<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community:  IntSpired®</title>
    <description>The latest articles on DEV Community by  IntSpired® (@intspired).</description>
    <link>https://dev.to/intspired</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3885928%2Fc1a97114-c97b-407a-aa58-a259c0b82bdf.PNG</url>
      <title>DEV Community:  IntSpired®</title>
      <link>https://dev.to/intspired</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/intspired"/>
    <language>en</language>
    <item>
      <title>5G, IMSI Catchers and the Downgrade Problem</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Thu, 25 Jun 2026 05:17:31 +0000</pubDate>
      <link>https://dev.to/intspired/5g-imsi-catchers-and-the-downgrade-problem-37df</link>
      <guid>https://dev.to/intspired/5g-imsi-catchers-and-the-downgrade-problem-37df</guid>
      <description>&lt;p&gt;&lt;strong&gt;5G makes IMSI catching harder, but fallback is where the risk remains.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The old IMSI catcher problem was fairly simple. A device could be pulled towards a stronger rogue cell, persuaded to connect, and then pushed into revealing identity information before the session was properly protected.&lt;/p&gt;

&lt;p&gt;In 2G, 3G and 4G environments, that created a practical route to subscriber identification, tracking and follow-on targeting.&lt;/p&gt;

&lt;p&gt;That weakness sits in the order of events. The device identifies itself before enough trust has been established.&lt;/p&gt;

&lt;p&gt;5G Standalone changes that model. But that protection is not absolute in every real-world condition.&lt;/p&gt;

&lt;p&gt;The permanent subscriber identity is no longer supposed to be exposed over the air in clear text. Instead, the device sends SUCI, the Subscription Concealed Identifier, which protects the underlying subscriber details using ECIES, the Elliptic Curve Integrated Encryption Scheme.&lt;/p&gt;

&lt;p&gt;That means the fake base station may still attract the device, but it should not be able to read the permanent subscriber identity in clear text. That is a major architectural improvement.&lt;/p&gt;

&lt;p&gt;But from an offensive security perspective, the important question is not simply:&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Can 5G protect the identity?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;The better question is:&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Can the device be forced into a condition where that protection no longer applies?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is where the operational risk remains. If a device, SIM, operator configuration or coverage environment allows fallback to 4G, then the older identity exposure path can still become relevant.&lt;/p&gt;

&lt;p&gt;The attacker may not need to “break 5G” at all. They may only need to shape the radio environment, degrade service, manipulate selection behaviour, or force the user equipment into a weaker mode.&lt;/p&gt;

&lt;p&gt;That is the part often missed in simplified security discussions.&lt;/p&gt;

&lt;p&gt;Cryptography can be strong. The standard can be improved. The architecture can be better.&lt;/p&gt;

&lt;p&gt;But the real world still depends on configuration, coverage, fallback behaviour, handset capability, operator maturity and the radio environment around the target.&lt;/p&gt;

&lt;p&gt;For high-risk individuals, executives, journalists, legal teams, investigators and sensitive organisations, mobile surveillance risk should not be dismissed just because “5G is secure”.&lt;/p&gt;

&lt;p&gt;The more realistic position is this:&lt;/p&gt;

&lt;p&gt;5G Standalone makes traditional IMSI capture significantly harder, but mixed 4G/5G environments still create downgrade and exposure opportunities.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Consider:&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;What can be seen?&lt;/p&gt;

&lt;p&gt;What can be forced?&lt;/p&gt;

&lt;p&gt;What can be downgraded?&lt;/p&gt;

&lt;p&gt;What can be tracked?&lt;/p&gt;

&lt;p&gt;What happens when the device leaves the ideal security model and enters the real environment?&lt;/p&gt;

&lt;p&gt;Security is not only about what the protocol promises. It is about what an attacker can make the target system do.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>offensivesecurity</category>
      <category>penetrationtesting</category>
      <category>wirelesssecurity</category>
    </item>
    <item>
      <title>SIGINT: Know Before You’re Known</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Tue, 16 Jun 2026 06:18:02 +0000</pubDate>
      <link>https://dev.to/intspired/sigint-know-before-youre-known-39hn</link>
      <guid>https://dev.to/intspired/sigint-know-before-youre-known-39hn</guid>
      <description>&lt;p&gt;Most security conversations begin at the point of impact: phishing, malware, ransomware, data breaches and compromised systems.&lt;/p&gt;

&lt;p&gt;Those threats matter. But they are rarely where the adversary starts.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Before exploitation, there is collection.&lt;/em&gt;&lt;br&gt;
&lt;em&gt;Before intrusion, there is reconnaissance.&lt;/em&gt;&lt;br&gt;
&lt;em&gt;Before action, there is intelligence.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;One area still under-discussed in the private security space is &lt;strong&gt;signals intelligence&lt;/strong&gt;, or SIGINT.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F888d5jidmgls9is2rjwm.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F888d5jidmgls9is2rjwm.webp" alt="Understanding SIGINT in the Modern Threat Landscape." width="800" height="450"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Understanding SIGINT in the Modern Threat Landscape.&lt;/p&gt;

&lt;p&gt;Traditionally, SIGINT has been treated as a government, military or intelligence-agency discipline. But the modern threat landscape is no longer that cleanly separated.&lt;/p&gt;

&lt;p&gt;Criminal groups, hostile actors and organised networks increasingly operate on the same principle. That is where cyber, physical security and intelligence begin to overlap.&lt;/p&gt;

&lt;p&gt;The tools and techniques that once required state-level resource and access are increasingly available, affordable and understood beyond that world. Off-the-shelf hardware can monitor wireless environments. Geolocation data is commoditised. The barrier to conducting meaningful signals collection against a target has dropped considerably. That shift matters for any organisation that assumes its exposure begins and ends with its IT perimeter.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpfxs6s93pylz7xlmv6eh.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpfxs6s93pylz7xlmv6eh.webp" alt="Signals Intelligence Is No Longer Only a State-Level Concern." width="800" height="600"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Signals Intelligence Is No Longer Only a State-Level Concern. &lt;/p&gt;

&lt;p&gt;Documented cases show organised criminal networks using phone metadata, geolocation data and signal disruption to identify law enforcement activity, evade surveillance and protect their operations. GPS jammers have been deployed to blind tracking systems during cargo theft. Counter-surveillance techniques once associated with state-level actors are now in active use by criminal organisations. The gap between state capability and criminal application is narrowing. That has direct implications for private sector organisations.&lt;/p&gt;

&lt;p&gt;For private organisations, the lesson is clear: threat intelligence cannot stop at the firewall. The more important question is what an adversary already knows before the attack is even considered.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;A mature security posture should ask:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;What can an adversary observe before they attack?&lt;/em&gt;&lt;br&gt;
&lt;em&gt;What signals are we leaking?&lt;/em&gt;&lt;br&gt;
&lt;em&gt;What wireless or RF exposure exists around our people, sites, vehicles or operations?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Could location data, device behaviour, communications patterns or technical emissions be used to build intelligence against us?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Consider a straightforward example: a fleet of company vehicles passively broadcasting Bluetooth identifiers and Wi-Fi probe requests creates a pattern-of-life signature readable by anyone with basic monitoring equipment. Add mobile devices connecting to cell towers, and a picture of where your people are, how frequently they move and when routines deviate becomes available. &lt;/p&gt;

