
Bluetooth's Complexity Has Become a Security Risk - Elof
https://www.wired.com/story/bluetooth-complex-security-risk/
======
aschampion
The vast majority of my bluetooth woes are not with bluetooth, but with the
complete lack of configurability on Android and other devices.

I end up pairing/unpairing my home speakers with my phone constantly, not
because bluetooth is brittle, but because Android doesn't have options like
"remember pairing but don't automatically connect with this device", or,
"select audio output", or, "do/dont continue playing audio when this device
loses connection". Otherwise, when I turn my headphones on to bike to work in
the morning, my phone will be paired with the speakers, and the headphone will
connect for calls but not audio.

I don't want linux-like configuration. I don't want to root my phone. But
having no control on these thousand dollar devices over the most common tasks
we use them for despite billions in R&D and tens of thousands of developers is
ludicrous.

~~~
de_watcher
> I don't want linux-like configuration.

I want linux-like configuration. It's the only way to be sure.

~~~
sansnomme
Linux like configuration is utterly terrible. At least with iOS there's
usually two modes: it either connects or it doesn't. When it connects, it
works flawlessly. For Linux, it's a variety of possibilities including but not
limited to: able to discover device but can't pair, pairs but unable to send
any files, Bluetooth daemon crashes two seconds after pairing (GUI hangs and
you have to manually grep through the logcat to figure out what went wrong),
Bluetooth pairs but on reboot daemon fails to start with a cryptic error code.
On googling the error code leads to a post on Ubuntu StackExchange from 5
years ago that references a post on the Arch Linux forum from even further
back. On IRC support, you would be recommended to install
Blueman/Bluez/whatever-their-favorite-bluetooth-software on top of your
distro's version. And after a whole afternoon, it still wouldn't work. When
you write a blog post complaining about it, people would tell you in the
comment thread to go replace your device with a "ThinkPad" cause Linux is not
supposed to run properly on most laptops despite being marketed as such. And
then finally two months later someone posts a comment telling you to flip an
entry on an obscure config file somewhere deep within the system and the
problem magically goes away. So no, I don't want Linux-like configs.

A better solution would be more robust cross platform Bluetooth stacks. We
have tons of high quality, open source TCP/IP networking software, elliptic
curve cryptography and key exchange libraries. The same needs to be done for
Bluetooth. If companies like Google have enough money to relaunch and rebrand
IoT home assistants every other week and publish new networking stacks written
in Go for their latest container orchestrator/mobile OS/browser every 6 months
then I am sure they can find time and funding for better Bluetooth firmware.

~~~
bluGill
You are confusing configuration flexibility with bugs.

~~~
ativzzz
The more configuration flexibility you have, the more bugs you will have.

------
ahartmetz
The problems with Bluetooth are it doesn't pair, it doesn't unpair, you need
to unpair first, you need to use the other protocol that transmits audio, the
latency is way too high, it's insecure, the software stack hangs or crashes,
you can't know for sure if two devices will work together, BLE is WAY too low
level and a step back, the spec is way too big and complicated, ... In 20
years they have not managed to make it good. It seems hopeless with the
current institutions managing it. What a heap of hot garbage.

~~~
ignoretest
Every Bluetooth device I have ever tried has failed to meet my expectations. I
have a drawer full of Bluetooth devices that I regret purchasing. I've been
fooled too many times already, I simply won't buy a device that relies on
Bluetooth any more. For mouse/keyboard I like RF and for audio you can pry my
3.5mm jack from my cold dead hands.

~~~
arethuza
I was initially rather skeptical of bluetooth headphones - but after yet
another gardening related headphone incident I bought a cheap pair (£30) and
they worked perfectly well. They broke (headband snapped) and I upgraded to
moderately priced Sony ones (~£100).

I've literally never had any problems connecting any of these to any devices
(desktop PC, iPads, iPhones).

Bluetooth also seems to work pretty much perfectly with my car as well.

I'm not doubting you have problems - but interesting to note that for some
people Bluetooth does actually seem to work.

~~~
bmurphy1976
I have a pair of moderately priced Sony BT headphones. Could be a similar
model given the price range.

You can't charge and listen at the same time (wtf)

I get no warning when the battery is about to die (combined with the above
this really sucks, they shut off in the middle of something)

I dual boot OSX and Windows on my laptop and I have to re-pair the headphones
every time I switch OSes. I suspect each OS has a different encryption key,
but the headphones can't tell the difference between which OS is running.

They cut out and skip all the time when walking through the City. They are
borderline unusable when walking between the train station and my office.

They cut out and skip occasionally when not walking through the City, for no
discernable reason.

They have an obnoxious and unnecessary blue LED that blinks periodically when
they are turned on. This lights up our whole bedroom at night and annoys the
crap out of my wife. I have to keep a piece of black electrical tape over the
LED.

These are the best bluetooth headphones I have ever owned, they sound great,
and I absolutely hate them.

