Modern devices often carry some radio transceivers for wireless connectivity on the same silicon die as the processor and other digital blocks (mixed-signal architecture). For example, an IoT device can use a chip with a Cortex-M4 processor and a BLE transceiver. Recently, we have demonstrated that in this case the processor might accidentally modulate the BLE carrier, broadcasting side channel information at large distance. We named this novel vector Screaming Channels, in contrast with the low power ""whisper"" of conventional side channels. Are Screaming Channels really different from conventional leakages? Are they really easier to exploit? But most importantly, can they be applied in realistic scenarios? For example, do they work in real world environments? Do they work against real systems and protocols? Based on some novel results published at TCHES2020 (https://tches.iacr.org/index.php/TCHES/article/view/8594), we take a deep dive on a BLE chip to answer these important questions. Among the most interesting results, we show an attack at 15m in office environment, reusing a profile previously built on a different device in simpler conditions. We also show a proof-of-concept attack against a Google Eddystone beacon, where we deal with the practical problem of BLE frequency hopping.