Hacker News new | past | comments | ask | show | jobs | submit login
Hacking my “smart” toothbrush (kuenzi.dev)
808 points by PikelEmi 6 months ago | hide | past | favorite | 302 comments

Great article, the most interesting part of which is that you can lock your self out of your toothbrush head after three wrong password attempts. I didn't dig into the data sheet for the NFC chip very deeply, but I imagine that it's just the default that the chip ships with. Or maybe Philips really wants that $25 for a new toothbrush head. :-)

EDIT: nope, not the default. From the data sheet, last sentence:

"To prevent brute-force attacks on the password, the maximum allowed number of negative password verification attempts can be set using AUTHLIM. This mechanism is disabled by setting AUTHLIM to a value of 000b, which is also the initial state of NTAG21x."

So Philips went out of their way to secure that toothbrush head. That's reassuring.

Welcome Time Travellers! This is 2023 where you can find yourself locked out of your toothbrush after too many failed password attempts.

Guess we'll have to brute force clean our teeth by moving the locked toothbrush up and down, side to side, and in circular motions.

I might have misinterpreted the article, but I imagine that if the NFC tag on the brush locks out, the handset is no longer able to write new data to it (no 'brush seconds' can be added to the counter). This suggests to me that the handset will not start blinking and reminding you that you need a new brush, but will be happy to brush to infinity. I cannot imagine that the handset will refuse to brush if it can't write to the brush...

I have a third party brush head for my Philips Sonicare with none of the smart features and no electronics in the head (there's an air gap where they usually are) and it still works fine. This makes me wonder all the more why they put the effort in to secure the head.

Engineer gonna engineer. Someone probably just had the time and misplaced passion for security, and when they explained at the weekly standup that they'd added lockout after three attempts, everybody just nodded and moved on.

This has long been a temptation for engineers. 40 years ago the textbook in the digital electronics class I took at Caltech had a chapter called "The Engineer as Dope Pusher" that talked about it.

It gave as an example clothes dryers. The way most home clothes dryers working back then was you put the clothes in, you turn a dial on a timer to the number of minutes you want the dryer to run, and you press start.

The mechanical timers were very reliable. There hadn't been any substantial improvement in their design in decades because there really wasn't anything to improve. There had been improvement in the materials used, and in the cost, but fundamentally mechanical timers was a solved problem.

If the mechanical timer ever broke the repairperson would have replacements in their van. Even if they didn't have the specific one for your dryer it didn't matter because they all worked pretty much the same. They could just put in another one. Maybe the mounting holes wouldn't be in the right place, but they could easily improvise some way to mount it in your dryer.

The book went on to say that somewhere there is an engineer designing a new clothes dryer, and instead of a mechanical timer that engineer is putting in a digital timer. It has a microprocessor, 7 segment LED digit displays for the time, some buttons for interacting with it (such as setting the time and correcting mistakes), and a power supply. And let's not forget that it has software.

That digital timer has no advantage to the user over a mechanical timer. But it has disadvantages. The interface will be worse. It will cost more. It won't be more reliable and possibly will be less reliable, and if it does need repair the repairperson probable won't have the parts. If they have another brand's digital timer on hand they probably won't be able to adapt it to your dryer.

So why is that engineer designing the new dryer with a digital timer?

Because mechanical timers are boring. Digital electronics was at the cutting edge of consumer engineering then, and so by using a digital timer the engineer got to play with exciting new technology.

Mechanical timers are fine, but digital circuitry is by far going to be more reliable if designed properly. There isn't anything physically moving, so the failure modes are much more restrictive. Also, digital provides advantages with offering variable timing on a dryer, for instance, based on the input of a moisture sensor. Mechanical methods for that are more complicated.

Additionally, I would be very surprised if the digital solution is not cheaper to make. Maybe not when first originally introduced, but nowadays it very likely is.

You're right that repair-ability is hurt in some ways... but the industry has moved to compensate. You can buy boards and replace them. They aren't inherently hard to service, because the form factor doesn't really have limitations.

There is something physically moving: the machine itself. You can't wash or dry clothing without moving it around. Given that the entire machine moves (and on spin cycles, reasonably quickly), you need to make sure your circuitry is capable of handling the strain.

As a homeowner, I wish someone (anyone!) still sold reliable analog appliances that just did their job simply and made repair parts and schematics reasonably available.

Nobody would attach the timer to the actual moving drum, so the worst it has to deal with is physical vibrations from use (which, admittedly, can be quite violent if you have an unbalanced load). There are very few digital circuits that are actually meaningfully sensitive to vibrations. At worst, it's a manufacturing problem to make sure the PCB/solder joints don't crack from vibration.

In comparison, the mechanical timer is physically moving. A clockspring, or some sort of mechanism that physically sets the time remaining. Depending on how it's built, vibrations are a harder problem to solve. Not impossible, obviously, but it certainly adds cost.

Also, for most appliances we deal with today... they usually ARE simple to work on. Simple switches and mechanical contrivances. Parts are typically readily available... even PCBs, although possibly not at great pricing. There's certain appliances where you are basically screwed (fridges come to mind...), but that is mainly in my view because the typical failing part is the compressor. Nobody is rebuilding a compressor themselves.

In a fridge the typical failing part is the plastic shelves in the door. The compressor almost never fails and discarded fridges are a great source of cheap pumps if you need to scavenge them.

Source: The episode of 'The Secret Life of Machines' on fridges. Search it on YouTube.

Maybe for certain models. Personally I've never had a shelf break on any fridge I've used, which makes it sound like that's a user error to me.

On the compressors, there was a vast swath of Samsung and LG fridges that had known defects on compressors causing them to fail. Right now, the ice machines are probably most problematic. If you own a Samsung fridge with an ice maker you know what I mean.

On the Samsung fridge aspect...

A few years ago I was renting a house that came with a Samsung fridge that provided chilled water / ice. My kids loved the chilled water.

However, our usage of it caused the paint to start bubbling below the dispenser, and the owners of the rental wanted me to replace the door at a cost of ~$800 USD(!).

I argued that we were using the fridge as designed, so we weren't liable, instead they should discuss what looked to me like an obvious design flaw with Samsung.

They disagreed, so we ended up in court. My defence was about 12 pages printed from an appliance review site of people specifically complaining about this paint bubbling.

Easiest win ever, but seriously, how do you put a device that works with water into a fridge and fail to ensure it can't leak under the paintwork?

I do minor appliance repairs on occasion and the current time of manuals, videos and parts availablity feels like a golden age.

Granted, none of my large appliances are younger than 10 years, but I think I could build new ones (expensively) for the all the parts and schematics available, even wiring diagrams.

Yup exactly. And the electronics in a clothes washer allow for a lot more functionality than mech. When they say the "timer" was replaced with electronics, what they really mean to say is "the timer was replaced by electronics, which also allow you to select different temperatures/runtimes and whatnot based on the type of fabric you're washing or how fast you want it to be done, if you want stain removal or extra rinse then you can enable that, amongst other new options".

