
Bluetooth Technology 101 - Oatseller
http://www.tomshardware.com/reviews/bluetooth-technology-101,4464.html
======
unbelievr
The latest iterations on the security front utilizes ECDH for key exchange (LE
secure connections) and seems fairly robust. The legacy pairing implementation
is vulnerable to mitm during the very first bonding, except in the case where
the devices use out-of-band data like NFC. Neither Android or iOS opted to
ever implement OOB, so that made security more difficult. It required us to
tell our customers to reduce output power during bonding, so that the devices
had to be close enough to avoid sniffing.

I felt that for the Low Energy part, the security concerns in this article
were quite outdated. None of the listed attacks are applicable for LE.

Other than that, I think this gave a very good introduction to the protocol on
all layers. I think the future for Bluetooth will be its ability to hook up
lots of cheap sensors to a hub (with internet access, optionally) that can
work for years without changing the battery. Unfortunately, the companies that
already have a market share in e.g audio are trying to stall future advances
in the LE front. Others are trying to basically reimplement BR/EDR in LE,
thinking it will still stay "low energy".

------
tacostakohashi
Why hasn't Bluetooth taken off more for wireless keyboards and mice? Bluetooth
has been very common for a long time as a built-in on laptops, but good luck
finding any of these peripherals that don't require a dedicated little USB
receiver.

Is it a licensing/certification cost, or something more nebulous?

~~~
agumonkey
I always dreaded bluetooth. It was always overengineered to my mind, fragile,
ad-hoc, moving target. Sometimes the bt stack feels the same as crapware. Very
subjective remark, I may be unlucky and/or dumb.

~~~
fla
You're not alone here. I've been recently working on bluetooth related tech
and was really surprised from the lack of native support under Windows 10. Had
to reinstall my sytem at some point due to a stack driver mess.

~~~
agumonkey
Makes you love your old IR wireless devices.

------
13of40
> Otherwise we'd all have to take a radio operator course before enabling the
> Wi-Fi or Bluetooth functions on our smartphones, or even to turn on our
> microwave ovens.

Not really. I've got a license for GMRS, but the "test" just consisted of
sending the FCC sixty bucks.

