Hacker News new | past | comments | ask | show | jobs | submit login
Bypassing regulatory locks, hacking AirPods and Faraday cages (lagrangepoint.substack.com)
591 points by rithvikvibhu 29 days ago | hide | past | favorite | 193 comments



It appears that the Hearing Aid feature is actually an equalizer preset that is pushed to the AirPods and will replace your transparency mode.

Apple could've just not marketed these as "hearing aids" or used the medical terminology, as every other TWS with parametric EQ and transparency mode can do the same thing, and they wouldn't have the regulatory hawks going after them. They only lose the marketing edge, but perhaps that was a huge calculated risk.

There's an incredible amount of processing power and flexibility in these things. Even the sub-$10 ones using the infamous JieLi SoCs - a 160MHz 32-bit computer in each ear. I'm surprised there hasn't yet been any TWS advertised with open-source firmware, although there's been some work in the usual Chinese (and Russian) communities on customisations.


> They only lose the marketing edge

This is a bigger deal than it may sound. Apple isn't operating in a vacuum, sony[0] and bose are also targeting the market and they'll also probably do their marketing push as they see fit.

Apple only having a "kinda works as a hearing aid" is a sizeable disadvantage when the other brands will have posters in prominent places at sales points. Apple would still win on online sales and people who don't need that much reliability of course.

[0] https://electronics.sony.com/otc-hearing-aids


How do Sony or Bose have any kind of retail advantage? What stores that sell Sony and Bose don't also sell Apple stuff? Plus Apple has their own stores which make more money per square foot than just about any other retailer.


Sony has great audio codecs and doesn't treat my Linux desktop as a second-class citizen. I have zero reason to even consider Airpods as a serious alternative for as long as they treat multipoint bluetooth as an optional feature.

Once you factor price into the equation, there's very little reason for an educated customer to pick the Airpods besides marketing. Apple doesn't give people a good reason unless they already own thousands of dollars in other Apple hardware.


Because they’re about to sell their products as hearing aids due to the recent OTC hearing aid regulation change.


You seem to be painting Sony or Bose as some small upstart that struggle to get store shelf. I'm not sure to follow.

Sony funnily also has presence in many specialized and/or non tech shops (select goods shops etc.) where they could be only two or three earbuds. If Apple didn't get the certification, having a spot for Sony's or Bose's ones could have been a natural choice if the shop targeted that kind of demographic.


There aren't enough of those specialized shops to make a difference. Certainly not enough to present a sizeable disadvantage for Apple. If anything, not being in the Apple Store presents a sizeable disadvantage for Sony.


Funnily enough, the company that bought out the consumer audio division of Sennheiser some time ago is a manufacturer of hearing aids. (No hearing aid features have manifested in the Momentum True Wireless series thus far.)


> I'm surprised there hasn't yet been any TWS advertised with open-source firmware

Let me introduce you to the PineBuds Pro: https://pine64.com/product/pinebuds-pro-open-firmware-capabl...


User can flash in PINE64 community open firmware when becomes[sic] available.

I did manage to find the firmware, but it says that it doesn't have ANC, which the factory firmware does. Good start nonetheless.


>Excessive flashing Pinebuds can potentially brick the device.

Jeez that's not great. Hard to develop on these devices when too many flashes kills them.


The flash on these SoCs is usually designed to be programmed once at the factory, and then perhaps the occasional firmware update. Endurance is in the ~100 cycles range.


For anyone else wondering, apparently "TWS" means "True Wireless Stereo":

https://audiochamps.com/what-does-tws-mean/

So, Bluetooth.


Bluetooth headphones have many form factors. TWS in particular means you have two buds that aren’t joined in any way.


This is what a non-TWS Bluetooth earphone looks like:

https://5.imimg.com/data5/SELLER/Default/2023/5/311562137/UE...



They may have been trying to target the crowd that uses FSA/HSA to pay for medical related expenses.


Is that the only concern? That's good because Apple probably won't go and turn the feature off.

I was worried that there might have been some other regulatory concern, perhaps to do with volume. Though I can't think what that might be.


> every other TWS with parametric EQ and transparency mode can do the same thing,

AirPods too! I'm am yet to be convinced that this is any different than using a different hearing test app like Mimi and applying the resulting audiogram, as has been possible for years.


But can you play Doom on them?


the point is that they can do, in an FDA-approved manner a hearing test + tuning the hearing aid + hearing protection all in one device

and this means both that they don't have to use weasel legal language to avoid "the regulatory hawks" AND that they gain a huge air of legitimacy in their marketing as a medical device


I own AAPL for that marketing edge! I bought more AAPL after they announced locking down macOS to prevent third party sourced applications from running, because Apple customers are the kind who'll interpret such news as daddy protecting them and looking out for babies' best interests, which means more money going into the Apple tax to pay AAPL holders!

Fwiw I refuse to own Apple, I only own AAPL.


You do know you can still use macOS to run third party closed source applications, right?


An even unsigned x86_64 apps and ad-hoc signed arm64 apps.


> Since WiFi and a microwave operate at the same frequency (2.4GHz), we ran our leaky microwave at full power to block out any persistent network signals in the air.

Incidentally, WiFi tries to intentionally avoid this interference. Microwaves output no power during the zero crossing of the AC line that's driving it, and in this interval, there is no signal in the air to jam things. WiFi listens before sending (so as to avoid stepping on other stations), and the microwave's signal is enough to trigger this. (I forget if microwave ovens are "half wave" and you get 1/120th of a second 60 times a second, or if there is just a threshold near the zero crossing where there isn't enough power to interfere.)

I would say it's likely that the microwave oven didn't really do much here.


Whatever the theoretical analysis tells you, I've been able to reproduce a microwave interfering with a wifi signal with at least one microwave and router. I've had other times where it didn't have a noticeable effect though.


The key to happiness in WiFi is that all the stations have to "hear" each other, or the listen-before-talk algorithm can't work and you end up stepping on valid transmissions that you can't hear. This ruins it for the stations that are the targets of that transmission but can also hear the first station. This is why WiFi tends to degrade at longer ranges; with a topology like <computer A> <---> <access point> <----> <computer B>, both computers can hear the access point, but can't hear each other. This means that they step on each other when talking to the access point; when this happens, the access point sees the sum of the two signals which is has to discard as garbage. As a result, whenever you see enterprise WiFi that actually works, you'll probably be able to see a ton of access points covering a large room. This is so that they can transmit at low power, causing devices in the above topology to roam to a different access point before they enter the failure mode of not hearing other stations connected to that access point.

Now that I think about it, in OP's case, it's quite possible that the iPad can "hear" the microwave, but the access point can't, so the access point will send out its SSID broadcast while the microwave is interfering. This is great because you WANT that packet to get corrupted. So maybe the microwave does help!


> As a result, whenever you see enterprise WiFi that actually works, you'll probably be able to see a ton of access points covering a large room.

IETF attendees reengineer their hotel’s Wi-Fi network - https://www.computerworld.com/article/1448494/ietf-attendees... ( https://news.ycombinator.com/item?id=3771876 31 comments)

> “There was no WiFi signal when on the desk in front of the window in my room, but after some experiments, I discovered that the signal was quite good… on the ceiling of the bathroom,” emailed Marc Petit-Huguenin.

> “I have a Nexus S phone, so I taped it on the ceiling of the bathroom, and used tethering over Bluetooth to bridge the gap to the desk,” he explained. This is a slow connection, but good enough to send emails over SMTP or use vi [the popular Unix text editor] over SSH.”

> ... Working behind the scenes, a team of IETF attendees negotiated with the hotel and were granted access to the wireless network by Sunday night. ...

> The changes made by the IETF makeover team included:

> – Decreasing the AP receiver sensitivity ([changing] HP/Colubris configuration “distance” from “large” to “small”);

> – Increasing the minimum data and multicast rate from 1Mbps to 2Mbps;

> – Decreasing the transmit power from 20dBm to 10dBm;

> – And, turning off the radios on numerous APs to reduce the [RF] noise.

> ...

> Each floor now has approximately two access points on each of these four channels, with the channels staggered on adjacent floor. That design maximizes the distance between access points on the same channel. “I hope this will significantly improve the coverage in some rooms that had marginal or no signal while also improving the signal to noise ratio for all,” he said

----

Note that the changes were being made to decrease the power being used.


You'll also see this in wireshark as retransmissions of packets. It's really great for discovering that a service you've written isn't filling packets and can only get 50-ish bps throughput due to head-of-line blocking and sending lots of tiny packets.


I’ve had a microwave oven interfere quite clearly (correlated with turning it on and off) with my AirPods before.


Fun story: I’ve had a speaker which would connect to a Bluetooth device as soon as it was turned on, and only enter pairing mode if a paired device wasn’t in range. I couldn’t figure out what device it was connecting to, so I put it in the microwave (while it was off!) briefly to trigger the pairing timeout.


> Microwaves output no power during the zero crossing of the AC line Why is this? Do microwaves by design modulate their 2.4gHz on top of 50/60Hz?


The magnetron needs about -4.4kV to work and food does not care about the purity of the signal, only net energy delivered.

So the transformer based microwave oven power supplies have a 2.2kV transformer and then double that to 4.4kV for the magnetron.

There is no filtering or smoothing, as those parts would cost money and present a danger to the service technician.

So the voltage feeding the magnetron is not even sinusoidal.


Yup, exactly. Compare the price of a PC power supply, which outputs a very smooth constant voltage, to a microwave oven. The microwave oven is cheaper, and uses all 1800W of your circuit. A DC power supply that does that is much more expensive.

It is truly amazing how cost-optimized microwave ovens are.


So two leaky microwaves on different mains phases would block (2.4ghz) wifi?


In theory, yes, but in practice microwaves messing with wifi is such a well known phenomenon that there's an XKCD about this.


A commenter on Reddit [1] pointed out that you can access the hearing test feature directly by using a special URL:

    x-apple-health://HearingAppPlugin.healthplugin/HearingTest

I wonder if there’s a similar deep link to be found to enable Hearing Aid mode?

1: https://www.reddit.com/r/AirpodsPro/comments/1gftyqo/is_the_...


This was one of the rabbitholes I chased down, but didn't find anything.

At some level, this was just the easier approach :)

I'm sure there's something though. Apple changed the URL handler schemes for iOS 18, so a lot of old repos that reference that don't work anymore.


Hey! I'm Rithwik, one of the authors of the article, happy to answer questions etc!


Mainly just wanted to say, this is an absolutely fantastic hack and I loved reading about it - thank you for sharing!

I guess if I have one question, it would be... what else are you planning to do with your new Faraday cage?


I'm thinking of making it easy to "teleport" to any location within the cage

Imagine typing in coordinates or picking a location on a map, and then suddenly your phone or any other device is at that location inside the cage, by a combination of GPS, cellular and WiFi spoofing

My former manager called it a portal haha: https://x.com/masadfrost/status/1856467695606345756


Thank you for reading and the kind words! We're almost looking forward to this loophole being shut down to really make things a tad bit more challenging haha

We've got some ideas for the Faraday cage—a whole bunch of networks research and hacking that we can do without messing up live systems! It's also really nice to be able to test a device in isolation, without worrying about whether it's phoning back home in some way.