"Repairability" is becoming slightly nonsense because even as someone who is a programmer, who has done electronics at a hobbyist level myself, I'm not going to be able to fix a lot of stuff purely because you have to become an expert on it, the time investment is too high. As systems get more complex (to the overall benefit of all of us) the value of repairing something yourself vs getting an expert to do it, changes.

I think right to repair is good though, but purely meaning that companies to not intentionally attempt to thwart the repair of their devices and that parts/manuals are available where needed. Even so, this doesn't mean that every phone repair place is going to debug some sub-circuit inside some small part of the newest iPhone - they'll just identify the overall broken module and replace the entire board/module.

Yeah, I’m always skeptical of “it was better in the old days” type arguments (even though I recognize the aesthetic appeal of analog).

People make similar claims about cars, but old cars broke down all the time and new ones are basically appliances that “just work” without the driver needing to know anything. Similar for computers to smart phones (though obviously both digital in that transition)

It wasn’t the old days. At the time the book was written and at the time I took the class mechanical timers in dryers were ubiquitous. Digital was new, expensive, and didn’t offer any advantages for that application.

Eventually digital became cheap, and enabled new features like dryers that had various sensors that could be used to optimize drying, but that was several years down the road.

Back in the "good old days", a car was ready for the junk heap after 50k miles. These days, that's barely broken-in. "But you could fix it yourself!" Who cares when the thing has such a short lifespan? It's really strange hearing people pining for the days of shitty old cars that you needed to constantly adjust the carb, set the points, etc. Insane.

That’s the point of designing it improperly so it fails early and only keeping spare parts available for a year or consistently out of stock.

The supply chain issues are hurting the servicing part, repair feasibility, and manufacturing part.

> If the mechanical timer ever broke the repairperson would have replacements in their van

> That digital timer has no advantage to the user over a mechanical timer. But it has disadvantages.

The mechanical timer is known to degrade over time, which is why the repair person has spares in their van. Does the digital timer really have no advantages? Will it ever fail and need to be replaced? How much more does it cost?

Yes, engineers are tempted to use shiny tools all of the time. Evaluating whether or not the tool is right for the job is _hard_. But it feels wrong to say that novelty is the only motivation behind upgrading tools?

The digital timer was made by an engineer, too, who designed it to be a more reliable replacement for faulty mechanical timers. It has both advantages and disadvantages compared to mechanical timers, which is why the engineer made it in the first place?

> The mechanical timer is known to degrade over time, which is why the repair person has spares in their van. Does the digital timer really have no advantages? Will it ever fail and need to be replaced? How much more does it cost?

Surely the expected lifetime of a digital timer is shorter than that of a mechanical timer.

Surely is a very strong statement here. I see no reason that a properly designed electronic timer wouldn't have effectively infinite lifetime, which is not possible with a practical mechanical timer. It has no moving parts (other than switches, which can be substituted for capacitive touch). A mechanical timer has many small mechanical parts and wear points, and can get gummed up over time if it doesn't outright stop functioning.

In practice, cost engineering is going to mean neither is completely reliable, but it should be cheaper to make an electronic timer reliable enough. Especially today, where the cost of a functioning mechanical timer is probably an order of magnitude more than an equivalent electronic timer.

I'm willing to believe that the best electronic switches can last longer than the best mechanical switches, but there's so many more ways for an electronic switch to fail that it's a lot easier for me to trust an off-the-shelf mechanical switch than an off-the-shelf electronic one, especially if the cost of failure of the mechanical switch is just an easy swap in of another one.

In what ways can a purely electronic, no moving parts, switch fail?

There are so many different mechanical things that can break, jam, get gummed up...

Capacitors can die, for example. Anything with a battery backup, the battery can leak and damage components. Electronics are more prone to ESD and water damage than mechanical parts.

Going into the realm of unlikely scenarios, electronics are more susceptible to EMPs.

The thing is: It is moving as there are vibrations. There is a fair amount of acceleration and a high frequency. Then there are temperature cycles as the machinery is not perfectly isolated. There is migration of atoms at contact boundaries. Plenty things move.

What do you mean by "reliable" wrt mechanical timers? I'm pretty sure the clothing dryer is a harsh environment for such a component (moisture and heat can easily cause corrosion and mechanical stress). Also, I guess timing gets less accurate over time. If there are rubbers preventing moisture from entering and oil from leaving, those rubbers will wear out.

Like another commenter said, the timer is segregated from the harsh dryer environment.

But also, some slop in the timing accuracy is just fine. The user doesn't really know how long precisely the drier needs to run to dry their clothes. They just know that if they set this timer to 45 then the clothes come out dry.

The timer for the dryer is typically located outside of the dryer drum itself. It is not an actuating component.

I have one that is like 40 years old. The heating element is similar to those in an oven.

The only things that broke are plastic door hinges.

I wish there were an easy way to screen these type of engineers out in the hiring process. It's very hard to judge whether a candidate's excitement over new technology is simply showing passion for what they do or a red flag. A certain degree of passion is desirable, but too much is not.

The worst engineers I've worked with are ones who, in their first week, fall behind on their onboarding plan because the company's compiler needs a rewrite.

Ah yes, the mythical world where engineers are in charge of deciding which features ship instead of management.

When I was a kid I thought it would be cool to be an engineer because I was really interested in creating elegant and efficient designs for things that made them simpler and easier to produce. But I didn't end up becoming an engineer...

More likely the toothbrush had to pass a security audit. And the last thing you want to have to explain to management is the DEFCON presentation on toothbrush security flaws. No. You. Don't.

Perhaps some compliance to a too-broad security policy. Like, across the board, all NFC enabled electronics with read/write capabilities must have a password mechanism.

They probably knew it was dumb but implementing it was easier than getting around all the organizational permissions to make an exception.

There's a good conspiracy here somewhere.

Something kinda like this:


Will just squirt some ink into your mouth upon detecting such abuse and violation of ToS

This made me laugh. Even before clicking the link.

That might be a violation of the EULA.

(I'm just kidding. I hope...)

Regular toothbrushes are the plaintext todo/note taking apps of dentistry. 99% of the benefits for 1% of the work.

And here is me doing regular toothbrushing with an irregular toothbrush!


For Philips' sake, I hope no one wanders the toothbrush aisle of a retailer having forgotten to turn off the password brute forcer.

How long's it going to be before "smart" toothbrushes become the only option? Should I start stockpiling "dumb" toothbrushes now while I still can?

The other day I was trying to buy a pair of bathroom scales and it took me far too long to find one that just, you know, weighed things without also demanding I connect it to the Wi-Fi and download a smartphone app. How is this an improvement?

It isn't that hard at all. I'm calling BS, because it seems like you're exaggerating to make a point that would be big, if true. Except it isn't true.

First, I've owned several wireless connected bathroom scales from high-end to low-end brands. All of them work out of the box without needing or demanding you connect it to Wi-Fi and download an app. Put in batteries, step on scale, and weight is displayed. If you want to use an app, that feature is available, but definitely not mandatory, and I've never seen the device prompt to install an app. One had a removable sticker that advertised the app with a QR download code.

Second, it took me less than 5 seconds to find a non-connected bathroom scale, if you care about that. Maybe I'll assume good faith here, you may be shopping at a super high-end retail shop, or an electronics store that also sells appliances, or an online megaretailer that knows you're into tech and is recommending you smart devices? But when I search for "bathroom scale" on amazon, target, walmart, or home depot, the first result is a basic digital scale that has no connected features.

Same when I look at what is in stock in stores where I live in San Francisco. If there is a place where retailers would think they only need to stock connected bathroom scales, that would be the place. Nope, plenty of non-connected scales that only need a single button CR battery.

Christ, I make an offhand comment about a trivially minor frustration I had a few months ago and I come back to find that I've summoned the Spanish Inquisition.

I never claimed that it's impossible to buy a non-connected set of bathroom scales; all I said was that it took me "far too long" - by which I mean I wasted maybe five to ten minutes deciding which bathroom scales to buy because the first few ones I looked at turned out to be overengineered piles of Wifi/smartphone-ready bullshit that I didn't want. Looking on Amazon UK now, I see several "non-connected" scales in the search results, so I'm not sure why I found it so difficult last time, but my memories are what they are.

This is, of course, as trivial of a first-world problem as they possibly come, but it felt vaguely relevant to the current discussion, and it's part of a general trend in consumer electronics that I constantly see people on HN complaining about. Sorry you found it so offensive.

> The other day I was trying to buy a pair of bathroom scales and it took me far too long to find one that just, you know, weighed things without also demanding I connect it to the Wi-Fi and download a smartphone app. How is this an improvement?

First site I went to, first search term I tried.


Also the first results on Amazon UK...

I don’t know what compels someone to lie like that. It’s just bizarre.

That's a strange conclusion to jump to.

Perhaps the commenter wasn't shopping online, took a while to find such a scale in the stores, and so wasn't lying.

No. I'm pretty sure it is an exaggeration for rhetorical effect. You have to try really hard to put yourself in a situation where the only bathroom scale you can buy is non-connected. OP is either really intellectually lazy on this or is exaggerating to make a point.

Maybe if you go to an electronics retailer that also sells appliances like Best Buy, that's all you can find. But I live in a very techy area (San Francisco) and my local Target has plenty of non-connected digital scales for sale. For $10 more, you can get the connected version.

I'm just saying that calling someone a liar is a pretty extreme thing, and you should be really certain that they're lying before you do so. I don't see how you can have that level of certainty in this case.

Now, saying that they're wrong is much more supportable and doesn't require you to engage in the tricky business of trying to read someone's mind.

Notice I didn't use the word lie or liar, because the traditional definitions require intent to deceive. We rarely have access to each other's true intentions, so I don't think it is a useful term to use in these discussions.

What I believe is that we shouldn't be afraid of calling out people who casually spout easily disproven bullshit to make their argument. Saying you can only call out someone for being wrong doesn't go far enough. OP was arguing the position that there is too much connected tech, so much that in the future we may not even be able to buy a non-connected toothbrush in the future. I'm also IoT-skeptical, as many HNers are. It's a popular position that we don't want a world where IoT is mandatory. But as evidence, they gave an anecdote about shopping for a bathroom scale. I tried to be intellectually charitable to that position and assume good faith, but it didn't hold up without devolving into absurdity.

That's why I didn't say their anecdote was a lie. I can entertain the logical possibility that someone who sincerely does not want to buy a connected household appliance can go shopping for one and have difficulty finding one to buy. But it just doesn't play out, especially for someone who is on a specialist tech forum like HN and has clearly skeptical views on IoT. I said you have to work really hard to put yourself in a position where you can go shopping for such a scale, but face such difficulty that it took "far too long" to find one that is not "demanding I connect it to the Wi-Fi and download a smartphone app."

If you wanted to make a video of yourself not being able to buy a dumb scale, you could go to an tech-heavy electronics retailer that also sells appliances (like Best Buy, Microcenter) or a boutique high-tech gadgets store (like Sharper Image or Brookstone) and only find connected bathroom scales. I just checked what is in stock in a San Francisco Best Buy and the only scale is an IoT connected on. But that would be twisting the truth, because who in their right mind would check only Best Buy in order to buy a dumb scale. it takes a couple minutes on major retailers websites (Target, Walmart, Home Depot) to show that even if you limit to items in stock in tech-heavy places like San Francisco (if there is a place where retailers might assume their customers don't want dumb scales, it's SF), the first and usually cheapest options are dumb scales.

So let's Occam's Razor this. What is more likely? An IoT-skeptical HN poster actually went out to buy a non-connected bathroom scale and genuinely struggled to do so? Or an IoT-skeptical HN poster had to click or sort through a few different options and actually read product descriptions, then exaggerated this anecdote (or totally fabricated it) to advance their position?

But does that even matter? If they aren't a liar, then they are at best intellectually dishonest, and at worst intellectually incompetent. We don't have access to their mind and so can never know which of these three they are. No matter which of these three they are, any of them is a reason to invalidate their argument and call out their anecdote.

> If they aren't a liar, then they are at best intellectually dishonest

"Intellectually dishonest" is just a polite way to say "liar".

There's no need to go after someone personally when it's sufficient to simply point out that their statement was wrong. Why it was wrong isn't really important.

Hey if you’re going to lie to people, then prepare to be called out about it. Lying for rhetorical effect is still lying. Their intent is obvious in the rest of the post where their disdain for IoT things is clear. We don’t need to see in to the mind’s eye to know this - the balance of probabilities is enough for me.

The other option is for me to assume that the guy is unintelligent and incapable - which do you think that they’d prefer to be characterised as?

I agree with nearly everything you said, but I do think you're making a distinction without a difference regarding using the words "liar" et al.

A better explanation of your position (as I perceive it) might be: I think OP is lying for rhetorical points. The alternative explanations just seem too unlikely to me, and Occam's Razor screams a high likelihood of lying.

I assumed the person went to a brick and mortar store or searched for something weird that triggered the 'smart' scales to appear first.

Lie? People go on the Internet and post Lies?!

And apparently people will leap to their defence when you point it out. What a funny old world we live in!

My pet peeve with bathroom scales is that it is impossible to find one that actually does what it claims and has accuracy of +-0.1kg. They do show the measurement to 0.1, but just shifting your weight differently can cause a difference of hundreds of grams. Does anyone knlw a scale that actually measures at 0.1kg accuracy?

Is it ever significant to know? Your body weight varies naturally depending on food intake, waste disposal, and even when you last went for a hair cut. If sub-kilo variations are medically relevant, I would expect one to measure more than just weight.

I think he's talking about precision, not accuracy.

>Is it ever significant to know?

When making weight for a sport. Any more time than necessary spent dehydrating is energy and recovery you're not going to have for the event.

The best scale I’ve ever had was the Nintendo Wii Balance Board.

A couple of years ago I wanted to upgrade my bathroom scale to whatever the best one was and I found that there are no really good scales out there.

This actually tracks as the Wii Balance Boards needs good sensors to accurately sense how you are shifting your weight. I imagine they use better and more weight sensors than your average bathroom scale.

