M5Stack Cardputer Zero · Volume 11
M5Stack Cardputer Zero Volume 11 — Operational Posture
Regional rules, LiPo small-cell safety, education/classroom posture, fleet-ops chain of custody, legal/ethics
Contents
1. About this volume
Vol 11 covers operational posture for Cardputer Zero. Most regulatory + legal content is inherited unchanged from the Cardputer family — Zero is an ESP32-S3 + Wi-Fi + BLE device, subject to the same rules as any other 2.4 GHz unlicensed device. The Zero-distinctive considerations focus on:
- Education / classroom: how to deploy responsibly to students
- Fleet operations: chain of custody, data handling, recovery
- Smaller battery: thermal + safety implications
Cross-reference: ../../../M5Stack Cardputer ADV/03-outputs/Cardputer_ADV_Complete.html Vol 12 covers ADV operational posture; Zero inherits the framework and adds the budget-tier specifics.
2. Regional regulatory framework
2.1 ESP32-S3 Wi-Fi 2.4 GHz
ESP32-S3 transmits in the 2.4 GHz ISM band (2400-2483.5 MHz). Regional rules:
| Region | Band | Max TX power | Duty cycle |
|---|---|---|---|
| US (FCC §15.247) | 2400-2483 MHz | +30 dBm | None (spread spectrum req’d) |
| EU (ETSI EN 300 328) | 2400-2483.5 MHz | +20 dBm | Strict |
| JP (ARIB STD-T66) | 2400-2483.5 MHz | +20 dBm | Various |
| Most regions | 2.4 GHz ISM | various | various |
ESP32-S3 typically transmits at +20 dBm — within all major region limits.
2.2 BLE 5.0
Bluetooth Low Energy is also 2.4 GHz; same regulatory framework. ESP32-S3 BLE typically transmits at +10 dBm.
2.3 Pentest-attack regulatory considerations
Wi-Fi pentest workflows (deauth, evil portal, beacon spam) operate at TX layer — subject to regional rules even if the target is your own equipment. For Zero specifically:
- Wi-Fi deauth: legal on your own network; gray area elsewhere; illegal in many jurisdictions
- Beacon spam: same considerations
- Evil Portal: works at the SoftAP layer; subject to “you can’t broadcast on a band you don’t own” rules
- BLE spam: typically less regulated but still subject to authorized-use principle
Cross-ref ../../../_shared/legal_ethics.md for the project-wide posture.
2.4 ESP-NOW
ESP-NOW (Espressif’s peer-to-peer protocol over Wi-Fi MAC) operates on the same 2.4 GHz radio. Same regulatory framework. Useful for short-range covert / coordinated comms.
3. LiPo small-cell handling
3.1 Standard discipline (carries from family)
- Never charge a swollen cell
- Operate at 0-40 °C
- Store at ~50% charge
- Don’t operate when wet
- Replace at first sign of capacity drop
3.2 Smaller-cell-specific concerns
Vol 5 § 7 covers this in detail. Summary:
- Faster discharge ratio under heavy load (~0.5C peak)
- Smaller thermal mass — warms faster under high current
- Brownouts more likely under aggressive Wi-Fi TX
- Less voltage headroom at low charge
3.3 Classroom/education considerations
Students may abuse LiPo cells. Education-tier safety:
- Brief students on LiPo basics — swelling = stop using
- Provide replacement service — broken cells replaced cheaply
- Restrict TX-heavy workflows in classroom to instructor-supervised time
- Recycle bin for retired cells — proper disposal at end of life
3.4 Fleet-ops + storage
For units stored long-term between engagements:
- Charge to ~50% before storage
- Don’t store in hot warehouses (>30 °C accelerates degradation)
- Check periodically (~monthly) for swelling
- Replace cells at 80% of nameplate capacity
4. Education / classroom posture
4.1 Wi-Fi pentest in classroom
Teaching Wi-Fi pentest workflows on classroom Zeros:
DO:
─ Use a dedicated classroom Wi-Fi for pentest exercises
─ Instructor authorizes specific attacks against the lab network
─ Document what each student does (attribution)
─ Test on lab equipment only — NEVER the school's production Wi-Fi
─ Cover Wi-Fi rules + ethics first before TX experiments
DON'T:
─ Let students freely run deauth on production school Wi-Fi
─ Allow Wi-Fi pentest in residences (e.g., dorms)
─ Skip the ethics curriculum
─ Permit unauthorized TX in any classroom-adjacent area4.2 Privacy in classroom
For deployed BLE / probe scanning:
- Inform students that the device captures wireless data
- Don’t capture personal devices during exercises unless directly authorized
- Anonymize captured data before storage / analysis
- Delete captures after the exercise concludes
4.3 Hardware accountability
- Each Zero assigned to a specific student (or station)
- Serial number logged at issue
- Returned at end of course
- Damage / loss covered by lab fee or department budget
5. Fleet-ops chain of custody
5.1 Pre-deployment
- Each unit has a serial number + custody tag
- Pre-deployment baseline: SD card formatted, factory firmware, no payload
- Photograph each unit before deployment
- Document deployment plan (location, time, expected duration)
5.2 During deployment
- Track each unit’s location (if mobile)
- Status updates if remote-accessible
- Watch for OS/firmware crashes (NEMO-style fleet typically auto-restarts)
5.3 Post-deployment
- Retrieve each unit (or confirm loss)
- Extract SD data (encrypted bundle for transfer)
- Sanitize SD before next deployment
- Factory-restore firmware
- Document the engagement
5.4 Data handling
Captured data (probes, BLE scans, etc.):
- Encrypt at rest during transfer
- Limit retention per engagement contract (typically 30-90 days)
- Out-of-band hash verification for evidence-grade captures
- Bystander filtering — purge non-target data
Cross-ref Cardputer ADV Vol 12 § 5 for the canonical chain-of-custody.
