A lotta vapes are reportedly chock full of lead, so kids probably shouldn’t be puffing clouds in the bathroom stall, but was there any reason to design the most exploitable version of a product to alert school administrators about it?
The manufacturer was happy to expand to Section 8 (USA, subsidized) housing in spite of script kiddies, rogue employees, or legit employees working under new guidelines being able to root into the Motorola Halo 3C and use its fully-functioning microphones to invade privacy.
The frog is boiling slowly: pay more for your car insurance when your insurer buys your driving data today; risk your home insurance when you don’t install this “fire prevention” spyware tomorrow.
DEF CON 33 - Unmasking the Snitch Puck: IoT surveillance tech in the school bathroom - Reynaldo, nyx: YouTube
83,126 views, Oct 10, 2025
Students smoking where they shouldn’t is a PITA to me, a librarian, because it can set off some fire alarms.
I do not appreciate needing to help a less mobile coworker down the stairs to evacuate the building. I don’t like spending in the rain while we wait for the fire department to declare the “all clear”.
We don’t use spy pucks to tattle on students, though: we know what alarm was triggered and we know who checked out that study room. Or we know who came out of the single seat bathroom.
Edit: and generally students have been contrite when they return the study room key after the building was evacuated. Very “I didn’t do it but I’ll let my friends who were studying with me know…” and we’ve not had repeat offenders. Tbh, they’re [young] adults so as long as no one is hurt and I don’t hear about it I’m cool with it.
Insurance is a scam and our rulers rejoiced when they made it mandatory for cars.
deleted by creator
The minute the Pi4 compute module showed up, the jig was up.
For the secure boot scheme to be really secure, you have to generate a unique key for each device. Most vendors don’t bother because it means each firmware update has to be signed and encrypted for each unique device. This also means you have to have the infrastructure for device attestation. You can’t just stick an update file on a public S3 bucket or FTP site like the good old days.
Some end up reusing the same product key, so if it’s compromised, all devices in that family can be hacked. But even that’s too much for some vendors.
Instead, they just wing it, and go back to the bad old habits (no encryption, or symmetric keys embedded in firmware) that get them featured in DefCon presentations.
Yeah cool that frog started getting hot 15 years ago whats the plan haha
Donate to EFF
alt-text:
what can the hackers do?
• buy weird coptech on eBay then tell people about it
• ask your school board if they’re using these things
• campaign for strong privacy legislation
• give money to the EFF
• stay aware and informed
• keep your friends and communities safeI feel like the privacy issues goes back waaaaay further than any of this and that attempts to stop it then were fruitless.
I hate to be pessimistic but I was butt hurt about rights to privacy online and in public (security cameras) long ago. Nobody cares about them now and soon nobody will care that I’m caught ripping bongs in a school. Lol.
I’m old and tired.
No, more people definitely do care now. Not as much add they should in the ways that they should, but they do. Keep proving the information, over time people will learn.
Meanwhile, keep pushing your government reps for more immediate change.
That’s what we said back then bro
You mean24 years ago when they signed the fucking Patriot act?
Also go watch and act on Benn Jordan’s license plate reader video. It might be the best thing you can do for keeping your insurance rate low for now.
Yea
Ah the pleasant names they give these things: The Patriot Act, The Big Beautiful Bill, No Child Left Behind, giving citizens the illusion these will improve the country and improve everyone’s lives but it couldn’t be more opposite.
Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act doesn’t hit the same, especially after knowing what they would pass for “terrorism”
*chock full
c. 1400, chokkeful “crammed full;” the first element is possibly from choke “cheek” (see cheek (n.)). Or it may be from Old French choquier “collide, crash, hit” (13c., Modern French choquer), which is probably from Germanic (compare Middle Dutch schokken, and see shock (n.1)).
<----- etymology freak
Chalk-free edit, thanks @dan1101@lemmy.world
Probably < choke v. + full adj. (with an underlying sense ‘full to the point of choking’), in later use (especially in α forms) probably reinforced by association with chock n.1 and chock v.1
Charottez chokkefull charegyde with golde, yadadamean?
Awesome! Etymology is a fascination of mine, where language derives itself from and how words and phrases have changed and even been bastardized to mean something else. One of my favorites being ‘Pull yourself up by your bootstraps’.
The phrase also derives from a mid 1800 child’s physics book that had review questions at the end of each chapter to check if you understood the information. One of the questions was ‘Can a man pull himself up by his bootstraps?’, which is of course impossible because he is being acted upon by forces greater than himself…namely gravity.
Indeed, the more you know.
A terrifying/infuriating/interesting watch.
![It started to stop kids vaping [pot] in school bathrooms. Then they stuck it in poor people's homes. | DEF CON Snitch Puck Talk, October 2025](https://lemmy.ml/api/v3/image_proxy?url=https%3A%2F%2Fsh.itjust.works%2Fpictrs%2Fimage%2Fde062422-9a80-43b8-a413-d7c22a8d8ad4.png){kind=link}