TL;DR: I built an open-source hardware device that detects AirTags, smart glasses, and other BLE devices that could be used to track or surveil you. It runs on a $15 ESP32 touchscreen and can even simulate these devices for security testing. Get it on GitHub.
The Spark
A few days ago, JamesLV (one of the SEC617 authors) and I were discussing this 404 Media article about an app called “Nearby Glasses” that warns users when someone wearing smart glasses is nearby. The app scans for Bluetooth signatures from devices like Meta’s Ray-Ban smart glasses—the ones that can secretly record video and, with Meta’s new “Name Tag” AI feature, potentially identify people and pull up information about them in real-time.
The concept resonated with both of us. In the security community, we’ve been tracking the privacy implications of BLE devices for years. AirTags and SmartTags have enabled stalking. Smart glasses can record without consent. Medical devices broadcast sensitive health information. The Bluetooth spectrum has become a privacy minefield.
100 CYDs Looking for a Purpose
Here’s where timing got interesting. After Shmoocon, I had over 100 ESP32 CYD (Cheap Yellow Display) boards left over from our AirTag detector workshop. These $15 boards pack an ESP32, a 2.8″ touchscreen, and BLE capabilities into a pocket-sized package. They were sitting in a box, waiting for their next mission.
The conversation with James gave them one.
What BLEPTD Does
BLEPTD (BLE Privacy Threat Detector) turns that $15 hardware into a portable surveillance detection platform. It:
Detects 54+ Device Types:
- Trackers: AirTags, Samsung SmartTags, Tile, Chipolo, Google trackers, Eufy, Pebblebee, Cube
- Smart Glasses: Meta Ray-Ban, Snap Spectacles, Amazon Echo Frames, Vuzix Blade, XREAL Air
- Medical Devices: Dexcom CGMs, Medtronic pumps, Omnipod, cardiac monitors, CPAP machines
- Wearables: Fitbit, Garmin, Whoop, Oura Ring, and more
- Audio: Sony, Bose, Jabra headphones and earbuds
Transmits for Testing:
For authorized security testing, BLEPTD can simulate 20 different device types. This is invaluable for:
- Testing detection systems
- Security research
- Pentesting engagements
- Training and education
Confusion Mode:
Broadcast multiple device signatures simultaneously to create noise—useful for understanding how tracking systems handle conflicting data.
The Interface
Everything runs through a touch-friendly UI:
- SCAN: View detected devices in real-time with RSSI signal strength
- FILTER: Toggle categories (trackers, glasses, medical, wearables, audio)
- TX: Tap to transmit any supported device signature
- SETUP: View statistics and configuration
There’s also a full serial command interface for automation and integration with other tools.
Why Open Source?
Privacy tools need to be auditable. When you’re building something designed to protect people from surveillance, “trust me” isn’t good enough. Every line of code is on GitHub. Fork it. Audit it. Improve it.
The hardware is commodity. The firmware is free. The knowledge should be shared.
Get Started
Hardware: ESP32-2432S028R (the 2.8″ CYD with micro-USB). Available for ~$15 on AliExpress, Amazon, etc.
Firmware: GitHub Releases – Flash the precompiled binary or build from source.
Documentation: Full specs, device signatures, and serial commands in the SPECIFICATION.md.
What’s Next?
This is v1.0.0. The foundation is solid, but there’s more to build:
- Additional device signatures as new products hit the market
- SD card logging for field surveys
- WiFi-based alerting and reporting
- Integration with other security tools
- Community-contributed signatures
Acknowledgments
Thanks to JamesLV and the SEC617 crew for the conversation that sparked this. Thanks to the 404 Media team for their continued coverage of surveillance tech. And thanks to everyone at Shmoocon who participated in the AirTag detector workshop—your enthusiasm for this kind of work is why we keep building.
Privacy isn’t dead. We just have to fight for it.
Links: