Well that’s a brand new sentence.

huh, not sure if life imitates snark and bull https://medium.com/luminasticity/great-products-of-illuminat...

"The ZZZ mask is an intelligent sleep mask — it allows you to sleep less while sleeping deeper. That’s the premise — but really it is a paradigm breaking computer that allows full automation and control over the sleep process, including access to dreamtime."

or if this is another scifi variation of the same theme, with some dev like embellishments.

cyberpunk

>Since every device shares the same credentials and the same broker, if you can read someone's brainwaves you can also send them electric impulses.

Amazing.

This is exactly why we need audit trails for connected devices. Users have no visibility into what data is being sent where. The fact that brainwave data is broadcast to an open broker without user knowledge is a governance failure, not just a security bug.

Name the company, hiding it is irresponsible

I would love to see the prompt history. Always curious how much human intervention/guidance is necessary for this type of work because when I read the article I come away thinking I prompt Claude and it comes out with all these results. For example, "So Claude went after the app instead. Grabbed the Android APK, decompiled it with jadx." All by itself or the author had to suggest and fiddle with bits?

Kickstarter is full of projects like this where every possible shortcut is taken to get to market. I’ve had some good success with a few Kickstarter projects but I’ve been very selective about which projects I support. More often than not I can identify when a team is in over their heads or think they’re just going to figure out the details later, after the money arrives.

For a period of time it was popular for the industrial designers I knew to try to launch their own Kickstarters. Their belief was that engineering was a commodity that they could hire out to the lowest bidder after they got the money. The product design and marketing (their specialty) was the real value. All of their projects either failed or cost them more money than they brought in because engineering was harder than they thought.

I think we’re in for another round of this now that LLMs give the impression that the software and firmware parts are basically free. All of those project ideas people had previously that were shelved because software is hard are getting another look from people who think they’re just going to prompt Claude until the product looks like it works.

How about complaining that brain waves get sent to a server? I'm a neuroscientist, so I'm not going to say that the EEG data is mind reading or anything, but as a precedent, non privacy of brain data is very bad.

Won't they sue for the reverse engineering?

Remember that the S in IoT stands for Security.

I have deployed open MQTT to the world for quick prototypes on non personal (and healthcare) data. Once my cloud provider told me to stop because they didn’t like it, that could be used for relay DDOS attacks.

I would not trust the sleep mask company even if they somehow manage to have some authentication and authorisation on their MQTT.

Without a brand name, how can we verify this is real?

As an aside, it seems cool that the bar to reverse engineering has lowered from all the LLMs. Maybe we'll get to take full control of many of these "smart" devices that require proprietary/spyware apps and use them in a fully private way. There's no excuse that any such apps solely to interact with devices locally need to connect to the internet, like dishwasher.

https://www.jeffgeerling.com/blog/2025/i-wont-connect-my-dis...

This guy bought an internet connected sleep mask so it's not surprising that it was collecting all kinds of data, or that it was doing it insecurely (everyone should expect IoT anything to be a security nightmare) so to me the surprising thing about this is that the company actually bothered to worry about saving bandwidth/power and went through the trouble of using MQTT. Probably not the best choice, and they didn't bother to do it securely, but I'm genuinely impressed that they even tried to be efficient while sucking up people's personal data.

Interesting project. Here's a thought which I've always had in the back of my mind, ever since I saw something similar in an episode of Buck Rogers (70s-80s)! Many people struggle with falling asleep due to persistent beta waves; natural theta predominance is needed but often delayed. Imagine an "INEXPENSIVE" smart sleep mask that facilitates sleep onset by inducing brain wave transitions from beta (wakeful, high-frequency) to alpha (8-13 Hz, relaxed) and then theta (4-8 Hz, stage 1 light sleep) via non-invasive stimulation. A solution could be a comfortable eye mask with integrated headphones (unintrusive) and EEG sensors. It could use binaural beats or similar audio stimulation to "inject" alpha/theta frequencies externally, guiding the brain to a tipping point for abrupt sleep onset. Sensors would detect current waves; app-controlled audio ramps from alpha-inducing beats to theta, ensuring natural predominance. If it could be designed, it could accelerate sleep transition, improve quality, non-pharmacological.