A few years in the past, a curious, then-16-year-old hacker named Reynaldo Vasquez-Garcia was on his laptop computer at his Portland-area highschool, seeing what laptop programs he might hook up with through the Wi-Fi—“utilizing the college community as a lab,” as he places it—when he noticed a handful of mysterious gadgets with the identifier “IPVideo Company.”
After a better look and a few googling, Garcia found out that an organization by that title was a subsidiary of Motorola, and the gadgets he’d present in his college appeared to be one thing referred to as the Halo 3C, a “sensible” smoke and vape detection gadget. “They give the impression of being identical to smoke detectors, however they’ve an entire bunch of options like sensors and stuff,” Garcia says.
As he learn extra, he was intrigued to study that the Halo 3C goes past detecting smoke and vaping—together with a definite characteristic for discerning THC vaping specifically. It additionally has a microphone for listening out for “aggression,” gunshots, and key phrases corresponding to somebody calling for assist, a characteristic that to Vasquez-Garcia instantly raised issues of extra intrusive surveillance.
Now, after months of reverse engineering and safety testing, Vasquez-Garcia and a fellow hacker he’s partnered with who goes by the pseudonym “Nyx,” have proven that it’s doable to hack a kind of Halo 3C devices—which they’ve taken to calling by the nickname “snitch puck”—and take full management of it.
Reynaldo Vasquez-Garcia and Nyx in Las Vegas, NV on August 8, 2025.{Photograph}: Ronda Churchill
On the Defcon hacker convention at the moment, they plan to indicate that by exploiting just some comparatively easy safety vulnerabilities, any hacker on the identical community might have hijacked a Halo 3C to show it right into a real-time audio eavesdropping bug, disabled its detection capabilities, created faux alerts for vaping or gunshots, and even performed no matter sound or audio they selected out of the system’s speaker. Motorola stated it has since developed a firmware replace to handle these safety flaws that may mechanically push to cloud-connected gadgets by Friday.
Lots of the hackers’ tips are on show in a video demo under, which the Vasquez-Garcia and Nyx made forward of their Defcon presentation:
