Hacking Bluetooth Low Energy: I Am Jack's Heart Monitor

Рет қаралды 30,781

Күн бұрын

Bluetooth Low Energy (BTLE) is the hottest new mode in the latest and greatest Bluetooth 4.0 spec. A new generation of wireless devices, including medical devices will be implemented using this mode.
BTLE is much simpler than classic Bluetooth. Simpler to implement, simpler to debug, and hey, simpler to hack.
I present the progress of a BTLE sniffer/smasher/smusher written for Ubertooth in this WIP talk.
This video is from Toorcon 14.
Slides: lacklustre.net/...

Пікірлер: 14

@johnnylima1337 11 жыл бұрын

Excellent presentation on an interesting subject. Thanks for sharing

@DanCunningham 11 жыл бұрын

Good and clear talk, thank you. Would the use of NFC to facilitate the pairing (e.g. as used by Android Beam) be OOB and therefore secure (as long as nobody eavesdropped the NFC communication)?

@breakersun 7 жыл бұрын

Thanks for sharing, very helpful.

@heyaisdabomb 9 жыл бұрын

I'm confused. Reading up about the new BT LE house locks, I found this: "Unlike Bluetooth version 2.1, the latest version doesn't actually require two devices to initially pair with each other the way you would have to pair your smartphone to a Bluetooth headset, for instance. So more common Bluetooth-based attacks like Bluejacking, Bluesnarfing and Bluebugging are a non-issue". source: gizmodo.com/are-smart-locks-secure-or-just-dumb-511093690 paragraph 6, line 2 But this video shows bt le devices DO pair. and that sniffing a connection is easy. Show is this article wrong? Or am I misunderstanding BT LE?

@tdelazzari 11 жыл бұрын

Great stuff! Thanks for sharing :)

@kazinasimfaisal 7 жыл бұрын

mike what is your opinion after 5 years

@mpeg4codec 7 жыл бұрын

Bluetooth 4.2's LE Secure Connections fix the pairing problem, but 4.2 is not widely supported yet. LE Legacy Pairing has crypto issues at pairing-time as well as UI/UX issues in Android/iOS. If you're building a BLE device and you can work around the UI/UX issues, you should probably use Legacy Pairing. While it has pairing-time weaknesses, in the long run it's secure and it's probably better than what most people will invent themselves.

@yunushkin88 7 жыл бұрын

Good evening Mike. I sometimes revise your video, sometimes even began to understand what you are talking about)) my friend do until a prototype security system for a small house. Here we have tried to build different networks on chips TI, STM32, NRF, Silicon Labs. We tried different network 6lowpan, Thread (2.4 GHz, Sub1GHz), BLE, MESH, Bluetooth, 5 (all this is of course a test, not commercial). Whatever you're network is implemented. Now here Bluetooth 5, Bluetooth mesh. Do You think such as sensors are networked Ble Mesh a good choice for the floor of an office building? Or better to take 6lowpan on 868 MHz for example. I understand that this is a difficult question right now I'm just sitting here thinking that with all this iron and stacks to do.