My smart sleep mask broadcasts users' brainwaves to an open MQTT broker

Kickstarter is full of projects like this where every possible shortcut is taken to get to market. I’ve had some good success with a few Kickstarter projects but I’ve been very selective about which projects I support. More often than not I can identify when a team is in over their heads or think they’re just going to figure out the details later, after the money arrives.

For a period of time it was popular for the industrial designers I knew to try to launch their own Kickstarters. Their belief was that engineering was a commodity that they could hire out to the lowest bidder after they got the money. The product design and marketing (their specialty) was the real value. All of their projects either failed or cost them more money than they brought in because engineering was harder than they thought.

I think we’re in for another round of this now that LLMs give the impression that the software and firmware parts are basically free. All of those project ideas people had previously that were shelved because software is hard are getting another look from people who think they’re just going to prompt Claude until the product looks like it works.

How about complaining that brain waves get sent to a server? I'm a neuroscientist, so I'm not going to say that the EEG data is mind reading or anything, but as a precedent, non privacy of brain data is very bad.

I'm the founder of neurotech/sleeptech company https://affectablesleep.com, and this post shows the major issue with current wellness device regulation.

I believe there was some good that came from last months decision to be more open to what apps and data can say without going through huge regulatory processes (though because we apply auditory stimulation, this doesn't apply to us), however, there should be at least regulatory requirements for data security.

We've developed all of our algorithms and processing to happen on device, which is required anyway due to the latency which would result from bluetooth connections, but even the data sent to the server is all encrypted. I'd think that would be the basics. How do you trust a company with monitoring, and apparently providing stimulation, if they don't take these simple steps?

Ok, obviously unethical to do it, but this sounds like you've got the power to create some sci-fi shared dreaming device, where you can read people's brainwaves and send signals to other people's masks based on those signals. Or send signals to everyone at the same time and suddenly people all across the world experience some change in their dream simultaneously.

Like, don't actually do it, but I feel like there's inspiration for a sci-fi novel or short story there.

Amazing to see claude's reasoning and process through reversing this

Remember that the S in IoT stands for Security.

I have deployed open MQTT to the world for quick prototypes on non personal (and healthcare) data. Once my cloud provider told me to stop because they didn’t like it, that could be used for relay DDOS attacks.

I would not trust the sleep mask company even if they somehow manage to have some authentication and authorisation on their MQTT.

I would love to see the prompt history. Always curious how much human intervention/guidance is necessary for this type of work because when I read the article I come away thinking I prompt Claude and it comes out with all these results. For example, "So Claude went after the app instead. Grabbed the Android APK, decompiled it with jadx." All by itself or the author had to suggest and fiddle with bits?

The shared hardcoded credentials pattern isn't just an IoT problem. I work in AWS security and see the same thing constantly. Teams hardcode a single set of AWS access keys into their application, share them across every environment, and hope nobody runs strings on the binary. Same logic, same laziness, same outcome.

The difference is when it's a sleep mask, someone reads your brainwaves. When it's a cloud credential, someone reads your customer database. Per-device or per-environment credential provisioning isn't even hard anymore. AWS has IAM roles, IoT has device certificates, MQTT has client certs and topic ACLs. The tooling exists. Companies skip it because key management adds a step to the assembly line and nobody budgets time for security architecture on v1.

> I was not expecting to end up with the ability to read strangers' brainwaves and send them electric impulses in their sleep. But here we are.

Almost out of a Phillip K Dick novel

While most comments are focused on the issue that they found, I’m more intrigued by the fact that Claude was able to reverse engineer so well.

Lowering the skills bar needed to reverse engineer at this level could have its own AI-related implications.

Name the company, hiding it is irresponsible

This feels like a reason to buy the device to me? I would want to block all of the data going to the cloud and would only want operations happening locally. But the MQTT broadcast then allows me to create a local only integration in Home Assistant with all of the data.

What's the real risk profile? Robbers can see you are asleep instead of waiting until you aren't home?

