this post was submitted on 26 May 2024
3 points (100.0% liked)

196

16566 readers
2227 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 

00:25:DF:*

top 21 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 6 months ago (1 children)

This is cyberpunk as hell, and awesome.

Unfortunately apple does not expose mac addresses to apps, so iPhone users can’t do it :(

[–] [email protected] 1 points 6 months ago (2 children)

Is there anything iphones can do besides scroll social media? Every time I hear about some cool new capability of phones this caveat is always present.

[–] [email protected] 1 points 6 months ago

Complain about how blurry their 60 second video came through and blame it on android. I constantly explain how iMessage isn't texting, but there are plenty of ways to get the same abilities.

[–] [email protected] 0 points 5 months ago (1 children)

And rightfully so. Corporations will find every conceivable way to track you and no API will be left unused, including tracking MAC addresses of bluetooth devices around you, which is a relatively easy one.
However, you can absolutely allow an app to access that API so it can scan for those MACs.
Funny thing, as soon as the API is locked down and presented as an option to the user, companies stop using it since nobody wants to give bluetooth access to i.e. Facebook.

[–] [email protected] 1 points 5 months ago

Maybe it's just a graphene thing, but BLE capabilities are granted on a per-app basis on my phone.

[–] [email protected] 1 points 6 months ago (1 children)

Unfortunately, this requires your local police department to have the latest axon gear… I’ve actively sat down and listened for signals near my local police and didn’t spot any advertising beacons

[–] [email protected] 1 points 6 months ago

advertising bacons

[–] [email protected] 1 points 6 months ago

@ackshewally There's also D4:2D:C5 for i-PRO & a bunch for Motorola Solutions Inc. (different child company from Motorola, seems to make police hardware). Does anyone know any more OUIs? There are a few other Bluetooth police hardware manufacturers I've found that don't seem to have OUIs.

Also, does using an asterisk like that work? I've been using a regex for it & I would like to turn it into that to make it more readable.

I wish there was something better than BLE Radar for this that could search for things other than just MAC addresses & preset manufacturers.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago) (1 children)

I too would like to know how to make a hog finder

Edit: Okay I think I figured it out. Using an app called BLE Radar (F-Droid Link and Google Play link) you can scan nearby Bluetooth devices passively. You can use the app to setup filters to send notifications when specific devices or addresses are nearby.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

Yup, that's it. BLE Radar is the best app I've found so far. Someone go make a PR for playing a sound when a profile matches though...

Tasers, bodycams and holsters among other things made by Taser are constantly spamming advertising packets over BLE in order to be able to link to each other quickly (ie if a taser or gun is drawn, turn on the body cam). These devices are almost all made by one company and per the Bluetooth specification, the manufacturer ID is the first three bytes of the device ID, 00:25:DF: the address for Axon International Torture Devices.

Credit to Nullagent/rfparty for discovering the vulnerability. https://www.engadget.com/how-hackers-are-using-bluetooth-to-track-police-activity-140012717.html

A couple notes in practice: without dedicated hardware BLE advertising packets are very random, your phone can only sense one of the three advertising channels at once and it rotates though them. Additionally local band conditions (how many innocuous BLE devices are also around, WiFi, unrelated ISM stuff, other factors) can change sensitivity. BLE is a chaotic spammy protocol that likes to shout over itself. As a result, detections can happen the instant someone gets within ~100m of you, or they may not be detected for several seconds. Some departments may not even use Axon hardware at all, though the majority seem to. You may be able to use the WiGLE database to get a sense for your locale, but I haven't dug into that yet.

Further research: This has a lot of potential for protest/protected first amendment activities. As stated, the ability to cue an audio alert. Apps that can trigger audio/video recording when cops are very close (high RSSI). Apps that can alert a friend that lots of cops are very close and the user is unable to halt a countdown. Apps that can wipe/lock/turn off a phone if lots of cops are very close or around for an extended period of time (in custody).

[–] [email protected] 1 points 6 months ago

This is why I'm on Lemmy

[–] [email protected] 0 points 6 months ago (1 children)

interesting.

i wrote some scripts that runs airodump ng, then clean the csv, send all beacons with timestamp to a database. this helped me to collect mac adresses for some time now and allows me to have alerts if neighbours are back from vacation (e.g. using home assistant i get notifications ob androidTV)

i did not go for bluetooth because espresence for homeassistant does that out of the box. https://espresense.com/

[–] [email protected] 1 points 6 months ago (1 children)

Curious as to why you want to know when your neighbours are back? Or actually the benefit of collecting MAC addresses in general.

[–] [email protected] 1 points 6 months ago

Borrowed their pool.

[–] [email protected] 0 points 6 months ago (1 children)

Wait could I theoretically go to a UK police station or somewhere with a lot of police and pick up their MAC addresses.

Then if I were to be involved in some direct action I could get alerts that the police are nearby?

If so what device do I need to do this mobile? Like a laptop? Or one of those little orange hacker tools which the name is escapes me right now.

[–] [email protected] 0 points 6 months ago (1 children)
[–] [email protected] 0 points 6 months ago* (last edited 6 months ago) (1 children)

That’s it. Gone I’m getting old. Flipper Zero init.

Do you have one? I’ve been interested for a minute but not sure if I can loads of fun with it.

I’d be interested in using it to affect digital billboards or taking direct action against companies I don’t think have a moral backbone.

[–] [email protected] 0 points 6 months ago* (last edited 6 months ago) (1 children)

While flipper is very versatile, it's pretty weak compared to dedicated devices with proper antennas for the signal type you're looking at.

[–] [email protected] 0 points 6 months ago (1 children)

Thanks that helps me make the choice.

I do already have some decent antennas from the last time I was playing around with Kali and Airpdump ng so I’ll get into some studying.

Thanks.

[–] [email protected] 0 points 6 months ago (1 children)

I looked into maybe getting a flipper a while back and decided the hackRF would be the way to go. I never got either, but from what I was reading, hackRF let's you do all the things people who own flippers wish the flipper did.

[–] [email protected] 1 points 6 months ago

Yeah I think GhostStrats on YouTube did an episode on his toolkit and the HackRF was recommended.

What I really want to do is fuck with digital billboards. I have a hatred for adverts and more so in the real world lol.