Unmasking the Snitch Puck: the creepy IoT surveillance tech in the school bathroom

Presented at DEF CON 33 (2025), Aug. 8, 2025, 3:30 p.m. (45 minutes).

With the commoditization of IoT surveillance technology, private and public entities alike have been rushing to put every facet of our lives under surveillance. Unfortunately, schools are no exception in the ongoing privacy race to the bottom. In this talk, we present our analysis of a popular line of IoT vape detectors marketed primarily to schools. Rey first learned of the existence of this device while he was a student in high school, scanning the local network during his lunch break. He became obsessed with the idea of reverse-engineering it, and a couple of years later he got an opportunity when a specimen appeared on eBay. This talk will cover our journey of acquiring the device and doing a hardware teardown. Then, we'll talk about dumping the firmware, examining its behavior, and doing some light reverse-engineering to uncover some fun appsec vulnerabilities. We'll discuss implications of our findings on this particular series of devices, as well as on the ed-tech surveillance industry as a whole. We will release a copy of the device filesystem, as well as our scripts for decrypting OEM firmware and packing custom firmware updates.

Presenters:

• Reynaldo "buh0"
  Rey started out finding bugs and holes in websites at 15. He began attending local infosec meetups in Portland, Oregon—like RainSec and PDX2600—soaking up everything he could. After stumbling across a creepy surveillance device at his high school, he drifted into hardware security and reverse engineering. He’s determined to keep learning and digging deeper.
• nyx
  nyx is a Portland-based hacker, engineer, and self-described cyberpunk. As an unwilling participant in the late-capitalist, mass-surveillance dystopia, he is passionate about digital privacy, data self-custody, and running his own infra. Ultimately, he hopes to wrest control of his online life back from the megacorps and help others do the same. He holds the OSCP, and in his professional life he develops system software for a Fortune 100 tech company's internal consulting team, specializing in security, networks, and devops. When not making a living looking at the bad screen, in his free time he enjoys looking at the good screen.

Similar Presentations:

• RomHack 2019 / Reverse engineering of IoT devices: hack a home router
• Black Hat Europe 2019 / Sneak into Your Room: Security Holes in the Integration and Management of Messaging Protocols on Commercial IoT Clouds
• Black Hat USA 2015 / Using Static Binary Analysis to Find Vulnerabilities and Backdoors in Firmware