You should financialize this by creating a prediction market around it.
Kickstarter is full of projects like this where every possible shortcut is taken to get to market. I’ve had some good success with a few Kickstarter projects but I’ve been very selective about which projects I support. More often than not I can identify when a team is in over their heads or think they’re just going to figure out the details later, after the money arrives.<p>For a period of time it was popular for the industrial designers I knew to try to launch their own Kickstarters. Their belief was that engineering was a commodity that they could hire out to the lowest bidder after they got the money. The product design and marketing (their specialty) was the real value. All of their projects either failed or cost them more money than they brought in because engineering was harder than they thought.<p>I think we’re in for another round of this now that LLMs give the impression that the software and firmware parts are basically free. All of those project ideas people had previously that were shelved because software is hard are getting another look from people who think they’re just going to prompt Claude until the product looks like it works.
I think you're right. And it's going to be loads of fun to watch.<p>Not go say there haven't also been very good coders who <i>weren't</i> outsourcing anything, who still got out over their skis with stuff they promised on Kickstarter. I worked on Star Citizen and saw the lure of inflating project scope, responding to the vox populi, go to someone's head in realtime. Where they could still at some point conceivably have done what they had promised if they could just resist promising more stuff.<p>I find it odd that industrial designers wouldn't have a firmer grasp on what was involved in shipping a product than coders do, since code seems much more prone to mission creep than a physical product would be. But I totally agree that if you're used to outsourcing the build phase of whatever you do, AI is going to be the ultimate mirage.
At this point, I trust LLMs to come up with something more secure than the cheapest engineering firm for hire.
"Anyone else out there vibe circuit-building?"<p><a href="https://xcancel.com/beneater/status/2012988790709928305" rel="nofollow">https://xcancel.com/beneater/status/2012988790709928305</a>
Is there more context to this? I'm assuming Ben is experimenting and demonstrating the danger of vibe circuit designing? Mostly because I know he has a ton of experience and I'd expect him to not make this mistake (also seems like he told the AI why it was wrong)
In <a href="https://quesma.com/blog/nano-banana-pro-intelligence-with-tools/" rel="nofollow">https://quesma.com/blog/nano-banana-pro-intelligence-with-to...</a> (Nov 2025) we had an illustrative diagram of using Nano Banana Pro to create a circuit diagram.
People make these mistakes too. Several times in my high school shop class kids shorted out 9V batteries trying to build circuits because they didn't understand how electronics work. At no point did our teacher stop them from doing so - on at least one occasion I unplugged one from a breadboard before it got too toasty to handle (and I was/am an electronics nublet). Similarly there was also a lot of hand-wringing about the Gemini pizza glue in a world where people do wacky stuff like cook fish in a dishwasher or defrost chicken overnight on the counter or put cooked steak on the same plate it was on when raw just a few minutes prior.<p>LLMs are just surfacing the fact that assessing and managing risk is an acquired, difficult-to-learn skill. Most people don't know what they don't know and fail to think about what might happen if they do something (correctly or otherwise) before they do it, let alone what they'd do if it goes wrong.
> Several times in my high school shop class kids shorted out 9V batteries trying to build circuits because they didn't understand how electronics work. At no point did our teacher stop them from doing so<p>Yes, and that's okay because the classroom is a learning environment. However, LLMs don't learn; a model that releases the magic smoke in this session will be happy to release it all over again next time.<p>> LLMs are just surfacing the fact that assessing and managing risk is an acquired, difficult-to-learn skill.<p>Which makes the problem worse, not better. If risk management is a difficult skill, then that means we can't extrapolate from 'easy' demonstrations of said skill to argue that an LLM is generally safe for more sensitive tasks.<p>Overall, it seems like LLMs have a long tail of failures. Even while their mean or median performance is good, they seem exponentially more likely than a similarly-competent human to advise something like `rm -rf /`. This is a deeply unintuitive behaviour, precisely because our 'human-like' intuition is engaged with resepct to the average/median skill.
Well said, but I'd add that LLMs are also surfacing the fact that there's a swathe of people out there who will treat the machines as more trustworthy than humans by default, and don't believe they need to do any assessment or risk management in the first place.
People are just lazy. It’s got nothing to do with LLMs having more trust because they’re a machine because most people would happily trust their friend over an expert. They’d trust the first blog post they find online over an expert. Most people are just too lazy and not skilled enough to perform independent review.<p>And to be fair to those people, coming to topics with a research mindset is genuinely hard and time consuming. So I can’t actually blame people for being lazy.<p>All LLMs do is provide an even easier way to “research”. But it’s not like people were disbelieving random Facebook posts, online scams, and word-of-mouth before LLMs.
As right as this may be, it elides the crucial difference between asking LLMs and all the other methods of asking questions you enumerated. The difference is not between the quality of information you might get from a friend or a blog versus an LLM. The difference is the centralization and feeding of the same poor quality information to massive numbers of people <i>at scale</i>. At least whatever bonkers theory someone "researches" on their own is going to be a heterodox set of ideas, with a limited blast radius. Even a major search engine up-ranking a site devoted to, like, how horse dewormers can cure covid, doesn't present it as if that link is <i>the answer</i> to how to cure covid, right? LLMs have a pernicious combination of sounding authoritative while speaking gibberish. Their real skill is not in surfacing the truth from a mass of data, it's in presenting a set of assertions as truth in a way that might satisfy the maximum number of people with limited curiosity, and in establishing an artificial sense of trust. That's why LLMs are likely the most demonic thing ever made by man. They are machines built to lie, tell half-truths, obfuscate and flatter at the same time. Doesn't that sound enough like every religion's warning about the devil?
What's your point?<p>The AI is being sold as an expert, not a student. These are categorically different things.<p>The mistake in the post is one that can be avoided by taking a single class at a community college. No PhD required, not even a B.S., not even an electricians certificate.<p>So I don't get your point. You're comparing a person in a learning environment to the equivalent of a person claiming to have a PhD in electrical engineering. A student letting the magic smoke escape from a <i>basic</i> circuit is a learnable experience (a memorable one that has high impact), especially when done in a learning environment where an expert can ensure more dangerous mistakes are less likely or non existent. But the same action from a PhD educated engineer would make you reasonably question their qualifications. Yes, humans make mistakes but if you follow the AI's instructions and light things on fire you get sued. If you follow the engineer's instructions and set things on fire then that engineer gets fired likely loses their license.<p>So what is your point?
What’s wrong with dishwasher salmon?
The difference is that LLMs pretend to be experts on all things. The high school shop kids aren’t under the impression they can build a smart toaster or whatever.
Ha ha, I said this before when Ben's post came up earlier, but, yes I am. And so far it has been a positive experience.
The cheapest engineering firms you hire are also using LLMs.<p>The operator is still a factor.
I don’t know, you can get a lot of nice engineering done in a Shenzhen dark alley.
LLMs definitely write more robust code than most. They don't take shortcuts or resort to ugly hacks. They have no problem writing tedious guards against edge cases that humans brush off. They also keep comments up to date and obsess over tests.
> They don't take shortcuts or resort to ugly hacks.<p>In my experience that is all they do, and you constantly have to fight them to get the quality up, and then fight again to prevent regressions on every change.
> They don't take shortcuts or resort to ugly hacks.<p>That hasn't, universally, been my experience. Sometimes the code is fine. Sometimes it is functional, but organized poorly, or does things in a very unusual way that is hard to understand. And sometimes it produces code that might work sometimes but misses important edge cases and isn't robust at all, or does things in an incredibly slow way.<p>> They have no problem writing tedious guards against edge cases that humans brush off.<p>The flip side of that is that instead of coming up with a good design that doesn't have as many edge cases, it will write verbose code that handles many different cases in similar, but not quite the same ways.<p>> They also keep comments up to date and obsess over tests.<p>Sure but they will often make comments or tests that aren't actually useful, or modify tests to succeed instead of fixing the code.<p>One significant danger of LLMs is that the quality of the output is higly variable and unpredictable.<p>That's ok, if you have someone knowledgeable reviewing and correcting it. But if you blindly trust it, because it produced decent results a few times, you'll probably be sorry.
<p><pre><code> > Sure but they will often make comments or tests that aren't actually useful, or modify tests to succeed instead of fixing the code.
</code></pre>
I've been deeply concerned that there's been a rise of TDD. I thought we already went through this and saw its failure. But we're back to we're people cannot differentiate "tests aren't enough" from "tests are useless". The amount of faith people put into tests is astounding. Especially when they aren't spending much time analyzing the tests and understanding their coverage.
<p><pre><code> > They don't take shortcuts or resort to ugly hacks.
</code></pre>
My experience is quite different<p><pre><code> > They have no problem writing tedious guards against edge cases that humans brush off.
</code></pre>
Ditto.<p>I have a hard time getting them to write small and flexible functions. Even with explicit instructions about how a specific routine should be done. (Really easy to produce in bash scripts as they seem to avoid using functions, but so do people, but most people suck at bash) IME they're fixated on the end goal and do not grasp the larger context (which is often implicit though I still find difficulty when I'm highly explicit. Which at that point it's usually faster to write myself)<p>It also makes me question context. Are humans not doing this because they don't think about it or because we've been training people to ignore things? How often do we hear "I just care that it works?" I've only heard that phrase from those that also love to talk about minimum viable products because... frankly, who is not concerned if it works? That's always been a disagreement about what is sufficient. Only very junior people believe in perfection. It's why we have sayings like "there's no solution more permanent than a temporary fix that works". It's the same people who believe tests are proof of correctness rather than a bound on correctness. The same people who read that last sentence and think I'm suggesting to not write tests or believe tests are useless.<p>I'd be concerned with the LLM operator quite a bit because of this. Subtle things are important when instructing LLMs. Subtle things in the prompts can wildly change the output
They absolutely take shortcuts and resort to ugly hacks.<p>My AGENTS.md is filled with specific lines to counter all of them that come up.
What? Yes they do take shortcuts and hacks. They change the tests case to make it pass. As the context gets longer it is less reliable at following earlier instructions. I literally had Claude hallucinate nonexistent APIs and then admitted “You caught me! I didn’t actually know, let me do a web search” and then after the web search it still mixes deprecated patterns and APIs against instructions.<p>I’m much more worried about the reliability of software produced by LLMs.
I had 5.3-Codex take two tries to satisfy a linter on Typescript type definitions.<p>It gave up, removed the code it had written directly accessing the correct property, and replaced it with a new function that did a BFS to walk through every single field in the API response object while applying a regex "looksLikeHttpsUrl" and hoping the first valid URL that had https:// would be the correct key to use.<p>On the contrary, the shift from pretraining driving most gains to RL driving most gains is pressuring these models resort to new hacks and shortcuts that are increasingly novel and disturbing!
Interesting and completely wrong statement, what gave you this impression?
I know right. I kept waiting for a sarcasm tag at the end
right and wrong don't exist when evaluating subjective quantifiers
The discourse around LLMs has created this notion that humans are not lazy and write perfect code. They get compared to an ideal programmer instead of real devs.
This. The hacks, shortcuts and bugs I saw in our product code after i got hired, were stuff every LLM would tell you not to do.
LLM's at best asymptotically approach a human doing the same task. They are trained on the best and the worst. Nothing they output deserves faith other than what can be proven beyond a shadow of a doubt with your own eyes and tooling. I'll say the same thing to anyone vibe coding that I'd say to programmatically illiterate. Trust this only insofar as you can prove it works, and you can stay ahead of the machine. Dabble if you want, but to use something safely enough to rely on, you need to be 10% smarter than it is.
Amen. On top of that, especially now, with good prompting you can get closer to that better than you think.
> LLMs definitely write more robust code than most.<p>I’ve been using Opus 4.6 and GPT-Codex-5.3 daily and I see plenty of hacks and problems all day long.<p>I think this is missing the point. The code in this product might be robust in the sense that it follows documentation and does things without hacks, but the things it’s doing are a mismatch for what is needed in the situation.<p>It might be perfectly structured code, but it uses hardcoded shared credentials.<p>A skilled operator could have directed it to do the right things and implement something secure, but an unskilled operator doesn’t even know how to specify the right requirements.
And the cheapest engineering firm won't use LLMs as well, wherever possible?
The cheapest engineering firm will turn out to be headed up by an openclaw instance.
fun fact, LLMs come in cheapest and useless and expensive but actually does what's being asked, too.<p>So, will they? Probably. Can you trust the kind of LLM that <i>you</i> would use to do a better job than the cheapest firm? Absolutely.
this.
Oh gosh anyone who thinks LLMs make firmware free haven’t seriously tried to use it for firmware engineering then.
I would love to see the prompt history. Always curious how much human intervention/guidance is necessary for this type of work because when I read the article I come away thinking I prompt Claude and it comes out with all these results. For example, "So Claude went after the app instead. Grabbed the Android APK, decompiled it with jadx." All by itself or the author had to suggest and fiddle with bits?
> and send them electric impulses in their sleep.
So, it's like Lovense, but for dreams?<p>Sorry, I know it's horrible, but I couldn't resist.
While most comments are focused on the issue that they found, I’m more intrigued by the fact that Claude was able to reverse engineer so well.<p>Lowering the skills bar needed to reverse engineer at this level could have its own AI-related implications.
One of my earlier experiences with codex was actually reverse engineering, far before it was good at actual coding.<p>It was able to decompile a react native app (Tesla Android app), and fully trace from a "How does X UI display?" down to a network call with a payload for me to intercept.<p>Granted it did it by splitting the binary into a billion txt files with each one being a single function and then rging through it, but it worked.
I love that it shows you the thought process that to a Senior or Staff level person would be expected to know in their approach to a reverse engineering problem with no documentation<p>Levels up the way I think about things
I wholeheartedly disagree. Running strings and a decompiler explicitly written for that language is kinda the first thing that comes to mind. Trying hundreds of random ways to talk to it before even doing any real reverse engineering is just a waste of compute. You're never going to guess the JSON to send to it or the random bytes. But it's not my tokens getting spent on it so meh
> I was not expecting to end up with the ability to read strangers' brainwaves and send them electric impulses in their sleep. But here we are.<p>Almost out of a Phillip K Dick novel
Can someone explain the other iot devices using the same broker? I tried cross referencing the feature list, information about the user base, kickstarter origin and flutter app with some search results and I’m pretty sure that I found the company and product in question. But they don’t (publicly) produce iot devices? Sooo I’m wondering if different companies are streaming their data into a shared sink and why they would do that?
How about complaining that brain waves get sent to a server?
I'm a neuroscientist, so I'm not going to say that the EEG data is mind reading or anything, but as a precedent, non privacy of brain data is very bad.
Non-privacy of <i>this person is currently sleeping</i> data is very bad as well, for different reasons.<p>You know, now that I'm thinking about it, I'm beginning to wonder if poor data privacy could have some negative effects.
It sounds like there was "presence in room" data as well, which could be very bad
This is the easiest signal though, on basically any account. You can see the time that communication happens, and the times when it doesn't.<p>For example a while back I wanted to map out my sleep cycle and I found a tool that charts your browser history over a 24 hour period, and it mapped almost perfectly to my sleep / wake periods.
Unsecured fitness monitor data revealed military guard post (IIRC) activity a while back.
Yawp. T’was Strava. <a href="https://www.theguardian.com/world/2018/jan/28/fitness-tracking-app-gives-away-location-of-secret-us-army-bases" rel="nofollow">https://www.theguardian.com/world/2018/jan/28/fitness-tracki...</a>
not because you knew how much someone worked out. But because it had GPS.
People will be lining up to have their brainwaves harvested because it'll be mildly easier to send emails or something similarly inane.
You could read the alertness level from an EEG, which could be helpful to a burglar. The device with slow-wave status seems ideal.
How useful could something like this be for research? I'm not a neuroscientist so I have no clue, but it seems like the only justification I can think of..
The general idea of an EEG system that posts data to a network?<p>Very, but there are already tons of them at lots of different price, quality, openness levels. A lot of manufacturers have their own protocols; there are also quasi/standards like Lab Streaming Layer for connecting to a hodgepodge of devices.<p>This particular data?<p>Probably not so useful. While it’s easy to get <i>something</i> out of an EEG set, it takes some work to get good quality data that’s not riddled with noise (mains hum, muscle artifacts, blinks, etc). Plus, brain waves on their own aren’t particularly interesting—-it’s seeing how they change in response to some external or internal event that tells us about the brain.
Not a neuroscientist either but I would imagine that raw data without personal information would not be useful for much. I can imagine that it would be quite valuable if accompanied with personal data plus user reports about how they slept each night, what they dreamed about if anything, whether it was positive dreams or nightmares etc. And I think quite a few people wouldn’t mind sharing all of that in the name of science, but in this case they don’t seem to have even tried to ask.
I believe they use it for sleep tracking
If they're taking patient data for research without permission, they are not ethical researchers.
I would presume data privacy laws already have good precedent for health data?
> I would presume data privacy laws already have good precedent for health data?<p>Google for a list of all the exceptions to HIPPA. There are a lot of things that _seem_ like they should be covered by HIPPA but are not...
Only for "covered entities" under HIPAA (at least in the US)
"Broker" is right there in the title of the post.<p>Baby's gotta get some cash somewhere.
Millions of people voluntarily use Gmail which gives a <i>lot</i> more useful data than EEG output to DHS et al without a warrant under FAA702. What makes you think people who “have nothing to hide” would care about publishing their EEG data?
This guy bought an internet connected sleep mask so it's not surprising that it was collecting all kinds of data, or that it was doing it insecurely (everyone should expect IoT anything to be a security nightmare) so to me the surprising thing about this is that the company actually bothered to worry about saving bandwidth/power and went through the trouble of using MQTT. Probably not the best choice, and they didn't bother to do it securely, but I'm genuinely impressed that they even tried to be efficient while sucking up people's personal data.
Ok, obviously unethical to do it, but this sounds like you've got the power to create some sci-fi shared dreaming device, where you can read people's brainwaves and send signals to other people's masks based on those signals. Or send signals to everyone at the same time and suddenly people all across the world experience some change in their dream simultaneously.<p>Like, don't actually do it, but I feel like there's inspiration for a sci-fi novel or short story there.
Ok so obviously this is a security disaster. But also ... is there a hackable consumer EEG device that gets useful data and is as comfortable as a sleep mask (and presumably you're not slathering electrode every time you put on your sleep mask)?
Cuz once the thing can't phone home, that sounds pretty cool.
This feels like a reason to buy the device to me? I would want to block all of the data going to the cloud and would only want operations happening locally. But the MQTT broadcast then allows me to create a local only integration in Home Assistant with all of the data.<p>What's the real risk profile? Robbers can see you are asleep instead of waiting until you aren't home?<p>I have not implemented MQTT automations myself, but it's there a way to encrypt them? That could be a nice to have
Sounds like you cannot control which MQTT endpoint it is headed to? It just goes to the server of the device. Assuming you could modify the firmware, you could program it to send to a local MQTT.
Simpler just update your local network dns so whatevercompany.brain.com redirect to your local 10.0.0.3 mqtt
With no encryption, this isn’t a problem.
I thought the author was going to change the hardcoded server (or override DNS) and set up his own.
I'm the founder of neurotech/sleeptech company <a href="https://affectablesleep.com" rel="nofollow">https://affectablesleep.com</a>, and this post shows the major issue with current wellness device regulation.<p>I believe there was some good that came from last months decision to be more open to what apps and data can say without going through huge regulatory processes (though because we apply auditory stimulation, this doesn't apply to us), however, there should be at least regulatory requirements for data security.<p>We've developed all of our algorithms and processing to happen on device, which is required anyway due to the latency which would result from bluetooth connections, but even the data sent to the server is all encrypted. I'd think that would be the basics. How do you trust a company with monitoring, and apparently providing stimulation, if they don't take these simple steps?
Agents are excellent for reverse engineering. I was also recently working on a BLE reverse engineering exercise and followed a similar path. I ran into lots of headaches with BLE on my Mac and tabled it.<p>Author or others who know, did you perform this on Linux? I imagine it lacks the tooling challenges I had with BLE on MacOS.
Name the company, hiding it is irresponsible
Author doesn’t spell out why they are not naming them, but my guess is they are trying to not promote the product to malicious actors who would be interested in the sleep data of others.<p>I guess that’s not a huge problem, though, since all users are presumably at least anonymous.
It’s probably safe to assume they are all like that.
huh, not sure if life imitates snark and bull
<a href="https://medium.com/luminasticity/great-products-of-illuminati-ganga-8f1698c06a53" rel="nofollow">https://medium.com/luminasticity/great-products-of-illuminat...</a><p>"The ZZZ mask is an intelligent sleep mask — it allows you to sleep less while sleeping deeper. That’s the premise — but really it is a paradigm breaking computer that allows full automation and control over the sleep process, including access to dreamtime."<p>or if this is another scifi variation of the same theme, with some dev like embellishments.
the shared MQTT credentials pattern is unfortunately super common in budget IoT. seen the exact same thing in smart plugs and air quality sensors. the frustrating part is per-device auth is not even hard to set up, mosquitto supports client certs and topic ACLs with minimal config. manufacturers skip it because per-device key provisioning adds a step to the assembly line and nobody wants to think about key management. so they hardcode one set of creds and hope nobody runs strings on the binary.
Why is it that almost all ODB-II dongles you buy have the same MAC address? If you buy two, one for each car, your app can never tell which car you're connected to.<p>They all come with Bluetooth certified logos, as well.<p>The ones that don't reuse everything cost like $120, not $15.
Well that’s a brand new sentence.
Really interesting read.
This feels less like a security bug and more like a missing execution boundary.
I asked ChatGPT which product this could be and it came up with<p><a href="https://www.kickstarter.com/projects/selepu/dreampilot-ai-guided-sleep-mask" rel="nofollow">https://www.kickstarter.com/projects/selepu/dreampilot-ai-gu...</a><p>Claude could not tell which one
> For obvious reasons, I am not naming the product/company here, but have reached out to inform them about the issue.<p>It's working as intended
> I recently got a smart sleep mask from Kickstarter. I was not expecting to end up with the ability to read strangers' brainwaves and send them electric impulses in their sleep. But here we are.<p>One of the best opening paragraphs in a SF novel that I’ve ever read.<p>Oh, wait.
That's exactly what I need. A radio transmitter as close as possible to my brain when I sleep.
The narrator in the article acts as a third person observer and identifies "Claude" as the active hacker. So assuming the (unidentified) company that sells/manages the product wants to prosecute a CFAA violation, who do they go after? Was Claude the one responsible for all of the hacking?
What do you mean? IANAL, but Claude doesn't just "wake up" (whatever that means) and decide to reverse engineering/hack stuff, so if this is a CFAA violation the person who prompted Claude is indeed responsible. At best, one could argue that the company producing Claude is partially responsible because it didn't prevent people from using it to reverse engineer stuff, but there's no way Claude is "responsible for all of the hacking", regardless of how many times the blog posts says "Claude did X".
The narrator. It doesn’t matter to the law the kind of intimate relationship you have with your tool.
[dead]
Reading a blog post where Claude did all the actual work is kinda sad.
Remember that the S in IoT stands for Security.<p>I have deployed open MQTT to the world for quick prototypes on non personal (and healthcare) data. Once my cloud provider told me to stop because they didn’t like it, that could be used for relay DDOS attacks.<p>I would not trust the sleep mask company even if they somehow manage to have some authentication and authorisation on their MQTT.
I don't think there is an S in IoT?..
And the P in IoT stands Privacy, and the Q for quality.<p>The K, of course, stands for Ka-ching!
As an aside, it seems cool that the bar to reverse engineering has lowered from all the LLMs. Maybe we'll get to take full control of many of these "smart" devices that require proprietary/spyware apps and use them in a fully private way. There's no excuse that any such apps solely to interact with devices locally need to connect to the internet, like dishwasher.<p><a href="https://www.jeffgeerling.com/blog/2025/i-wont-connect-my-dishwasher-your-stupid-cloud/" rel="nofollow">https://www.jeffgeerling.com/blog/2025/i-wont-connect-my-dis...</a>
>Since every device shares the same credentials and the same broker, if you can read someone's brainwaves you can also send them electric impulses.<p>Amazing.
How is the smart sleep mask called?
OK, but can we get a teledildonics device that records all thrusts onto the Blockchain?
Amazing to see claude's reasoning and process through reversing this
I discovered a very similar vulnerability in Mysa smart thermostats a year ago, also involving MQTT, and also allowing me to view and control <i>anyone's</i> thermostat <i>anywhere</i> in the world:
<a href="https://news.ycombinator.com/item?id=43392991">https://news.ycombinator.com/item?id=43392991</a><p>Also discovered during reverse-engineering of the devices’ communications protocols.<p>IoT device security is an utterly shambolic mess.
A lot of so called "smart" devices have little or no concept of privacy or personal boundaries built into them.
This smells like bullshit to me, although I am admittedly not experienced with Claude.<p>I find it difficult to believe that a sleep mask exists with the features listed: "EEG brain monitoring, electrical muscle stimulation around the eyes, vibration, heating, audio." while also being something you can strap to your face and comfortably sleep in, with battery capacity sufficient for several hours of sleep.<p>I also wonder how Claude probed bluetooth. Does Claude have access to bluetooth interface? Why? Perhaps it wrote a secondary program then ran that, but the article describes it as Claude probing directly.<p>I'm also skeptical of Claude's ability to make accurate reverse-engineered bluetooth protocol. This is at least a little more of an LLM-appropriate task, but I suspect that there was a lot of chaff also produced that the article writer separated from the wheat.<p>If any of this happened at all. No hardware mentioned, no company, no actual protocol description published, no library provided.<p>It makes a nice vague futuristic cyperpunk story, but there's no meat on those bones.
This isn't to the level of the OP, but I just asked Claude <i>"Are there any interesting Bluetooth devices in my vicinity which aren't actually mine or ones I am connected to?"</i> and it downloaded a tool called `blueutil` and identified a variety of things.<p>When I complained that the results were boring, it installed a Python package called 'bleak', found a set of LED lights (which I assumed are my daughter's) and tried to control them. It said the signal was too weak and got me to move around the house, whereupon it connected to them, figured out the protocol, and actually changed the lights while I was sat on her bed - where I am right now. Now I have a new party trick when she gets home! I had no idea they were Bluetooth controlled, nor clearly without any security at all.
thread with claude: <a href="https://gist.github.com/aimihat/a206289b356cac88e2810654adf06a55" rel="nofollow">https://gist.github.com/aimihat/a206289b356cac88e2810654adf0...</a>
A lot of BLE peripherals are very easy to probe. And there are libraries available for most popular languages that allow you to connect to a peripheral and poke at any exposed internals with little effort.<p>As for the reverse engineering, the author claims that all it took was dumping the strings from the Dart binary to see what was being sent to the bluetooth device. It's plausible, and I would give them the benefit of the doubt here.
Claude could access anything on your device, including system or third party commands for network or signal processing - it may even have their manuals/sites/man pages in the training set. It’s remarkably good at figuring things out, and you can watch the reasoning output. There are mcp tools for reverse engineering that can give it even higher level abilities (ghidra is a popular one).<p>Yesterday I watched it try and work around some filesystem permission restrictions, it tried a lot of things I would never have thought of, and it was eventually successful. I was kinda goading it though.
Yes, it is very lacking in details. The Claude output would have been interesting, or a few logs or protocol dumps.<p>The lack of detail makes me suspect the truth of most of the story.
<a href="https://www.kickstarter.com/projects/selepu/dreampilot-ai-guided-sleep-mask" rel="nofollow">https://www.kickstarter.com/projects/selepu/dreampilot-ai-gu...</a><p>Found that in seconds. EEG, electrical stimulation, heat, audio, etc. Claims a 20 hour battery.<p>As to the Claude interactions, like others I am suspicious and it seems overly idealized and simplified. Claude can't search for BT devices, but you could hook it up with an MCP that does that. You can hook it up with a decompiler MCP. And on and on. But it's more involved than this story details.
That appears to be more than a centimeter thick, and not particularly flexible. It's more like ski goggles than a sleep mask.<p>So yeah, a product exists that claims to be a sleep mask with these features. Maybe someone could even sleep while wearing that thing, as long as they sleep on their back and don't move around too much. I remain skeptical that it actually does the things it claims and has the battery life it claims. This is kickstarter after all. Regardless, this would qualify as the device in question for the article. Or at least inspiration for it.<p>Without evidence such as wireshark logs, programs, protocol documentation, I'm not convinced that any of this actually _happened_.
Claude, or any good agent, doesn't need MCP to do things. As long as it has access to a shell it can craft any command that it needs to fulfill its prompt.
There are no shell commands to do what is described. I could get Claude to interact with BLE devices, but it did it by writing and running various helper applications, for instance using the Bleak library. So I guess not an MCP per se.
Not really? I did something similar for a different device recently. It can make files and has access to bash. It's perfectly capable of installing packages and writing small scripts basically entirely autonomously. No MCP needed.
I was originally going to ask something similar, but from a different angle.<p>These blog posts now making the rounds on HN are the usual reverse engineering stories, but made a lot more compelling simply because they involve using AI.<p>Never mind that the AI part isn't doing any heavy lifting and probably just as tedious as not using AI in the first place. I am confused why the author mentions it so prominently. Past authors would not have been so dramatic and just waved their hands that they had some trial and error before finding out how the app is built. The focus would have been on the lack of auth and the funny stuff they did before reporting it to the devs.
It's disappointing to see. It doesn't take much work to configure a MQTT server to require client certificates for all connections. It does require an extra step in provisioning to give each device a client certificate. But for a commercial product, it's inexcusably negligent.<p>Then there's hardening your peripheral and central device/app against the kinds of spoofing attacks that are described in this blog post.<p>If your peripheral and central device can securely [0] store key material, then (in addition to the standard security features that come with the Bluetooth protocol) one may implement mutual authentication between the central and peripheral devices and, optionally, encryption of the data that is transmitted across that connection.<p>Then, as long as your peripheral and central devices are programmed to only ever respond when presented with signatures that can be verified by a trusted public key, the spoofing and probing demonstrated here simply won't work (unless somebody reverse engineers the app running on the central device to change its behaviour after the signature verification has been performed).<p>To protect against that, you'd have to introduce server-mediated authorisation. On Android, that would require things like the Play Integrity API and app signatures. Then, if the server verifies that the instance of the app running on the central device is unmodified, it can issue a token that the central device can send to the peripheral for verification in addition to the signatures from the previous step.<p>Alternatively, you could also have the server generate the actual command frames that the central device sends to the peripheral. The server would provide the raw command frame and the command frame signed with its own key, which can be verified by the peripheral.<p>I guess I got a bit carried away here. Certainly, not every peripheral needs that level of security. But, into which category this device falls, I'm not sure. On the one hand, it's not a security device, like an electronic door lock. And on the other hand, it's a very personal peripheral with some unusual capabilities like the electrical muscle stimulation gizmo and the room occupancy sensor.<p>[0]: Like with the Android KeyStore and whichever HSMs are used in microcontrollers, so that keys can't be extracted by just dumping strings from a binary.
Interesting project. Here's a thought which I've always had in the back of my mind, ever since I saw something similar in an episode of Buck Rogers (70s-80s)! Many people struggle with falling asleep due to persistent beta waves; natural theta predominance is needed but often delayed. Imagine an "INEXPENSIVE" smart sleep mask that facilitates sleep onset by inducing brain wave transitions from beta (wakeful, high-frequency) to alpha (8-13 Hz, relaxed) and then theta (4-8 Hz, stage 1 light sleep) via non-invasive stimulation. A solution could be a comfortable eye mask with integrated headphones (unintrusive) and EEG sensors.
It could use binaural beats or similar audio stimulation to "inject" alpha/theta frequencies externally, guiding the brain to a tipping point for abrupt sleep onset. Sensors would detect current waves; app-controlled audio ramps from alpha-inducing beats to theta, ensuring natural predominance. If it could be designed, it could accelerate sleep transition, improve quality, non-pharmacological.
So are the brain waves the cause or the effect?<p>Are beta waves a sign that my mind is racing and wide awake, or are they the reason?
What’s your proposed mechanism for how audio waves would induce brain waves?
No idea about audio frequencies close to hearing, but I'm pretty sure it's common to manipulate the brain with ultrasonic frequencies these days.
That's a toughie, but if it were me and I had the energy, I'd start by looking at the following patents:<p>- US20030171688A1: Mind controller - Induces alpha/theta brainwaves via audio messages.
- US20070084473A1: Brain wave entrainment in sound - Modulates music for desired brain states.
- US11309858: Inducing brainwaves by sound - Adjusts volume gains for specific frequencies.
- US5036858A: Changing brain wave frequency - Generates binaural beats to alter waves.
- US3951134: Remotely altering brain waves - Monitors and modifies via RF/EM waves.
- US5306228A: Brain wave synchronizer - Uses light/sound for entrainment.
- US6587729: RF hearing effect - Transmits speech via microwaves to brain.
- US6488617: Desired brain state - Electromagnetic pulses for mind states.
- US4858612: Microwave hearing simulation - Induces sounds in auditory cortex.
- US6930235B2: EM to sound waves - Relates waves for brain influence.
- EP0747080A1: Brain wave inducing - Sine waves via speaker for alpha waves.
- US5954629A: Brain wave system - Feedback light stimulation.
- US5954630A: FM theta sound - Superposes low frequencies for theta induction.
- US5159703A: Silent subliminal - Ultrasonic carriers for brain inducement.
- US6017302A: Acoustic manipulation - Subaudio pulses for nervous system control.
Who cares. I'm so tired.
the headlines these days
> Claude ran strings on the binary and this was the most productive step of the whole session.<p>After $150 in tokens, inflating GPU prices by 10%, spending $550 of VC money, and increasing the earth's temperature by 0.2 degC, claude did what a 16 year old that read two blog posts about reverse engineering would do.
"smart sleep mask :D - what next, smart toilet seats? Oh, wait...<p>Dudes so stupid being tied to tech everywhere.
Is this some kind of joke? Claude hallucinated everything, including capacity of device to accurately measure EGG of brain waves and hallucinated the process of decoding APK to some paranoidal user who has posted his conspiracy level AI hallucinations “finds” to his blog post and everyone is like “Yeah, Claude can do this”. Is everyone here insane? I am insane?
Why do you think it's all hallucinated?<p>You have no evidence of that, and it seems very unlikely unless you're intentionally wildly assuming the craziest possible scenario, as if you're paranoid or insane.<p>You do realize the user can <i>see the tool calls running</i> and check their real, actual output, during this process, right?<p>You do realize that there are <i>several</i> sleep masks on Kickstarter that actually have these features, right?<p>The user has also shared the Claude transcript:<p><a href="https://gist.github.com/aimihat/a206289b356cac88e2810654adf06a55" rel="nofollow">https://gist.github.com/aimihat/a206289b356cac88e2810654adf0...</a>
cyberpunk
> For obvious reasons, I am not naming the product/company here, but have reached out to inform them about the issue.<p>Coward. The only way to challenge this garbage is "Name and Shame". Light a fire under their asses. That fire can encourage them to do right, and as a warning to all other companies.<p>My guess is this is Luuna <a href="https://www.kickstarter.com/projects/flowtimebraintag/luuna" rel="nofollow">https://www.kickstarter.com/projects/flowtimebraintag/luuna</a>
Doesn't disclosing this to the world at the same time as you disclose it to the company immediately send hundreds of black hats to their terminals to see how much chaos they can create before the company implements a fix?<p>Perhaps the author is not a coward, but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.
<i>but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.</i><p>If that's the case then they should have deferred this whole blog post.
It took me 30 seconds with ChatGPT by saying:<p>Identify the kickstarter product talked around in this blog post: (link)<p>To think some blackhat hasn't already did that is frankly laughable. What I did was like the lowest of low-bars these days.
Put the product name in the title & maybe it sends thousands instead of hundreds of blackhats…<p>We often treat doxxing the same way, prohibiting posting of easily discovered information.
So your plan is to let the blackhats in the know attack user devices, rather than send out a large warning to "Quit using immediately"?<p>If we applied this similar analogy to a e.coli infection of foods, your recommendation amounts to "If we say the company name, the company would be shamed and lose money and people might abuse the food".<p>People need to know this device is NOT SAFE on your network, paired to your phone, or anything. And that requires direct and public notification.
And ChatGPT hallucinated a misleading answer that you are confidently regurgitating.
I did consider naming, but they were very responsive to the disclosure and I was not entirely familiar with potential legal implications of doing so. (For what it's worth, it is not Luuna)
Please name 50 other companies it's not.<p>It's good that they were responsive in the disclosure, but it's still a mark of sloppiness that this was done in the first place, and I'd like to know so I can avoid them.
I don't see estim mentioned on that website, but I do see a comparison chart with 4 other competitors with similar capabilities to the one you linked.<p>What makes you think this is the one?
Even if naming and shaming doesn't work, I sure want to know so I can always avoid them for myself and my family. Thanks for the call-out and the educated guess.
EEG devices can cost a lot to own personally as well.<p>The other side of owning equipment like this is it still could be useful for some for personal and private use.
Presumably they’ll be named and shamed after they’ve been given a chance to fix things.
[dead]
It is a governance failure.<p>It is also technically a user failure to have purchased a connected device in the first place. Does the device require a closed-source proprietary app? Closed-source non-replaceable OS? Do not buy it.
Very few options available, if any, if you actually do that. The IoT market is unfortunately small and dominated by vendors that don’t want at all an open ecosystem. That would hinder their ability to force you to pay for a subscription which is where all the money is.
Yes, that’s right, don’t buy any new car, any phone, any television. Hell don’t buy any x86 laptop or desktop computer, since you can’t disable out replace Intel ME/etc.
There should be two separate lines of products. One in which privacy is priority and adheres to government regulations (around privacy) and probably costs 2x and one with zero government intervention (around privacy) which costs less and time-to-market is faster.<p>I don't want a few irrationally paranoid people bottlenecking progress and access to the latest technology and innovation.<p>I'm happy to broadcast my brainwaves on an open YouTube channel for the ZERO people who are interested in it.
> I don't want a few irrationally paranoid people bottlenecking progress and access to the latest technology and innovation.<p>Paranoid? Is there not enough evidence posted almost daily on HN that tech companies are constantly spying on their users through computers, Internet-of-Shit devices, phones, cars and even washing machines? You might not care about the brainwave data specifically, but there is bound to be information on your devices that you expect remains private.<p>Things have become so bad that I now refuse to use computers that don't run a DIY Linux distro like Arch that allows users to decide what goes into their system. My phone runs GrapheneOS because Google and Apple can't be trusted. I self host email and other "cloud" services for the same reason.
Explain how sending EEG recordings is progress. And why faster access to the latest tech is always good, for everyone.
otoh: the non regulated should cost more.<p>It’s kinda like “qualified investors” - you want to make sure people who are wiling to do something extremely stupid can afford it and acknowledge their stupidity.<p>We don’t need regulation to protect those that can afford to buy protection: we need it for those who can’t.
[dead]
> nobody budgets time for security architecture on v1<p>It’s quite literally why the internet is so insecure, because at many points all along the way, “hey, should we design and architect for security?” is/was met with “no, we have people to impress and careers to advance with parlor tricks to secure more funding; besides, security is hard and we don’t actually know what we are doing, so tow the line or you’ll be removed.”
[flagged]
Won't they sue for the reverse engineering?
Without a brand name, how can we verify this is real?
“Ask an LLM to hack your app” should be a production-readiness step from now on.