Sniffing Bluetooth Devices With A Raspberry Pi

Hackaday was at HOPE last weekend, and that means we got the goods from what is possibly the best security conference on the east coast. Some of us, however, were trapped in the vendor area being accosted by people wearing an improbable amount of Mr. Robot merch asking, ‘so what is Hackaday?’. We’ve all seen The Merchants Of Cool, but that doesn’t mean everyone was a vapid expression of modern marketing. Some people even brought some of their projects to show off. [Jeff] of reelyActive stopped by the booth and showed off what his team has been working on. It’s a software platform that turns all your wireless mice, Fitbits, and phones into a smart sensor platform using off the shelf hardware and a connection to the Internet.

[Jeff]’s demo unit (shown above) is simply a Raspberry Pi 3 with WiFi and Bluetooth, and an SD card loaded up with reelyActive’s software. Connect the Pi to the Internet, and you have a smart space that listens for local Bluetooth devices and relays the identity and MAC address of all Bluetooth devices in range up to the Internet.

The ability to set up a hub and detect Bluetooth devices solves the problem Bluetooth beacons solves — identifying when people enter a space, leave a space, and with a little bit of logic where people are located in a space — simply by using what they’re already wearing. Judging from what [Jeff] showed with his portable reelyActive hub (a Pi and a battery pack) a lot of people at HOPE are wearing Fitbits, wireless headphones, and leaving the Bluetooth on the phone on all the time. That’s a great way to tell where people are, providing a bridge between the physical world and the digital.

16 thoughts on “Sniffing Bluetooth Devices With A Raspberry Pi

      1. iOS since the start and Android since version 5 Lollipop have been using private addresses so this will only work on a very limited set of mobile phones for tracking, not as the article implies.

        Also I doubt Fitbit is using public fixed addresses since that would be a huge breach of privacy for their customers.

        1. You’d be surprised just how many devices can be detected by their spontaneous BLE advertisement packets. And yes jgmarcelino, the FitBit is not using a public fixed address, but our Charge HRs haven’t changed their *random* address in 18 months, allowing us to permanently associate them with our profiles! Smart TVs and set top boxes are quite guilty of this too. iOS and Android 5+ devices do regularly cycle their advertiser addresses which addresses (pun intended) most privacy concerns.

  1. Oh wow! I’ve been looking for a good way to implement something like this with one of my projects. It’d be really nice to track the devices entering and leaving the house, and if enrolled, act on legitimate occupants’ presence. Nice.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s