Decoding the Airthings Wave Radon output
OK, so i ran the Airthings Wave for a few weeks, I ended up with an average of ~20-30Bq/m^3, which is below the Health Canada worry line of 200Bq/m^3. Now, its time to look at how to make this integrate with my Home Assistant. The device uses Bluetooth Low Energy (BLE), and is integrated via an app on the phone. I have ordered a BLE sniffer, but while I wait for that, I have decided to try the ‘hci snoop debug’ mode on Android. This outputs the HCI frames (in a way that wireshark can read?). On Android Nougat and later it does not output this as a separate file (/sdcard/bt_snoop.log), but instead puts it in the general ‘generate a bug report’ log. The method is in the code here. Inside the larger log file you get a chunk that looks like this:
--- BEGIN:BTSNOOP_LOG_SUMMARY (85476 bytes in) --- Anjfyi/RYQUAeJzlfQeQVUUT7tycN7M53CXDApIliwqKAU /mvDqGYmhFDNZOYiOpc6D/DNKRHxfwA96/Oi --- END:BTSNOOP_LOG_SUMMARY ---
You would be forgiven for thinking (like me) that this is uuencode. Its not. Going back to the code that generates it, it does:
printf(header) push preamble to buffer deflate buffer base64 buffer printf footer
OK, so it uses zlib. I should be able to rip the headers off, run it through base64 -d, and then run zlib-flate -uncompress, right? Sadly, that gives some error on the decompression.
And you would think this would be an obvious google search “android unpack bug report logs”. But I must be missing something. It must be this or this (btsnooz, see here). But that gives me the same error. Hmm.
Ah, i see, its this one here, btsnooz.py. Got it. And here is the file (and you can open this in wireshark) btsnoop. OK, who wants to help decode it? I unpaired, started capturing, paired, let it run for >1 hr to get a radon measurement, and dumped this file. You can see the two devices (Pixel 2 XL <-> TexasIns) talking.
OK, put on your peril-sensitive sunglasses, crack open that wireshark, and open the log file. Race you.