6. Legal / ethics for pentest use
6.1 The core principle
Authorization in writing for every TX-related activity. Don’t deauth, jam, beacon spam, or run Evil Portal without explicit scope.
6.2 Zero-specific considerations
For Cardputer Zero in particular:
- Lower cost = lower “stake” but same legal exposure — a $30 device used illegally exposes you to the same criminal/civil penalties as a $300 one
- Multiple units increase exposure — fleet ops means each unit is potentially evidence; encrypt and sanitize systematically
- Education context doesn’t lower the bar — students under your supervision making illegal TX puts liability on you
6.3 What’s typically OK
- RX-only Wi-Fi/BLE scanning in public spaces (with reasonable awareness)
- TX on your own networks
- TX in licensed bands (only if you hold the license; e.g., amateur radio)
- TX with explicit written authorization
6.4 What’s typically not OK
- Deauth on a network you don’t own
- Beacon spam in public spaces
- Captive portal targeting random users
- Cellular interference (ESP32 doesn’t TX in cell bands, but bad firmware could interfere)
- TX without authorization, period
Cross-ref ../../../_shared/legal_ethics.md for the project-wide posture.
7. When NOT to deploy Zero
Beyond the Vol 9 § 7 “wrong tool” list, Zero-specific operational deployment risks:
| Scenario | Risk | Mitigation |
|---|---|---|
| Public hackathon with unsupervised teens | Misuse risk | Curated firmware only; supervisor present |
| Long-duration unsupervised collection | Battery / theft / weather damage | Fixed power, sheltered, regular check |
| Cross-border travel with pre-flashed pentest firmware | Customs inspection risk | Travel with factory firmware; flash custom on arrival |
| Locations with sensitive RF infrastructure | Interference risk | Verify regional rules; avoid TX |
| Educational deployment without consent | Privacy / liability | Inform participants; opt-in scanning only |
8. Pre-engagement checklist
For any deliberate Zero deployment:
AUTHORIZATION
[ ] Written authorization (if TX-heavy)
[ ] Verbal authorization (if classroom / known venue)
[ ] Out-of-band contact ready
PREPARATION
[ ] Unit charged to ≥80%
[ ] USB-C battery pack ready (>3h engagement)
[ ] SD card formatted FAT32 + sufficient space
[ ] Firmware version locked + tested
[ ] Engagement scope clear
OPERATIONAL
[ ] Region setting in firmware matches venue
[ ] TX rules understood for this band/region
[ ] Sanitization plan post-engagement
[ ] Discovery response plan
LEGAL / ETHICAL
[ ] Authorized to TX in band X for duration Y?
[ ] Bystander data handling clear?
[ ] Documentation policy clear?
FINAL
[ ] All above checked — proceedIf any item isn’t checked: abort.
9. Resources
- Cardputer ADV Vol 12 (operational posture canonical):
../../../M5Stack Cardputer ADV/03-outputs/Cardputer_ADV_Complete.html - ESP32 Marauder Firmware deep dive (Wi-Fi pentest posture):
- Hack Tools shared legal/ethics:
../../../_shared/legal_ethics.md - FCC Part 15: https://www.law.cornell.edu/cfr/text/47/part-15
- EU ETSI EN 300 328: https://www.etsi.org/
End of Vol 11. Next: Vol 12 is the laminate-ready cheatsheet — with explicit “what to verify on receipt” content reflecting Zero’s research-stub status.