&lt;p&gt;No breach required. No direct engagement with your systems.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Where are we visible before we are vulnerable?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F98j3cl53ury0yr05xeop.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F98j3cl53ury0yr05xeop.webp" alt="What Adversaries Can See Before They Attack." width="800" height="450"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; What Adversaries Can See Before They Attack.&lt;/p&gt;

&lt;p&gt;At IntSpired®, our work is focused on that earlier phase of the threat lifecycle. We help organisations understand their own signal exposure before an adversary does, and identify where intelligence may already be accumulating against them.&lt;/p&gt;

&lt;p&gt;That means looking beyond the obvious breach point: adversary visibility, pre-attack intelligence, wireless and RF exposure, OSINT, technical reconnaissance and the overlap between digital and physical risk.&lt;/p&gt;

&lt;p&gt;The organisations that understand this earliest are the hardest to target.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;INTSPIRED®&lt;/strong&gt;&lt;br&gt;
OFFENSIVE BY DESIGN. INTELLIGENT BY NATURE.&lt;/p&gt;

&lt;p&gt;Sources / further reading:&lt;/p&gt;

&lt;p&gt;This post draws on open-source reporting and public material, including:&lt;/p&gt;

&lt;p&gt;National Crime Agency, National Strategic Assessment of Serious and Organised Crime (2024)&lt;/p&gt;

&lt;p&gt;National Cyber Security Centre, Annual Review 2024 (2024)&lt;/p&gt;

&lt;p&gt;Royal United Services Institute, Operation Destabilise: Russia, Organised Crime and Illicit Finance (2024)&lt;/p&gt;

&lt;p&gt;Ofcom, Radio Frequency Jammers: Spectrum Offences under the Wireless Telegraphy Act 2006 (2023)&lt;/p&gt;

&lt;p&gt;Privacy International, IMSI Catchers: UK Authorities Play Hide and Seek with Use of Intrusive Surveillance Technology (2023)&lt;/p&gt;

</description>
      <category>wirelesssecurity</category>
      <category>rfsecurity</category>
      <category>cybersecurity</category>
      <category>attacksurface</category>
    </item>
    <item>
      <title>Satellite-to-Phone Connectivity</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Thu, 11 Jun 2026 05:45:44 +0000</pubDate>
      <link>https://dev.to/intspired/satellite-to-phone-connectivity-2ma5</link>
      <guid>https://dev.to/intspired/satellite-to-phone-connectivity-2ma5</guid>
      <description>&lt;p&gt;Satellite phones are not new. What is changing is ordinary smartphones connecting directly to satellites.&lt;/p&gt;

&lt;p&gt;For years satellite communication required specialist devices and dedicated terminals used by remote workers, maritime users, emergency responders, military personnel and journalists operating beyond normal mobile coverage.&lt;/p&gt;

&lt;p&gt;Most people rely on terrestrial networks. That means everything connecting your phone or laptop to the internet through ground-based infrastructure. The cell tower in your street. The cables between exchanges. Your home broadband and Wi-Fi router. If it sits on the ground and carries your data it is part of the terrestrial network.&lt;/p&gt;

&lt;p&gt;When those networks are unavailable, damaged, congested, jammed or out of range, connectivity fails. That is where direct-to-device satellite connectivity becomes relevant.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The shift has already started&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Apple's satellite features allow compatible iPhones to contact emergency services with no cellular or Wi-Fi coverage. Starlink is developing direct-to-cell services using low Earth orbit satellites. AST SpaceMobile has received FCC approval to operate a constellation providing supplemental coverage through existing mobile partners.&lt;/p&gt;

&lt;p&gt;Full satellite broadband to every phone as an everyday service is not here yet. But the move from specialist satellite hardware towards ordinary satellite-capable smartphones has begun.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fipoadhuzl76ojy1f9kwz.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fipoadhuzl76ojy1f9kwz.jpg" alt="Starlink V1.5, V2 and V3" width="676" height="398"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Starlink V1.5, V2 and V3.&lt;/p&gt;

&lt;p&gt;Later Starlink satellites are expected to be larger and more capable to support direct-to-device connectivity. V3-class satellites are widely discussed as requiring Starship-scale launch capacity rather than routine Falcon 9 deployment. A larger antenna array can help the satellite focus a stronger and more precise signal beam towards a device on the ground. That is what makes connecting to an ordinary smartphone physically possible.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The signal strength problem&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Many low Earth orbit communication satellites operate hundreds of kilometres above Earth. Research modelling often uses altitudes of around 550–560 km to illustrate the scale of the signal-strength challenge. Purpose-built ground terminals use large, focused antennas to receive these signals. Smartphones, by contrast, rely on much smaller built-in antennas. As a result, the received signal strength can be thousands of times weaker than with a dedicated ground terminal.&lt;/p&gt;

&lt;p&gt;The solution is beamforming. Instead of broadcasting a signal in all directions, the satellite uses an array of antennas to focus power precisely towards a specific device. It is the difference between a lightbulb spreading light across a room and a torch aimed at a single point.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feiozvzyqb92hpvxu05yx.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feiozvzyqb92hpvxu05yx.png" alt="Beamforming &amp;amp; Focusing the Signal" width="800" height="450"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Beamforming &amp;amp; Focusing the Signal.&lt;/p&gt;

&lt;p&gt;Left: unfocused signal spreading in all directions with most power wasted. Right: beamforming concentrating power directly at the device on the ground.&lt;/p&gt;

&lt;p&gt;A satellite has limited power. Beamforming focuses that power like a torch beam rather than spreading it like a lightbulb. This is one of the key techniques that allows a satellite to reach a standard smartphone without a specialist terminal on the ground.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Multiple satellites, one phone&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Research published in 2026 by engineers at KTH Royal Institute of Technology shows how multiple satellites can coordinate to serve the same device simultaneously. Instead of connecting to one satellite a phone could receive data streams from several at once improving both speed and reliability. If one satellite moves out of range or is blocked, others may help maintain continuity. This coordination does not require the satellites to be precisely synchronised with each other removing one of the main practical barriers to real-world deployment.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkj9lxrvc3chq6k3nsfgy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkj9lxrvc3chq6k3nsfgy.png" alt="One Phone, Multiple Satellites." width="800" height="450"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; One Phone, Multiple Satellites.&lt;/p&gt;

&lt;p&gt;Four satellites each sending a differently coloured beam to a single smartphone on the ground.&lt;/p&gt;

&lt;p&gt;Future systems may allow a device to receive signals from several satellites simultaneously improving resilience and reducing the impact of movement, blockage or coverage gaps. Each satellite sends part of the data. The phone combines the signals.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this changes the risk landscape&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Wider access creates wider exposure.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;For ordinary users&lt;/strong&gt; a satellite-capable phone can communicate outside normal network infrastructure even when that infrastructure is deliberately disrupted.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;For organisations&lt;/strong&gt; satellite-capable devices may bypass local network controls, corporate gateways or expected monitoring points.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The criminal threat: more than jamming&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Jamming&lt;/strong&gt; means broadcasting interference on the same frequency a satellite uses to block the signal. GPS jamming is already documented across multiple regions. Direct-to-device services use different frequencies but any wireless link can be vulnerable to interference if an attacker can affect the relevant signal path.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Spoofing&lt;/strong&gt; mimics a legitimate signal. Spoofing or false-signal attacks could attempt to mislead devices or disrupt trust in the connection.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Covert communications.&lt;/strong&gt; Historically, communicating beyond terrestrial network reach often required expensive and visible specialist hardware. A standard smartphone with satellite capability removes that barrier. Networks operating in remote areas, across borders or at sea gain a communications channel that no longer depends on infrastructure authorities can monitor or disrupt.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Evading lawful interception.&lt;/strong&gt; Legal frameworks for intercepting communications are built around terrestrial infrastructure. When traffic routes through a satellite path it may complicate existing lawful intercept, monitoring and governance models that were designed for that environment.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Fraud and identity threats.&lt;/strong&gt; SIM fraud, account compromise and interception attempts will follow satellite connectivity as they have followed every previous generation of mobile technology. Security frameworks built on terrestrial assumptions will need updating.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Physical security in sensitive locations.&lt;/strong&gt; A satellite-capable phone carried into a restricted environment can communicate outside any local network controls in place. Existing device policies and physical security protocols may not account for this.&lt;/p&gt;

