit hash of pRand with an identity resolving key (IRK). So the other party just listens passively for addresses, and sees if any of them happen to have the right hash.
I don't think this is as airtight as people think it is. Certainly, if you are following somebody and one address disappears right as another appears (rotation), it's quite easy to infer the new/old addresses belong to one device. I tried briefly to convince the Android developers to synchronize that rotation globally.
You can also probably infer that if you see a pair of random MACs arrive, and they have a certain pattern of timing and payload size, you can say with some certainty that they are particular devices, say an iPhone and an Apple Watch. But that requires sophisticated equipment since most Bluetooth LE communication is over a non-cryptographic frequency hopping arrangement.
Lastly, radio fingerprinting is widely known in academia, but requires special equipment.
About 10 years ago i had HomeAssistant running and thacking my bluetooth devices. It does so per default by jus memorizing a mac adress an recording when it's visible and when not. No need for pairing or anythung. It also stores the custom name if available.
Anyway, the default dashboard also automatically generated a view when my neighbours "Katie's iPhone' was at home and when not, until I actively deleted it and the data it stored.
Within the past two years, I began leaving BT turned off on all of my devices unless I needed it. It means that I need to pause a moment to turn it on when I get in the car, use my headphones/airpods, or other BT devices.
For me, it's worth the extra trouble because I noticed a significant reduction in battery life on my mobile devices. The reduction coincided with the rollout of Apple's "Find My" service, which was followed by Google's "Find Hub" service. (I have devices in both ecosystems.)
I wish there was a separate way to opt out of the "Find" services, but AFAIK, even if you opt out, your device may still relay traffic from other nearby devices. So it seems that the only way to preserve device battery life is to just shut off the BT.
> I began leaving BT turned off on all of my devices unless I needed it
i've been doing that since the inception of BT being available on my devices. I'm just surprised at so many people's cavalier attitude to security and privacy. And then later, it is too late to reverse course.
Years ago I was interested to discover that my local road authority uses Bluetooth tracking of drivers to monitor traffic speed on certain major roads. Detect a particular Bluetooth ID at one point, pick it up again 2km down the road, you know how fast the traffic is going. Pretty useful for getting an immediate alert if traffic speed suddenly plummets.
Heard a talk in Paris about a guy who "war drove" around town using a higher layer Mobile IP ap which could sweep up open SSID, connect, and (ab)use the bandwidth to maintain a link "above" it (I guess like an agile VPN)
he was getting 100mbit class speeds routinely. Also patches of nothing, but it was interesting. That was over 5 years ago.
I read an article in 2012 about the feds (DHS?) placing Bluetooth enabled devices along I5 in Seattle. They were able to make profiles of people based on what Bluetooth devices they had in their cars. Is anyone familiar with this? I've periodically tried to Google it and can't find anything about it
I remember an art exhibit by an online privacy activist made where it’d ping people’s phones to get a list of “known WiFi networks” and then display them on a screen in a room.
Each person would get a unique fingerprint of named network locations
Possible, but they buy data from the carriers with similar profile possibilities. The DEA operates long standing and pervasive surveillance in “drug corridors” like I-95 from Maine to Miami. They do things like LPR and grabbing passenger pictures.
If Bluetooth is used, it may be a way to get a count of passengers or if the passengers change. I know based on newspaper accounts that they are particularly interested in cars that stop in Philly or Baltimore.
This stuff is frequently used against cops too so they may use the tech in similar ways. If you’re someone worried about getting raided, spotting a large number of new signals at the front door is an early warning potentially.
Parisians Métro 's ads screen are equiped with BT scanner, with a hidden sticker on the side to link you with a qrcode to a RGPD output website, where you have to log your private data to register your devices to be not scanned...
I suspect the e-scooters left around town (Lime, Bird, etc) are massive Bluetooth / LoRa dragnets. You pay them to increase coverage or visibility to social hot spots.
