Regular reminder - Participating in social #protest? Have your mobile devices switched off, in airplane mode or leave them at home to avoid being caught in dragnet #surveillance.
Keep them off on - the complete journey - before and after. If you must use your mobile, be diligent in your efforts to protect your #privacy:
- Encrypt your device
- Have it pin-locked
- Disable #biometric logons
- Disable #Bluetooth
- Disable location services
Week 11 of the #Privacy Roundup is out. Featuring:
- Data broker bragging about having personal information of billions of people
- How the ESP32 #Bluetooth backdoor isn't a backdoor
- North Korean government APTs spreading #malware on #Google play, #npm
- An ICE OSINT Tool that can monitor 200+ websites of a target
- #Apple patching an exploited zero-day in WebKit
- #Microsoft Patch Tuesday, 6 exploited zero-days
... and more, of course.
I’m aware it's pretty early in the technology cycle to ask this…
I’m looking for #Bluetooth LE Audio, #Auracast capable transmitters with audio input via XLR, ¼″/6.3mm or 3.5mm audio jack.
My (special) requirement would be to have < 10ms of latency, for live performances. The lower latency the better!
I’d like to explicitly support (modern) hearing aids, and headphones/earbuds.
15m range should be OK, for a roughly 100m² room.
Any hints on products available in the EU are welcome!
#AskFedi
I gave in. I bought this.
Wired headphones are a cable mess. In ear headphones never fit my ears.
Introducing: a bone conduction headphone.
I didn't believe this would work but it's forking amazing.
For those who are curious: https://shokz.com/products/openrun
And yes, they're not cheap.
10/10
I won’t argue with results. It works & I love it, but why does it work?
Even though it supports HID it is still transmitting it over #Bluetooth LE and should not be compatible with a Classic Bluetooth #PDA. Whats going on here?
Looking up only the second line from the chip give us a different Cypress data sheet that lists Bluetooth 3.0!
Does this #Keyboard have a 2 in 1 chip? Both Classic and BLE for ultimate compatibility?
https://mm.digikey.com/Volume0/opasdata/d220001/medias/docus/752/CYW20730_RevJ_4-25-17.pdf
#WindowsMobile #PocketPC #Palm
9/10
These keyboards have been manufactured for years under different names. It’s also used a variety of different #Bluetooth chips over the years.
Whatever chip we have here, we struck gold!
It appears we have a Cypress CYW20730 chip. The data sheet confirms it’s a 5.1 BLE chip that supports HID profile 1.1.
8/10
I can’t believe it! Goal achieved.
The Arteck is a new easily obtainable & affordable #Keyboard. It connects to every persistent #WindowsMobile #PocketPC device that I tested! It’s driverless and the layout is almost perfect for it’s size. It’s also backlit!
I’m confused though. It’s #Bluetooth LE 5.1 and should not work with these Bluetooth Classic 1.2 and 2.0 devices. Whats going on here?
Lets crack it open and take a look.
7/10
Now the best for last! The Arteck HB030B #Bluetooth #Keyboard.
This is a cheap keyboard that you can still find new. It has a chiclet design, is backlit & doesn’t compromise much on the layout other than messing a bit with the Alt, Ctrl and Windows key button arrangement.
Amazingly this Bluetooth 5.1 keyboard connects to all of my iPaqs (111, 210, HX2495, HX2795b) & my #Dell Axim X51V using Passkey 1234!
6/10
This is the #Ipad Kensington Key Folio Pro K39357US.
This #Bluetooth chiclet #Keyboard is fantastic! It is sleek, responsive and feels modern. It also has a decent layout and doesn’t forget the right shift key like the previous Key Folio.
Once again it effortlessly connected to all of my iPaqs (111, 210, HX2495, HX2795b) and surprisingly also connected to my #Dell Axim X51V using Passkey 1234!
5/10
Next up is the #Ipad Kensington Key Folio K39294.
It’s a #Bluetooth 2.0 spill proof rubber covered #Keyboard that drove me crazy due to the right shift key being absent. LOL.
It’s connectivity was identical to the Freedom Pro. It easily connected to all of my iPaqs (111, 210, HX2495, HX2795b) and unfortunately refused to connect to any of my #Dell Axim X50 and X51 series.
4/10
First up is the Freedom Pro #Bluetooth #Keyboard.
This keyboard folds in half and has a slide out removable stand for your #PDA.
I didn’t like it. It was probably decent for the time but we can do much better these days.
Regardless, it easily connected to all of my iPaqs (111, 210, HX2495, HX2795b) and unfortunately refused to connect to any of my #Dell Axim X50 and X51 series.
3/10
It was already going to take some luck to get great compatibility with a random #Keyboard but I also had another goal; the #Bluetooth keyboard needed to run under the HID profile so no driver installation would be necessary.
The dream is to get a new keyboard, connect over Bluetooth and just start typing!
I began researching and securing a variety of keyboards to try & focused my testing on persistent #WindowsMobile 5.0+ devices
2/10
Unfortunately after talking with people & reading up on the #Bluetooth protocol I learned that Bluetooth Classic (1, 2, & 3) is not compatible with the current Bluetooth LE (4, 5, etc.). I had no idea!
A new keyboard seemed doubtful and everyone I talked to suggested buying an old expensive #PocketPC or #PDA #Keyboard but then I got a great suggestion; get an old #Ipad keyboard.
Those are plentiful and cheap!
1/10
Those who have followed me for a while know my obsession with #RetroTech. After my #Palm TX bit the dust, I took the opportunity to jump into the world of #PocketPC.
I wrote several tutorials in the past and recently turned my focused to finding a new #Bluetooth #Keyboard that would be compatible with them. There were some made back when these devices were new but there had to be a better, current solution.
I once found a fun geocache. The guy had broken into a public lamppost and hooked a cheap #cellphone up to the power wire, then replaced the lamppost cover. You got the coordinates for the lamppost. The phone broadcast a #bluetooth access point named with the coordinates of the cache!
Undocumented commands found in #Bluetooth chip used by a billion devices
People always ask me why I #blacklist my #bluetooth kernel #modules… well… xD
https://cyberinsider.com/hidden-commands-discovered-in-bluetooth-chip-used-1-billion-devices/
Finally I have #Telegram Desktop on #FreeBSD. This unlike #Bluetooth was only a matter of installing the package.
Yikes, from an article that contains a lot more detail, but just to get your attention as to the impact part:
«The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks.
The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence.
…
"Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls."
The researchers warned that ESP32 is one of the world's most widely used chips for Wi-Fi + Bluetooth connectivity in IoT (Internet of Things) devices, so the risk is significant.»
People worried about this topic might also "enjoy" the recent Netflix series Zero Day.
And not to get too far afield, but hopefully it also didn't escape notice that there have been broad firings of qualified people in the US government for reasons related not to their technical skill or ability to protect our nation from issues like this, but because of irrelevant details of their private lives or personal leanings on issues of having fair and competent government, helping the needy, defending individual human freedom and dignity, or avoiding mass death in myriad ever-more-likely ways.
new research dropped on how any Bluetooth device can be turned into an AirTag and used to track people's movements
https://nroottag.github.io/
this is really fascinating vulnerability: using a malicious software to collect BLE advertising addr. & force device into sending AirTag-like messages - and Apple devices nearby upload reports to Apple Cloud that can be retrieved
best part is the fix is effective only as long as the surrounding devices are fixed too!