&lt;p&gt;This technology does not create new crimes. It reduces friction, increases reach, and may weaken some existing assumptions around visibility, control and disruption.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The point for security awareness&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Satellite connectivity is moving from specialist equipment into everyday phones and the infrastructure is being built now.&lt;/p&gt;

&lt;p&gt;Criminal networks adapt quickly to new communications capabilities. They do not wait for policy frameworks to catch up. A new channel emerges, legitimate users adopt it, and those seeking to avoid detection follow.&lt;/p&gt;

&lt;p&gt;The gap between how fast this technology is moving and how slowly security awareness tends to follow is where the risk lives.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;IntSpired®&lt;/strong&gt;&lt;br&gt;
Offensive by Design. Intelligent by Nature. &lt;/p&gt;

&lt;p&gt;References: &lt;br&gt;
KTH Royal Institute of Technology, "Joint and Streamwise Distributed MIMO Satellite Communications with Multi-Antenna Ground Users" (2026) &lt;/p&gt;

&lt;p&gt;NextBigFuture, "Satellite Direct to Cellphone — SpaceX Starlink vs Apple vs AST Space Mobile" (2025).&lt;/p&gt;

</description>
      <category>attacksurface</category>
      <category>wirelesssecurity</category>
      <category>rfsecurity</category>
      <category>cybersecurity</category>
    </item>
    <item>
      <title>Tracking down a 1964 US Navy Satellite No One Could Switch Off</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Mon, 01 Jun 2026 06:05:54 +0000</pubDate>
      <link>https://dev.to/intspired/tracking-down-a-1964-us-navy-satellite-no-one-could-switch-off-foh</link>
      <guid>https://dev.to/intspired/tracking-down-a-1964-us-navy-satellite-no-one-could-switch-off-foh</guid>
      <description>&lt;p&gt;&lt;strong&gt;They said it was dead. It kept transmitting.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Transit 5B-5. NORAD 965. OPS 6582.&lt;/p&gt;

&lt;p&gt;Launched in December 1964 as part of the US Navy’s Transit satellite navigation system, the GPS of its era.&lt;/p&gt;

&lt;p&gt;Nineteen days after launch, its navigation transmitters failed. The satellite stopped responding to commands. The telemetry transmitter could not be switched off.&lt;/p&gt;

&lt;p&gt;This morning, from &lt;strong&gt;IntSpired&lt;/strong&gt;, &lt;strong&gt;Cornwall&lt;/strong&gt;, we tracked it.&lt;/p&gt;

&lt;p&gt;Here is exactly how.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F14tk9lsgu60qyd9i1h0x.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F14tk9lsgu60qyd9i1h0x.png" alt="Step 1 — Pull the orbital data" width="799" height="210"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Step 1 — Pull the orbital data.&lt;/p&gt;

&lt;p&gt;Before you can track anything, you need to know where it is.&lt;/p&gt;

&lt;p&gt;One command to CelesTrak. curl pulls the TLE directly from the source: two lines of orbital mechanics containing the epoch, inclination, eccentricity and mean motion.&lt;/p&gt;

&lt;p&gt;That is everything Gpredict needs to compute where Transit 5B-5 will be, and when.&lt;/p&gt;

&lt;p&gt;Written to 965.sat.&lt;/p&gt;

&lt;p&gt;Ground truth established.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq7e6ra00kao4rcf5xknl.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq7e6ra00kao4rcf5xknl.PNG" alt="Step 2 — Configure the ground station." width="800" height="539"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Step 2 — Configure the ground station.&lt;/p&gt;

&lt;p&gt;A satellite’s position means nothing without a reference point on Earth.&lt;/p&gt;

&lt;p&gt;IntSpired, Cornwall, UK&lt;br&gt;
50.5000°N, 5.0000°W&lt;br&gt;
IO70MM&lt;br&gt;
50 metres above sea level&lt;br&gt;
Weather station: EGHQ&lt;/p&gt;

&lt;p&gt;Every AOS time, LOS time, elevation calculation and Doppler prediction runs against this coordinate.&lt;/p&gt;

&lt;p&gt;This is the anchor.&lt;/p&gt;

&lt;p&gt;Get it wrong and nothing that follows is accurate.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3dabf91mi4o89vt85r28.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3dabf91mi4o89vt85r28.PNG" alt="Step 3 — Wait for the geometry to align." width="800" height="421"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; Step 3 — Wait for the geometry to align.&lt;/p&gt;

&lt;p&gt;Forty-seven minutes to acquisition of signal.&lt;/p&gt;

&lt;p&gt;Transit 5B-5 is 13,641 km away. Elevation -81°. Deep below the horizon. Eclipsed.&lt;/p&gt;

&lt;p&gt;The red dotted line shows the incoming trajectory. Gpredict is computing the pass in real time. IntSpired is locked as the ground station and waiting.&lt;/p&gt;

&lt;p&gt;This is the part nobody posts.&lt;/p&gt;

&lt;p&gt;The prediction phase.&lt;/p&gt;

&lt;p&gt;Knowing exactly when and where to look before anything appears.&lt;/p&gt;

&lt;p&gt;That discipline is the skill. The SDR is just the receiver.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn4mcs0ltirn97nntonrl.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn4mcs0ltirn97nntonrl.png" alt="Step 4 — Acquisition." width="799" height="367"&gt;&lt;/a&gt;&lt;strong&gt;Image 4:&lt;/strong&gt; Step 4 — Acquisition.&lt;/p&gt;

&lt;p&gt;There it is.&lt;/p&gt;

&lt;p&gt;Elevation 25.77°. Slant range 1,988 km.&lt;/p&gt;

&lt;p&gt;Transit 5B-5 is inside IntSpired’s footprint on the map, the two points almost touching over the North Atlantic.&lt;/p&gt;

&lt;p&gt;Doppler is at -362 Hz. The sign has already flipped, which means closest approach has passed and the satellite is now receding.&lt;/p&gt;

&lt;p&gt;That zero-crossing happened live during the pass as the frequency shifted through zero.&lt;/p&gt;

&lt;p&gt;That is observable proof of a real pass, not just a prediction on a screen.&lt;/p&gt;

&lt;p&gt;Signal loss: 138.37 dB.&lt;br&gt;
Orbit: 4108.&lt;br&gt;
Observed from Cornwall with one dipole and one SDR.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this matters&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Transit 5B-5 has no active operators. No mission control. No one managing it.&lt;/p&gt;