~~~
clort
_" I dual boot OSX and Windows on my laptop and I have to re-pair the
headphones every time I switch OSes. I suspect each OS has a different
encryption key, but the headphones can't tell the difference between which OS
is running."_

Your suspicion is correct.

The real problem is that Apple and Microsoft both have not provided any way to
specify the key to connect with, and they both paired independently, creating
a different key each time.

One solution would be to find where the link key was stored in one of the OSs
and copy it over to the other OS. Then they would both use the same link key
and you are good to go until you re-pair for some reason. I don't know if this
(still) works, but some instructions are here:

    
    
      https://www.insanelymac.com/forum/topic/268837-dual-boot-bluetooth-pairing-solved/
    

A different solution could be that the Bluetooth adaptor usually has a way to
store the link key within the device in NVRAM. The technicality of that is
that the adaptor does never ask the OS for the link key, it just connects. I
don't know if tools exist in OSX or Windows to do that, however.

------
s_m_t
In my opinion part of the problem with Bluetooth is that the API exposed by
android and IOS is like... two or three layers too low. Imagine if in web
programming you set the MTU size in your HTML and you get the idea of what
programming Bluetooth is like.

Another issue I see is more of a view point that people have trouble shaking.
Typically we think of the server as being more powerful than the client, but
in BLE the client usually has more processing power and battery by several
orders of magnitude. Once you examine this preconception BLE makes a whole lot
more sense.

~~~
sratner
It isn't even the API vendors' fault necessarily.

Compared to HTTP/TCP/IP, abstractions between layers of the BLE stack are
extremely leaky. Examples: indicating choice of PHY coding and channels in the
equivalent of a `listen/connect` call, or the three different but intertwined
places where fragmentation/reassembly can happen. Being effective with BLE
requires deep understanding of the entire stack, and since it is difficult for
a single person to have such level of understanding, we get bugs. By
comparison, being effective with HTTP does not require one to know anything
about the PHY layer, or TCP stream reassembly.

I suspect this is due to not having enough independent implementations of each
layer - Bluetooth is designed and standardized by one committee, and the
entire stack usually implemented as a single "thing", making it too easy to
break abstraction when a new feature needs to be added.

~~~
arcticbull
> Being effective with BLE requires deep understanding of the entire stack,
> and since it is difficult for a single person to have such level of
> understanding, we get bugs.

Bluetooth or LE? LE with GATT in my experience deals with none of this. At
least not on an Apple product, CoreBluetooth hides all of this from me as an
iOS or macOS developer.

~~~
sratner
Apple does hide most of this, but consider that an iPhone app isn't the BLE
product most developers are building, rather it is the device that iPhone app
talks to, and where the bugs lurk. (Not that Apple doesn't have its fare share
of BLE bugs at the chipset/driver level, which resurface with every new iOS
release.)

------
gHosts
Become? Become!? That's funny. That's Rich.

Do you have any idea how bloody insanely complex bluetooth is?

Just the the core stuff,

[https://www.bluetooth.com/specifications/bluetooth-core-
spec...](https://www.bluetooth.com/specifications/bluetooth-core-
specification/)

without the various protocol specs...
[https://www.bluetooth.com/specifications/protocol-
specificat...](https://www.bluetooth.com/specifications/protocol-
specifications/) or the GATT or ...

The bloody core spec is 3000 PAGES of standardese.

All in stuff that costs less than a dollar per chip.

~~~
userbinator
I'm someone who actually likes reading standards for fun (sometimes there are
interesting things in them), and have read _many_ of them as a result[1], and
even implemented parts of some; but I still find Bluetooth, along with WiFi
and GSM/LTE very intimidating.

Is there something about wireless in particular that lends itself to this
proliferation of complexity? I've read 802.3 (Ethernet) and it was nowhere
near as dense and intimidating.

[1] MP3, JPEG, JPEG2000, JBIG2, H.261 to 264, MPEG 1 and 2, USB, SATA,
IEEE1284, RS-232, a bunch of RFCs, and too many others to list, those are just
the ones I remember reading recently...

~~~
AaronFriel
It's an industry standard designed at closed door meetings where you have to
pay to get in and pay to read the spec.

It benefits all of the participants to build a big, deep moat where the paying
participants have the expertise.

This is how, by the way, warts like this occur:
[https://news.ycombinator.com/item?id=17402274](https://news.ycombinator.com/item?id=17402274)

~~~
ahartmetz
Somehow you'd think it would also benefit participants if it was also reliable
and fulfilled end user's requirements. It is not theoretically impossible to
have wireless headphones with low enough latency for gaming.