I have not implemented MQTT automations myself, but it's there a way to encrypt them? That could be a nice to have

This guy bought an internet connected sleep mask so it's not surprising that it was collecting all kinds of data, or that it was doing it insecurely (everyone should expect IoT anything to be a security nightmare) so to me the surprising thing about this is that the company actually bothered to worry about saving bandwidth/power and went through the trouble of using MQTT. Probably not the best choice, and they didn't bother to do it securely, but I'm genuinely impressed that they even tried to be efficient while sucking up people's personal data.

The narrator in the article acts as a third person observer and identifies "Claude" as the active hacker. So assuming the (unidentified) company that sells/manages the product wants to prosecute a CFAA violation, who do they go after? Was Claude the one responsible for all of the hacking?

Nevermind. I have just described my iPhone as a “generic chinese mobile device” to Claude, and he successfully gained root access with admin privileges to my iPhone, and even captured a couple minutes of EEG from 30 genetic mobile devices in my neighborhood. Seems like iPhones are tracking your thoughts, Claude could prove that, just ask it to tell you everything

huh, not sure if life imitates snark and bull https://medium.com/luminasticity/great-products-of-illuminat...

"The ZZZ mask is an intelligent sleep mask — it allows you to sleep less while sleeping deeper. That’s the premise — but really it is a paradigm breaking computer that allows full automation and control over the sleep process, including access to dreamtime."

or if this is another scifi variation of the same theme, with some dev like embellishments.

Well that’s a brand new sentence.

the shared MQTT credentials pattern is unfortunately super common in budget IoT. seen the exact same thing in smart plugs and air quality sensors. the frustrating part is per-device auth is not even hard to set up, mosquitto supports client certs and topic ACLs with minimal config. manufacturers skip it because per-device key provisioning adds a step to the assembly line and nobody wants to think about key management. so they hardcode one set of creds and hope nobody runs strings on the binary.

This smells like bullshit to me, although I am admittedly not experienced with Claude.

I find it difficult to believe that a sleep mask exists with the features listed: "EEG brain monitoring, electrical muscle stimulation around the eyes, vibration, heating, audio." while also being something you can strap to your face and comfortably sleep in, with battery capacity sufficient for several hours of sleep.

I also wonder how Claude probed bluetooth. Does Claude have access to bluetooth interface? Why? Perhaps it wrote a secondary program then ran that, but the article describes it as Claude probing directly.

I'm also skeptical of Claude's ability to make accurate reverse-engineered bluetooth protocol. This is at least a little more of an LLM-appropriate task, but I suspect that there was a lot of chaff also produced that the article writer separated from the wheat.

If any of this happened at all. No hardware mentioned, no company, no actual protocol description published, no library provided.

It makes a nice vague futuristic cyperpunk story, but there's no meat on those bones.

I discovered a very similar vulnerability in Mysa smart thermostats a year ago, also involving MQTT, and also allowing me to view and control anyone's thermostat anywhere in the world: https://news.ycombinator.com/item?id=43392991

Also discovered during reverse-engineering of the devices’ communications protocols.

IoT device security is an utterly shambolic mess.

Is this some kind of joke? Claude hallucinated everything, including capacity of device to accurately measure EGG of brain waves and hallucinated the process of decoding APK to some paranoidal user who has posted his conspiracy level AI hallucinations “finds” to his blog post and everyone is like “Yeah, Claude can do this”. Is everyone here insane? I am insane?

>Since every device shares the same credentials and the same broker, if you can read someone's brainwaves you can also send them electric impulses.

Amazing.

As an aside, it seems cool that the bar to reverse engineering has lowered from all the LLMs. Maybe we'll get to take full control of many of these "smart" devices that require proprietary/spyware apps and use them in a fully private way. There's no excuse that any such apps solely to interact with devices locally need to connect to the internet, like dishwasher.

https://www.jeffgeerling.com/blog/2025/i-wont-connect-my-dis...

It's disappointing to see. It doesn't take much work to configure a MQTT server to require client certificates for all connections. It does require an extra step in provisioning to give each device a client certificate. But for a commercial product, it's inexcusably negligent.

Then there's hardening your peripheral and central device/app against the kinds of spoofing attacks that are described in this blog post.

If your peripheral and central device can securely [0] store key material, then (in addition to the standard security features that come with the Bluetooth protocol) one may implement mutual authentication between the central and peripheral devices and, optionally, encryption of the data that is transmitted across that connection.

Then, as long as your peripheral and central devices are programmed to only ever respond when presented with signatures that can be verified by a trusted public key, the spoofing and probing demonstrated here simply won't work (unless somebody reverse engineers the app running on the central device to change its behaviour after the signature verification has been performed).

To protect against that, you'd have to introduce server-mediated authorisation. On Android, that would require things like the Play Integrity API and app signatures. Then, if the server verifies that the instance of the app running on the central device is unmodified, it can issue a token that the central device can send to the peripheral for verification in addition to the signatures from the previous step.

Alternatively, you could also have the server generate the actual command frames that the central device sends to the peripheral. The server would provide the raw command frame and the command frame signed with its own key, which can be verified by the peripheral.

I guess I got a bit carried away here. Certainly, not every peripheral needs that level of security. But, into which category this device falls, I'm not sure. On the one hand, it's not a security device, like an electronic door lock. And on the other hand, it's a very personal peripheral with some unusual capabilities like the electrical muscle stimulation gizmo and the room occupancy sensor.

[0]: Like with the Android KeyStore and whichever HSMs are used in microcontrollers, so that keys can't be extracted by just dumping strings from a binary.

Interesting project. Here's a thought which I've always had in the back of my mind, ever since I saw something similar in an episode of Buck Rogers (70s-80s)! Many people struggle with falling asleep due to persistent beta waves; natural theta predominance is needed but often delayed. Imagine an "INEXPENSIVE" smart sleep mask that facilitates sleep onset by inducing brain wave transitions from beta (wakeful, high-frequency) to alpha (8-13 Hz, relaxed) and then theta (4-8 Hz, stage 1 light sleep) via non-invasive stimulation. A solution could be a comfortable eye mask with integrated headphones (unintrusive) and EEG sensors. It could use binaural beats or similar audio stimulation to "inject" alpha/theta frequencies externally, guiding the brain to a tipping point for abrupt sleep onset. Sensors would detect current waves; app-controlled audio ramps from alpha-inducing beats to theta, ensuring natural predominance. If it could be designed, it could accelerate sleep transition, improve quality, non-pharmacological.

the headlines these days

Won't they sue for the reverse engineering?

"smart sleep mask :D - what next, smart toilet seats? Oh, wait...

Dudes so stupid being tied to tech everywhere.

> For obvious reasons, I am not naming the product/company here, but have reached out to inform them about the issue.

Coward. The only way to challenge this garbage is "Name and Shame". Light a fire under their asses. That fire can encourage them to do right, and as a warning to all other companies.

My guess is this is Luuna https://www.kickstarter.com/projects/flowtimebraintag/luuna

Without a brand name, how can we verify this is real?

While most comments are focused on the issue that they found, I’m more intrigued by the fact that Claude was able to reverse engineer so well.

Lowering the skills bar needed to reverse engineer at this level could have its own AI-related implications.

Amazing to see claude's reasoning and process through reversing this

I'm the founder of neurotech/sleeptech company https://affectablesleep.com, and this post shows the major issue with current wellness device regulation.

> I was not expecting to end up with the ability to read strangers' brainwaves and send them electric impulses in their sleep. But here we are.

Almost out of a Phillip K Dick novel

>Since every device shares the same credentials and the same broker, if you can read someone's brainwaves you can also send them electric impulses.

Amazing.

the headlines these days

https://www.jeffgeerling.com/blog/2025/i-wont-connect-my-dis...

Then there's hardening your peripheral and central device/app against the kinds of spoofing attacks that are described in this blog post.

[0]: Like with the Android KeyStore and whichever HSMs are used in microcontrollers, so that keys can't be extracted by just dumping strings from a binary.

At this point, I trust LLMs to come up with something more secure than the cheapest engineering firm for hire.

Non-privacy of this person is currently sleeping data is very bad as well, for different reasons.