> We're almost looking forward to this loophole being shut down to really make things a tad bit more challenging haha

This is a great attitude in the face of a pretty sad 2024 reality: that the manufacturer of a device is expected to intentionally go out of its way to remotely stop users from using the device they bought in the way they want to use it.


I'm a bit perplexed about region handling, maybe you could shed some light on it. I have an iPhone from Canada, with a Canadian Apple account (Canadian CC/billing address, set location to Canada in App Store), but live in Spain for the last few years. I am still fully "Canadian" according to Apple. I don't get any of the 3rd party App Store stuff that's region locked to the EU, and have access to Apple Intelligence and other features not available in the EU.

I can't give the hearing aid feature a test because it's not available in either Canada or Spain, but I am wondering what the difference is (if any) between the hearing aid region lock and other geo-locked/geo-enabled features Apple has.


You can login with a second account that is an EU account, my wife went this route. You get the best of both worlds.

I ended up transferring my account to an EU account (pro-tip, you may be on the phone with Apple support for 6+ hours if the automation fails). I still have access to both US-specific features (like Apple Cash in USD and the feature in this article) and EU-specific features (like the new app store stuff).


Are you _physically_ in the EU too?

I'm surprised that this worked for you, my main Apple ID is a German one, with active CC/subscriptions/etc; but I am physically in Japan and definitely don't get to play Fortnite on my phone.


Yes, I'm physically in the EU. I'd be curious if you set your computer up as an access point and connected to a VPN (so the phone won't know if it is on a VPN) and then use an exit point in the EU. You could even go so far as spoofing GPS in your house using SDN to even make it think it is in the EU. (just don't forget to make the testing room a faraday cage to prevent any airplanes from getting confused).

I'd even be happy to repeat your cellular signals here in the EU, so you connect to EU towers.

That would be entertaining to see if it worked.


Awesome article. This kind of hacking casually showing iOS app behavior is another world, especially because I thought they were so locked down. How did you get started, any recommendations?

Since you did not end up having bought yourself a very expensive set of earphones, what earphones do you use — or want to get?


haha, I think I've got many miles to go before I'm qualified to answer this :')

I've just been hacking away at things since I was in middle school, am lucky that there's some transfer. LLMs have also been a huge unlock—really cool to be able to try things at near speed of thought!

> what earphones do you use — or want to get? I'm very happy with my Shure Aonic 3s, a very loyal IEMs guy!


In the true spirit of 2600!


That's a really awesome hack, thanks for sharing. I was slightly surprised that you had to go as far as spoofing a wifi network actually but it's great you figured it out.


Loved the article, thank you for sharing. How happy are the grandparents with the hearing aid functionality? Is it working well for them and how is the battery life?


It's all too early to tell, but we'll know after a week or so. The battery life thing is not seeming like a big problem, since the existing device needs batteries changed every few days or charged every night.

As for the sound quality, a few of our grandparents have tried it, and while they say it sounds 'different', it's not necessarily bad. Grandma was actually quite content even with just the old EQ settings that shipped pre iOS 18 for folks with hearing issues.

Thanks for the kind words!


The hearing test on one of the images shows a ‘profound loss’. Does the hearing aid feature work for such a significant loss, or does it disable for any result beyond moderate loss?


The feature only works when hearing loss is mild (26–40 dBHL) or moderate (41–60 dBHL). We had to repeat the test a few times to get it in the range and enable it.

https://support.apple.com/en-in/120991


Thanks. Any tips on how to do this while keeping the hearing profile as close to reality as possible?


Hi Rithwik -- great work. My Nana would have been thrilled to know this was possible :)

If I can ask -- what program did you use to generate the code maps in your article?


Binary Ninja: https://binary.ninja/ :)

Think someone has already linked it below!


It's Binary Ninja: https://binary.ninja


They look a lot like the graphs that Hopper produces :)


Thank you for your work. In the substack write-up, you said: "There was more work to be done: we needed a reliable reproduction, and a concrete process." Could you elaborate on the process for unlocking?


Maybe I missed it but did you make or buy the Faraday cage?


We built it ourselves actually!

The first prototype was just aluminium foil, tape and hope, but we wanted something more solid so we built one out of n°100 copper mesh and some 2020 aluminium extrusions!


You can use a microwave oven as a very cheap faraday cage. Just don't turn it on.


The door of a microwave typically doesn't form an RF-tight seal. Instead there's a groove that forms a resonant trap at the microwave's operating frequency. So it'll probably block 2.4-GHz ISM-band stuff like Bluetooth (I don't actually know how wide the trap band is compared to a BT or wifi channel), but outside that band all bets are off.


I assume he needed it to have a small opening in the cage to shove the Raspberry Pi through it (to broadcast new SSIDs)


You are replying to the article author. He knows you can use a microwave oven as a very cheap faraday cage. He tried that, but it wasn't good enough.


Does this reset itself after a certain amount of time or is it one and done? I'd be worried about the feature being removed when the iPad or airpods decide they've been in India for too long.


Heya! One of the authors here.

Nope, its a one time thing. When the feature is enabled, a flag is set on the iCloud account, so you can travel anywhere and have it work. At the same time, a EQ profile is pushed to the transparency mode of the Airpods, enabling the hearing aid features.

Once done, it sticks with the Airpods, unless you reset them.

However, an interesting quirk is that if you enable this on someone's airpods, and _their_ device/account does not have it 'available', they wont be able to tweak the settings on their device.


I wonder if the flag gets reset every so often if the device doesn't think it's in the US for a long period of time. I've heard Apple considered that for some of the other EU restrictions


Probably not to account for people spending lots of time outside the US. The main restriction is not selling items with particular features outside of approved countries but them getting used after being bought elsewhere isn't usually a big deal. India doesn't care about my Grandma wearing her hearing aids because they're not approved in India and if the government doesn't care where's the incentive for Apple to break functionality for customers?