There is a startup (in Stuttgart i believe?) that adds camera ms to these scooters.. this is 100% illegal (and I think the ccc is filing lawsuits?). Some of the earlier Tier model scooters even had a dedicated space for a camera in their head tubes.
Over a decade ago, I already saw a music festival using Bluetooth tracking to monitor crowd movements [0]. There's an assumption that people just leave their Bluetooth on out of convenience.
I second that. This website, including its look and layout, appears to be a copy of some more prominent indieweb ones that have been frequently featured here, filled with what seems to be almost entirely copied and/or LLM generated content.
This gives me a homebrew project idea - to create something portable that would allow me to sniff Bluetooth devices on my daily train commute into the office.
Has anyone done this or can give me ideas where to start?
I can assure you this has been talked about and is known and it's why you still find a headset port on devices handed out to government officials, though most of them ignore the advice to not use bluetooth.
In my experience, just fine. I recently ran a large (~30k) marathon and my AirPods and watch never glitched once, streaming the whole time including in the packed start corrals. I had the same thought about RF contention, but Bluetooth didn't seem to care.
ran something similar on a home network once and was surprised how many of my neighbors' devices showed up with full manufacturer names and model numbers. you don't even need to try hard.
Something about them saying they use Proton pass so they don't need to have secrets in pipelines as an example of being into privacy rubbed me the wrong way
Yes, I was surprised there would be enough to go on with the MAC addresses rotating and I had assumed the UUID would too, but it sounds like there's enough to go on to identify targets.
I am fucking sick of seeing this everywhere. I gave this article a benefit of the doubt until:
> Bluehood isn’t a hacking tool. It’s an educational demonstration of what’s possible with commodity hardware and a bit of patience.
> This isn’t about paranoia. It’s about understanding the trade-offs we make when we leave wireless radios enabled on our devices.
This LLM spam needs to end. Tons of people on HN got tired of this, and it often shows in the comments. Let's maybe start adding [LLM] to the titles of AI generated submissions?
Somewhat related - I've been working on a design using Nordic's NRF52840 SOC for work; Intensely focusing for the past few weeks on antenna tuning for maximum BLE range.
Part of the testing involves using the 'nRF Connect' app, which lists all nearby Bluetooth devices, plots signal strengths, and allows for some rudimentary communication. It doesn't seem to be Nordic-specific.
I'd frequently leave the app open scanning during development late in the evening, and rarely, an unidentified Bluetooth LE device would pop up for a few minutes then disappear.
Turns out it was my dad's pacemaker, which sends telemetry via Bluetooth to a 4G gateway they gave him (this only happens after he lies down with little movement apparently).
This prompted me to look into pacemakers and deactivation after death of course. I wish I hadn't, it turns out they leave it in the corpse unless it's scheduled for cremation.
Because of the aforementioned research, and the open field tests I was performing, it somehow devolved into me having a nightmare where I was RF testing at a graveyard, and the app suddenly displaying a bunch of pacemakers underground.
...I really hope this isn't possible - The signal through 6ft of dirt and concrete would be marginal but still detectable.
trashb|13 days ago
I guess anything you send out can be used to profile you.
Some of my friends live on a farm near a semi busy road, however far enough from other farms to not be able to receive their wifi. They showed me their router logging all the wifi accesspoints that appear/disappear. There where A LOT of access points named "Audi", "BMW", "Tesla" etc. similar to those devices leaking bluetooth data. We had a discussion that it would be easy to determine who was passing by at what times due to these especially when you can "de-anonymize" the data for example link it to a numberplate.
I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
luma|13 days ago
officeplant|13 days ago
That's one of the funniest things about wardriving with Wigle on your phone. I can often see the SSID of "Jennifer's Equinox", "Jacks Suburban" right after I get cut off by someone in said vehicle. The vast majority of car bluetooth/wifi I see tends to have varying amounts of identifying information. It's almost as bad as the fact that apple still defaults to Jacks iPhone/iPad etc with no option to rename the device until you've finished setting it up.
Companies are not out to protect us with default settings and the majority of users need to wake up to this fact.
Fnoord|13 days ago
I used it in train stations, and get hits when passing highways via train or bus. Esp. fun if you stand still due to traffic lights or traffic jam, since you can try to get a visual.
The only lesson to be learned here is that it allowed one to learn in 2019 Musk is overrated. But you can also learn that lesson from the book The PayPal Wars which predates this by 15 years.
> I believe shopping malls often use such signals (wifi, bluetooth) to track what your travel pattern through the mall is. They know what section of the store you spend most of your time in and what storefronts you stall at.
Not allowed in EU.
[1] https://www.teslaradar.com/
jasonfrost|13 days ago
jorvi|13 days ago
In the EU this is forbidden unless they explicitly ask your permission. They can still gather aggregate stats but they cannot build a profile on you.
tskulbru|13 days ago
Yes, I remember Cisco had a product like this all the way back in 2011. They could pinpoint a customer to an exact position inside a store using triangulation, they would know which shelf you spent time in front of etc. In the 15 years since then, I expect the technology is much scarier and intrusive.
SoftTalker|13 days ago
Edit: iOS
scottlamb|13 days ago
You could also read the numberplate directly with OpenALPR. It can be finicky to set up a camera to do this reliably in all conditions (particularly at night and high speed) but once done you could detect any car passing, not just ones with wifi access points.
When the law requires us to have numberplates, I think this just has to be considered public information for anyone who is nearby or can leave a camera nearby. It's not ideal to leak it in additional forms that might be easier for people to grab (say, with an ESP32), but it's a matter of degree rather than of kind.
But yeah, I'm with you on some of these others, particularly the medical devices. That's not great.
wolvoleo|13 days ago
They do but most phones rotate the mac adress these days. So while they can still track you through the store (sadly) they don't have the ability to track your recurring visits.
I wish phones had the option to constantly spam broadcasts with random MAC ids. That would make the practice useless.
chasil|13 days ago
There is also a Bluetooth shutoff app on F-Droid.
https://f-droid.org/en/packages/com.mystro256.autooffbluetoo...
I have also put an Airtag clone in my car (Loshall in iOS mode). That is probably leaking my arrival times. My water meter is also now bluetooth.
bryanrasmussen|13 days ago
hmm, I wonder if there is anything about using this to combat shoplifting... short google later, seems there is, but mostly everything I'm finding is just brochures and breathless corporate announcements.
found this uni project https://capstone.cse.msu.edu/2020-01/projects/meijer/
jlarocco|12 days ago
What's more insidious than just tracking people through the store is that the beacons can collect the bluetooth IDs of the devices they've seen and send it off to advertisers, who can use the UUID to connect a person's offline shopping with the online advertising profile they've built up for the person.
autoexec|13 days ago
Many places do this. The department stores in the mall, target, even grocery stores do it.
King-Aaron|13 days ago
I worked for a company about 18 years ago where we did just this. We also sold the technology to car dealerships who were very interested in our silent salesman stuff where you could tie interactions with your web campaign directly to the person walking past the dealership and preload the salesman with all their details.
Grubby stuff nearly two decades ago.
KolibriFly|12 days ago
voidmain0001|13 days ago
pixl97|13 days ago
I mean yes, said medical devices are a whole lot less useful to me if they are not transmitting data. For some of this stuff you can't have your cake and eat it too.
NoSalt|12 days ago
> "But here’s the thing: even if you have nothing to hide, you’re still giving away information you probably don’t intend to."
Whenever I see talk like this, I always like to post this quote that not only still rings true, but rings even louder today.
> "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."
~ Cardinal Richelieu (Cardinal and former Secretary of State for Foreign Affairs of France)
WaitWaitWha|13 days ago
TheSilva|13 days ago
That was before everyone had their "John's IPhone" or "Samsung A55" boring names everywhere and some of us cared to personalise our device's name.