You know, now that I'm thinking about it, I'm beginning to wonder if poor data privacy could have some negative effects.

People will be lining up to have their brainwaves harvested because it'll be mildly easier to send emails or something similarly inane.

You could read the alertness level from an EEG, which could be helpful to a burglar. The device with slow-wave status seems ideal.

How useful could something like this be for research? I'm not a neuroscientist so I have no clue, but it seems like the only justification I can think of..

I would presume data privacy laws already have good precedent for health data?

"Broker" is right there in the title of the post.

Baby's gotta get some cash somewhere.

Millions of people voluntarily use Gmail which gives a lot more useful data than EEG output to DHS et al without a warrant under FAA702. What makes you think people who “have nothing to hide” would care about publishing their EEG data?

Remember that the S in IoT stands for Security.

I would not trust the sleep mask company even if they somehow manage to have some authentication and authorisation on their MQTT.

Name the company, hiding it is irresponsible

Like, don't actually do it, but I feel like there's inspiration for a sci-fi novel or short story there.

Well that’s a brand new sentence.

This smells like bullshit to me, although I am admittedly not experienced with Claude.

If any of this happened at all. No hardware mentioned, no company, no actual protocol description published, no library provided.

It makes a nice vague futuristic cyperpunk story, but there's no meat on those bones.

What's the real risk profile? Robbers can see you are asleep instead of waiting until you aren't home?

I have not implemented MQTT automations myself, but it's there a way to encrypt them? That could be a nice to have

Won't they sue for the reverse engineering?

Also discovered during reverse-engineering of the devices’ communications protocols.

IoT device security is an utterly shambolic mess.

huh, not sure if life imitates snark and bull https://medium.com/luminasticity/great-products-of-illuminat...

or if this is another scifi variation of the same theme, with some dev like embellishments.

"smart sleep mask :D - what next, smart toilet seats? Oh, wait...

Dudes so stupid being tied to tech everywhere.

You could read the alertness level from an EEG, which could be helpful to a burglar. The device with slow-wave status seems ideal.

I don't think there is an S in IoT?..

And the P in IoT stands Privacy, and the Q for quality.

The K, of course, stands for Ka-ching!

Author doesn’t spell out why they are not naming them, but my guess is they are trying to not promote the product to malicious actors who would be interested in the sleep data of others.

I guess that’s not a huge problem, though, since all users are presumably at least anonymous.

It’s probably safe to assume they are all like that.

I feel if you're doing something that will require a Hans Zimmer soundtrack you might be the bad guy.

That’s the plot of Paprika.

Very little intervention tbh. I will try to retrieve it and post.

Really is a derth of livestreams demostrating these things. Youd think if thetes so much Unaided AI work people would stream it.

But not a beautiful sentence.

This is hardly to the level in the original post, but I just asked Claude "Are there any interesting Bluetooth devices in my vicinity which aren't actually mine or ones I am connected to?" and it downloaded some tool called `blueutil` and identified a variety of things. Sadly all devices actually owned by me as my neighbors are out of range (but not connected to my computer).

Claude could access anything on your device, including system or third party commands for network or signal processing - it may even have their manuals/sites/man pages in the training set. It’s remarkably good at figuring things out, and you can watch the reasoning output. There are mcp tools for reverse engineering that can give it even higher level abilities (ghidra is a popular one).

Yesterday I watched it try and work around some filesystem permission restrictions, it tried a lot of things I would never have thought of, and it was eventually successful. I was kinda goading it though.

A lot of BLE peripherals are very easy to probe. And there are libraries available for most popular languages that allow you to connect to a peripheral and poke at any exposed internals with little effort.

As for the reverse engineering, the author claims that all it took was dumping the strings from the Dart binary to see what was being sent to the bluetooth device. It's plausible, and I would give them the benefit of the doubt here.

Yes, it is very lacking in details. The Claude output would have been interesting, or a few logs or protocol dumps.

The lack of detail makes me suspect the truth of most of the story.

https://www.kickstarter.com/projects/selepu/dreampilot-ai-gu...