&lt;p&gt;Its batteries failed decades ago. It appears to run directly from degraded solar cells. When it enters Earth’s shadow, the transmitter can drop within seconds. When sunlight returns, it recovers and transmits again.&lt;/p&gt;

&lt;p&gt;It has continued doing this for more than 60 years because nobody can tell it to stop.&lt;/p&gt;

&lt;p&gt;That is unmanaged RF exposure at the extreme end of the scale.&lt;/p&gt;

&lt;p&gt;A signal crossing the sky that no one controls, few people monitor, and almost no one knows is there.&lt;/p&gt;

&lt;p&gt;The workflow this morning was simple:&lt;/p&gt;

&lt;p&gt;Gpredict.&lt;br&gt;
One dipole.&lt;br&gt;
One RTL-SDR.&lt;br&gt;
One computer.&lt;/p&gt;

&lt;p&gt;Nothing exotic.&lt;/p&gt;

&lt;p&gt;The barrier to observing signals people assume are invisible is lower than most organisations think.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;RF awareness is not only for signals intelligence units. It is a methodology.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;It is knowing what is above your horizon, when it is there, and what it is transmitting.&lt;/p&gt;

&lt;p&gt;That is our baseline.&lt;/p&gt;

&lt;p&gt;Your adversary can do the same.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Watch the full pass&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Countdown to AOS, acquisition, peak elevation and LOS — the complete observation recorded live from IntSpired, Cornwall: &lt;br&gt;
&lt;/p&gt;
&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
      &lt;div class="c-embed__body flex items-center justify-between"&gt;
        &lt;a href="https://www.tiktok.com/@intspired.co.uk/video/7645629111712435459" rel="noopener noreferrer" class="c-link fw-bold flex items-center"&gt;
          &lt;span class="mr-2"&gt;tiktok.com&lt;/span&gt;
          

        &lt;/a&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;



&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>sdr</category>
      <category>satellitetracking</category>
      <category>rfsecurity</category>
      <category>cybersecurity</category>
    </item>
    <item>
      <title>Hardware Not Required: WebSDR and the Open RF Layer</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Mon, 25 May 2026 09:33:04 +0000</pubDate>
      <link>https://dev.to/intspired/hardware-not-required-websdr-and-the-open-rf-layer-61l</link>
      <guid>https://dev.to/intspired/hardware-not-required-websdr-and-the-open-rf-layer-61l</guid>
      <description>&lt;p&gt;Anyone with a browser can access live radio spectrum from receivers around the world.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;No SDR dongle&lt;/strong&gt;. &lt;strong&gt;No antenna&lt;/strong&gt;. &lt;strong&gt;No local setup&lt;/strong&gt;. Just a browser and an internet connection.&lt;/p&gt;

&lt;p&gt;The WebSDR project began at the University of Twente in 2007. Since then, browser-based RF access has become widely available, with public receivers covering different countries, bands and antenna sites.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Examples of WebSDR in Use&lt;/strong&gt; &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnciac6i5ftofc39dar8e.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnciac6i5ftofc39dar8e.PNG" alt="The public WebSDR directory, showing receivers across Europe with their own locations, antennas and frequency ranges." width="799" height="467"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; The public WebSDR directory, showing receivers across Europe with their own locations, antennas and frequency ranges.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcsfzzg1c6a0bzt48nmek.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcsfzzg1c6a0bzt48nmek.PNG" alt="Qatar-OSCAR 100 at Goonhilly Earth Station, Cornwall. Live satellite RF from Es’hail-2, streamed through a browser." width="800" height="693"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Qatar-OSCAR 100 at Goonhilly Earth Station, Cornwall. Live satellite RF from Es’hail-2, streamed through a browser.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs5iefqlgc8dae2ohz8oo.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs5iefqlgc8dae2ohz8oo.PNG" alt="Hack Green, Cheshire. A former Cold War nuclear bunker, still transmitting." width="800" height="861"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; Hack Green, Cheshire. A former Cold War nuclear bunker, still transmitting. &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What a waterfall reveals&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Not every signal tells a story. Much of what appears on a waterfall is simply evidence of a transmission, on a frequency, at a point in time.&lt;/p&gt;

&lt;p&gt;Where signals are left open or technically decodable, SDR tools can reveal more.&lt;/p&gt;

&lt;p&gt;Frequency use. Timing. Signal type. Volume.&lt;/p&gt;

&lt;p&gt;On their own, these details may look minor. Combined over time, they can reveal routines, system behaviour and operational change.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The layer most organisations do not monitor&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Many organisations rely on wireless systems for communications, access control, logistics and safety. Few monitor the RF environment around them.&lt;/p&gt;

&lt;p&gt;The assumption is often that signals disappear into noise and go unnoticed.&lt;/p&gt;

&lt;p&gt;They do not.&lt;/p&gt;

&lt;p&gt;WebSDR makes passive RF observation accessible. With the right receiver, antenna, band coverage and propagation conditions, a signal may be observable well beyond the site that transmitted it.&lt;/p&gt;

&lt;p&gt;The RF layer should not be assumed private by default. It is a layer many security teams have not yet thought to look at.&lt;/p&gt;

&lt;p&gt;If a signal is transmitted, it may be observable.&lt;/p&gt;

&lt;p&gt;The RF layer is not invisible.&lt;/p&gt;

&lt;p&gt;See for yourself: &lt;strong&gt;websdr.org&lt;/strong&gt;&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>cybersecurity</category>
      <category>wirelesssecurity</category>
      <category>sdr</category>
      <category>opensource</category>
    </item>
    <item>
      <title>Satellite Signals Are Easier to Observe Than Many Realise</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Thu, 21 May 2026 17:31:34 +0000</pubDate>
      <link>https://dev.to/intspired/satellite-signals-are-easier-to-observe-than-many-realise-1pno</link>
      <guid>https://dev.to/intspired/satellite-signals-are-easier-to-observe-than-many-realise-1pno</guid>
      <description>&lt;p&gt;&lt;strong&gt;Satellite communications underpin much of the world’s connectivity.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Recent research, including a 2025 academic study, has shown that some GEO satellite links still carry clear-text IP traffic, exposing voice calls, SMS messages and operational data.&lt;/p&gt;

&lt;p&gt;These systems support cellular networks, aviation, maritime operations and remote infrastructure across vast regions.&lt;/p&gt;

&lt;p&gt;When transmissions are not properly encrypted, sensitive information can become observable to anyone capable of monitoring the RF spectrum.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Satellite Signal Observation&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo9sz20fufx94f2p5onix.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo9sz20fufx94f2p5onix.webp" alt="SDR monitoring setup used to observe satellite activity in real time" width="800" height="871"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; SDR monitoring setup used to observe satellite activity in real time.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffs71mkwahlhn831gagxc.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffs71mkwahlhn831gagxc.webp" alt="RF activity captured during a satellite pass, visible in the spectrum waterfall." width="800" height="526"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Signal activity captured during a satellite pass, visible in the spectrum waterfall.&lt;/p&gt;

&lt;p&gt;Much of this activity sits in a layer many organisations rarely monitor: the RF signals their systems depend on.&lt;/p&gt;

&lt;p&gt;As reliance on wireless and satellite-connected systems grows, understanding how signals behave across this space becomes increasingly important for modern security, resilience and intelligence work.&lt;/p&gt;

&lt;p&gt;At IntSpired, we analyse signal environments like these to help identify emerging exposure risks before they become operational problems.&lt;/p&gt;

&lt;p&gt;Research paper:&lt;br&gt;
&lt;a href="https://satcom.sysnet.ucsd.edu/docs/dontlookup_ccs25_fullpaper.pdf" rel="noopener noreferrer"&gt;https://satcom.sysnet.ucsd.edu/docs/dontlookup_ccs25_fullpaper.pdf&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;INTSPIRED®&lt;br&gt;
&lt;strong&gt;OFFENSIVE BY DESIGN. INTELLIGENT BY NATURE.&lt;/strong&gt;&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>offensivesecurity</category>
      <category>wirelesssecurity</category>
      <category>rf</category>
      <category>sdr</category>
    </item>
    <item>
      <title>Bluetooth Exposure – Part 3</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Tue, 19 May 2026 05:53:20 +0000</pubDate>
      <link>https://dev.to/intspired/bluetooth-exposure-part-3-d06</link>
      <guid>https://dev.to/intspired/bluetooth-exposure-part-3-d06</guid>
      <description>&lt;p&gt;&lt;strong&gt;The Silent Signals You Never Realise You’re Broadcasting&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Long before digital navigation, reconnaissance teams relied on fieldcraft. Location was confirmed through resection: bearings plotted against known landmarks to determine position with precision.&lt;/p&gt;

&lt;p&gt;Today, devices perform those bearings automatically.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feyovrw3f8bgrrq5rut8r.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feyovrw3f8bgrrq5rut8r.webp" alt="traditional navigation to Wi-Fi probing and finally to BLE mesh networks" width="800" height="533"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; illustrates the shift from traditional navigation to Wi-Fi probing and finally to BLE mesh networks that quietly map presence and proximity through everyday devices.&lt;/p&gt;

&lt;p&gt;Modern phones broadcast continuously. Wi-Fi probes and Bluetooth Low Energy (BLE) signals reveal device presence the moment a device wakes, often long before any connection is made.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;BLE takes this further&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Major technology ecosystems operate large-scale BLE mesh frameworks embedded into consumer devices. Phones, watches, earbuds, vehicles, trackers, and IoT products emit low-power beacons every few seconds. Nearby devices receive and relay them, extending the mesh.&lt;/p&gt;

&lt;p&gt;The result is ambient visibility.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fctw772jlwow6wxgjymme.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fctw772jlwow6wxgjymme.webp" alt="two BLE detection interfaces side by side" width="635" height="462"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; shows two BLE detection interfaces side by side. Together, they demonstrate how BLE broadcasts can be observed externally and used to assess presence, proximity, and movement patterns.&lt;/p&gt;

&lt;p&gt;No pairing.&lt;br&gt;
No password.&lt;br&gt;
No exploitation.&lt;/p&gt;

&lt;p&gt;This is simply how BLE operates.&lt;/p&gt;

&lt;p&gt;Over time, broadcast patterns can reveal behavioural rhythm: arrival times, devices that move together, and devices that separate. The exposure is not technical compromise, it is ambient metadata.&lt;/p&gt;

&lt;p&gt;The same radio landscape that exposes also protects.&lt;/p&gt;

&lt;p&gt;Understanding your own emissions helps identify anomalies, detect unknown trackers, and recognise unusual activity in your environment.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;A simple starting point:&lt;/strong&gt;&lt;br&gt;
• Disable Bluetooth when not required&lt;br&gt;
• Review device privacy settings&lt;br&gt;
• Understand what your devices broadcast by default&lt;/p&gt;

&lt;p&gt;In a shared spectrum world, awareness is no longer optional.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;If you do not understand your own emissions, someone else eventually will.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;a class="mentioned-user" href="https://dev.to/intspired"&gt;@intspired&lt;/a&gt;® - Protecting your brand, your business, and your operations.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/home" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/home" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>bluetooth</category>
      <category>cybersecurity</category>
      <category>wirelesssecurity</category>
      <category>countersurveillance</category>
    </item>
    <item>
      <title>Bluetooth Exposure – Part 2</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Thu, 14 May 2026 07:11:07 +0000</pubDate>
      <link>https://dev.to/intspired/bluetooth-exposure-part-2-3k3b</link>
      <guid>https://dev.to/intspired/bluetooth-exposure-part-2-3k3b</guid>
      <description>&lt;p&gt;&lt;strong&gt;Understanding BLE Through Simple Threat Modelling&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Most people do not realise how much their devices broadcast. Constantly. Passively. Often in plaintext. BLE may be low power, but from an attacker’s perspective it is highly informative.&lt;/p&gt;

&lt;p&gt;Last week we explored why Bluetooth remains an overlooked attack surface. This week we go deeper by applying simple threat modelling to show what an attacker actually sees and where the real exposures sit.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The Everyday BLE Ecosystem&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This is the environment most people carry with them every day. A silent network of identifiers, telemetry and behavioural signals leaking into the air around you.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx9btrpfhwjc36bab9l08.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx9btrpfhwjc36bab9l08.webp" alt="BLE Device Ecosystem" width="799" height="442"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; BLE Device Ecosystem.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Smartwatch (Peripheral)&lt;/strong&gt; Continuously advertises identifiers, sensor values, motion events and sync activity. This alone is enough to build behavioural profiles.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Bluetooth Earbuds (Peripheral)&lt;/strong&gt; Many models broadcast even while inside the charging case. They reveal identifiers, battery levels and reconnection attempts. This exposes presence, movement and proximity.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Smart Lock (Peripheral)&lt;/strong&gt; Reveals device type, activity timing, connection attempts and lock state patterns.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Smartphone (Central)&lt;/strong&gt; Acts as the BLE hub. Constant scanning, pairing, reconnecting and exchanging data through OS services and installed apps.&lt;br&gt;
&lt;strong&gt;Cloud Services&lt;/strong&gt; Telemetry, identifiers and behavioural analytics flow upstream from associated apps. Once correlated, this becomes highly identifiable and highly valuable.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why this ecosystem creates risk&lt;/strong&gt;&lt;br&gt;
Attackers do not need pairing. They do not need exploits. They only need to listen. &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdlsvrv1k76p9ycrhrj0m.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdlsvrv1k76p9ycrhrj0m.webp" alt="ubertooth spectrum analyzer" width="708" height="427"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; shows the full 2.4 gigahertz environment: channel spikes, BLE bursts and hopping patterns, revealing activity density and where signals originate.  &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiqvppyitbte09vjchdhz.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiqvppyitbte09vjchdhz.webp" alt="BLE MAC addresses, advertising data, service identifiers and device presence in real time" width="765" height="520"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; illustrates live BLE MAC addresses, advertising data, service identifiers and device presence in real time. This allows attackers to map devices, movement patterns, proximity and relationships. &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0m5kfdbhzcmhxxltj89u.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0m5kfdbhzcmhxxltj89u.webp" alt="password sent from phone, intercepted via BLE UART, captured by Nordic Sniffer, shown in plaintext in Wireshark" width="800" height="532"&gt;&lt;/a&gt;&lt;strong&gt;Image 4:&lt;/strong&gt; password sent from phone, intercepted via BLE UART, captured by Nordic Sniffer, shown in plaintext in Wireshark.&lt;/p&gt;

&lt;p&gt;This is BLE without encryption or authentication. And many consumer IoT devices still work exactly like this.&lt;/p&gt;

