Meta has sold 7M+ Ray-Ban smart glasses. They look
identical to normal glasses. They record video and
audio silently.
After Harvard students demonstrated real-time facial
recognition using them on strangers in public, I built
NoPeek — a free Android app that detects them via
Bluetooth.
The key insight
MAC address randomization made BLE fingerprinting
unreliable. But the Manufacturer Specific Data field
in every BLE ADV frame contains a company ID in
bytes 0-1 that is:
- Assigned by Bluetooth SIG
- Immutable — cannot be rotated or randomized
- Broadcast on every advertisement packet
Key company IDs
| Company ID | Vendor | Device |
|---|---|---|
| 0x0D53 | Luxottica | Meta Ray-Ban |
| 0x03C2 | Snapchat | Spectacles |
| 0x01AB | Meta Platforms | Quest/Ray-Ban |
| 0x0BA7 | Pico | Pico VR |
| 0x00E0 | HTC | Vive |
False positive prevention
Apple's 0x004C is used by ALL Apple devices.
NoPeek requires BOTH company ID AND device name
"Vision Pro" — so your iPhone never triggers alerts.
The app
Built with Kotlin. Foreground service for background
scanning. Path-loss model for distance estimation.
No internet permission. Fully local.
GitHub: github.com/getnopeek/nopeek-android
What's next
Looking for contributors especially:
- New device signatures
- iOS port
- False positive reports