Found that in seconds. EEG, electrical stimulation, heat, audio, etc. Claims a 20 hour battery.

As to the Claude interactions, like others I am suspicious and it seems overly idealized and simplified. Claude can't search for BT devices, but you could hook it up with an MCP that does that. You can hook it up with a decompiler MCP. And on and on. But it's more involved than this story details.

I was originally going to ask something similar, but from a different angle.

These blog posts now making the rounds on HN are the usual reverse engineering stories, but made a lot more compelling simply because they involve using AI.

Never mind that the AI part isn't doing any heavy lifting and probably just as tedious as not using AI in the first place. I am confused why the author mentions it so prominently. Past authors would not have been so dramatic and just waved their hands that they had some trial and error before finding out how the app is built. The focus would have been on the lack of auth and the funny stuff they did before reporting it to the devs.

> nobody budgets time for security architecture on v1

It’s quite literally why the internet is so insecure, because at many points all along the way, “hey, should we design and architect for security?” is/was met with “no, we have people to impress and careers to advance with parlor tricks to secure more funding; besides, security is hard and we don’t actually know what we are doing, so tow the line or you’ll be removed.”

Meanwhile streaming everyone's data, negating any benefit.

Sounds like you cannot control which MQTT endpoint it is headed to? It just goes to the server of the device. Assuming you could modify the firmware, you could program it to send to a local MQTT.

On what grounds could they sue?

That is terrifying. Messing with thermostats could be enough to kill vulnerable people.

I’m not super familiar with MQTT. I wonder how common this is..

That is the premise of HypnoSpace Outlaw, a neat game about 90s internet nostalgia and scifi.

So are the brain waves the cause or the effect?

Are beta waves a sign that my mind is racing and wide awake, or are they the reason?

What’s your proposed mechanism for how audio waves would induce brain waves?

> For obvious reasons, I am not naming the product/company here, but have reached out to inform them about the issue.

Coward. The only way to challenge this garbage is "Name and Shame". Light a fire under their asses. That fire can encourage them to do right, and as a warning to all other companies.

My guess is this is Luuna https://www.kickstarter.com/projects/flowtimebraintag/luuna

Doesn't disclosing this to the world at the same time as you disclose it to the company immediately send hundreds of black hats to their terminals to see how much chaos they can create before the company implements a fix?

Perhaps the author is not a coward, but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.

I did consider naming, but they were very responsive to the disclosure and I was not entirely familiar with potential legal implications of doing so. (For what it's worth, it is not Luuna)

I don't see estim mentioned on that website, but I do see a comparison chart with 4 other competitors with similar capabilities to the one you linked.

What makes you think this is the one?

Even if naming and shaming doesn't work, I sure want to know so I can always avoid them for myself and my family. Thanks for the call-out and the educated guess.

EEG devices can cost a lot to own personally as well.

The other side of owning equipment like this is it still could be useful for some for personal and private use.

Presumably they’ll be named and shamed after they’ve been given a chance to fix things.

Without a brand name, how can we verify this is real?

Without any skin in the game with your username, why should we take anything you say seriously?

Non-privacy of this person is currently sleeping data is very bad as well, for different reasons.

You know, now that I'm thinking about it, I'm beginning to wonder if poor data privacy could have some negative effects.

People will be lining up to have their brainwaves harvested because it'll be mildly easier to send emails or something similarly inane.

At this point, I trust LLMs to come up with something more secure than the cheapest engineering firm for hire.

How useful could something like this be for research? I'm not a neuroscientist so I have no clue, but it seems like the only justification I can think of..

I would presume data privacy laws already have good precedent for health data?

"Broker" is right there in the title of the post.

Baby's gotta get some cash somewhere.

It sounds like there was "presence in room" data as well, which could be very bad

Unsecured fitness monitor data revealed military guard post (IIRC) activity a while back.

Corporations will be lining up to require their employees have their brainwaves harvested, so they can fire employees who aren't alert enough.

"Anyone else out there vibe circuit-building?"

https://xcancel.com/beneater/status/2012988790709928305

The cheapest engineering firms you hire are also using LLMs.

The operator is still a factor.

LLMs definitely write more robust code than most. They don't take shortcuts or resort to ugly hacks. They have no problem writing tedious guards against edge cases that humans brush off. They also keep comments up to date and obsess over tests.

And the cheapest engineering firm won't use LLMs as well, wherever possible?

The general idea of an EEG system that posts data to a network?

Very, but there are already tons of them at lots of different price, quality, openness levels. A lot of manufacturers have their own protocols; there are also quasi/standards like Lab Streaming Layer for connecting to a hodgepodge of devices.

This particular data?

Probably not so useful. While it’s easy to get something out of an EEG set, it takes some work to get good quality data that’s not riddled with noise (mains hum, muscle artifacts, blinks, etc). Plus, brain waves on their own aren’t particularly interesting—-it’s seeing how they change in response to some external or internal event that tells us about the brain.

Not a neuroscientist either but I would imagine that raw data without personal information would not be useful for much. I can imagine that it would be quite valuable if accompanied with personal data plus user reports about how they slept each night, what they dreamed about if anything, whether it was positive dreams or nightmares etc. And I think quite a few people wouldn’t mind sharing all of that in the name of science, but in this case they don’t seem to have even tried to ask.

If they're taking patient data for research without permission, they are not ethical researchers.

I believe they use it for sleep tracking

> I would presume data privacy laws already have good precedent for health data?

Google for a list of all the exceptions to HIPPA. There are a lot of things that _seem_ like they should be covered by HIPPA but are not...

Only for "covered entities" under HIPAA (at least in the US)

An MQTT Broker just mean server, that's MQTT terminology.

So are the brain waves the cause or the effect?

Are beta waves a sign that my mind is racing and wide awake, or are they the reason?

Even if naming and shaming doesn't work, I sure want to know so I can always avoid them for myself and my family. Thanks for the call-out and the educated guess.

Presumably they’ll be named and shamed after they’ve been given a chance to fix things.

It sounds like there was "presence in room" data as well, which could be very bad

Corporations will be lining up to require their employees have their brainwaves harvested, so they can fire employees who aren't alert enough.

What’s your proposed mechanism for how audio waves would induce brain waves?

No idea about audio frequencies close to hearing, but I'm pretty sure it's common to manipulate the brain with ultrasonic frequencies these days.

Perhaps the author is not a coward, but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.

but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.

If that's the case then they should have deferred this whole blog post.

It took me 30 seconds with ChatGPT by saying:

Identify the kickstarter product talked around in this blog post: (link)

To think some blackhat hasn't already did that is frankly laughable. What I did was like the lowest of low-bars these days.

I did consider naming, but they were very responsive to the disclosure and I was not entirely familiar with potential legal implications of doing so. (For what it's worth, it is not Luuna)

Please name 50 other companies it's not.

It's good that they were responsive in the disclosure, but it's still a mark of sloppiness that this was done in the first place, and I'd like to know so I can avoid them.

I don't see estim mentioned on that website, but I do see a comparison chart with 4 other competitors with similar capabilities to the one you linked.

What makes you think this is the one?

EEG devices can cost a lot to own personally as well.

The other side of owning equipment like this is it still could be useful for some for personal and private use.

Without any skin in the game with your username, why should we take anything you say seriously?

Unsecured fitness monitor data revealed military guard post (IIRC) activity a while back.

"Anyone else out there vibe circuit-building?"

https://xcancel.com/beneater/status/2012988790709928305

The general idea of an EEG system that posts data to a network?

This particular data?

I believe they use it for sleep tracking

And the P in IoT stands Privacy, and the Q for quality.

The K, of course, stands for Ka-ching!

It’s probably safe to assume they are all like that.

I feel if you're doing something that will require a Hans Zimmer soundtrack you might be the bad guy.

That’s the plot of Paprika.

Really is a derth of livestreams demostrating these things. Youd think if thetes so much Unaided AI work people would stream it.

But not a beautiful sentence.

EEG is very useful for accurate sleep tracking.

Interesting position in a thread about the dangers of exposing yourself to the internet.

not because you knew how much someone worked out. But because it had GPS.