I live in India and I have been using hearing aid feature since at least March when I bought Airpods Pro. Only that it wasn’t called as such earlier. It uses the audiogram I had provided it which it used to create a customized equalizer for my hearing disability. I am sure they must have improved upon the capability in new OS versions but functionally it has been present for a while now.


I suppose the difference is 1st party support for creating the audiogram, plus the clearance from the US gov to market it the way they want as OTC hearing aids


It also applied the same profile to both ears, which matters for some. My hearing loss is highly asymmetric.


Does it still do that? I understand it had problems with asymetric hearing loss earlier.


Still did it on 18.0. It just averaged the two ears into a single profile.


Very cool, glad it sticks.


This showcases why free software is important. Geo-locking is a such hostile practice which makes zero sense here.

If the software/firmware was free and open, you’d be able to patch out/disable the geo-lock. But it probably wouldn’t be there in the first place…


Yes it does make sense in the general case.

In the approved countries a regulatory body has had to approve this as a medical aid. If medical aids etc did not have to be approved then things that actually hurt and kill people could be sold as medical aids.

The issue here is that this case appears to be a non damaging aid and so it looks silly to ban it. But regulations have to work otherwise they are of no use.

The issue here is either regulators in other countries are slow or in the worst case Apple has not applied for approval.


Then you still have the issue of whole-system incentives. With free software, there is no incentive to prevent OpenHearingAids from working in France, since it's provided at the user's own risk, and installed by the user themselves, who don't have to ask permission to do so. But when a company controls the process, that company is responsible for everything.

It's somewhat similar in spirit to the end-to-end encryption issue: government agencies can demand platforms hand over copies of users' messages if they have them, but they can't force platforms to have them, resulting in platforms going out of their way to not have copies of users' messages. If a platform went out of its way to not have control over the software its users run (this describes most non-Apple general computing platforms) then it can't be forced to regulate that software. If it does, it can.


Thank God for regulators! How dangerous would life be otherwise. How could we live without them?


Look at 19th Century deaths in places like coal mines, deaths due to poisonous medicines, asbestos, lack of sewage.

Public health has had more effect than anyother medical change.


Constructing sewage, the evolving history of work, and regulating hearing aids have very little in common, and apart from the last very little to do with regulators.


Yes they do look at some history.


Does anyone know what the Hearing Protection mode does? It's not available in Norway (or anywhere outside of NAmerica).

I've used the AirPods Pro 2 as hearing protection for some stuff before, it works fine. Is it just due to the words ("Hearing Protection") which they are only allowed to use only in America or is it actually better than regular Pro 2 noise-cancelling?


I'm pretty sure all that's new is the hearing test app and marketing. AirPods already had these features.

From listening to it work HP sounds to me like multiband compression, in other words divide up the audible spectrum into multiple bands and apply compression on each one individually. Again it was already doing this though.


Is this actually different from the custom transparency mode in accessibility / headphone accommodations that existed before they even announced the hearing aid feature? It can use an audiogram stored in the health app. sounds pretty terrible with custom transparency mode though, a bit like a comb filter.


Exactly. I don’t think it’s different. I have been its user since March.


This is fantastic! We're building a walk-in-closet-sized Faraday cage at i3Detroit, though of course we're in the US so we won't need it for this specific hack, there's a zillion reasons it's fun to have one!

Off the top of my head:

The biggie is that we're right down the street from WOMC's transmitter, which is 135,000 watts EIRP. It gets into EVERYTHING and makes other RF measurements more difficult, so if you're trying to align an amplifier or something, it's nice to start from a quiet place and get the basics solid, and only THEN add sources of potential intermod and stuff.

Debugging wifi, bluetooth, and other wireless stuff without a zillion other nodes in view. Yes you can filter the output of a sniffer, but it's more fun to filter the input. ;)

Lighting up a 1G or 2G cellular network without worrying about spectrum licensing.

Practicing offensive wifi techniques or other stuff that might interfere with the hackerspace's existing network.

Playing with GPS spoofers in an FCC-free zone. Or anything else you might find amusing but want to do responsibly.

Locking an iPhone in there to see if it reboots itself... (rofl)


Yes!!

Shocked we made it this far in life without one! Itching to put devices inside and light the air inside up without worrying about licensing!

We actually ended up seeing a life size Faraday cage at Indian Institute of Science—felt good to see that the construction was similar to our approach


Oh sweet! I've used little tabletop ones at work, and ended up building myself one using the housing of some scrapped microwave equipment (it got hit by lightning so the circuits were junk, but the RF-gasketed housing was in great shape.) It worked but I never built many passthroughs for it.

The trouble with the tabletop ones is that it's such a pain to set up all the I/O passthroughs and stuff, often it's just not justifiable to go through the hassle, and it just doesn't get used.

Being able to walk in and just use your own hands to manipulate the DUT is huge. If you're not dealing with high power, it's plenty safe, and it just saves a ton of time.


Certificate pinning should be pretty easy to solve in this particular case: just get a proxy/VPN! The Faraday cage shenanigans are pretty cool though.


You might need to explain how a VPN solves the certificate pinning issue; the author is already modifying the phone's HTTP/S traffic via a proxied network connection, and a VPN doesn't (to my knowledge) allow you to forge valid HTTPS responses using the pinned server certificate.


Sorry, should have clarified: instead of faking the response, you can connect to Apple’s servers through a US proxy. They will see you have a US IP address and return the corresponding location code, all over properly signed HTTPS.

There are a few caveats (e.g. using a residential or mobile proxy would look less suspicious, in case Apple looks out for datacenter IP ranges), but I think it should work.


