(Above link with skipped Paywall)
Summary by Andi:
A teenage hacker named Reynaldo Vasquez-Garcia discovered that the Halo 3C vape detector, which looks like a standard smoke detector in school bathrooms, contained hidden microphones and security flaws that allowed it to be turned into a secret listening device[1].
Working with another hacker known as “Nyx,” Vasquez-Garcia found the device could be hacked by exploiting weak password controls and firmware update vulnerabilities. Once compromised, attackers could use it to eavesdrop on conversations in real-time, disable its detection capabilities, create fake alerts, or play audio through its speaker[1:1].
The researchers revealed these findings at the 2025 Defcon hacker conference, demonstrating how any hacker on the same network could hijack a Halo 3C by brute-forcing passwords at 3,000 attempts per minute. The device’s firmware could also be modified since its encryption key was publicly available in updates on the manufacturer’s website[1:2].
Motorola, which owns the Halo 3C’s manufacturer IPVideo Corporation, said it developed a firmware update to address the security flaws. However, the researchers argue this doesn’t solve the fundamental privacy concern of having microphone-equipped devices installed in sensitive locations like school bathrooms and public housing[1:3].
It is nice to have the smoke detector communicate out its status. I sure like to know when my house is on fire, even if I’m not home. And a notification about a battery being low is much nicer than incessant beeping.
None of this replaces the primary local, physical functionality. You don’t depend on technology for the thing to work; it’s just an addition.