Engineer finds his smart sleep mask can read other people's brainwaves due to poor software security - superpower granted via poor-quality software with hardcoded high-level credentials

• Engineer discovers smart sleep mask can read other users’ brainwaves. • Issue caused by hardcoded credentials and insecure Bluetooth protocol. • Mask likely from SLEEPU DreamPilot, a small Chinese startup. • Engineer reverse‑engineered 15 commands using Claude AI and a custom web app. • The flaw highlights software security as an afterthought in hardware products. • Users risk unauthorized EEG data access and control over their devices.

Article Summaries:

• Engineer finds his smart sleep mask can read other people’s brainwaves due to poor software security - superpower granted via poor-quality software with hardcoded high-level credentials Definitely getting more than he bargained for. Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox. You are now subscribed Your newsletter sign-up was successful The idiom “getting more than you bargained for” is usually applied in the context of unwanted, nasty consequences. Occasionally, it’s used in the literal sense, like when AI engineer Aimilios Hatzistamou found his newly-bought s

Sources:

• https://www.tomshardware.com/peripherals/wearable-tech/engineer-finds-his-smart-sleep-mask-can-read-other-peoples-brainwaves-superpower-granted-via-poor-quality-software-with-hardcoded-high-level-credentials