&lt;p&gt;Plaintext BLE write operations may include: • passwords • PIN codes • actuator commands such as unlock or open • configuration values • sensor and status payloads&lt;/p&gt;

&lt;p&gt;If it is unencrypted, anyone in range can intercept it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Takeaway&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If a BLE device does not enforce encryption and authenticated pairing, everything it transmits is visible and can be captured by anyone in range.&lt;/p&gt;

&lt;p&gt;For red teams this is a powerful source of passive intelligence. For attackers it is trivial interception. For defenders it remains a major blind spot.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Next Week in Part 3&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Part 1&lt;/strong&gt; explored why Bluetooth remains a high-value vector and how attackers use BLE at the reconnaissance stage.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Part 2&lt;/strong&gt; showed what an attacker can actually see, including live identifiers and plaintext BLE traffic.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Part 3&lt;/strong&gt; will move into the defensive and counter-surveillance side.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;We will look at:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;• Quick methods to reduce your BLE attack surface &lt;/p&gt;

&lt;p&gt;• &lt;strong&gt;Surveillance and counter-surveillance&lt;/strong&gt; considerations&lt;/p&gt;

&lt;p&gt;• What attackers silently collect from BLE Radar-type tools • How to detect or disrupt unwanted BLE tracking &lt;/p&gt;

&lt;p&gt;• How attackers use signal strength and directional antennas to track BLE devices in the real world&lt;/p&gt;

&lt;p&gt;&lt;em&gt;If you rely on BLE devices every day, Part 3 is the one you’ll want to read.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;a class="mentioned-user" href="https://dev.to/intspired"&gt;@intspired&lt;/a&gt;®&lt;/strong&gt; - Protecting your brand, your business, and your operations.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/home" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/home" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>bluetooth</category>
      <category>cybersecurity</category>
      <category>pentesting</category>
      <category>wirelesssecurity</category>
    </item>
    <item>
      <title>Bluetooth Exposure – Part 1</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Sun, 10 May 2026 06:43:23 +0000</pubDate>
      <link>https://dev.to/intspired/bluetooth-exposure-part-1-34oe</link>
      <guid>https://dev.to/intspired/bluetooth-exposure-part-1-34oe</guid>
      <description>&lt;p&gt;&lt;strong&gt;Real-World Weaknesses | Awareness Series: Part 1 of 3&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Over the next few posts, I will explore the real cybersecurity risks behind Bluetooth and why individuals, homeowners and businesses routinely overlook this attack surface.&lt;/p&gt;

&lt;p&gt;Bluetooth is often treated as harmless background technology. In reality, it can reveal device presence, proximity, movement patterns and, in some cases, weak implementation choices that increase exposure.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Classic Bluetooth vs BLE&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Classic Bluetooth is typically used for audio devices and higher-bandwidth data transfer.&lt;/p&gt;

&lt;p&gt;Bluetooth Low Energy, or BLE, is commonly used by beacons, trackers, wearables, IoT devices, smart locks and sensors.&lt;/p&gt;

&lt;p&gt;Both operate in the crowded 2.4 GHz ISM band. Both can broadcast information into the surrounding environment. That means both can create exposure, often without the user realising.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Bluetooth Research Tools&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7xj5klg4oauhqj7s6qil.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7xj5klg4oauhqj7s6qil.webp" alt="a selection of tools commonly used to explore Bluetooth and BLE weaknesses" width="800" height="1046"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; shows a selection of tools commonly used to explore Bluetooth and BLE weaknesses.&lt;/p&gt;

&lt;p&gt;Highlighted is the Ubertooth One, a well-known device within the Bluetooth security research community. However, research and field experience show that it can be unreliable, and it is not usually the first tool I would reach for during practical assessments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Bluetooth Exposure in the Real World&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu3e9l2uu7tzna5wzqmie.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu3e9l2uu7tzna5wzqmie.webp" alt="mobile apps can reveal Bluetooth devices nearby" width="508" height="461"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; demonstrates how easily freely available mobile apps can reveal Bluetooth devices nearby.&lt;/p&gt;

&lt;p&gt;Many of these apps are designed for legitimate diagnostics and device management. However, they also show why individuals and organisations should take Bluetooth exposure seriously.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Even without specialist knowledge, it is possible to identify:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;• Nearby devices currently broadcasting&lt;br&gt;
• Devices left in discoverable or pairable modes&lt;br&gt;
• Device names that unintentionally leak information&lt;br&gt;
• Signal strength, or RSSI, which can indicate proximity&lt;br&gt;
• Wearables, trackers, earbuds, speakers, locks and IoT equipment&lt;/p&gt;

&lt;p&gt;Some devices may also accept a connection without being bonded or paired, allowing applications to read or write characteristics. This is not advanced exploitation. It is usually a sign of weak device security and poor implementation.&lt;/p&gt;

&lt;p&gt;The same visibility that supports diagnostics can also allow environments to be passively mapped. Over time, this can reveal device presence, routines and behavioural patterns.&lt;/p&gt;

&lt;p&gt;Despite this, Bluetooth exposure remains widely underestimated. In certain conditions, it can contribute to privacy compromise, tracking, surveillance, or become part of a broader attack chain.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Simple Defensive Step&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Before going deeper into the series, one simple defensive step everyone should follow is:&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Turn Bluetooth off when you are not using it.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This significantly reduces exposure and prevents your device from broadcasting unnecessarily.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What This Series Will Cover&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This series will provide a high-level overview of:&lt;/p&gt;

&lt;p&gt;• Why Bluetooth remains a valuable vector for threat actors&lt;br&gt;
• How attackers use BLE during reconnaissance&lt;br&gt;
• What nearby devices can reveal without pairing&lt;br&gt;
• What your phone may broadcast without your knowledge&lt;br&gt;
• Tools defenders should understand&lt;br&gt;
• Quick ways to reduce Bluetooth exposure&lt;br&gt;
• Surveillance and counter-surveillance considerations&lt;/p&gt;

&lt;p&gt;Bluetooth may feel harmless, but it is not invisible. &lt;em&gt;Most people have no idea how much they are broadcasting until it is demonstrated to them.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;INTSPIRED® | Offensive by Design. Intelligent by Nature.&lt;/strong&gt;&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://intspired.co.uk/home" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Fblob-715408b.png" height="1030" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://intspired.co.uk/home" rel="noopener noreferrer" class="c-link"&gt;
            IntSpired® | Offensive Cyber &amp;amp; Wireless Security | UK
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
             We test your defences the way adversaries would, under formal authorisation, to uncover what is actually exploitable. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg1.wsimg.com%2Fisteam%2Fip%2F8244b478-330f-49fe-a31f-4cecc83f3ff2%2Ffavicon%2Fc78cc70b-20d1-436d-a400-bc4aced9fc8d%2F17678838-ae76-4779-8645-6f8b4bcebf07.PNG%2F%3A%2Frs%3Dw%3A16%2Ch%3A16%2Cm" width="18" height="16"&gt;
          intspired.co.uk
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