People make these mistakes too. Several times in my high school shop class kids shorted out 9V batteries trying to build circuits because they didn't understand how electronics work. At no point did our teacher stop them from doing so - on at least one occasion I unplugged one from a breadboard before it got too toasty to handle (and I was/am an electronics nublet). Similarly there was also a lot of hand-wringing about the Gemini pizza glue in a world where people do wacky stuff like cook fish in a dishwasher or put cooked meat on the same plate it was on when it was raw just a few minutes prior.

LLMs are just surfacing the fact that assessing and managing risk is an acquired, difficult-to-learn skill. Most people don't know what they don't know and fail to think about what might happen if they do something (correctly or otherwise) before they do it, let alone what they'd do if something goes wrong.

> They don't take shortcuts or resort to ugly hacks.

That hasn't, universally, been my experience. Sometimes the code is fine. Sometimes it is functional, but organized poorly, or does things in a very unusual way that is hard to understand. And sometimes it produces code that might work sometimes but misses important edge cases and isn't robust at all, or does things in an incredibly slow way.

> They have no problem writing tedious guards against edge cases that humans brush off.

The flip side of that is that instead of coming up with a good design that doesn't have as many edge cases, it will write verbose code that handles many different cases in similar, but not quite the same ways.

> They also keep comments up to date and obsess over tests.

Sure but they will often make comments or tests that aren't actually useful, or modify tests to succeed instead of fixing the code.

One significant danger of LLMs is that the quality of the output is higly variable and unpredictable.

That's ok, if you have someone knowledgeable reviewing and correcting it. But if you blindly trust it, because it produced decent results a few times, you'll probably be sorry.

I had 5.3-Codex take two tries to satisfy a linter on Typescript type definitions.

It gave up, removed the code it had written directly accessing the correct property, and replaced it with a new function that did a BFS to walk through every single field in the API response object while applying a regex "looksLikeHttpsUrl" and hoping the first valid URL that had https:// would be the correct key to use.

On the contrary, the shift from pretraining driving most gains to RL driving most gains is pressuring these models resort to new hacks and shortcuts that are increasingly novel and disturbing!

Interesting and completely wrong statement, what gave you this impression?

The cheapest engineering firms you hire are also using LLMs.

The operator is still a factor.

Yeah, but they’ll add another layer of complexity over doing it yourself

And the cheapest engineering firm won't use LLMs as well, wherever possible?

The cheapest engineering firm will turn out to be headed up by an openclaw instance.

fun fact, LLMs come in cheapest and useless and expensive but actually does what's being asked, too.

So, will they? Probably. Can you trust the kind of LLM that you would use to do a better job than the cheapest firm? Absolutely.

What if you gonna think about your social security number 30000 times in your dreams, and someone knows the pattern? See the danger? That's evil.

If they're taking patient data for research without permission, they are not ethical researchers.

Is it really “without permission” if it’s from a server for which the access credentials have been deliberately published to the entire internet?

> I would presume data privacy laws already have good precedent for health data?

Google for a list of all the exceptions to HIPPA. There are a lot of things that _seem_ like they should be covered by HIPPA but are not...

I don't think there is an S in IoT?..

Right - the saying indicates that IoT stuff is well known for ignoring security.

Thank you for your astute observation. :)

Author doesn’t spell out why they are not naming them, but my guess is they are trying to not promote the product to malicious actors who would be interested in the sleep data of others.

I guess that’s not a huge problem, though, since all users are presumably at least anonymous.

less sleep data, i imagine, and more the whole “send remote electrical impulses” thing

Very little intervention tbh. I will try to retrieve it and post.

That's great to hear. I'd be interested to see the session. Yes, Claude Code keeps sessions in ~/.claude/projects/ by default. Thank you!

By default, Claude code keeps session history (as jsonl files in ~/.claude).

It’s wasteful not to save and learn from those.

No idea about audio frequencies close to hearing, but I'm pretty sure it's common to manipulate the brain with ultrasonic frequencies these days.

but is giving the company time to respond and commit to a fix for the benefit of other owners who could suffer harm.

If that's the case then they should have deferred this whole blog post.

Please name 50 other companies it's not.

It's good that they were responsive in the disclosure, but it's still a mark of sloppiness that this was done in the first place, and I'd like to know so I can avoid them.

Only for "covered entities" under HIPAA (at least in the US)

EEG is very useful for accurate sleep tracking.

12 Feb, 2026

I recently got a smart sleep mask from Kickstarter. I was not expecting to end up with the ability to read strangers' brainwaves and send them electric impulses in their sleep. But here we are.

The mask was from a small Chinese research company, very cool hardware -- EEG brain monitoring, electrical muscle stimulation around the eyes, vibration, heating, audio. The app was still rough around the edges though and the mask kept disconnecting, so I asked Claude to try reverse-engineer the Bluetooth protocol and build me a simple web control panel instead.

Bluetooth

The first thing Claude did was scan for BLE (Bluetooth Low Energy) devices nearby. It found mine among 35 devices in range, connected, and mapped the interface -- two data channels. One for sending commands, one for streaming data.

Then it tried talking to it. Sent maybe a hundred different command patterns. Modbus frames, JSON, raw bytes, common headers. Unfortunately, the device said nothing back, the protocol was not a standard one.

The app

So Claude went after the app instead. Grabbed the Android APK, decompiled it with jadx. Turns out the app is built with Flutter, which is a bit of a problem for reverse engineering. Flutter compiles Dart source code into native ARM64 machine code -- you can't just read it back like normal Java Android apps. The actual business logic lives in a 9MB binary blob.

But even compiled binaries have strings in them. Error messages, URLs, debug logs. Claude ran strings on the binary and this was the most productive step of the whole session. Among the thousands of lines of Flutter framework noise, it found:

Hardcoded credentials for the company's message broker (shared by every copy of the app)
Cloud API endpoints
All fifteen command builder function names (e.g. to set vibration, heating, electric stimulation, etc.)
Protocol debug messages that revealed the packet structure -- header, direction byte, command type, payload, footer

We had the shape of the protocol. Still didn't have the actual byte values though.

Claude then used blutter, a tool specifically for decompiling Flutter's compiled Dart snapshots. It reconstructs the functions with readable annotations. Claude figured out the encoding, and just read off every command byte from every function. Fifteen commands, fully mapped.

It works

Claude sent a six-byte query packet. The device came back with 153 bytes -- model number, firmware version, serial number, all eight sensor channel configurations (EEG at 250Hz, respiration, 3-axis accelerometer, 3-axis gyroscope). Battery at 83%.

Vibration control worked. Heating worked. EMS worked. Music worked. Claude built me a little web dashboard with sliders for everything. I was pretty happy with it.

That could have been the end of the story.

The server

Remember the hardcoded credentials from earlier? While poking around, Claude tried using them to connect to the company's MQTT broker -- MQTT is a pub/sub messaging system standard in IoT, where devices publish sensor readings and subscribe to commands. It connected fine. Then it started receiving data. Not just from my device -- from all of them. About 25 were active:

Sleep masks publishing live EEG brainwave data
Air quality monitors reporting temperature, humidity, CO2
Presence sensors detecting room occupancy

Claude captured a couple minutes of EEG from two active sleep masks. One user seemed to be in REM sleep (mixed-frequency activity). The other was in deep slow-wave sleep (strong delta power below 4Hz). Real brainwaves from real people, somewhere in the world.

Live EEG

EMS

The mask also does EMS -- electrical muscle stimulation around the eyes. Controlling it is just another command: mode, frequency, intensity, duration.

Since every device shares the same credentials and the same broker, if you can read someone's brainwaves you can also send them electric impulses.

Disclosure

For obvious reasons, I am not naming the product/company here, but have reached out to inform them about the issue.

This whole thing made me revisit Karpathy's Digital Hygiene post, and you probably should too.

The reverse engineering -- Bluetooth, APK decompilation, Dart binary analysis, MQTT discovery -- was more or less one-shotted by Claude (Opus 4.6) over a 30' autonomous session.