1. Welcome to Tacoma World!

    You are currently viewing as a guest! To get full-access, you need to register for a FREE account.

    As a registered member, you’ll be able to:
    • Participate in all Tacoma discussion topics
    • Communicate privately with other Tacoma owners from around the world
    • Post your own photos in our Members Gallery
    • Access all special features of the site
    Quick Links: TacomaWorld Secret Santa 2018 Wish List Vinyl Decal Templates Does anyone have a Pentalobe screwdriver size TS1? Work Pants Someone Was Snooping Around My House!!! New Homeowner Situation NEED ADVICE

BM2 Battery Monitor Reporting Location Data to Hong Kong

Discussion in 'Off-Topic Discussion' started by Athena32, Oct 8, 2023.

  1. Oct 8, 2023 at 11:07 AM
    #1
    Athena32

    #1
    Athena32 [OP] Systems Engineer

    Joined:
    Jan 23, 2022
    Member:
    #388215
    Messages:
    141
    First Name:
    Nate
    Colorado
    Vehicle:
    2021 Tacoma Super White DCSB OR 6MT
    TL;DR: Someone reverse-engineered the BM2 battery monitor and found that the application was reporting 10-meter-precise location data to Mainland China and Hong Kong. As a result, the developer has since stopped collecting data in Mainland China, but GPS location data is still sent to an Alibaba hosted server in Hong Kong.

    I know a few of us on here are using a
    $29 Battery Monitor BM2 BM3 Bluetooth 4.0 Wireless Battery Tester 12V Automotive Battery Load Tester,Automotive Charging and Cranking System Monitor Digital Battery Analyzer for Android & iOS
    Bluetooth Low-energy (BLE) Battery Monitor that is sold under a variety of names. I was looking for a way to capture and display the traffic from the device as I wanted to make my own monitoring application for near-real-time streaming data. As I was researching the protocols, applications, etc. associated with this device, I stumbled across an article from Hackaday which reports that this device is sending location data, cell phone tower IDs, WiFi beacon data, and more, to servers in Mainland China and Hong Kong.

    Hacker haxrob reverse-engineered the application and protocols the device is using and reported all of this information via his blog. As a result of his work, the developer of the BM2 device has since removed the AMap Software Development Kit (SDK) that was sending precise location, wifi and cell phone tower data to Mainland China, but GPS location data is still sent to an Alibaba hosted server in Hong Kong. Apparently the iPhone application will also "resolve and send the user's street address."

    While this isn't a terrible concern of mine as most of us are already sending all of our personal data to a variety of data farms, I figured I would post this here for general situational awareness and for the more privacy-focused individuals amongst us.
     
    Athena32, Oct 8, 2023
    #1
    White lightning boosted, Farcedude, Nessal and 2 others like this.
  2. Oct 11, 2023 at 9:50 AM
    #2
    rtzx9r

    #2
    rtzx9r Well-Known Member

    Joined:
    Jan 5, 2016
    Member:
    #174071
    Messages:
    1,826
    Gender:
    Male
    First Name:
    Bueller
    Vehicle:
    2016 TRD Sport
    LS1 swap with nitros.
    Amazing what companies will do for a buck. Then again, who knows where the data from our phones goes… with geofencing and the like your every move is j own unless you leave the phone and car at home.
     
    rtzx9r, Oct 11, 2023
    #2

Products Discussed in

Battery Monitor BM2 BM3 Bluetooth 4.0 Wireless Battery Tester 12V Automotive Battery Load Tester,Automotive Charging and Cranking System Monitor Digital Battery Analyzer for Android & iOS
$28.99
To Top