He tried that. The phone knows its location using GPS and wifi. Apple doesn't care about your IP


You don't need to modify the HTTPS traffic. You get a VPS that is in the US, and set the device up so that when it requests the domain (gspe1-ssl.ls.apple.com) that the IP address returned is not an Apple IP address, but the VPS IP.

The VPS simply forwards traffic on port 443 to gspe1-ssl.ls.apple.com.


Have you seen success with this method?


That's exactly what we did in the end—used a commercial VPN and provided internet to the device over the USB cable. Could have probably used a Tailscale on a VPS somewhere too.


What he meant to say is, all your efforts were of no use, just use VPN in the ipad and the location will change.

But I suppose, in this case Apple is deliberately using the wifi signals, not relying on IP so "just use VPN" doesn't work.


Eh, how does using a VPN make it easier to MITM attack yourself and modify the response of that GET request?


Sorry, should have made it more clear! Basically there’s no need to MITM at all here: https://news.ycombinator.com/item?id=42122270


Can this be used to get EU specific features too? (AltStore and such)


Probably would work, however I suspect the changes would not be as sticky.

Apple has some slightly more complex checks that they have used in the past to georestrict stuff like ECG, by using MCC/MNC codes from your mobile network. I suspect that the alt stores would be region locked and stop working outside the EU—but that remains to be tested, and seems like a fun thing to experiment with.


Don't see any reason why it wouldn't work. I suspect you don't even need a microwave in most places.


Some Chinese users have discovered a more effective way to bypass geo-locking, even on iPhones (some Apple Health features require approval and can only be enabled on iPhone, not iPad).

TLDR, iPhones prioritize external GPS devices over internal ones. All you need is a "fake" lightning or USB-C external GPS device that tells your device where you want it to think it is.

Source: https://www.v2ex.com/t/1075937


Yeah, Apple sometimes checks MCC/MNC on the cellular network as well, for some reason they chose not to lock it down that way here.

However, if they did lock it to require an iPhone, the way we would activate would be by using our Faraday cage to spoof GPS inside it, and maybe a spoofed base station.


>modern devices position you within cities by using a combination of WiFi SSIDs + MAC addresses of routers and devices around you as well as GPS to triangulate your location. This was also the reason that our WiFi only iPad was able to display an accurate location in apps even though it had neither GPS nor cellular.

can't wait for this to find its way into Tomahawk missiles as a fallback for the jammed GPS environment


Google street view cars have been collecting this data since the beginning. Google have, or at least had, an api where you can feed in mac addresses (SSIDs are an irrelevance) and get a location.


They can already perform accurate strikes without GPS with terrain following and INS so not sure this would actually help it that much.


My point wasn't about it being necessary. The point is what it may happen as part of complex engineering involving multiple components and large organizations. And/or by integrating consumer tech - the cheap consumer drones are actively used in the modern war and they may have such fallback mode which would be fine for civilian drone, until of course the drone gets a real warhead attached :)


For something slow moving like a quadcopter drone munition it might be viable but it seems like you'd not get good signal until it was too late to maneuver if it were in something fast moving like a guided bomb or cruise missile flying down.

Also the probability that power is still functioning long into a conflict is pretty low so it may only really be useful for early strikes.


Reminds me on how I setup laptops these days for geodisplaced vpn enjoyment.

Have the laptop on the vpn even during OS install. Never run the vpn client on the laptop. Never connect to any other network. Use the target's localisation (language, kb, timezone) during install. Have a dedicated browser with detailed location features turned off for your target sites.


Is the hearing aid feature unavailable if you use the AirPods with an Android?


You need to set it up using Apple device, then it works with Android.


I'm not a genius but it seems pretty trivial to take the input from a microphone and pipe it to the output of a speaker, the hardest part probably is the device drivers for the airpods (or any bluetooth ear buds for that matter). It looks like others have already done this in hardware [0] for $84.99 on amazon.com. There is also "Sound Amplifier" app for Apple iPhone [1] that amplifies the surrounding voice near the phone.

[0] https://www.amazon.com/Hearing-Seniors-Rechargeable-Bluetoot...

[1] https://apps.apple.com/us/app/sound-amplifier/id1615079093


It sounds like they also do multiband compression (hearing protection) and multiband transparency/cancelling mixing (adaptive mode) on top of applying EQ (audiogram support) and things like accelerometer and wideband tracking for spatial audio.

There's quite a bit of processing going on on-device.


It’s really not that simple. AirPods settings where you can tune audio for vocal range, balanced tone, brightness or your audiogram - which does much more fine tuning to the sounds you hear than just amplification.


Looking forward to further write ups on faraday cages, design and uses. That was great what you did with the air pods.


How can the GET request be modified if it uses HTTPS? You can spoof certificates on iOS devices with dev tools?


Don’t know if running the microwave does much, since there are plenty of 5Ghz access points around too.


5GHz has quite low penetrating power, so for the most part our issue was 2.4GHz.


Does anyone know which decompilation tool produces these graphs, as shown in the blog post?


Found it out myself, https://binary.ninja/


Yep, sorry!

It is Binary Ninja


This is just low point for Apple and any company who does something like this


I bought AirPods Pro this year and it has been disappointing compared to the first gen non pro I had previously.

Somehow they fall out of my if i adjust my head down.

Battery life is good though


I’ve found that aftermarket memory foam eartips work much better than the stock ones for keeping them in my ears.


SednaEarFit Crystal work best for me - they're sticky and sound better than the foam ones.


Yep. I'm kind of shocked Apple doesn't offer these as they must be a huge moneymaker.


awesome hacking...


> Hearing aids typically cost anywhere from ₹ 50,000 to upwards of ₹ 8L depending on the correction capability

For those who don't recognize the ₹ symbol it is the symbol for the Indian Rupee and an "L" after a number means 100,000, so ₹ 8L is ₹ 800,000.