I have a "smart" scale from Polar that fortunately could be used as a regular dumb scale. I think Polar is really great in this regard. Their watches and other equipment can be used without syncing or connecting to their cloud, but the cloud does provide you extra value if you want to use it.

People confuse precision with accuracy all the time. It's one of my geekier pet peeves.

After a ton of research I got an AccuCheck scale (~$30 on Amazon) which I'm happy with, and at least avoids most of the problems with modern digital scales. Clean minimalist look. Takes 3 AAA batteries.


It claims 0.1 lb accuracy, and seems pretty repeatable, but I haven't tested it for accuracy. These digital scales have multiple sensors (this one has 4), so it makes sense that individual sensors may give different readings as you shift your weight around - not sure if there's an exact science to combining the 4 readings into the single one that is displayed.

Luckily the exact science is an adding operation, ifi the sensors behave in a linear way, that is.

0.1lb is ~0.5kg so same precision as parent. 0.1kg is 0.22lb, or literally glass half full of water, or slightly less than two Medium eggs, or 2/3 an empty glass itself, or 2/3 an iPhone, etc. 0.1lb/0.5kg/500g is about 16 fluid ounce in water, so it's probably a good balance point.

Your math is off. 0.1lb is ~0.05kg. 0.5kg is ~1.1lb.

0.1kg is the weight of 100ml of water, which is about 3.3oz

A lot of bathroom scales are too "smart" and display recent cached weights rather than real measurements each time, in order to appear more consistent. Accuracy on some is also very bad if you store scales vertically (e.g. propped against wall) as that requires step-on, step-off re-calibration which people forget to do.

I'm not sure you can even buy "just works" dumb mechanical scales any more.

I'm not sure you can even buy "just works" dumb mechanical scales any more.

You can, they're just more expensive (relatively speaking) because they cost more to make.

Not my much, even; the analog scale on amazon is $27, compared to $20-30 for most digital scales.

Do they have the same accuracy?

We just need to convince normies to stop buying every stupid gadget

... so yeah, we're doomed

I hope that this is a warning to time travelers from the past and not a friendly welcome to time travelers from the future that are looking back on simpler times.

Even with such a toothbrush "lockout", criminals could still go on to put other people's toothbrushes in their mouths.

This type of deviant behavior came to a screeching halt when Crest released their breath-activated toothbrush defense system (BATDS) in 2028. BATDS enabled devices deliver a non-lethal shock to the perpetrator, rendering them unconscious. While BATDS was immediately deemed illegal in most countries due to disputed claims that it caused significant brain damage throughout a large control group, it remains popular in single family households in the US.

I’m not sure of OP’s intentions but in practical terms everyone who read that is a time traveller from the past.

And for literally no improvement or benefit over normal toothbrushes.

Wouldn't this open them to an DoS attack? Set your flipper to fire off bad password attempts at the store and now the entire aisle of toothbrush heads are silently disabled.

It’s 5-something in the morning and I can’t stop laughing at the mental image of some guy cackling maniacally in the toiletry aisle while DoSing toothbrushes.

The absolute personification of Chaotic Neutral

It’s such a funny idea, comic book villainous.

Fear the Toothbrush Terrorist!

Dr. Doofenshmirtz would definitely do this.

It wouldn't happen often enough for that to matter in the risk calculation.

Sounds like something I heard about way back. Using a CRT degausser or other device to erase a Blockbuster store’s VHS tapes.

Lock Picking Lawyer: “this will be my first attempt to toothpick a lock. Using the tool that Flossnian Bill and I made…”

I guess the shortage of chips did not affect the toothbrush industry.

Maybe time to boycott Philips for their woke enforcing of 3-month toothbrush replacement, and closed-source toothbrushes!

(just kidding)

I agree the lock out is most interesting.

I think a better write up would have front loaded that aspect.

Even titling it "How I locked myself out of my smart brush" or similar. If he wanted to be creative it could have had a Film Noir start but even in a technical write up you should start with interesting aspects.

But what happens after you've been locked out? Can you still brush your teeth with the toothbrush?

Next up: 2FA for your toothbrush

I kind hoped the conclusion would be that you could unlock hidden features in the brush head, increase the torque and reset the head so that you don't have to replace it.

But alternatively, since the head has an NFC tag, could you use it for stuff like a partnership with Marriott (open your hotel door with your toothbrush, so much convenience) or with transit companies to charge your monthly transit pass?

Possibilities of an NFC-enabled toothbrush head are infinite. The future truly is fascinating.

Right!?! NSFW features like the Oral-B brush has, where you can order a special brush that helps you relieve certain stress in the bedroom. With the modified Sonicare firmware, the brush won't stop after 2 minutes but keeps "brushing" until, well, you're 'done'...

Reminds me of the time I bought a lamp plug-in dimmer on Amazon, and I noticed that my "personal massager" was one of the "frequently bought with" items.

My wife and I had a lot of fun that night! Turns out the "personal massagers" work a lot better that way.

Wait, personal massagers are generally battery operated. How does this work with a plug in lamp dimmer.

Because it plugs in to a wall outlet.

The Orginal Magic Wand™

At full speed they overheat after 20 minutes or so.

The toothbrush doesn't force you to change the head. You can brush your teeth with an old head as much as you want.

Mine doesn’t just blink; it keeps doing this annoying fast vibrate/noise whenever I stop brushing. So I was reading the article really hoping for an easy jailbreak at the end.

From the sounds of it, three wrong password attempts (from a phone or similar) could accomplish this? That should stop the toothbrush from being able to add extra time to the head

I would guess that it would probably stop working altogether, if it cannot write in the brush head?

My Sonicare does this fast vibrate when I need to charge the brush.

Yeah but if you could reset the head instead of having to change it, imagine the savings

I have this brush and would highly encourage you to swap the head when the brush asks you to do so, for the sake of your dental health.

I have it as well and at this point used the same head for 5 months. There's no visible deterioration and I exceed the recommended brushing time by doing 5 instead of 3 minutes. Why exactly is the head only good for 3 months?

Brushing your teeth for too long can have bad effects on your dental health[1][2]. The heads loose their strength over time and if you replace that with pushing harder, you might also overbrush.

[1]: https://www.colgate.com/en-us/oral-health/brushing-and-floss... [2]: https://riverrundentalspa.com/brush-teeth-too-long/

You probably don't brush correctly: you need to apply sufficient pressure on your teeth so the bristles can scrub the enamel well enough. Or else there is no way your head has no visible deterioration after 5 months at 5 min per brushing.

The brushes have this sensor for a reason. Too much pressure may harm your gum. The article talks about a ultrasound brush, no pressure required.

The toothbrush has an integrated pressure sensor and starts vibrating when you apply too much

Then I don't believe you have no visible deterioration.

It's not only a matter of aesthetics but bacteria etc. Your brush head collects a sh*tload of food waste (which you don't see with your eyes) and remains a bit wet after usage. Perfect substrate for some living organisms. If you have a microscope, feel free to have a closer look.

If you reset it, it's as good as new, right?