------
kstenerud
I've gotten so tired of protocols and specifications that are overly complex
or are poor fits for how they're used that I've started developing my own for
the services I'm implementing [0].

Making protocols & specs no more complex or ambiguous than necessary is a hard
requirement in this modern, security-conscious world.

[0]
[https://github.com/kstenerud/specifications](https://github.com/kstenerud/specifications)

~~~
amelius
Who else is using your specs?

~~~
kstenerud
I couldn't say; Github doesn't report to me who is including my code or
implementing my specs.

The point is to make specs that people actually WANT to use, which requires
advocacy (to get more eyeballs on it), and collaboration (to fix things I've
missed).

I build these things to scratch an itch, but I want others to find them
useful, as well.

------
ddingus
I hate bluetooth. I hate pairing viscerally.

Recently, I rented a Dodge mini van. Was all they had.

The pairing is voice. Fucking menu via voice! It took 10 minutes...

Please say:

Manage devices Add a new device Configure . . .

What priority, say 1 through 5...

I say 1.

Priority 1 is in use by [device name]

And on and on. I was angry when done. I will never use that POS again. Ugh!

Someone at Dodge needs to try again. I know you meant well. I know you were
probably told to do it too. But damn. It is a real fail.

I hate quality changes for very thin reasons.

I hate quality changes for technical reasons.

I hate charging.

About the only time I loved Bluetooth was running windows XP and that
excellent driver could pair with my old flip phone and do it all. Network, act
as mic, etc... I did it once and done too. Ran that setup for a couple years
until I got a better phone.

Here is the thing. Brb

Back! Had to change devices.

I can be convinced to go wireless. It is going to take more than the mess we
have today.

Just renewed my phone with headphone Jack. Brand new, should be good for
years.

The wireless devices need to be serviceable, the protocols need to be sane and
robust too, or the whole affair is a total net loss.

------
moron4hire
Complaining about 3000 pages of spec, in comparison to WiFi, is a bit apples-
to-oranges. A lot of Bluetooth is not just the binary protocol. There is a
huge surface area of what basically amounts to RPC protocols for different,
standardized device interfaces. Bluetooth is a _wonder_ for having things like
heart rate monitors, pointing devices, and audio interfaces specified in a
single, standardized way. You can generally count on a BT device from
literally thousands of vendors to behave in the same way in literally
thousands of different client devices.

It's more fair to compare BT to heavy protocols like ZigBee, or worse yet,
ZWave. If you wanna dig into a shit-show of wireless protocols, look no
further than ZWave. That thing is a complete boondoggle.

I've been pretty happy with BT.

------
brownbat
It'd be nice if we at least got the easy connectivity promised and just had to
work out a few security kinks.

[https://xkcd.com/2055/](https://xkcd.com/2055/)

I have a few Bluetooth speakers. If I accidentally close the app but forget to
disconnect from settings too, then no one else can pair with them until I
return. This seems like standard behavior, and makes me worry that if I lose
my phone at the wrong moment, I might brick a few devices.

I really like common standards, but if the consortium can't fix either
security or usability, we might be better off with a clean slate.

~~~
crehn
Lately Bluetooth connectivity with Apple devices has been great for me.
AirPods just work and everything is pretty snappy and stable.

~~~
baby
Yet there is still quite a lot of friction.

Airpods have the best support and they still require you to find out how to
pair them when you change device and wait.

Keyboard/mouse is insane. If you want to use them with two different laptops.

~~~
wongarsu
My mouse (Logitech MX Master) supports Bluetooth. It also supports Logitech' s
"Unifying Receiver" and has a button to switch between three different
Logitech receivers. I think everyone can guess correctly which of these
options just works and always does what you want it to.

~~~
omegabravo
To clarify if it's not clear - the button switches between three different
receivers, Bluetooth or Logitech unifying receivers. Currently I have 2 BT
profiles, and 1 Logitech. The mouse works flawlessly

------
wolfgke
Much shorter and general headline concerning the type of problem:

Complexity Is a Security Risk

~~~
ga-vu
Ever since they've paywalled their articles, Wired is FUDing it like crazy.

------
ikeboy
How come we can't solve lag?

There should be a part of the protocol that determines the lag and a standard
way for programs to then set their delay accordingly, so that when I'm
watching a video the sound is synced with the screen. Instead I have to
manually try several different lag times until one feels good enough.

~~~
jjcm
It seems like something endemic to the protocol. Logitech's recent wireless
mice/keyboards have skipped bluetooth altogether - they determined the lag was
simply too large for high performance gaming:
[https://www.reddit.com/r/MouseReview/comments/99qq4a/about_t...](https://www.reddit.com/r/MouseReview/comments/99qq4a/about_that_1ms_lightspeed_wireless_technology/)

~~~
MrBuddyCasino
I have a Logitech G603 mouse that supports both, and there is no noticeable
lag when using the proprietary dongle. I'm still glad BT is supported as a
fallback, but the lag is undeniable.

------
Paul_S
The problem with BT is not unique to BT. Any protocol at the time when it's
used by app developers is not understood and misused. Most products in the
wild just use the example code provided in the sdks provided. You can make a
whole product this way. Especially simple stuff like bt speakers.

------
tristor
You know what doesn't cause increased attack surface for your devices, doesn't
have pairing issues, never cuts out audio randomly, works immediately upon
connection, is low power, and doesn't introduce additional RFI into your
living space? A headphone jack.

Just saying.

~~~
brokenmachine
But I _must_ have a 1mm thinner phone!

Expensive timebombed unrepairable accessories is a small price to pay in order
to have a 1mm thinner expensive timebombed unrepairable phone!

------
bondolo
It has always been the case. Attending IDC in 1999 before a single device had
been certified and the hardware standards and certification docs were already
3500 pages. You can only imagine how this has grown in 20 years. Bluetooth is
a "giraffe" technology. It evolved in to the current form through
happenstance. Nothing about it is simple or normal, instead randomly weird and
inconsistent. And nobody is surprised that after 20 years everyone rightfully
assumes that it barely works and is full of holes. However, since the
standards are controlled by the people who build the hardware it is not been
possible for a functional, non-insane alternative to appear.

------
jim-jim-jim
IIRC OpenBSD dropped bluetooth for this very reason.

------
peter_retief
I am using thread which is a lot more sensible
[https://openthread.io/](https://openthread.io/)

------
baby
The funny thing is that the protocol is meant to be run by tiny devices. So of
course one would thing they would have attempted to make it simple.

~~~
Paul_S
If you want simple you can build your own on top of 15.4. This way your device
will work but only with your other device.

The big thing about BT is that it's everywhere.

~~~
kkarakk
The top players (apple/samsung) have switched to proprietary stacks on top of
bluetooth to get the "magic" pairing experience. Google is following suite
soon. On non "magic" pairing devices, bt is still a pain in the ass to get to
work comparatively.

Imagine if you had to do the standard bt pairing process for wifi. Device to
connect to has to be broadcasting, Device trying to connect has to be
listening, after connection you have to ensure that the passcodes are the same
etc etc. If the connection drops then repeat the process sometimes(<BT 5.0).

------
borumpilot
My main gripe with BT is the inpossibility to limit even which profiles[0] are
active. For example: I do not mind allowing audio, but can not allow any form
of networking.

0:
[https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles](https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles)

------
newaccoutnas
I've not looked at recent specs but Bluetooth security has always been a bit
of a misnomer. It's roots are in FTP etc and older protocols not really
designed for security in mind, never was. So to say it's become a security
risk, when it already was, may be missing the point.

------
andy_ppp
I've been looking for a way to stop bluetooth from pairing with the Macbook
asleep, this looks promising to switch it off when the lid is shut at least:

[https://apple.stackexchange.com/a/272244](https://apple.stackexchange.com/a/272244)

------
geggam
You wonder why OpenBSD removed it ?

------
DyslexicAtheist
it is complex which is usually an issue with security, but the article title
makes it sound like maybe security wouldn't be that bad if it weren't for
complexity. Bluetooth was broken long before it became complex. A protocol
that allows you to negotiate a key size of maximum 1 byte is just plain
dumb[1].

[1]
[https://twitter.com/matthew_d_green/status/11287020035243745...](https://twitter.com/matthew_d_green/status/1128702003524374534)

------
rasz
Become??? BT complexity and security were a joke ever since ver 1.1.

------
gtirloni
What happened to UWB as an alternative for Wireless PAN?

I remember it being proposed as an alternative. Is it any easier to
use/secure? The high frequencies should work fine for short ranges, no?

------
fithisux
I totally agree. Drivers should be easy to write, spec should be slim and
modular. It does not stick with the idea of lightweight communication stack.

------
yaseer
I have to assume the reason that Bluetooth is still annoying 10 years later is
the lack of synchronicity between OS vendors and hardware vendors.

Unfortunately, this is something that Apple does well, and most other
manufacturers and operating systems have a poorer experience.

I say that as an ex-Apple user, not a fanboy. I love my Linux Desktops, but
the Bluetooth pairing is a huge pain. Likewise, when I boot into Windows for
games - Bluetooth peripherals are far annoying than their Apple counter-parts.

------
Causality1
"3,000 pages long" and yet it's still a pain in the ass to use a Bluetooth
peripheral with more than one device.

------
ken
Also seen this weekend: x86 security issues, presumably also stemming from its
complexity.

Dijkstra must be rolling in his grave.