At current exchange rates that puts hearing aids in India from $600 to upwards of $9,500.

AirPods Pro 2 are ₹ 24,900 ($295).


I’m not across the scope of hearing aid technology, but what does the product at that upper tier actually look like, and how much does it cost in another country?

I’m envisioning some highly specialised and tuned implant at that price.


You generally get a custom mold for your ear canals and a specially tuned DSP for your frequency curves + BT connection to your phone for calls, at least. Your device can be retuned over and over as long as it functions, too.

What drives the prices up is a multitude of factors: High end DSPs, micro speakers which can do good sound reproduction at required frequencies, relatively low sales volume, R&D expenses and of course an insatiable appetite for profits.

These things always cost and arm and a leg in here, too.


Not to mention that this is paid by insurance in many countries which means there is little incentive for individuals to shop around.


It might be, but in my country, you buy them for the most occasions. I'm not aware if any insurance policy pays for them, even.


Thanks for posting this. I recognized the currency symbol but was confused by the "L".


The Indian numbering system marks odd power of ten, i.e. 10 ^ {1, 3, 5, 7}. Unit, thousand, lakh, crore [1].

Ours, on the other hand, does it mod 3, e.g. 10 ^ {1, 3, 6, 9}. Thousands, millions, billions, et cetera.

[1] https://en.m.wikipedia.org/wiki/Indian_numbering_system


> Ours, on the other hand, does it mod 3, e.g. 10 ^ {1, 3, 6, 9}. Thousands, millions, billions, et cetera.

To make matters more confusing, for American English it goes millions, billions, trillions. For British English it used to go millions, milliards, billions, billiards, trillions, trilliards. (That 'long scale' is still the way German used to work ten years ago. No clue if it changed in the meantime.)


I still mourn the long scale. A billion is obviously a million millions.


Thanks! In germany we use the long scale, and this is the first time it clicks.

"Eine Billion" is Million² bi -> 2 "Eine Billiarde" is 1000 * Million² "Eine Trillion" is million³ tri -> 3 "Eine Trilliarde" is 1000 * Million³ And so on

Yes I knew what a million, milliard, billion, billiarde and so on are, but it never made click that the long scale makes so much sense.


I feel like at that point, I would rather just use scientific notation (10^x).

I also like the easy suffix for thousand (k), million (M), billion (B), trillion (T), quadrillion (Q) for written conversation. $10B revenue, 5k liters, 300M people, etc.


Your 'suffixes' are a hodge-podge. Might as well stick with SI prefixes (like you are doing with the 'k' already?)


It isn’t consistent, but a lot more people can fluently read “B” for billion rather than “G” giga and understand 10^9. The SI prefix “k” is sufficiently used that it is understood.


It is less intuitive for me as an outsider that a trillion would be a million million millions instead of a billion billions


Maybe, but either way is relatively quickly to learn by rote for the few orders of magnitude that come up in 'daily life'.

For anything bigger, you'd use 'scientific' notation anyway.


You can make an argument for that, but neither system does that so it's not very relevant to the choice.

I think an exponential system would do better to have a different naming scheme.


Yes, and something like scientific notation is used fairly often even in lay contexts.

Eg it's common to read sentences like the following in popular science texts: 'ACME produces one quintillion widgets per year, that's a one followed eighteen zeroes.' The second half is basically scientific notation, but written out.


Haven't we given up on our scale in the UK to match the US system?

i.e. the milliard was replaced with the US billion.


Anecdotally, a milliard in French is a billion in English.


[flagged]


> It couldn't have been easy or cheap for them to add all these antifeatures.

It was definitely cheap to add this region lock: it's a single `if` statement calling existing system libraries. The regulatory side of this is the expensive part, and it varies by country, and many places make it illegal for hearing aids to be sold over the counter no matter how much Apple wants to release it there. Even the US would have prohibited this feature until regulatory changes that happened in 2022.


This is a regulatory issue, so you can stop the baseless hating.


Is it a regulatory issue? Could it be the hearing aid feature has an AI/voice recognition component trained on certain languages when it runs the "enhancement"? (no idea, just wondering, since the apple page had zero details)


The FDA has to certify the devices for use as hearing aids in the U.S

Other countries have similar regulatory bodies the certify the use of a medical device.

Hearing aids (and things sold as it) are medical devices.


Who cares? Call the feature something else, enable it everywhere and move on.


> That would definitely invite lawsuits. Do you think competitors who sell hearing aids for $2500 today would allow Apple to sell their $200 device without medical device certification?


So what?

You file the paperwork, pay for it and you get the certification.

They decided that they won't do that in India.

This is all.

They even did that in Germany and the whole world know how much of a hassle it had to be...but Germany has a more significant market share and potential than India so....we all know it's just about the money.


It is all just about the money. Or India's government could have given a special waive. But Apple is a private company, private companies usually do things for money.


Oh yeah, please give the poor fruit company an SPECIAL waive so they don't have to be treated like all the peasant companies.


Fair enough - that certainly explains the situation in the US, where they were allowed. It just seemed surprising to me that every country in the world has medical device certification for anything that calls itself a hearing aid, forcing apple to restrict it to just 2 or 3 countries. You'd think in some it would be linked to what's covered by state medical care, or sold with a particular emblem or... Actually, couldn't find the rules for india at all, but probably 'cause I was searching in english.

But maybe it was just easier for them to block everyone by default pending lawyer review of each country, one at a time.

... I wonder also why they couldn't sell it as a non medical "hearing enhancement" with a disclaimer that it had no medical certification in your country, but perhaps that would also invite lawsuits.