Anyone else played this game?
herghost|13 days ago
2006, sat in a job interview. Interviewer says he'll Bluetooth over a file to me - what's by phone's name?
2006, the year that Tool's 10,000 Days had been released, which I was enjoying and, being a bit of an Edge Lord, I'd named my device after a lyric from Vicarious - which, IIRC fit perfectly into the name space and made me very happy:
> ILikeToWatchThingsDie
Excellent. Still got the job though!
jjkaczor|13 days ago
"[Agency-acronym] Surveillance Van #43/44/etc.."
mytailorisrich|13 days ago
fer|13 days ago
oarla|13 days ago
styfle|13 days ago
https://en.wikipedia.org/wiki/Bluejacking
keraf|12 days ago
tonetegeatinst|13 days ago
It was interesting to see what people named stuff as even back then I figured you could use that metadata for tracking devices...but even more interesting was looking at the Mac address to see the manufacturer and try and find some rare or cool device.
moontear|13 days ago
Features automatic notifications if no movement detected for more than two days.
KolibriFly|12 days ago
nine_k|13 days ago
bigiain|13 days ago
(I actually do plan to install this at my front door, but aimed mainly to detect when a deliver/parcel in on my doorstep, and I don't (yet?) plan on sniffing bluetooth/wifi with it)
dalemhurley|13 days ago
bigiain|13 days ago
KolibriFly|12 days ago
gruez|13 days ago
avidiax|13 days ago
Bluetooth already has a well developed MAC randomization scheme.
Lookup "resolvable private address". The short of it is, your phone can find your headphones or vice-versa, despite one or both having random addresses. The addresses can be regenerated or rotate at an interval (say 15 minutes). The first part of the address is a nonce (pRand), and the rest of the address is a 24-bit hash of pRand with an identity resolving key (IRK). So the other party just listens passively for addresses, and sees if any of them happen to have the right hash.
I don't think this is as airtight as people think it is. Certainly, if you are following somebody and one address disappears right as another appears (rotation), it's quite easy to infer the new/old addresses belong to one device. I tried briefly to convince the Android developers to synchronize that rotation globally.
You can also probably infer that if you see a pair of random MACs arrive, and they have a certain pattern of timing and payload size, you can say with some certainty that they are particular devices, say an iPhone and an Apple Watch. But that requires sophisticated equipment since most Bluetooth LE communication is over a non-cryptographic frequency hopping arrangement.
Lastly, radio fingerprinting is widely known in academia, but requires special equipment.
neilalexander|13 days ago
jeena|13 days ago
Anyway, the default dashboard also automatically generated a view when my neighbours "Katie's iPhone' was at home and when not, until I actively deleted it and the data it stored.
avel|13 days ago
https://www.reddit.com/r/homeassistant/comments/1306pcw/home...
anonymousiam|13 days ago
For me, it's worth the extra trouble because I noticed a significant reduction in battery life on my mobile devices. The reduction coincided with the rollout of Apple's "Find My" service, which was followed by Google's "Find Hub" service. (I have devices in both ecosystems.)
I wish there was a separate way to opt out of the "Find" services, but AFAIK, even if you opt out, your device may still relay traffic from other nearby devices. So it seems that the only way to preserve device battery life is to just shut off the BT.
chii|13 days ago
i've been doing that since the inception of BT being available on my devices. I'm just surprised at so many people's cavalier attitude to security and privacy. And then later, it is too late to reverse course.
RockRobotRock|13 days ago
stingraycharles|12 days ago
head explodes
do these people writing these blog posts not recognize just how super bad their blog posts look with this slop?
cadamsdotcom|13 days ago
Even wilder would be to buy data on you in real time and display that.
supertrope|13 days ago
unknown|12 days ago
[deleted]
stevage|13 days ago
ggm|13 days ago
he was getting 100mbit class speeds routinely. Also patches of nothing, but it was interesting. That was over 5 years ago.
bpoyner|13 days ago
zoklet-enjoyer|13 days ago
parpfish|13 days ago
Each person would get a unique fingerprint of named network locations
Spooky23|13 days ago
If Bluetooth is used, it may be a way to get a count of passengers or if the passengers change. I know based on newspaper accounts that they are particularly interested in cars that stop in Philly or Baltimore.
