How Hackers are Exploiting Bluetooth to Track Police Activity, Law enforcement agencies employ various technologies to track individuals, including facial recognition software and techniques like mimicking cell phone towers to locate and gather mobile data. However, there are individuals who have discovered methods to utilize technology for the purpose of eavesdropping or intercepting conversations. Bluetooth signals have the potential to disclose the location and activation status of police officers, as well as devices such as body cameras and Tasers. This information can be helpful in monitoring law enforcement activities and ensuring transparency.
“It’s be really weird if you had your volume turned all the way up and all of your devices are just screaming, right?,” Alan “Nullagent” Meekins, cofounder of Bluetooth tracking platform RFParty, said. “But that’s really what you’re doing in these wireless spectrums, they’re just constantly shouting.”
Every Bluetooth device is assigned a distinct MAC address, which serves as a unique identifier. This address consists of a 64-bit code that helps identify the device. Part of this code includes an Organizational Unique Identifier (OUI), which allows the device to indicate its manufacturer or creator. The OUI essentially acts as a way for the device to communicate its origin or maker. Meekins and his cofounder, Roger “RekcahDam” Hicks, explored the various IoT devices employed by numerous police forces. This exploration ultimately led them to Axon, a well-known company primarily associated with the production of Tasers. Contemporary police kits are equipped with a wide range of Bluetooth-enabled technology, often provided by Axon. These include devices such as Tasers, body cameras, and in-vehicle laptops. This integration of technology enhances the capabilities and efficiency of law enforcement personnel on the field. Some police officers are equipped with gun holsters that send a Bluetooth ping whenever their sidearm is unholstered. This feature allows law enforcement to track and monitor the movement of their firearms. By simply referring to the company’s documentation, officers were able to identify the Organizationally Unique Identifier (OUI) associated with these holsters.
While a Bluetooth identifier may appear insignificant, it has the potential to disclose valuable insights about the activities of law enforcement officers. It can provide details such as when their body cameras are active or when they activate sirens in response to an emergency call. This information can be quite revealing regarding their location and current actions.Police officers now have a signal that is transmitted when they feel a situation should be recorded. This allows individuals to capture and identify such incidents, eliminating any doubt or confusion regarding the presence of body cameras. It’s a way to potentially determine whether certain evidence exists so that it can be produced more quickly in a records request — something police often “slow walk” Meekins said. When using RFParty, the app will gather historical data for reference. In the context of body cameras, when these devices start recording, they usually emit a Bluetooth signal that can be picked up by other devices. In situations where a law enforcement officer activates a camera, Taser, or any other Internet of Things (IoT) device, it is possible for individuals using an app to collect and record relevant data about the incident. This ensures that important details are documented accurately for later analysis or legal purposes.
Much like how radio waves work, accessing the bands used by emergency response personnel requires specific equipment and knowledge. Once you have the necessary tools and understand the language and codes being used, you can effectively tune into these broadcasts alongside music and news stations. It is possible to gain access to police radio frequencies, where you can listen in on the communication between law enforcement officers. This can provide valuable information about recent arrests and the areas where police are currently patrolling.
According to a spokesperson from Axon, the company utilizes Bluetooth technology to establish connections between in-car systems and mobile apps. Additionally, Bluetooth is also used for their camera recording devices. According to the spokesperson, utilizing Bluetooth connectivity plays a crucial role in ensuring that incidents are recorded effectively and that devices remain connected for enhanced visibility. Axon is actively working on implementing more measures and improvements to address any concerns related to tracking their devices over time. To enhance the privacy and security of our devices, we implement a rotating system for their unique BLE device addresses, also known as MAC addresses. This means that the identifiers change periodically, making it difficult to track a specific device over time. Additionally, we eliminate the need to include serial numbers in Bluetooth broadcasts, further reducing the ability to identify and track our devices.
RFParty does not have any features specifically designed to track police activities. It is primarily a Bluetooth scanning service that functions similar to existing services such as Wigle.net or nRF Connect. RFParty, a popular mapping service, has raised concerns regarding the inclusion of Internet of Things (IoT) devices used by law enforcement agencies on its maps. This includes common devices such as body cameras. It has been reported that some users have already started utilizing RFParty for tracking police activities.
In today’s world, there is a significant amount of advanced technology available to us. However, it is only a select few who truly understand how to utilize and manipulate it for their benefit. This creates an imbalance where the majority of people lack the necessary knowledge to harness its potential. It is crucial that we take steps towards bridging this gap and providing more accessible information and education about technology to empower everyone in society. During DefCon 31, Meekins gave a presentation about the Axon OUI and demonstrated its capabilities to me in a private live demo. This revealed how an experienced RFParty user could effectively utilize this information.
To ensure accountability in cases of potential abuses of police power, it is important for individuals to have access to historical data through the use of RFParty. This system allows people to run it in close proximity, providing them with valuable information necessary for holding authorities accountable. While the widespread availability of data for every incident may not be achievable, it is intriguing to witness a shift in power dynamics when law enforcement agencies possess the ability to leverage technology against almost anyone. Though the app may not gain immense popularity, it raises interesting questions about the potential reversal of roles.