In the US, and nearly everywhere else this type of hearing assist tech is sold, the Hearing Aid cartel is responsible for lobbying and influencing and bribing officials to maintain a stranglehold on their cash cow. Retired, elderly people with extra cash get screwed over with markup rates of 40,000% or more (yes, that's the right number of zeros.) Hearing aid technology, along with DSPs and specialized high quality, miniaturized sound technology, has received full benefits of economies of scale. These devices cost $5 or less per unit mass produced, but because of the "medical device" classification and the overreach of the FDA, people who need these devices cannot afford them.

Insurance won't cover it. Until you're completely disabled or retired, you're stuck paying for hearing aids out of pocket. $2500 or more, apiece.

The patent situation around hearing aid features in airpods and other headsets is the responsibility of the hearing cartel - the 5 largest hearing aid companies that collude to maintain this status quo, prevent meaningful competition, innovation, or alleviation of the plight of the hearing disabled.

These people are preying on some of the most vulnerable people worldwide and the US government is complicit in it. There is no valid, rational basis in fact for the medical device classification or the rationalizations used to justify it. People "might" damage their hearing? Liability disclaimers work for literally every other possible product. Maybe, just maybe, people are capable of adjusting an equalizer on their own, and those who can't or don't want to, can go to an audiologist. Dialing in hearing aids isn't particularly difficult, and the dangers are obvious and easy to avoid.

This is a world where people go to concerts and make other decisions injurious to their hearing health, and most of the time, the bands aren't required to disclaim liability or even notify of the potential danger, but if you want to correct your hearing, you're shit outta luck unless you pay through the nose.


> There is no valid, rational basis in fact for the medical device classification or the rationalizations used to justify it.

I wouldn't be that certain. The situation with stuff like fakes and knock-offs is already bad enough as it is - at least for anything classified as "medical devices", be it condoms or hearing aids, the threat of the law is keeping bad actors reasonably at bay. You go and buy a hearing aid, you can at least rely on the thing and its delivery chain having been through multiple very experienced hands checking everything on it.

Additionally, it's about stability. People's lives can matter with hearing aids - of course, users are responsible for keeping their batteries charged, but at least a hearing aid should be reasonably well enough made to not randomly lock up and leave someone without adequate hearing in a situation where they're operating some machinery.

I agree that the price margins on medical products are ridiculous and even the additional certification and paperwork doesn't warrant even a tenth of the price tag. But dismantling the regulatory framework around medical stuff comes with serious side issues.


Fake hearing aids, or dangerous ones, would get rooted out quick. The function is the test of quality. There are laws that hold companies liable for material and actual harms caused by their products. There's no need for the FDA to be standing in the middle of this industry - there is no value add. Zero. Zip. Zilch. Nada. I have looked. I have tried to steelman its presence in the regulation of hearing devices for more than a decade. Nothing holds up to scrutiny. The closest you get to a plausibly legitimate reason for regulation is when it comes to children, but even then, it's flimsy as hell.

There are zero legitimate reasons among the swathes of paperwork put forth by this cartel. They are irredeemably corrupt and morally bankrupt exploiters of the elderly and disabled, and the method by which they accomplished that was regulatory capture via the FDA medical device classification. Given that as a platform, they perform a series of manipulative maneuvers and establish a bureaucratic framework, self sustaining, given the color and flavor of legitimacy with the government's stamp of authenticity.

They've been presenting Audiology programs as a legitimate medical field, when these are effectively sound system equalizer knob twiddlers in doctor costumes. Yes, there are legitimate medical professionals who go into ENT and such, but a large majority of audiologists are essentially salespeople for one of the 5 HA cartel members, whether they realize it or not.

They're getting away with a gross and vicious exploitation of some of the most vulnerable people among us; so no, there is no valid, rational basis for the medical device categorization and regulation by the FDA of hearing aids. The disability can absolutely destroy someone's quality of life, and this is an insidious and evil market. But hey, it's Starkey and Oticon, they do good things and charity for kids, right?


> Fake hearing aids, or dangerous ones, would get rooted out quick.

Ah and here I think we disagree the most - because in everything else you say, I think we are in agreement.

IMHO, the only thing keeping Alibaba and their dropshipper "friends" on Amazon and eBay scamming off elderly people with worthless junk is the legal protection. The scam problem is massive enough that it's gotten really annoying to shop on Amazon, and I say that as a "digital native" - remove the paperwork and you'll get the digital equivalent of ambulance chaser lawyers in less than a month. Scam "hearing aids" would not get rooted out - they'd infest the world.


I don’t disagree, but it’s not like the cartel products are necessarily any good. My wife and father both wear HAs and both have had all sorts of issues, predominantly set-up tunings, absolute shit UX in the apps, and so-so hardware quality. It would be one thing if the devices were a joy to use, but they aren’t even close.


Is the certification required for things labeled as hearing aids, or for things that perform hearing-aid-like functions?

Could you sell a "heering eyd" or an "in-ear sound amplifier that lets ornithology enthusiasts hear faraway birds better", which incidentally functions as a (non-insurance-covered) hearing aid, at least for those who can Reddit?


In the US, it's a bit of a mix.

There are ~3 categories of hearing devices in the US... 1. Prescription hearing aids - go to audiologist, pay $$$$$$ for devices 2. OTC hearing aids - AirPod Pro etc - less money 3. PSAP - Personal Sound Amplification Product

In theory, from top to bottom, you loose features and complexity. But, I haven't been able to find a good summary of technical requirements for each tier of device, just vague language.

Very generally, PSAP is a "dumb" amplifier - all frequencies get amplified - often used by hunters and bird watchers to hear animals.

What I can't figure out is the difference in requirements between OTC and prescpription - is there some feature that Apple CANNOT deliver OTC that a prescription device may?