This stuff is frequently used against cops too so they may use the tech in similar ways. If you’re someone worried about getting raided, spotting a large number of new signals at the front door is an early warning potentially.
coldbrewed|13 days ago
angus-g|13 days ago
post_break|13 days ago
cm-t|12 days ago
What a world to be alive..
webdoodle|13 days ago
HNisCIS|13 days ago
ifh-hn|13 days ago
RamRodification|13 days ago
jjbiotech|13 days ago
thenthenthen|13 days ago
hammock|13 days ago
keraf|12 days ago
[0] https://actu.epfl.ch/news/using-bluetooth-to-track-crowds-at...
haberlerm|13 days ago
catsquirrel28|13 days ago
> Bluetooth mesh networks—no internet required, no servers, no phone numbers
LLM slop. Both the article and the Python script
the-anarchist|13 days ago
f0r3st|13 days ago
electrosphere|12 days ago
Has anyone done this or can give me ideas where to start?
bigbuppo|13 days ago
ck2|13 days ago
Like a marathon mass-start with 10,000 sometimes 20,000 or more people
How does bluetooth handle that? Or it doesn't?
username_here|13 days ago
supertrope|13 days ago
kevincloudsec|13 days ago
wolvoleo|13 days ago
dwedge|13 days ago
rsync|13 days ago
Is there a simple CLI interface that can be redirected or pipelined into other tools ?
kccqzy|13 days ago
0xdeadbeefbabe|13 days ago
nmstoker|13 days ago
unknown|13 days ago
[deleted]
efilife|13 days ago
> Bluehood isn’t a hacking tool. It’s an educational demonstration of what’s possible with commodity hardware and a bit of patience.
> This isn’t about paranoia. It’s about understanding the trade-offs we make when we leave wireless radios enabled on our devices.
This LLM spam needs to end. Tons of people on HN got tired of this, and it often shows in the comments. Let's maybe start adding [LLM] to the titles of AI generated submissions?
farkanoid|13 days ago
Part of the testing involves using the 'nRF Connect' app, which lists all nearby Bluetooth devices, plots signal strengths, and allows for some rudimentary communication. It doesn't seem to be Nordic-specific.
I'd frequently leave the app open scanning during development late in the evening, and rarely, an unidentified Bluetooth LE device would pop up for a few minutes then disappear.
Turns out it was my dad's pacemaker, which sends telemetry via Bluetooth to a 4G gateway they gave him (this only happens after he lies down with little movement apparently).
This prompted me to look into pacemakers and deactivation after death of course. I wish I hadn't, it turns out they leave it in the corpse unless it's scheduled for cremation.
Because of the aforementioned research, and the open field tests I was performing, it somehow devolved into me having a nightmare where I was RF testing at a graveyard, and the app suddenly displaying a bunch of pacemakers underground.
...I really hope this isn't possible - The signal through 6ft of dirt and concrete would be marginal but still detectable.
Footprint0521|12 days ago
Also super random question but would you happen to have any idea/advice on how to get a Raytac MDBT50Q-CX Nordic nRF52840 Dongle (https://www.amazon.com/gp/product/B0DP6MVDZQ) flashed with ButteRFly (https://github.com/whad-team/butterfly)?
I got it flashed through nrfutil with sniffer and sweyntooth, but butterfly has not been working no matter what I try and do…
Thanks for even taking the time to read this :)
dncornholio|12 days ago
fennec-posix|13 days ago
SUDEEPSD25|12 days ago
clarabennett26|13 days ago
[deleted]
thenthenthen|13 days ago
kittbuilds|12 days ago
[deleted]