A couple of years ago, a curious then-16-year-old hacker named Reynaldo Vasquez-Garcia was exploring the capabilities of his laptop at his high school in the Portland area. He was testing what computer systems he could connect to via the school’s Wi-Fi, describing it as “using the school network as a lab.” During this exploration, he stumbled upon several mysterious devices labeled as “IPVideo Corporation.” After conducting some research, Garcia discovered that this company is a subsidiary of Motorola and that the devices he had encountered were actually the Halo 3C, a sophisticated smoke and vape detection gadget.
The Halo 3C resembles a standard smoke detector but is equipped with advanced features, including sensors that go beyond simple smoke detection. According to Garcia, it can also identify vaping activities, particularly those involving THC. The device is designed with a microphone to listen for signs of “aggression,” gunshots, or even keywords like someone calling for help. This functionality raised immediate concerns for Vasquez-Garcia regarding the potential for intrusive surveillance in schools.
After months of reverse engineering and security assessments, Vasquez-Garcia, alongside his hacker partner known as Nyx, demonstrated the ability to hack into the Halo 3C, which they nicknamed the “snitch puck.” At the recent Defcon hacker conference, they revealed that exploiting a few basic security vulnerabilities could allow any hacker on the same network to take control of a Halo 3C device. They demonstrated how this could turn the gadget into a real-time audio eavesdropping device, disable its detection capabilities, generate false alerts for vaping or gunshots, or even play any sound through the device’s speaker.
In response to the concerns raised by the hackers, Motorola announced plans to release a firmware update to address the identified security flaws. The update is expected to automatically push to all cloud-connected devices by the upcoming Friday. However, Vasquez-Garcia and Nyx argue that the firmware update fails to address the fundamental issue: the presence of hidden microphones in devices installed throughout schools across the country. This poses a significant risk, especially regarding privacy and student safety.
As schools increasingly adopt various surveillance technologies—ranging from AI-powered weapons detectors to keystroke loggers—concerns have been raised about the potential misuse of devices like the Halo 3C. For instance, there are fears that school officials or law enforcement could use the device to eavesdrop on students discussing sensitive topics, such as seeking an abortion. Motorola promotes the Halo 3C as “ideal for observing health and safety in privacy-concern areas,” yet the presence of microphones complicates this narrative.
Vasquez-Garcia and Nyx purchased a Halo 3C on eBay and conducted a physical teardown. They discovered that the device functions similarly to a Raspberry Pi microcomputer, equipped with various sensors, including microphones. Their research revealed alarming vulnerabilities. They realized that if they could connect to a Halo 3C over its network, they could easily brute-force its password due to a flaw in the device's security protocol, allowing them to guess passwords at an astonishing rate of approximately 3,000 attempts per minute.
Nyx articulated a crucial point: “The unfortunate reality is there's a microphone connected to a computer that's connected to the network. And there's no software patching that will make that not possible to use as a listening device.” This concern extends beyond schools, as Motorola also markets the Halo sensors for use in public housing, raising further questions about privacy in residents' homes.
As devices incorporating microphones and internet connectivity become increasingly common, Vasquez-Garcia emphasizes the importance of skepticism regarding their safety claims. “If people remember one thing from this, it should be: Don’t blindly trust every Internet of Things device just because it claims to be for safety,” he warns. The core issue is trust; as society continues to accept devices that claim to prioritize safety without scrutiny, surveillance becomes normalized, often without a full understanding of the technology involved.