The only real constraint now is volume - there's still a hard db limit of 111 db because of the technicalities of medical device categorization. Software and hardware patents are entwined with the medical device nonsense and the hearing cartel is incredibly litigious. They make FAANG look like playground bullies if they feel their territory is being infringed on, and have an absurd breadth and depth of patents covering every possible iteration and permutation of audio technology they can possibly get away with.


That would definitely invite lawsuits. Do you think competitors who sell hearing aids for $2500 today would allow Apple to sell their $200 device without medical device certification?


Medical Device certification is regulatory capture. There's no good reason for it except to exploit a source of cash. Hearing Aid companies are among the most evil on the planet.


No good reasons for medical device certification?

That's absurd, be glad that machines like that are tested to work as described. The certification process is often flawed and should be improved, but letting random people build medical devices for sale in their garages and sell them without certification is way more flawed than the current solution.


Hearing aids should not be qualified as medical devices. There are devices that should be. You are capable of following sensible instruction and operating an audio equalizer. Audiologists are capable of existing in a world where interaction with them is voluntary and it's not going to lead to terrible mishaps. Hearing Aids can be dangerous, especially at the severe to profound levels of amplification, but that can be trivially handled in software and manuals.


> There are devices that should be.

Ah, I thought you were arguing for the opposite.


> It just seemed surprising to me that every country in the world has medical device certification for anything that calls itself a hearing aid,

"Trusting the FDA" instead of having your own evaluation seems a lot less foolish now that Americans have decided to put a guy in charge of the FDA who wants to get rid of vaccines.


It would be illegal for them to sell AirPods in many countries without these lockouts. The sale of medical devices is heavily regulated in most places.

Headphones: legal. Hearing aids: not.

Blame the government, not the company that's following the rules laid down.


Completely ignorant question, but what does it come down to? What if I released this feature but didn't call it "hearing aid", nor positioned it as medical device?

Is a phone with optical zoom, a "vision-enhancing device" and regulated like eye wear?


Presumably depends on the country and the laws. Keep in mind that Apple considers this a new interesting use case - not a killer feature for AirPods. They wouldn’t risk AirPod sales with a gray interpretation of the law.


Regulated devices have very specific definitions like is represented as O, or does x or z and a and b, or x and b. Things like that. The definition typically hinges on very specific parameters and ALSO what it is called. That way no one can sell an inert plug as a “hearing aid”, and no one can sell a hearing aids as “conversation enhancing devices “ to evade certification requirements if they meet the bar feature-wise to be a hearing aid.


A malfunctioning hearing aid/earbud can potentially cause permanent hearing damage. Unless it explodes, a misbehaving phone can't damage your vision.


Non sequitur. You could say that about any high quality set of headphones since they're capable of much higher power output than hearing aids.


I'm not saying it makes sense, but that's the idea.


No, medical devices are regulated because society demands a certain degree of certainty from those who claim to treat medical issues. Most societies don't want it to be legal to sell snake oil to vulnerable people suffering from a health issue.

There are many dangerous unregulated things that can destroy your hearing or vision. But they don't claim to protect them.


It's still a non-sequitur because regular earphones are not subject to such regulations.


Does it look like a duck? Does it quack like duck?

In-ear devices with speaker and mic that look like hearing aids that perform hearing aid function for those with hearing loss? Hearing aids.

Phones, that look nothing like glasses or contacts, and don't serve the same purpose? Obviously not.

Don't be silly. Judges aren't.


I really wasn't trying to be silly. I feel like other medical things in the US are regulated differently based purely on how they're marketed. How about an Apple Vision Pro with optical zoom on the exterior cameras?


> I feel like other medical things in the US are regulated differently based purely on how they're marketed.

They aren't. Different classes of medical or medical-adjacent products in the US have to be careful how they market so they aren't making claims that they are not allowed to make, but the absence of those claims alone doesn't make a regulated device unregulated.


In-ear devices with speaker and mic that look like hearing aids that perform hearing aid function for those with hearing loss? Hearing aids.

By that definition every TWS with transparency mode and parametric EQ is a hearing aid.


we could all use some civil disobedience for the good of our kind;

“The only obligation which I have a right to assume is to do at any time what I think right.”


Blame governments for regulating medical devices? You're going to need a better argument than that. This is entirely on Apple not applying for regulatory approval.


Is that even the case? Did they not apply anywhere else? Do they even qualify anywhere else? This wouldn't even have been possible under US law until recently.

If Apple tried to do this in the past in the US, they would have made it illegal to buy AirPods without a prescription, which is obviously a regulatory nonstarter.


Why should anyone blame the government when it's obvious that Apple cared about those regulations and filed the paperwork in some countries but not in others?

OP is still right here. The argument stands.


So your theory is what, malice?

Apple makes AirPods the cheapest hearing aids by a long shot, except for some customers that they hate?

The problem is simple: hearing aids are regulated products, and countries tend to insist on individually certifying them. Getting the right to market AirPods as hearing aids in the US wasn't cheap, I'm sure.

There needs to be international harmonization of these regulations. It isn't just hurting Apple and Apple's customers, it hurts everyone.

Perhaps Apple has decided that it's too expensive to pass those regulations in certain markets, but my bet is that it just takes longer in the EU and India. I guess we'll see.


Then don't bloody call it a hearing aid then in those countries - call it "adjusted transparent mode with equalizer". Stuff that coincidentally works as a hearing aid is not regulated as far as I can tell anyway simply because I never heard of a government that would confiscate an amplifier with an equalizer function build in as soon as somebody plugged headphones and a microphone into it.


OP didn't say it's about hate, and why would you assume OP meant hate? There are many other obvious reasons. Like the market share for example.

To hate requisites that you care enough...and that you are not a corporation...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: