Lightnews — Scholar-powered news

Xeno Kovah

Xeno Kovah

@xenokovah.bsky.social

290 followers 27 following 240 posts

Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://ost2.fyi

Posts Media Videos Starter Packs

Xeno Kovah @xenokovah.bsky.social · 10h

Xeno Kovah @xenokovah.bsky.social · 10h

Anyway, if you want to get started in Bluetooth with something more tool-using than spec-reading, I recommend taking this class! As the graph shows, it could take between 4-15h but it’ll probably be around 8h ost2.fyi/BT2222

Xeno Kovah @xenokovah.bsky.social · 10h

probably because it explicitly excludes the 500+ hours I’ve spent working on the Blue2thprinting project itself. I.e. if I ran into something that needed fixing during class development, I marked it up on my calendar as Blue2thprinting time rather than BT2222 time.

Xeno Kovah @xenokovah.bsky.social · 10h

Also according to my calendar it took me about 98.5h to create the class and run the beta. 98.5/8.5 is about a 11.5x overhead (11.5h to create 1 education-hour). This is probably the lowest overhead I’ve ever had for class creation…

Xeno Kovah @xenokovah.bsky.social · 10h

🧵For those who are curious about the completion time distribution during the beta of my #OST2 BT2222 class, here it is. The average completion time was 8h25m, the median was 8h10m, the min was 3h50m, and the max was 15h22m

Xeno Kovah @xenokovah.bsky.social · 4d

🤔

☝️🧐 “Summarization is the last refuge of the scoundrel!”

😃

Xeno Kovah @xenokovah.bsky.social · 5d

Added 24 summary slides to see how much work I have left to do…current slide count is 266. Thoughts and prayers appreciated 💀 (but realistically this deck will form the basis for a future “RE like me: Realtek edition” class)

Xeno Kovah @xenokovah.bsky.social · 17d

The good news is also the bad news: 2 days of slide-making and I’m over 100 slides…to describe the first 5 days of the work 😬 There’s no way I’m going to be able to include everything in the talk. I’ll post a “Kovah Cut” on the DarkMentor website like in the past, but may have to break into 2 talks

Xeno Kovah @xenokovah.bsky.social · 28d

My new talk on reverse engineering the firmware of Realtek RTL8761B Bluetooth chips has been accepted to @hardwear-io.bsky.social in Amsterdam in November. Abstract in image due to size limits.

Xeno Kovah @xenokovah.bsky.social · 7d

Xeno Kovah @xenokovah.bsky.social · 7d

And a new paid 3-day training with @veronicakovah.bsky.social where we take you from the bottom of the stack to the top, to build the next generation of Bluetooth Low Energy hackers! (hardwear.io/netherlands-...)

Anticipate many more BT hackers in a couple years, and prepare accordingly ;)

Xeno Kovah @xenokovah.bsky.social · 7d

a free workshop (hardwear.io/netherlands-...) (where you get to borrow some of my hardware to get a taste of my free 1-day #OST2 class ost2.fyi/BT2222)…

Xeno Kovah @xenokovah.bsky.social · 7d

🧵Alright! I pulled off the hat trick 🎩 at hardwear.io this November! I've got a talk on 100% new firmware reverse engineering research (hardwear.io/netherlands-... tagline:SUFFERING BUILDS STRENGTH!)…

Xeno Kovah @xenokovah.bsky.social · 7d

That’s it for now! LMK anything missing on the timeline!

Xeno Kovah @xenokovah.bsky.social · 7d

2024-06-06
"Breaktooth: Breaking Security and Privacy in Bluetooth Power-Saving Mode"
By Keiichiro Kimura et al.
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#Brea...

Xeno Kovah @xenokovah.bsky.social · 7d

2024-12-27
"From fault injection to RCE: Analyzing a Bluetooth tracker"
By Nicolas Oberli
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#From...

Xeno Kovah @xenokovah.bsky.social · 7d

🧵And because apparently I can only thread to 10, the thread continues here!

Xeno Kovah @xenokovah.bsky.social · 7d

🔵🦷🔒📈🆙‼️Bluetooth Security Timeline Update 2025-10-11!🧵
11 new talks from 2024-2025 added to the Bluetooth Security Timeline at
darkmentor.com/bt.html

Xeno Kovah @xenokovah.bsky.social · 7d

2025-03-20
"CVE-2024-58101" (Samsung Galaxy Buds 1/2)
By Antonio Vázquez Blanco & Jesús María Gómez Moreno
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#CVE-...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-06-24
"Using KT6368A-SOP8 Bluetooth Host Chip to Receive Tire Pressure Sensor Data on E-Bikes"
By Junluan Tsui
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#Usin...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-06-17
"Watch Out! Bluetooth Analysis of the COROS PACE 3"
By Moritz Abrell
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#Watc...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-07-03
Stealtooth: Breaking Bluetooth Security Abusing Silent Automatic Pairing
By Keiichiro Kimura et al.
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#Stea...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-07-21
"Firmware Analysis of the COROS PACE 3"
By Jan Wütherich
Added to the Bluetooth Security Timeline: darkmentor.com/bt.html#Firm...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-08-21->09-04
"Start hacking Bluetooth Low Energy today! (parts 1-3)"
By Sam Thom
darkmentor.com/bt.html#Star...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-09-17
"The Cybersecurity of a Humanoid Robot"
By Víctor Mayoral Vilches
darkmentor.com/bt.html#The%...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-09-20
"Unitree Robot BLE Service Command Injection Analysis"
By Andreas Makris, Kevin Finisterre
darkmentor.com/bt.html#Unit...

Xeno Kovah @xenokovah.bsky.social · 7d

2025-09-25
"Hacking Furbo - A Hardware Hacking Research Project – Part 5: Exploiting BLE"
By Julian B.
darkmentor.com/bt.html#Hack...

Xeno Kovah @xenokovah.bsky.social · 7d

🔵🦷🔒📈🆙‼️Bluetooth Security Timeline Update 2025-10-11!🧵
11 new talks from 2024-2025 added to the Bluetooth Security Timeline at
darkmentor.com/bt.html