All it saves is a light blinking at you. A bit of electrical tape will also solve that problem.

I would question your priorities if you're trying to save on $4 heads for a $90 toothbrush.

There's a $35 edition of that toothbrush today, I got a similar one at $25 (iirc) on some Black Friday. $10 heads are an issue when $5 toothbrushes exist.

I would question your priorities if you're paying more than a couple of bucks on a toothbrush in the first place.

My priorities are: Not wanting fillings.

The difference between using a tongue brush and an electric toothbrush (vs just manual brushing with and without a tongue brush) was so stark that I've never for a moment felt like £40 for a toothbrush with an annual cost of £11.20 for toothbrush heads has ever not been worth it.

Or bump the head into a tag reader and have Home Assistant do anything from ordering new heads to flashing your Hue lights after 2 min of brushing.

Some facts:

The tag is used to change the cleaning mode of the toothbrush automatically, to match the type of head you inserted. This makes very easy to change heads durring the same session.

It is also used to register how long you used that head. A warning is shown when the head should be replaced. After a few warnings you will no longer get them, just the led to replace the head remains on. You can continue to brush your teeth without any problems. What I've found is that the warning comes at the right time, you really feel a decrease in cleaning efficiency around that time.

You can use heads without the cip and they work. You just have to select the proper mode from the handle manually. Or not.

The early versions have a defect where when you push to insert the head, you also push to open the handle. With time, water will get in and the toothbrush will stop working. Not sure about the latest versions.

Is it less effective because they slow the motors down or other trickery?

The bristles wear out. Their heads wear out but they also become soft from all the vibration so they dont't push as hard on the teeth. Also gunk might accumulate depending on how careful you rinse it.

Still better than a manual brush even in that state.

No, it doesn't appear so. It seems the bristles do wear out somehow, to me it appears that they simply become less stiff over time. The change to a new brush head is noticeable.

This should be relatively easy to verify. One could take a new brush head and forward its counter to the limit, directly comparing it to a new unmodified brush.

This is a good question, but people are pretty sensitive to pitch changes, I think we would detect the motor slowing down.

It would be super easy to reveal as well. A family member with the same toothbrush, your head finishes first. Motor slows down, pitch goes down. Compare the two. Replace the old head, now they're the same. Scummy practice revealed. Scandal.

That said. I'm not totally sure on the mechanism that all electric toothbrushes use.

It's much harder to detect subtle amplitude changes.

A few years ago I reverse engineered my Oral-B (Braun) toothbrush in order to change the color of the brush (handle) to one of my liking, without being constrained by the pre-set colors available in smartphone app. (Which I think now also requires you to log in)

Turned it into a Go library: https://github.com/raqbit/goralb

“Goral-B” – Well done.

I'd like to skip the whole "smart" toothbrush phase and go straight to the "smart ass" toothbrush, which razzes me about my sugar intake and gossips with the toaster behind my back.

As a bachelor who lives alone, it would actually be very motivating if I overheard my appliances making hushed comments about how I "look a little more plump than usual."

only if it is true, but for that they would also need cameras on you at all times.

Just a scale on your smart toilet seat would do.

Do you think I could get a smart fleshlight that measures my sperm-count and the average number of thrusts it takes me to finish?

Hm, maybe I'll apply to YC. Except my version also has a sniffer and can detect C. difficile and SARS-CoV-2.

You can skip the toothbrush part: https://www.lurahealth.com/

It's a toothbrush. Why does it need all this tech and an app?

It's better to think about sustainability.

I had an Oral B IO electric toothbrush. The retail price is nuts and the brushes are expensive and can't really be recycled. Imagine millions of these out there slowly rotting.

I gave up on the IO and bought this one instead. Simple design and battery lasts longer too.


Analogue/manual toothbrush is like 1-2 Euro. Product You are promoting is 85Euro. Assuming my normal toothbrush lasts 3 months for 85 Euro I have backup for 21 YEARS. Spare ones are for ~5.6 EUR piece. I will stay with using my hand ;-)

Electric toothbrushes are more efficient at removing plaque and help to avoid gum disease.

If your immune system doesn't react so aggressively to plaque then yes manual tooth brushes are cheaper and you have many sustainable options in this space, i.e. toothbrushes with a wood handle etc.

Not having fillings is worth a lot more than spending £96 every 5 years (electric toothbrush £40 + £2.80 head every 3 months).

> I will stay with using my hand

have to use your hands?? that's like a baby's toy!

This is a nice idea. The problem is longevity. I'd be willing to bet this product disappears after a few years (best case scenario) and you are left with no ability to buy new heads and end up binning the brush. So net net you probably waste more than buying a Philips/Oral-B brush that likely has 10+ years of support for brush heads, which have a far lower environmental impact than replacing the brush. In terms of cost, if you buy the well known brands when they are on sale, they're generally pretty cheap. I'll admit they do try to sting you if you buy at RRP.

They make third-party compostable bamboo brush heads for Philips now, e.g. https://thesustainabletomorrow.com/products/bamboo-heads-phi...

This is probably why they're doing all the electronic shenanigans, so they can later verify that you're using a Genuine Authentic® brush head.

Yeah, then on top of plastic pollution we can have more e-waste.

If more people vote with their wallet then the longevity problem is not an issue.

That's why I bought this toothbrush to support them.

But if everyone thinks that this startup is not going to make it then yes they'll probably won't exist in a few years time.

Some electric toothbrushes really are better than a manual one. Very light pressure and let the super high cyclic rate do the job.

I love my sonicare. The only thing I would change is the 2 minute shutoff. I have all of my wisdom teeth and never had braces, so I need more time for a good job, but the actual cleaning performance is great. I literally had a hygenist say "Your home care is excellent".

I don't know if it needs this much tech, but if people will buy it, they're gonna make it.

I mean, you can find disposable electric toothbrushes in stores ... sustainability does not seem to be among the primary design criteria.

Why do you need an electric tooth brush to begin with? Just get one of those old Jordan ones you can probably get one for as low as $2.

I guess this is one of the downsides of ubiquitous cheap electronics --- DRM everywhere. A similar thing happened relatively recently with label printers: https://news.ycombinator.com/item?id=30420918

(...and people have come up with a "modchip" to bypass that restriction already: https://www.eevblog.com/forum/reviews/dymo-550-thermal-print... )

All my tries to guess to one-way function for generating the passwords failed.

In case anyone else wants to try having a go at this (without inspecting the firmware): ignoring the first and last two bytes of the UID, we see that 79 is farther from EC and D7 in a similar way that FF is far from 61 and 67, and EC and D7 look closer together too. I wonder if they used "real" crypto or just a simple XOR/shift/add/sub cipher.

There's more info about the device itself here: https://device.report/philips-oral-healthcare/hx68

(Unfortunately they've requested the schematics/block diagram/functional description to be kept "permanently"[1] confidential, and the inside photos are difficult for me to make out the part numbers on the MCU and other components.)

[1] I wish those who have been leaking secrets about our government would've gone after stuff like this instead of things like the NSA...

If anyone happens to be looking for an open source alternative label maker https://github.com/andreisperid/E-TKT

Thanks for the news on DYMO, I missed it and I wanted to buy their printer...

I’ll never forget when my damn sonicare toothbrush app warned me about my iPhone being jailbroken. Had to have been a troll by the creators of the app since not even some of my banking apps had that warning.

When I rooted my android phone a few years back, all of my banking apps worked (I had to use magisk hide for some I think) but the only app that would not work was the Macdonalds app... Not that I needed it, I never go there, but I thought it was funny that their app was more "secure" than some banking apps.

I can tell you from a few weeks ago that Santander definitely does care and magisk hide does nothing for it

Probably outsourced the app development and the contractors reused their boilerplate which included a jailbreak check.

As a security professional, I often get asked whether adding a root check is advisable. My general recommendation is to go ahead and implement it, but with a focus on data collection rather than taking action. For instance, you can log if a user is using a jailbroken or rooted device, without interfering with their experience. The responsibility for running a secure operating system lies with the users themselves, not the application. Applications that attempt to restrict how users utilize the app can be likened to malware.

Now, there might be instances where a business executive argues in favor of DRM or ensuring that certain coupons are limited to specific regions. In such cases, its sometimes suggested as a requirement to verify if the app is running in a simulated environment or is rooted. However, I can assure you that if you lock some kind of value behind this check and then rely solely on the operating system to provide this level of security, there will eventually be clever hackers who find ways to bypass the protection. The same principle applies to business-to-business apps that demand extensive control. In such situations, you need to rely on other software solutions or provide dedicated hardware. It's important to refrain from attempting to take ownership of my device, considering it's already under the control of Apple or Google anyway... /sarc. If you require stronger guarantees, I suggest reaching out to them.

I wouldn't be surprised if the apps did notice, but didn't take any action because it might be a hairy legal problem if they get between you and your money.

Banking apps locking you out when jailbroken is a major pain point for those who do, so I doubt that there is any legal issue.

> that the tag is configured to permanently disable all write access after three wrong password attempts

Why is this kind of thing legal? For how many politicians and activist groups claim to care about the environment, why hasn't anyone introduced a bill to ban intentionally turning useful equipment into waste? Any legitimate security needs would be fulfilled just as well by doing a full wipe and factory reset instead.

Why is this kind of thing legal?

For starters, my experience says that, unlike an HP printer, your toothbrush still works just fine[0] if you ignore anything that tells you to replace the head.

[0] At least as fine as a toothbrush with a worn-out head is going to work.

I don't really mean about the toothbrush. I mean, why is it legal for NXP to make chips that permanently brick instead of just factory resetting when too many wrong passwords are tried?

Because it's a feature customers ask for? What laws do you want written? How "secure" am I allowed to make my product before the Feds come a-knockin'?

And what does a "factory reset" accomplish? The hacker trying to get company IP (or whatever the password is protecting) gets three more attempts at it after the reset?

Finally, and I'm not saying this makes it okay, but e-fuses are common as dirt these days. I don't know that you're going to get that toothpaste back in the tube.

> Because it's a feature customers ask for?

Aren't switches to temporarily bypass emissions controls in cars illegal, despite being a feature customers ask for?

> What laws do you want written?

I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.

> How "secure" am I allowed to make my product before the Feds come a-knockin'?

If the one you're trying to make it "secure" against is the product's owner, then I'd say "not at all" would be a fine answer.

> And what does a "factory reset" accomplish? The hacker trying to get company IP (or whatever the password is protecting) gets three more attempts at it after the reset?

The point is that the factory reset would delete the company IP.

> Finally, and I'm not saying this makes it okay, but e-fuses are common as dirt these days. I don't know that you're going to get that toothpaste back in the tube.

Wasn't asbestos also as common as dirt before it was banned?

> Aren't switches to temporarily bypass emissions controls in cars illegal, despite being a feature customers ask for?

So you'd propose that we bans switches? You're saying that a microcontroller should never have a certain feature because you don't like how it has been implemented by a single company. Then you propose that nobody should have this feature ever because someone once used it to turn on a light reminding you that it's time to change your toothbrush head (and then let you brush your teeth normally with no further interruption).

I don't think your analogy holds up, nor have you thought through what you propose.

> You're saying that a microcontroller should never have a certain feature because you don't like how it has been implemented by a single company.

It's not the implementation. I don't want hardware to ever be able to permanently make itself less useful, no matter how it's done or what it's being used for.

You're making an argument that PROM, WORM, efuses, etc all shouldn't be allowed to exist. They're used for all sorts of features, not just security. You might do well to apply the lesson of Chesterton's Fence before you call for a ban on things you don't actually understand.

For legitimate cases of write-once media, it should be legal if and only if it's separate from the rest of the device and easily replaceable (e.g., a socketed chip or a DVD+R). Anywhere that write-once media is permanently attached to something else, it inevitably ends up being used for evil.

> I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.

One thing, I can think of, are hardware-based security devices that disable themselves after recognizing break-in attempts.

What kind of devices do you mean exactly?

Another comment gave a concrete example: https://news.ycombinator.com/item?id=36134415

Payment terminals come to mind, they brick themselves when tampered with

> I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.

I am in opposition to this stance. What you're (rightfully) concerned about is when companies do bad things with these mechanisms. But the mechanisms themselves not only have no ethical/moral problems, but are also really useful for all sorts of things that entirely unobjectionable.

What legitimate uses are there for e-fuses that can't be done just as well with arbitrarily rewritable storage?

Many security applications, situations where you're providing equipment to others and want to make sure it's not modified, etc. It's not that hard to come up with legitimate uses for this.

In any case, that sortof doesn't matter. Even if there was no legitimate use for them, that doesn't in and of itself mean they should be illegal. You should at the least demonstrate that their existence is causing great societal harm.

> Many security applications, situations where you're providing equipment to others and want to make sure it's not modified, etc. It's not that hard to come up with legitimate uses for this.

Why isn't just making sure the expected private key didn't get wiped a good enough way of making sure it's not modified?

> You should at the least demonstrate that their existence is causing great societal harm.

Okay, how about that it destroys the secondhand CPU market? Once you use an AMD CPU in a Lenovo computer, it blows e-fuses to keep you from ever using it in any other brand of computer: https://news.ycombinator.com/item?id=29958247

> Why isn't just making sure the expected private key didn't get wiped a good enough way of making sure it's not modified?

What's to stop someone from extracting and restoring the private key?

> Okay, how about that it destroys the secondhand CPU market?

Sure, then how about addressing that issue rather than proposing to outlaw an entire mechanism entirely? We have a lot of things that can be misused, but (generally) only in extreme cases do we outlaw the tech itself. More usually, we have laws targeting the misuse of the tech.

> What's to stop someone from extracting and restoring the private key?

Isn't the whole point of these chips that you can't extract the private key, so that if it gets wiped, it's definitely gone forever?

> Sure, then how about addressing that issue rather than proposing to outlaw an entire mechanism entirely? We have a lot of things that can be misused, but (generally) only in extreme cases do we outlaw the tech itself. More usually, we have laws targeting the misuse of the tech.

