DEV Community

Cover image for Ambient Entropy and the Architecture of Inference
v. Splicer
v. Splicer

Posted on

Ambient Entropy and the Architecture of Inference

#entropy #esoteric #esp32 #analog

There’s a kind of silence in every space that doesn't stay silent. You walk into a motel room, plug in your laptop, and everything seems still. No voices. No movement. But when you turn on a BLE scan and start reading the analog pin on a microcontroller, the room starts to speak.

Not with words. Not with packets. But with presence.

I've been logging environmental entropy for about eight months now, using cheap hardware and a few hundred lines of code. I started with basic ESP32 boards—specifically the WROOM module—and slowly built out a set of tools and data models to map invisible activity. This post covers what I’ve learned, how I log entropy, and a few real-world case studies from my personal OSINT and threat mapping work.

What Is Entropy, Practically Speaking?

Forget the academic definitions. I use "entropy" to refer to ambient irregularities in the electromagnetic and wireless signal environment. It's the measurable uncertainty that appears when people, devices, or even power fluctuations disturb a baseline field.

Data Sources I Use:

  • Analog pin jitter: standard deviation of rapid AnalogRead samples from a floating ADC pin
  • BLE device count: number of devices visible per scan
  • WiFi AP count and RSSI spread: especially useful in public places
  • DAC waveform anomalies: by feeding signal back into the system

Entropy, in this sense, is not content. It doesn’t tell you who or what. But it alerts you to change. And in environments where change implies risk, that’s valuable.

My Logger Setup (ESP32-Based)

I use ESP32-WROOM boards powered by a LiPo pack or USB battery bank. Firmware is written in Arduino IDE with PlatformIO. Data logs to:

  • Local microSD when offline
  • Supabase REST endpoint when WiFi is present
  • Occasionally, logs pushed through Tor or I2P with a relay

Sensors:

  • Analog pin for jitter (ADC1, pin 36)
  • BLE scan every 10 seconds
  • WiFi AP scan every 30 seconds
  • DAC output loop (optional)

Each log entry includes:

  • Timestamp
  • BLE count
  • WiFi count
  • Analog jitter mean and stddev
  • Notes if manually added later

Case Study 1: The Warehouse Door

A month ago, I left a logger in my small warehouse unit in the outskirts of Charlotte. It’s a pretty dead area. One entrance. Padlocked. Motion camera in the hallway, which I can review remotely.

At 3:17 AM, the analog jitter jumped significantly. BLE count spiked from 3 to 10 in less than 20 seconds. No motion camera activation. Nothing missing the next day. But the logger told me someone had been near the unit.

Most likely scenario? A Bluetooth-enabled device passed close to the wall or door. Someone maybe checking locks. Their phone was awake. My logger didn’t miss it.

Case Study 2: Motel Room Scan

During a week-long stay at a sketchy roadside motel, I left the logger in a drawer near the door. The analog pin picked up unusually high jitter every morning at 5:30 AM for three consecutive days. BLE count spiked briefly each time.

Turns out, the cleaning crew did their first room checks around that time, sliding keycards or testing door handles. I never heard them. But entropy picked them up. The wave pattern became reliable enough that I started using it as a passive wake-up signal.

Case Study 3: Public Library Study Room

In a public library’s small, enclosed study booth, I deployed two loggers: one inside, one mounted outside in a backpack.

Results showed that:

  • The BLE entropy inside rose steadily during sessions (likely due to multiple devices syncing or reconnecting to mesh networks)
  • Analog jitter spiked when a phone was placed on the table or a laptop charger was plugged in
  • BLE spike patterns lined up with specific people using Apple Watches or AirPods, even if those devices were not discoverable

In short, entropy gave me a non-invasive way to determine usage patterns of that booth, down to estimating how long people stayed.

Timewave Analysis

This is what I call plotting entropy over time. Timewave graphs are useful for:

  • Spotting recurring patterns: shift changes, cleaning rounds, patrols
  • Detecting anomalous spikes: unexpected entries, potential tampering
  • Finding collapse zones: power loss, jamming, shielding use

Once the pattern is familiar, it becomes easy to detect deviations. This is especially useful when you leave a logger in an unknown or hostile location.

Spatial Inference

I’ve also begun deploying triangulated entropy nets. This means placing 3 or more ESP32 nodes in:

  • Hallways
  • Lobbies
  • Server closets

Using synchronized logs, I can infer:

  • Path of movement (when entropy spikes move across nodes sequentially)
  • Static shielding zones (areas where entropy always drops below expected)
  • Active vs dormant rooms

I plan to integrate a real-time dashboard for this using D3.js and Three.js, so that I can visualize entropy vectors and detect intrusions visually.

Projects in Development

  • CICADA NODE: My flagship entropy logging rig with capacitive touch sensing, BLE/WiFi entropy logging, DAC waveform output, and Supabase integration. Built into a covert, battery-powered enclosure.

  • PN-2133 Blackglass: A modified RFID/NFC reader that logs entropy before and after tag interactions to infer covert spoofing, jamming, or signal anomalies.

  • Threader: A personal entropy-linked app that correlates my own stress, relapse risk, or focus level with entropy spikes in my workspace. (Also logs self-reports and event triggers.)

  • EntropyScope: A browser-based entropy dashboard for remote or local viewing of logs, complete with filters, alert thresholds, and spatial overlays. Supports real-time viewing.

Operational Use Cases

Entropy monitoring is most valuable when deployed passively. Here’s how I use it:

  • Storage Unit Surveillance: Detect break-in attempts or loiterers without visible cameras
  • Hotel Room Detection: Know if someone tested your lock while you were out
  • Recon Missions: Understand crowd flow, device saturation, and active vs dead buildings
  • Airgapped Target Monitoring: Watch for entropy shifts around a building without ever connecting

Final Thoughts

Entropy isn’t a magic trick. It’s signal. Subtle, consistent, and easy to ignore if you don’t have a framework to measure it. But once you do, it becomes a language.

It’s not content. It’s context. And sometimes, that’s all you need to know.

I’ve posted some of my open-source code for these projects and plan to publish EntropyScope as a public dashboard framework soon. Until then, consider setting up a node of your own.

Listen to what the noise is trying to tell you.

Top comments (0)