I watched a couple really interesting talks from this past Def Con. In one of the talks, Snoop Unto Them As They Snoop Unto Us, Null Agent points out that all Axon equipment (the company putting tasers on drones) share the same organizationally unique identifier (OUI) and communicate via Bluetooth Low Energy. When you pull your firearm or taser from an Axon holster, it can be set up to signal your bodycam to automatically turn on, for example. So by snooping on the BLE data channels you can look for Axon’s OUI and infer that a law enforcement officer is within your Bluetooth range (max 300ft or so in optimal conditions).

That’s all this script does. If it detects Axon equipment it plays a sound, alerts on your terminal, and logs the MAC address / time of encounter. I run it on my laptop in my living room with a super cheap Bluetooth adapter and I get notified when there are cops outside. Couple this with listening to your local police / public safety radio and you’ll never be surprised by a no-knock again.

  • Nobsi
    link
    fedilink
    English
    228 months ago

    This will be awesome for my meth lab in the basement on 1600 Pennsylvania Avenue NW in Washington, D.C.

  • The Pantser
    link
    English
    158 months ago

    Greedy ole companies using pre existing tech to make their shit cheaper while sacrificing security. Thank you, greedy tech company.

    • @kryptonicus
      link
      English
      68 months ago

      A company reusing “pre-existing tech” doesn’t really seem to be the issue here. Were they supposed to invent a whole new communication protocol for this use case?

      The issue I see is that they didn’t bother to obfuscate the MAC address of their BLE equipment. Maybe there is a reason they’re not allowed to change the OUI of their BT transmitter?

    • @JudCrandallOP
      link
      English
      138 months ago

      Yikes, you’ve got a real gem of a PD there.

      I’m in MA and they’re all about Axon here too. My local PD also uses IMC for their mobile and administrative backend, which I’ve been trying to find a monitoring surface for. They love to let everyone know on the radio when the system is down, too, which is pretty funny. Quick, do crimes!

        • @JudCrandallOP
          link
          English
          38 months ago

          If you’re in the United States, the easiest way would be to find them on Broadcastify. That’s assuming that 1.) they don’t use voice encryption, and 2.) someone else is streaming it to Broadcastify.

          Your next best bet is to look into Software Defined Radio. To listen in, even on trunked radios, you’d only need a really inexpensive RTL-SDR setup.

    • Drusas
      link
      fedilink
      38 months ago

      I don’t know if they’re headquartered here or just have an office, but Axon also operates in Seattle. I’ve seen their job listings many times.

  • @[email protected]
    link
    fedilink
    English
    5
    edit-2
    8 months ago

    How would you get this to work on android? Is that even possible to do?

    Edit. Ahh NVM this is way above my pay scale. Even for my PC.

    • @JudCrandallOP
      link
      English
      138 months ago

      I’m not much of a coder, but the method for finding the devices is so simple and easy to repeat that anyone could make an app for it. While I was testing it I was also using Android apps called WiGLE and RF Party that can accomplish basically the same thing. With WiGLE, just adjust the settings to only display Bluetooth devices, and look for anything with a MAC address that starts with 00:25:df or has “Taser International Inc.” in a name field.

      I might try to make a simple APK for it, but if someone beats me to it, that’d be rad.

  • @topinambour_rex
    link
    English
    58 months ago

    Make it an app, sell it on the darkweb, profit.

  • @[email protected]
    link
    fedilink
    English
    48 months ago

    How frequently can bluetooth scan for new devices? I wonder if one was to use a high gain 2.4ghz antenna if the range could be increased enough to detect cops from a moving vehicle.

    Doing so would get around Virginia’s and DC’s radar detector laws as both laws state you aren’t allowed their speed guns but says nothing about detecting the cops themselves.

    • @JudCrandallOP
      link
      English
      68 months ago

      You can adjust the wait between scans in the script, I have it set to 12 seconds by default. But if you set it to 1, I think I anecdotally found it complete a scan every 5-6 seconds with my setup. It detects cop cars driving by at night if I leave it on in my living room.

    • 2d
      link
      fedilink
      58 months ago

      Bluetooth would not work well enough to detect a cop far away enough to get you to slow down while driving. Not a suitable replacement for a radar detector (and even those face similar problems)

      • @JudCrandallOP
        link
        English
        48 months ago

        Yeah, I wouldn’t rely on Bluetooth for that unfortunately. Now, for seeing if that unmarked car behind you traveling at the same speed is potentially law enforcement, it’s a little more reliable.