</description>
      <category>pentesting</category>
      <category>wirelesssecurity</category>
      <category>bluetooth</category>
      <category>cybersecurity</category>
    </item>
    <item>
      <title>When a Radio Signal Stops a Train</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Thu, 07 May 2026 07:41:34 +0000</pubDate>
      <link>https://dev.to/intspired/when-a-radio-signal-stops-a-train-9d3</link>
      <guid>https://dev.to/intspired/when-a-radio-signal-stops-a-train-9d3</guid>
      <description>&lt;p&gt;A Taiwan high-speed rail incident from earlier this week is a sharp reminder that RF security is not a niche issue. It is part of critical infrastructure resilience.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr1v5ctgwtvv05q62k5p1.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr1v5ctgwtvv05q62k5p1.jpg" alt="Taiwan High Speed Rail — THSR 700T train on the Taipei–Kaohsiung line" width="800" height="520"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Taiwan High Speed Rail — THSR 700T train on the Taipei–Kaohsiung line. Source: Wikimedia Commons&lt;/p&gt;

&lt;p&gt;Reports confirm a university student used consumer-grade SDR equipment to intercept, decode and clone TETRA radio parameters, then triggered a General Alarm signal that brought four high-speed trains to an emergency stop for 48 minutes. A 23-year-old student has since been arrested and is currently out on bail.&lt;/p&gt;

&lt;p&gt;The technical takeaway is clear. Parameters were cloned. Authentication was bypassed. And the equipment used was bought online.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpzu6k30urcarltyzsxns.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpzu6k30urcarltyzsxns.PNG" alt="Seized equipment" width="570" height="430"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Seized equipment. Source: Taoyuan District Prosecutors Office via CNA/Newtalk, 2026. &lt;a href="https://newtalk.tw/news/view/2026-04-30/1032591" rel="noopener noreferrer"&gt;https://newtalk.tw/news/view/2026-04-30/1032591&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;What this incident tells us is not just that the system was vulnerable. It tells us that the vulnerability had likely existed for years, undetected and untested. A radio enthusiast with off-the-shelf equipment, no insider access, and no advanced technical background was able to clone operational parameters and trigger the highest-priority alert in a national rail network.&lt;/p&gt;

&lt;p&gt;That is not a sophisticated attack. That is a gap that should have been identified in a security assessment long before it was exploited this way.&lt;/p&gt;

&lt;p&gt;The questions every critical infrastructure operator should be asking right now are simple. When did you last rotate your radio parameters? Have you ever tested whether your authentication can be bypassed from outside the network? Do you have any detection capability for rogue transmissions? Do you know where a rogue signal is coming from and how fast you can locate it? And if someone triggered a false alarm today, would your response procedures hold up?&lt;/p&gt;

&lt;p&gt;If any of those answers are uncertain, that is where to start.&lt;/p&gt;

&lt;p&gt;What good RF security looks like in these environments is not complicated in principle, but it is rarely done well in practice. It means treating radio as an attack surface from day one. Regular parameter rotation. Strong authentication on every device. Encryption that is actually tested, not just assumed. Logging and alerting on anomalous transmissions. Direction-finding capability so you can locate a rogue signal when it appears. And response procedures that have actually been exercised, not just written down.&lt;/p&gt;

&lt;p&gt;This is not about SDR being dangerous. SDR is a tool. The real issue is whether safety-critical communications have strong authentication, encryption, parameter rotation, logging, detection, direction-finding, and response processes around them.&lt;/p&gt;

&lt;p&gt;For rail, ports, airports, utilities, emergency services and other critical environments, RF should be treated as an attack surface, not background noise.&lt;/p&gt;

&lt;p&gt;Test it like it matters. Because it does.&lt;/p&gt;

&lt;p&gt;Further insights - Taipei Times: &lt;a href="https://www.taipeitimes.com/News/taiwan/archives/2026/05/05/2003856781" rel="noopener noreferrer"&gt;https://www.taipeitimes.com/News/taiwan/archives/2026/05/05/2003856781&lt;/a&gt;&lt;br&gt;
The Register: &lt;a href="https://www.theregister.com/cyber-crime/2026/05/06/taiwan-student-pwns-rail-comms-halts-high-speed-trains/5230489" rel="noopener noreferrer"&gt;https://www.theregister.com/cyber-crime/2026/05/06/taiwan-student-pwns-rail-comms-halts-high-speed-trains/5230489&lt;/a&gt;&lt;br&gt;
LinkedIn: &lt;a href="https://www.linkedin.com/in/keith-intspired" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/keith-intspired&lt;/a&gt;&lt;br&gt;
IntSpired®: &lt;a href="https://www.intspired.co.uk" rel="noopener noreferrer"&gt;https://www.intspired.co.uk&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Cover image: Handheld radios seized during the investigation. Source: CTWANT/Weekly King via PChome News. &lt;a href="https://news.pchome.com.tw/society/crwant/20260501/index-77760091156668316002.html" rel="noopener noreferrer"&gt;https://news.pchome.com.tw/society/crwant/20260501/index-77760091156668316002.html&lt;/a&gt;&lt;/p&gt;

</description>
      <category>securityawareness</category>
      <category>criticalinfrastructure</category>
      <category>cybersecurity</category>
      <category>rfsecurity</category>
    </item>
    <item>
      <title>Femtocell Security Risks: Why Legacy Devices Are Still a Threat</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Tue, 05 May 2026 07:23:17 +0000</pubDate>
      <link>https://dev.to/intspired/femtocell-security-risks-why-legacy-devices-are-still-a-threat-10lg</link>
      <guid>https://dev.to/intspired/femtocell-security-risks-why-legacy-devices-are-still-a-threat-10lg</guid>
      <description>&lt;p&gt;Femtocells are low-power cellular base stations used in homes and small offices to improve indoor mobile coverage. They connect to the operator’s core network over broadband and broadcast a local cellular signal, typically covering 10 to 50 metres.&lt;br&gt;&lt;br&gt;
They operate within standard mobile infrastructure, using licensed spectrum such as:&lt;br&gt;
• 3G UMTS bands (Band 1 2100 MHz in the UK) &lt;br&gt;
• Some later units support LTE bands depending on deployment &lt;br&gt;
Unlike signal boosters, femtocells do not amplify an existing signal. They create a new one, and devices will automatically connect if it presents the strongest signal.        &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo39kw0efsocg71ua8yn6.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo39kw0efsocg71ua8yn6.webp" alt="A legacy femtocell device" width="800" height="433"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Legacy femtocell device originally deployed by mobile networks, now circulating in secondary markets despite being phased out. &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The issue&lt;/strong&gt;&lt;br&gt;
Femtocells extend the cellular network directly into private environments.&lt;br&gt;
• Traffic is routed through broadband&lt;br&gt;
• Devices connect based on signal strength, not trust&lt;br&gt;
• The cellular layer becomes localised and harder to monitor&lt;br&gt;
This creates a gap between:&lt;br&gt;
• What is visible on the IP network&lt;br&gt;
• What is happening over the air interface&lt;br&gt;
This is where visibility breaks.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq4bysd9qdgthfs8g6hko.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq4bysd9qdgthfs8g6hko.webp" alt="Femtocell architecture highlighting the visibility gap between IP network monitoring and the air interface" width="800" height="403"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Femtocell architecture highlighting the visibility gap between IP network monitoring and the air interface.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How to identify them&lt;/strong&gt;&lt;br&gt;
Femtocells are not visible through traditional network scanning.&lt;br&gt;
They are identified through signal behaviour.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Using mobile apps such as Network Cell Info Lite or NetMonster, look for:&lt;/em&gt;&lt;br&gt;
• Very strong signal indoors &lt;br&gt;
• Rapid signal drop when leaving the building &lt;br&gt;
• Unusual or isolated Cell ID&lt;br&gt;
• Cell location appearing extremely close or inaccurate&lt;br&gt;
If the cell is not mapped, it may indicate a small cell or femtocell. &lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw9q2kurbxg7o1513x4qc.webp" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw9q2kurbxg7o1513x4qc.webp" alt="Analysing cellular signals using Network Cell Info Lite (left) and CellMapper (right) to identify signal strength, band, and local cell infrastructure." width="799" height="701"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; Analysing cellular signals using Network Cell Info Lite (left) and CellMapper (right) to identify signal strength, band, and local cell infrastructure.&lt;br&gt;
These are not just indicators. They reflect how femtocells operate at the network edge. &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Security implications&lt;/strong&gt;&lt;br&gt;
While modern units are more secure, historically femtocells have presented:&lt;br&gt;
• Firmware attack surface &lt;br&gt;
• Potential interception if compromised &lt;br&gt;
• Reliance on broadband&lt;br&gt;
• Single operator dependency &lt;br&gt;
They are trusted by design but deployed in uncontrolled environments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Still in circulation&lt;/strong&gt;&lt;br&gt;
Consumer femtocells have been phased out in the UK following 3G shutdowns.&lt;br&gt;
However:&lt;br&gt;
• Legacy devices remain active &lt;br&gt;
• Units are still being sold on secondary markets &lt;br&gt;
• Small cell technology continues in enterprise environments  &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How to reduce risk&lt;/strong&gt;&lt;br&gt;
• Use Wi-Fi Calling instead of legacy femtocell hardware &lt;br&gt;
• Avoid unsupported or second hand telecom devices&lt;br&gt;
• Monitor RF environments in sensitive locations&lt;br&gt;
• Validate unexpected strong indoor cellular signals&lt;br&gt;
• Treat local cellular infrastructure as part of the attack surface &lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Takeaway&lt;/strong&gt;&lt;br&gt;
Femtocells highlight a fundamental issue.&lt;br&gt;
Security monitoring focuses on networks and endpoints.&lt;br&gt;
Cellular operates in RF. &lt;strong&gt;If you are not looking at the spectrum, you are not seeing the full environment.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;For more insight on wireless weaknesses, visit intspired.co.uk/blog&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;INTSPIRED®&lt;br&gt;
OFFENSIVE BY DESIGN. INTELLIGENT BY NATURE.&lt;/p&gt;

</description>
      <category>wirelesspentesting</category>
      <category>wirelesssecurity</category>
      <category>penetrationtesting</category>
      <category>cybersecurity</category>
    </item>
    <item>
      <title>Accessible, Documented, and Off Most Security Radars</title>
      <dc:creator> IntSpired®</dc:creator>
      <pubDate>Sun, 03 May 2026 10:26:47 +0000</pubDate>
      <link>https://dev.to/intspired/accessible-documented-and-off-most-security-radars-5gj7</link>
      <guid>https://dev.to/intspired/accessible-documented-and-off-most-security-radars-5gj7</guid>
      <description>&lt;p&gt;Back in January, I wrote about how tools can be modified beyond their intended use. Not always with bad intent, but not always with good either. &lt;a href="https://intspired.co.uk/blog/f/beyond-the-surface" rel="noopener noreferrer"&gt;https://intspired.co.uk/blog/f/beyond-the-surface&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Since then, a few things caught my attention. Unrelated on the surface, but all wireless, all open, and all sitting just outside where most security teams are looking.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;A general-purpose device transmitting amateur radio&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7l5ri8wd79c9nkhgb41l.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7l5ri8wd79c9nkhgb41l.PNG" alt="Flipper Zero transmitting APRS signal demonstration setup" width="800" height="449"&gt;&lt;/a&gt;&lt;strong&gt;Image 1:&lt;/strong&gt; Amateur Radio Meets General-Purpose Hardware (Flipper Zero APRS setup).&lt;/p&gt;

&lt;p&gt;As a ham radio user, I came across a GitHub project by Richard YO3GND demonstrating a Flipper Zero transmitting APRS, a protocol typically associated with dedicated amateur radio equipment.&lt;/p&gt;

&lt;p&gt;It's experimental. Imperfect. Not something you'd stake your comms on.&lt;/p&gt;

&lt;p&gt;But that's not the point. The point is that a low cost, general-purpose device is now capable of emulating a specialised radio function simply by implementing the protocol in software. The hardware didn't change. The capability did.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Computer vision that sets up in minutes&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx29om593oda605a5a23l.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx29om593oda605a5a23l.PNG" alt="Real-time face detection using OpenCV with bounding boxes on detected faces" width="639" height="480"&gt;&lt;/a&gt;&lt;strong&gt;Image 2:&lt;/strong&gt; Real-Time Face Detection Using OpenCV — Accessible Computer Vision in Practice.&lt;/p&gt;

&lt;p&gt;Computer vision tools and the development solutions that support them aren't new. What's changed is the accessibility. Detection capability is no longer the barrier. Frameworks have been simplified to the point where a working setup can be running in minutes, on commodity hardware.&lt;/p&gt;

&lt;p&gt;The specialisation required has dropped dramatically. The output hasn't.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Passive detection at scale&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8c3mirsh5l4qcu0y1pi8.PNG" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8c3mirsh5l4qcu0y1pi8.PNG" alt="Seeed Studio XIAO ESP32S3 BLE detection device and map interface showing aggregated ALPR camera locations" width="799" height="258"&gt;&lt;/a&gt;&lt;strong&gt;Image 3:&lt;/strong&gt; From Detection Hardware to Crowdsourced Surveillance — Seeed Studio XIAO ESP32S3 and DeFlock Maps.&lt;/p&gt;

&lt;p&gt;Tools like OUI-SPY, built on hardware such as the Seeed Studio XIAO ESP32S3, can passively detect nearby Bluetooth and BLE broadcasts, flag recognised identifiers, and alert on known signal patterns without active probing. These tools aren't single-purpose, and the same understanding that enables detection can be used to avoid it.&lt;/p&gt;

&lt;p&gt;What happens when that detection is contributed at scale is a different question entirely. Platforms like DeFlock Maps illustrate it clearly. A crowdsourced ALPR surveillance map, DeFlock currently shows over 75,000 cameras in view across the US alone. Individual observations, aggregated, become infrastructure-level intelligence.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Transmit. See. Detect.&lt;/strong&gt; Three capabilities, three communities, all moving in the same direction: accessible, affordable, and functional enough to matter. Not theory. Right now.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why security teams should care&lt;/strong&gt;&lt;br&gt;
Most of these developments aren't appearing in threat intelligence feeds. They're appearing in radio groups, maker communities, and computer vision forums. The people building them aren't adversaries. They're curious, technically capable, and sharing their work openly.&lt;/p&gt;

&lt;p&gt;That openness is exactly what makes it relevant. Capability that's documented, reproducible, and discussable in public is already in play. The gap between innovation and risk is narrower than most organisations assume.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Awareness won't close that gap. But without it, you won't even know it exists.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;If it's there, it's observable.&lt;/strong&gt; &lt;/p&gt;

&lt;p&gt;INTSPIRED®&lt;br&gt;
Offensive by design. Intelligent by nature&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>wireless</category>
      <category>opensource</category>
      <category>hardware</category>
    </item>
  </channel>
</rss>
