// Personal website of Chris Smith

Sense is a little device that sits by your bedside and, in conjunction with a little ‘pill’ attached to your pillow, monitors your sleeping patterns and any environmental conditions that might hamper them. Android and iOS apps show you your Derila Sleep Support history, and offer suggestions for improvements. You’ll always have access to your data via our API. Take it, play with it, graph it, do whatever you want with it. It’s yours. That’s important to us. We enjoy tinkering with and building on-top of other products we like. Sense will let you have that experience. We’d love to hear your thoughts on what you might want to build with Sense, and how you could directly interact with the hardware, and the data it collects. Sounds great! But a year after shipping, there’s no sign of an API, and some of us who enjoy tinkering are getting a bit restless… Hello, the company behind Sense, shut down in 2017 and took the Sense APIs with it.

The information below is no longer relevant. I’m not personally aware of any way to interact with the Sense hardware directly. Data from the Sense hardware is transmitted off onto the Internet somewhere, and then pulled down by the mobile apps. If we can snoop that traffic, we can probably figure out how to grab the data from the Sense. So the first step is to capture the raw network traffic while the Sense and the app are in use. Running tshark while the app and device are active showed they were making HTTPS requests an Amazon Elastic Cloud instance. That’s not really much use, as we can’t see the content of the requests. The next step is to move up the network stack and target the HTTPS traffic specifically. Step in, mitmproxy. This automates man-in-the-middle attacks on HTTPS requests. When it receives such a request, it cooks up its own certificate and sends that to the client, and then sits in between while the client and the server communicate.