But this particular technology doesn't seem to have any legitimate uses.

> Isn't the whole point of these chips that you can't extract the private key, so that if it gets wiped, it's definitely gone forever?

I don't think these chips include TPM. But if that's the case, wouldn't you object to that on the same grounds that you object to efuses?

> But this particular technology doesn't seem to have any legitimate uses.

Myself and at least one other commenter has mentioned a few legitimate uses.

> I don't think these chips include TPM. But if that's the case, wouldn't you object to that on the same grounds that you object to efuses?

No, because it would let you generate a new key instead of remaining keyless forever.

It's just a toothbrush.

It's not just a toothbrush. A lot of products do this kind of thing. https://hackaday.com/2022/10/26/flashing-booby-trapped-cisco... is another example.

So then why does it need ANY of this?

It doesn't. These toothbrushes are a ridiculous waste all around.

I'm inclined to take the common HN position of "trying to lock people out of modifying their own stuff is bad", however there are plenty of situations in which someone who is not the owner might access an NFC tag and try to make it do things the owner does not want it to. Bricking it seems like the nuclear option, but it's not inherently evil to offer the option of NFC tags that are both tamper-resistant and tamper-evident.

"tamper-evident" would be easily accomplished by completely wiping the contents.

Because NXP makes this chip compliant with ISO/IEC14443, meaning it can be used in payment cards. EMV requires shit like this in their credit card NFC and I'm thankful for it.


Why should it not be legal to make such chips?

Because they take control away from the actual owners of devices, and they, unnecessarily contribute to e-waste, for no increase in real security.

> they take control away from the actual owners of devices

Only if they're used that way. They don't take control away from the actual owners of the devices if its the owners who put them in there, for instance. Again, I think you're conflating the existence of a mechanism with the abuse of the mechanism. If you were just railing against the abusive uses, I'd be behind you 100%.

I just don't see why we should outlaw a common and useful mechanism entirely, rather than outlaw certain uses of that mechanism.

I'm curious but will totally forget to report back in a few months when mine wears out. I'm... not sure, but somewhat confident that it starts to limit the more aggressive brushing modes once its "worn out", although it's possible it was just gummed up internally with toothpaste residue. Last time I changed the head on mine (Philips Sonicare), it definitely felt significantly more powerful with the replacement head.

I think it's just that the bristles are all nicely aligned on a new head - after a while they start splaying, so pressure is going in more directions over a larger area.

I do love the feeling of a fresh sonicare brush.

Me, dumb: I change my Sonicare toothbrush head whenever it tells me to. I haven’t had a cavity in 8 years.

You, a clever toothbrush-hacking genius: haha, the head is new again!

This is neat, and I find the process of reverse engineering the Sonicare toothbrush fascinating, especially sniffing the NFC communication, but please change your toothbrush head every three months.

Yes, I realize I might be in the minority here, but isn't this actually great use of a smart device?

Not having to keep track of brush head changes, awesome! One less thing to worry about, as the device is smart enough to tell me when it's time for a new one.

> isn't this actually great use of a smart device?

You don't need anything to tell you when it's time to change your toothbrush. You can tell by feeling it, or in the extreme, by just looking at it. There's no need to track anything.

I've pondered it myself, for me it comes down to whether the company has implemented it in an ethical way or simply as a way to maximise profits. In this case I feel like they aren't being malicious, but I've only used the brush with compatible brushheads for about half a year (was using up my old ones from an older model first).

I got mine to buzz, but it never prevented me from brushing my teeth.

Bit meta, wanted to say this is one of the interesting posts on HN in a while. Good work on the author's part, following their curiosity, writing it up in an understandable way for the rest of us. They weren't successful in the end but still got far.

Hacking the NFC comms is fun and all, but it turns out you can just rip out the orange flatflex PCB under that metal ring with a screwdriver and the brush doesn't care :)

Stops it from beeping at you when your allotted product lifetime is up though.

Kind of concerning this could turn into another toner ink situation

That's exactly why they did this. They can lock out 3rd party vendors and also force you to buy new heads at an interval of their choosing all in the name of "ensuring quality".

It runs normally without a head attached, so they must not be doing this yet. The architecture authenticates the body to the brush, which is the reverse of what you would do to lock out brushes. (A third party brush can get the password from the body and say "yup, that's definitely the password" and then the body thinks it's genuine. Meanwhile, a third-party body could use genuine brushes because a brush can't mechanically make itself not work. So there just isn't any lock-in here.)

The main feature this seems to be used for is to put the body into "whitening" mode if you use a whitening brush.

Keurig did the same thing with their later models. The coffee I used (SF Bay pods) just shipped a widget that tricks the Keurig into accepting the pod. I drink cold brew now, but I wonder if that cat & mouse is still happening.

It works happily with a brush head without NFC. That was the first thing I tried with my new toothbrush.

It works /right now/. Revisit this comment in 3-5 years and see if the behavior of new brushes and brush heads has changed for the worse...

It can’t be far off that they ship a BLE or Wifi enabled Sonicare that reports your best brushing habits to the app that then posts it on Facebook for philipPoints you compete with your friends on… oh shit… what have I done!?

Anyhow, blocking unofficial heads is just an OTA firmware update away.

Umm this has been a thing for ages.

Although the points don't go to Facebook - you get "rewards" for them. Eg:

> Pair one or more brushes to our iOS or Android app, then you’re all set. quip’s Bluetooth® Smart Motor will automatically store your routine, no phone needed! To check your brushing stats and the points you’ve earned, tap the app.

> Earn bonuses for never missing a beat! Redeem points for rewards you’ll love


This future is fucking stupid.

The Sonicare App already reports your brushing areas and how long you brush and other metrics. It wouldn’t be hard to add a “post to FB feature” (but let’s hope they don’t).

There are no "OTA firmware updates" for Sonicare toothbrushes. There are no other firmware updates either.

Yet. That was the entire point of my post.

Also, how would you know? I have an IOT product that can delta OTA, so only the bytes of the firmware that change are sent to the device, I can do firmware updates that are crazy fast. ESP if it’s just something like turning a feature on.

locking down heads will hurt what market share philips still has far more than it hurts their consumers. there are alternatives, and even a locked brush is an alternative - it still works, and actively pisses off the user.

people skip brushing their teeth for all sorts of reasons. (yes you do. stop lying. your dentist doesn’t believe you, either.)

people go out of their way to not skip coffee.

It has already happened. Philips has designated 3x months for a single toothbrush lifespan, which may or may not be the case (depending on one's toothbrush using habits) as the head clearly does not annihilate automagically after three months. For the sake of the conversation, let's say the recommendation is valid.

Where it gets more interesting, though, is actually not at Philips but at shops that sell replacement heads. Sale assistants do go out of their way to actually lie to their customers and tell them that a single toothbrush head will last, like, many-many-many months. And when asked at the next shop visit about why the toothbrush started yelling three months after replacing it, they will blink their eyes and literally inform the customer of «having never heard before about it from any other customers». The situation happens on a regular basis, and the only recourse that works with such people is brushing the pesky flies aside and politely ignoring them. Since not every customer can or does that, the ink business of electric toothbrush replacement heads prospers.

