(Above link with skipped Paywall)
Summary by Andi:
A teenage hacker named Reynaldo Vasquez-Garcia discovered that the Halo 3C vape detector, which looks like a standard smoke detector in school bathrooms, contained hidden microphones and security flaws that allowed it to be turned into a secret listening device[1].
Working with another hacker known as “Nyx,” Vasquez-Garcia found the device could be hacked by exploiting weak password controls and firmware update vulnerabilities. Once compromised, attackers could use it to eavesdrop on conversations in real-time, disable its detection capabilities, create fake alerts, or play audio through its speaker[1:1].
The researchers revealed these findings at the 2025 Defcon hacker conference, demonstrating how any hacker on the same network could hijack a Halo 3C by brute-forcing passwords at 3,000 attempts per minute. The device’s firmware could also be modified since its encryption key was publicly available in updates on the manufacturer’s website[1:2].
Motorola, which owns the Halo 3C’s manufacturer IPVideo Corporation, said it developed a firmware update to address the security flaws. However, the researchers argue this doesn’t solve the fundamental privacy concern of having microphone-equipped devices installed in sensitive locations like school bathrooms and public housing[1:3].
It’s in the article. I’d cause so many false positives for ‘aggression’ when taking a shit. My God this is terrible
Does it report you talking shit about the local government to the authorities? At this point, it doesn’t seem that far-fetched.
I doubt they built it with the processing power for that when the audio picked up from a large number of these placed throughout the building can all be routed to a central server with the power to follow people around and maintain audio contact wherever they go.