Skip to content

Latest commit

 

History

History
54 lines (39 loc) · 7.66 KB

README.md

File metadata and controls

54 lines (39 loc) · 7.66 KB

Since the latest FreeStyle Libre glucose sensors are Bluetooth Low Energy devices and the Dexcom ONE/G7 are availaBLE for private purchase at affordaBLE prices at last, I am trying to leverage their capabilities to implement something new compared to the traditional apps:

  • a universal SwiftUI application for iPhone, iPad and Mac Catalyst;
  • an independent Apple Watch app connecting directly via Bluetooth;
  • scanning the Libre directly via NFC and exploring its internals;
  • using both online servers and offline methods for calibrating just like the temperature-based vendor algorithm;
  • showing for comparison the HealthKit and Nightscout data shared with other apps;
  • varying the reading interval instead of the usual 5-minute one;
  • a detailed log to check the traffic from/to the BLE devices and remote servers.

To build the project you have to duplicate the file DiaBLE.xcconfig, rename the copy to DiaBLEOverride.xcconfig (the missing reference displayed by Xcode in red should then point to it) and edit it by deleting the last line #include?... and replacing ##TEAM_ID## with your Apple Team ID so that the first line should read for example DEVELOPMENT_TEAM = Z25SC9UDC8.

The NFC capabilities require a paid ADC annual membership. The simplest way to get invited to the internal TestFlight builds is to sponsor me $-)

If you own an iPad you can download the zipped archive of this repository and tap DiaBLE Playground.swiftpm: DiaBLE was born in fact as a single script for the iPad Swift Playgrounds to test the internal workings of the several trouBLEsome BLE accessories I bought, mainly the Bubble and the MiaoMiao. I upgraded it to the version 4.1 of the Playgrounds which still runs under iOS 15 and macOS Monterey but I cannot afford to support actively such transmitters and the LibreOOPWeb glucose.space server anymore.

Currently I am targeting only the latest betas of Xcode and iOS and focusing on the new Libre 3 and Dexcom G7. The new async / await and actors introduced in Swift 5.5 and iOS 15 probably would require a total rewrite of DiaBLE's foundations, as well as the enhanced Gen2 protocols already adopted by the Libre 2 Sense/US/CA/AU which haven't been reversed yet.

Still too early to decide the final design (but I really like already the evil logo 😈), here there are some recent screenshots I tweeted or posted in the comments:



Companion Comparison



   



   

Libre 3 Details



   

Libre 1 Brownout



   

Welcome Gluroo, Heroku adieu!



Please refer to the TODOs list for the up-to-date status of all the current limitations and known bugs of this prototype.

Warnings:

  • the temperature-based calibration algorithm has been derived from the old LibreLink 2.3: it is known that the Vendor improves its algorithms at every new release, smoothing the historical values and projecting the trend ones into the future to compensate the interstitial delay but these further stages aren't understood yet; I never was convinced by the simple linear regression models that others apply on finger pricks;
  • activating the BLE streaming of data on a Libre 2 will break other apps' pairings and you will have to reinstall them to get their alarms back again; in Test mode it is possiBLE however to sniff the incoming data of multiple apps running side-by-side by just activating the notifications on the same BLE characteristics: the same technique is used to analyze the Libre 3 incoming traffic since the Core Bluetooth connections are reference-counted;
  • connecting directly to a Libre 2/3 from an Apple Watch is currently just a proof of concept that it is technically possiBLE: keeping the connection in the background will require additional work and AFAIK nobody else is capaBLE of doing the job... :-P

DON'T TRUST THE GROWING NUMBER OF "METABOLIC HEALTH" STARTUPS WHICH RESELL LIBRE SENSORS AND REUSE MY NAIVE NFC CODE: IT IS A SCANDAL WHICH WOULD DESERVE A CLASS ACTION THAT THE VENDOR PROMOTES SUCH PSEUDOSCIENTIFIC FRAUDS AND RESELLS TO HYPOCHONDRIACS "BIOSENSORS" THAT ARE JUST A REBRAND OF THE SECURED GEN2 MODEL BECAUSE THEY COULDN'T PROMOTE IT AS A CGM DEVICE IN 2021 GIVEN THE LEGAL BATTLE WITH DEXCOM.

Note: the exploitation which allows to reset and reactivate a Libre 1 is well known to the Vendor and was unveiled already during BlackAlps 2019 and in PoC||GTFO 0x20.


Credits: @bubbledevteam, @captainbeeheart, @creepymonster, @cryptax, CryptoSwift, @dabear, @DecentWoodpecker67, @ivalkou, Jaap Korthals Altes, @keencave, LibreMonitor, Loop, Marek Macner, @monder, Nightguard, Nightscout LibreLink Up Uploader, @travisgoodspeed, WoofWoof, xDrip, xDrip+, xDrip4iO5.

Disclaimer: the decrypting keys I am publishing are not related to user accounts and can be dumped from the sensor memory by using DiaBLE itself. The online servers I am using probably are tracking your personal data but all the traffic sent/received by DiaBLE is clearly shown in its logs. The reversed code I am pasting has been retrieved from other GitHub repos or reproduced simply by using open-source tools like jadx-gui.