Are that many people talking to someone at the store when they buy a $65 toothbrush?

Huh? As shown in the article; the system keeps track of brushing time; not time in general.

You have quite the imagination

All I know is that I absolutely never, ever, ever want my toothbrush to be "smart."

We need to stop putting firmware in things that don't need firmware. Not everything needs a chip or intelligence. The rampant abuse of this kind of thing leads to shitty products and an uptick in electronic waste.

I bought one of these toothbrushes almost two years ago.

It really makes a difference:

- The connection to my phone helps coach me in making sure I'm brushing my teeth properly. Bad habits sink in easily, and my various dentists all point out that my teeth and gums are much, much healthier. Given that I am cursed with some bad oral genetics, it's "money well spent" for me.

- The counter helps remind me when to change my toothbrush head. I used to be much lazier about changing it; again; because bad habits easily sink in.

Could someone figure out how to do this without an NFC chip in the toothbrush? I hope so! The toothbrush heads cost much more than traditional "dumb" manual toothbrushes. I don't want to have to spend big bucks just to have good personal hygiene.

ironically the special blue bristles in the philips heads that turn white when the brush head needs to be replaced is exactly what you want, I think?

That's not the same, because it's gradual, as opposed to a beep / notification.

When things change gradually, I tend to ignore the change.

To put it in a different context, I've had the fadeout brush heads for years, but I had to get in the habit of changing my brush head when I went in for a dental cleaning because otherwise, I'd just keep using it forever.

The chips are not a problem. Nonfree software is.

I disagree. For a toothbrush, the chips are a problem. If nothing else, manufacturing chips is very bad for the environment. We shouldn't be putting them in things that don't need them.

If we were talking about the climate problem, you would be right. But your comment is a goal shifting, because I replied to the problem of abuse of the firmware in the chips. Abuse can't happen with free software.



Putting firmware in shit that doesn't need firmware is itself a problem, even if it's free.

I don't see a problem really. What's wrong with being able to fine tune, e.g., how strong the vibration is? Maybe my teeth are more sensitive than usual. Or between 'sensitive' and 'normal'.

At your next dentist appointment: it seems like your toothbrush isn’t getting security updates.

I have one, but it never occurred to me to want to hack it.

"But how do you know when it's time to change the brush?"

Well, how about when it starts getting soft?

How about when the blue part goes away, as documented? :-) I've used a Sonicare for, what, ten years or more? And I don't think I've ever seen an indication that the NFC is communicating anything to me. That's not to say that it isn't, but if I'm going to ignore something[0] and replace the head when I damned well please, I just ignore the blue part of the bristles. I could probably adjust my behavior to ignore whatever flashing LED the NFC sets off, but after so many years I'm just going to continue ignoring what I always have.

[0] I'm either easy on toothbrush heads, or Philips is lying, because when the indicator says "buy a new head" it still has plenty of life IMO. Bristles straight and tall, just like a new one, but no blue left being the only difference between that and new. So I ignore it and get a new one when the bristles go a little wonky.

Probably depends on which body you are using. In mine it both flashes a tiny LED and does an extra little buzz-buzz buzz-buzz signal with the ultrasonics when you turn it on (or off, can't recall which) when the head has 'expired'. Continues to work fine, though.

You might be interested in this YouTube video from Applied Science with electron micrographs of 'new' and 'worn' toothbrush bristles - there is a very marked invisible change that happens: https://www.youtube.com/watch?v=cwN983PnJoA

Mine was doing that, but after a few weeks it stopped the special vibe. It only blinks now.

I just change the brush head on the 1st of every month. They say it lasts for 3 months, I must press too hard. So it goes.

...I must press too hard

Could be. My wife presses so hard, I hear the motor bog down. "JFC, honey, let up a bit", to no avail. She's constantly replacing her heads. I literally can't remember the last time I popped a new one on mine. I could easily believe it's been six months (and, yeah, it's about due).

That’s probably really bad for your wife’s teeth.

It's mostly bad for your gums. The plastic bristles and abrasives in toothpaste aren't meaningfully wearing healthy tooth enamel in the amount of time most people spend brushing.

I just got a new Sonicare. It actually has a feature that detects the over current condition, stops the motor, and buzzes.

> I must press too hard

a dental hygienist told me to hold it with just the thumb and forefinger.

I can't quite manage that, but if you look at how drummers hold their sticks, it's never in a fist. Their arms wouldn't last through one show like that.

So if you at least take your little finger off it, the amount of pressure goes down.

> but if you look at how drummers hold their sticks, it's never in a fist

Watch Roy Mayorga.

> "Reversed, the way the weight of the stick meets the head is just insanely loud. It makes your drum project so much more, if that’s what you want. That’s when you’ve really got to stretch your arms out, because the weight of the stick makes for a lot of wear and tear on your forearms."

I'm not a drummer, so I shouldn't make blanket statements like that, I guess. I always thought they held the sticks loosely.

Look at Ginger Baker & Elvin Jones, from 0:56 on.


Or Roy Haynes:


OT but said that I was brushing too hard and told me that holding the brush at the tip (so that you have less physical leverage on it (instead of gripping it like you would some other appropriately shaped bodily appendage)) will result in the right amount of pressure.

Pressing too hard likely makes it much less effective. With the Sonicare brushes you're supposed to let the vibration do the work, and just like holding the cone of a speaker still you're not getting the vibration that does the job.

The version of the brush I have buzzes at you if you’re brushing too hard.

Mine does too, a light on the bottom lights up as well. I sometimes absentmindedly activate that feature but it's not normal.

AB testing showed that sales increased after indicating the head should be removed earlier than necessary.

what is this "as documented" of which you speak? /s

toothbrushes come with documentation???

Brush for 2 minutes.

No more, no less.

One is not enough.

Three is too much.

Four is right out.

good brushing is technique independent of time

if you brush for 2 minutes but don't get enough passes over each square mm of surface area, you have done a bad job of brushing

instead of watching the clock, imagine each of those surface areas and make sure you hit them

plus gums, tongue, roof of mouth, etc.

the SonicCare has this "quad-pacer" feature where every 30 seconds it makes a sound to remind you to change quadrants of your mouth, and after 2 minutes it shuts off.

I swap toothbrush heads 4-5 times a day (a couple times per brushing session) and one of my major issues until now was that I didn't know how long I had used any individual toothbrush head and when to replace them (I didn't start using all of them at the same time). With per-head usage tracking this is much easier... I wasn't expecting it, but I'm glad Phlips is considering and supporting my use case.

I think the use case is a family using the same electric toothbrush with a different head for each member.

They used to provide color rings to attach to the head, in order to differencing.

but that's not what he said. He said a single brushing session.

If this is serious, why?

Hahaha thanks for the laugh

Well, I do that, too. Single brush body and multiple brush heads.


I replace brush when I feel it's the time. Every time after I replaced it, the difference is bigger than expected. I should replace it earlier. Maybe I should buy this Philips.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact