re: AWS conference spyware device 

@bamfic pic3 might be an antenna?

probbly custommade for the conf

re: AWS conference spyware device 

@riking That square-wave looking thing is definitely an antenna; seen them in all kinds of devices. C and D pads look like "clock" and "data", possibly i2c. What I don't know is:

1) What microprocessor is it?
2) What frequency/band does it operate at?
3) What does it, like, *do*?

re: AWS conference spyware device 

@bamfic @riking @rey Immediate suspicion based on the package marking: a Nordic RF device. They make all sorts of microcontrollers that do wireless things. Mostly in the 2.4GHz ISM band.
Went looking, found this: twipu.com/cybergibbons/tweet/1
My bets are on BT-SMART (aka BLE) indoor positioning / location beacon stuff.

re: AWS conference spyware device 

@tbr @riking @rey Thanks! Though, we didn't see any of these come up in bluetooth scans on our phones.

re: AWS conference spyware device 

@tbr @rey @riking I'd love to figure out a way to get the software off of the damn thing, decompile it, and figure out what it's doing. It doesn't show up on bluetooth scans when it is powered up.

re: AWS conference spyware device 

@bamfic @rey @tbr BLE device detection is weirdly different from regular bluetooth - i think the host has to probe the device for it to wake up

re: AWS conference spyware device 

@riking @rey @tbr Aha, that was it: I got it to show up:

sudo hcitool lescan |sort |uniq AC:23:3F:52:24:C0 TurnoutNow

So it appears to be a “TurnoutNow” device.

re: AWS conference spyware device 

@bamfic @rey @tbr branding jibes with talk attendance measurement (what is turnout of that talk)

re: AWS conference spyware device 

@riking @rey @tbr Their marketing is bullshit tho: "there’s no way to validate this data other than a costly, hourly rate personnel scanning badges at every door." But they *did* have hourly rate personnel scanning badges at every door! And long lines to get in while they did that.
Follow

re: AWS conference spyware device 

@bamfic @riking @rey Maybe doing A/B comparison to verify the technology? Just guessing.
As to the BLE aspect, it's probably just going to show up as a beacon type device/endpoint. The rest is then happening on the location base station network. There are explicit protocol provisions to measure distance, although I think simple signal strength RSSI is still most popular. Anyway for enhanced accuracy it might use triangulation.
Dumping the device: SWD, if not RO.

· · Web · 1 · 0 · 1

re: AWS conference spyware device 

@tbr @riking @rey Thanks! I'm going to bring the device to the local hackerspace this weekend and let a friend have his way with the thing.
Sign in to participate in the conversation
Society of Trolls

A nice little Mastodon instance. Mild trolling encouraged (keep it local), but not required. Malicious behaviour is not tolerated. Follow Wheaton's law and you'll be fine.