
Bluetooth Connectivity Threatens Security (2013) - SharpDavies
https://www.kaspersky.com/blog/bluetooth-security/1637/
======
jedberg
Should probably add a (2013) to this title.

But yeah, I'm running the iOS13 beta, and one of the things it does it warn
you if an app is trying to use bluetooth (other than audio). It's crazy how
many apps request bluetooth access. Apps that definitely don't need it, other
than to leak your location.

~~~
BinaryIdiot
Right? I don't even understand when I should or shouldn't allow bluetooth
access. Does this mean things won't work with my headphones? Almost all of my
apps have requested it!

I wish Apple did a little more user training as to _what_ this means instead
of a generic "let app use bluetooth?"

~~~
nexuist
Just default to saying no. If you find that something actually does break as a
result, you can always switch permissions back on in the Privacy tab in
settings.

For certain permissions (i.e. location), Apple actually does require apps to
provide a string indicating what the permission is needed for. I'm not sure if
it's required for the Bluetooth permission, but my guess is that since it's a
beta nobody has updated their binaries to include that string.

~~~
jdnenej
On android you have to request location access to scan for Bluetooth devices.

------
PappaPatat
Craziest thing about Bluetooth, is that there are so many different "profiles"
or features, of which some might, some might not be available on your
bluetooth stack but you will be hard pressed to find out which ones are.

Some dongle might just support the one you need. Some might support 2 or 5.

From Wikipedia:

1 Advanced Audio Distribution Profile (A2DP)

2 Attribute Profile (ATT)

3 Audio/Video Remote Control Profile (AVRCP)

4 Basic Imaging Profile (BIP)

5 Basic Printing Profile (BPP)

6 Common ISDN Access Profile (CIP)

7 Cordless Telephony Profile (CTP)

8 Device ID Profile (DIP)

9 Dial-up Networking Profile (DUN)

10 Fax Profile (FAX)

11 File Transfer Profile (FTP)

12 Generic Audio/Video Distribution Profile (GAVDP)

13 Generic Access Profile (GAP)

14 Generic Attribute Profile (GATT)

15 Generic Object Exchange Profile (GOEP)

16 Hard Copy Cable Replacement Profile (HCRP)

17 Health Device Profile (HDP)

18 Hands-Free Profile (HFP)

19 Human Interface Device Profile (HID)

20 Headset Profile (HSP)

21 Intercom Profile (ICP)

22 LAN Access Profile (LAP)

23 Mesh Profile (MESH)

24 Message Access Profile (MAP)

25 OBject EXchange (OBEX)

26 Object Push Profile (OPP)

27 Personal Area Networking Profile (PAN)

28 Phone Book Access Profile (PBAP, PBA)

29 Proximity Profile (PXP)

30 Serial Port Profile (SPP)

31 Service Discovery Application Profile (SDAP)

32 SIM Access Profile (SAP, SIM, rSAP)

33 Synchronization Profile (SYNCH)

34 Synchronisation Mark-up Language Profile (SyncML)

35 Video Distribution Profile (VDP)

36 Wireless Application Protocol Bearer (WAPB)

[https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles](https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles)

~~~
nexuist
This is a staggering amount of wheel re-invention...makes me feel relieved
that we have HTTP so clearly dominant in TCP/IP land.

I think Wi-Fi Direct is the way to go in the future. We've generally mastered
TCP stacks and building an application that uses simple sockets is far less
legwork than dealing with the intricacies of 30+ Bluetooth specifications.

I should say I'm no expert on Bluetooth. Why do we still use it? Is it a
matter of legacy or does it have some kind of killer feature that Wi-Fi Direct
can't compete with?

~~~
RL_Quine
Bluetooth LE has orders of magnitude less power consumption than WiFi. Bear in
mind this is a totally distinct protocol to Bluetooth. Many products use a
Bluetooth LE and Bluetooth connection in tandem to gain the capabilities of
both.

------
mjg59
This seems like a very strange post? It describes a bunch of vulnerabilities
that have been described in Bluetooth, but as far as I can tell these are all
things that have been rectified - it's like saying that having IP connectivity
threatens your security. It's correct, in the sense that anything that adds
attack surface is a threat to your security, but misleading in the sense that
Bluetooth is somehow special in this respect.

Oh. It's from 2013. That makes more sense. The prevalence of BTLE in modern
life means that anyone who isn't thinking of Bluetooth as an attack vector is
well behind the curve, but I can believe it back then - although initial
Bluetooth attacks against inadequate devices were demonstrated back in 2005
with stuff like Bluejacking, so bringing that up in 2013 as an unconsidered
vector still seems odd.

It's a 2013 article largely talking about attacks that were described in 2005,
if this is telling you something new in 2019 and it has any impact on you then
you're _way_ behind where you should be.

~~~
tjoff
> [...] anyone who isn't thinking of Bluetooth as an attack vector is well
> behind the curve [...]

Meanwhile in the future you can't even listen to music without enabling that
attack vector, so you can bet everyone has it enabled 24/7.

And I really don't think bluetooth has or ever will be close to regular
networks in terms of security maturity. It's like USB, it's so bad there
really isn't much point in trying to fix it anymore.

~~~
coretx
You conclusion is something I don't agree with because many sensible things
with USB can be fixed and can have a pretty big impact. For example, where I
live some municipalities use Bluetooth for tracking and datamining of
citizens. Some shops do the same thing but for other purposes. These are
things that can relatively easily be fixed.

