A lotta vapes are reportedly chock full of lead, so kids probably shouldn’t be puffing clouds in the bathroom stall, but was there any reason to design the most exploitable version of a product to alert school administrators about it?
The manufacturer was happy to expand to Section 8 (USA, subsidized) housing in spite of script kiddies, rogue employees, or legit employees working under new guidelines being able to root into the Motorola Halo 3C and use its fully-functioning microphones to invade privacy.
The frog is boiling slowly: pay more for your car insurance when your insurer buys your driving data today; risk your home insurance when you don’t install this “fire prevention” spyware tomorrow.

DEF CON 33 - Unmasking the Snitch Puck: IoT surveillance tech in the school bathroom - Reynaldo, nyx: YouTube
83,126 views, Oct 10, 2025

  • fubarx@lemmy.world
    21·
    12 hours ago

    The minute the Pi4 compute module showed up, the jig was up.

    For the secure boot scheme to be really secure, you have to generate a unique key for each device. Most vendors don’t bother because it means each firmware update has to be signed and encrypted for each unique device. This also means you have to have the infrastructure for device attestation. You can’t just stick an update file on a public S3 bucket or FTP site like the good old days.

    Some end up reusing the same product key, so if it’s compromised, all devices in that family can be hacked. But even that’s too much for some vendors.

    Instead, they just wing it, and go back to the bad old habits (no encryption, or symmetric keys embedded in firmware) that get them featured in DefCon presentations.

    • irmadlad@lemmy.worldEnglish
      8·
      11 hours ago

      c. 1400, chokkeful “crammed full;” the first element is possibly from choke “cheek” (see cheek (n.)). Or it may be from Old French choquier “collide, crash, hit” (13c., Modern French choquer), which is probably from Germanic (compare Middle Dutch schokken, and see shock (n.1)).

      <----- etymology freak

      • brbposting@sh.itjust.worksOPEnglish
        4·
        9 hours ago

        Chalk-free edit, thanks @dan1101@lemmy.world

        Probably < choke v. + full adj. (with an underlying sense ‘full to the point of choking’), in later use (especially in α forms) probably reinforced by association with chock n.1 and chock v.1

        OED, Oxford English Dictionary, Meaning & Use of chock-full

        Charottez chokkefull charegyde with golde, yadadamean?

        • irmadlad@lemmy.worldEnglish
          3·
          9 hours ago

          Awesome! Etymology is a fascination of mine, where language derives itself from and how words and phrases have changed and even been bastardized to mean something else. One of my favorites being ‘Pull yourself up by your bootstraps’.

            • irmadlad@lemmy.worldEnglish
              2·
              6 hours ago

              The phrase also derives from a mid 1800 child’s physics book that had review questions at the end of each chapter to check if you understood the information. One of the questions was ‘Can a man pull himself up by his bootstraps?’, which is of course impossible because he is being acted upon by forces greater than himself…namely gravity.

              Indeed, the more you know.

    • anomnom@sh.itjust.worksEnglish
      13·
      13 hours ago

      You mean24 years ago when they signed the fucking Patriot act?

      Also go watch and act on Benn Jordan’s license plate reader video. It might be the best thing you can do for keeping your insurance rate low for now.

    • brbposting@sh.itjust.worksOPEnglish
      372·
      17 hours ago

      Donate to EFF

      alt-text:

      what can the hackers do?
      • buy weird coptech on eBay then tell people about it
      • ask your school board if they’re using these things
      • campaign for strong privacy legislation
      • give money to the EFF
      • stay aware and informed
      • keep your friends and communities safe

      https://supporters.eff.org/donate

      • INHALE_VEGETABLES@aussie.zone
        14·
        17 hours ago

        I feel like the privacy issues goes back waaaaay further than any of this and that attempts to stop it then were fruitless.

        I hate to be pessimistic but I was butt hurt about rights to privacy online and in public (security cameras) long ago. Nobody cares about them now and soon nobody will care that I’m caught ripping bongs in a school. Lol.

        I’m old and tired.

        • frongt@lemmy.zip
          3·
          3 hours ago

          No, more people definitely do care now. Not as much add they should in the ways that they should, but they do. Keep proving the information, over time people will learn.

          Meanwhile, keep pushing your government reps for more immediate change.