Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
Bluetooth – No Guts N Gl !No Glory!Jeff DowleyJeff [email protected]
Overview• What is Bluetooth?• What is Bluetooth?• How does it work?• What are the different types of Bluetooth?yp• What can you do with Bluetooth?• What are the predictions for next generation
d ddevices and uses?• What are the security issues of Bluetooth?
What is Bluetooth?
• Bluetooth wireless technology is built into• Bluetooth wireless technology is built into electronic gadgets and lets you share information like voice, music, and videos
i l lwirelessly.– 1st hoped to replace wires on phone, small
electronicselectronics• 2.4 Ghz and 5.0 GHz Radio waves, not infra-
red or laser. Design goal is up to 10 meters (33 ft) f Cl 2 (2 5 W) d i(33 ft) for a Class 2 (2.5mW) device
– 1st discovered by the military in the 1940's1st discovered by the military in the 1940 s– Bluetooth invented in 1994 at Ericsson
(Sweden), in 98 a SIG was started– Named after a 10th C Danish king that was
a uniter of Scandinavian lands• PAN personal Area Network• PAN - personal Area Network
– 7 nodes with 16.7M slaves?• Bluetooth PAN moves with you - no otherBluetooth PAN moves with you no other
infrastructure or access point needed
• Pairing - connecting 2 Bluetooth devices• Pairing connecting 2 Bluetooth devices– Multiple devices can pair at the same time– Legacy pairing - each device uses a PIN g y p g
code which must match to pair• PIN can be up to a 16-byte UTF-8 string• But usually 4 digit number• But usually 4 digit number
• Bluetooth chips cost less than $3
How does it work?
The protocol operates in the license-freeThe protocol operates in the license-free ISM band at 2.402-2.480 GHz.[28] To avoid interfering with other protocols g pthat use the 2.45 GHz band, the Bluetooth protocol divides the band into 79 channels (each 1 MHz wide) and changes channels up to 1600 times per secondsecond.
Implementations with versions 1 1 andImplementations with versions 1.1 and 1.2 reach speeds of 723.1 kbit/s.
Version 2 0 implementations featureVersion 2.0 implementations feature Bluetooth Enhanced Data Rate (EDR) and reach 2.1 Mbit/s.
Technically, version 2.0 devices have a higher power consumption, but the three times faster rate reduces the transmission times, effectively reducing
ti t h lf th t f 1power consumption to half that of 1.x devices (assuming equal traffic load).
• Bluetooth powered by a PC can reach up to• Bluetooth powered by a PC can reach up to 100m if it is a Class 1 transmitter (100mW)– If a class 2 device pairs with a class 1
device, it may have a longer range than a pure class 2 pair
• Bluetooth sniping with class 2 and special• Bluetooth sniping with class 2 and special antennas lead to a record of 1.08 miles for a connection
• SDP (Service discovery protocol)• SDP (Service discovery protocol)• Allows a device to discover services support by
other devices, and their associated parameters. For example, when connecting a mobile phone to a Bluetooth headset, SDP will be used for determining which Bluetooth be used o dete g c uetootprofiles are supported by the headset (Headset Profile, Hands Free Profile, Advanced Audio Distribution Profile (A2DP) etc ) and theAudio Distribution Profile (A2DP) etc.) and the protocol multiplexer settings needed to connect to each of them. Each service is identified by a Universally Unique Identifier (UUID), with official services (Bluetooth profiles) assigned a short form UUID (16 bits p ) g (rather than the full 128)
Bluetooth – many flavors – 1st byte
• Who's in charge of the spec?• Who s in charge of the spec?– Bluetooth SIG
• Bluetooth v2.0 + EDR (enhanced data rate) -Nov 2004– 1-3Mbps over the air
0 7 2 1Mbps device to device– 0.7-2.1Mbps device to device– Up to 3x faster than spec 1.2– Extended Inquiry response (EIR) - better info q y p ( )
to use when allowing to pair or deny pairing of devices
– Rare to be slowed by # of activeRare to be slowed by # of active devices (unlike Wi-Fi)
– Either 64bit or 128bit security layery y– 100ms Latency– Uses less power than v1.2 - by reducing p y g
the duty-cycle• Phones
• Bluetooth v2 1 + EDR - July 2007• Bluetooth v2.1 + EDR July 2007• Introduces new pairing paradigm
– Secure Simple Pairing (SSP)p g ( )• Uses public key cryptography• Just works - ex are headsets (no keypad)• Numeric comparison - Matched 6-digit PIN• Numeric comparison - Matched 6-digit PIN• Passkey entry and Out of band
• Sniff subrating - lowers power use by negotiating as infrequent as 10 sec between polls
• Example hardware:• Example hardware:– Wii, PS3, and PSP Go wireless game
controllerscontrollers
• (MoGo Mouse X54 Pro) for• (MoGo Mouse X54 Pro) for ExpressCard/54 Laptops
Experience IconsExperience Icons • Bluetooth Experience Icons help you
easily identify and buy compatibleeasily identify and buy compatible products that use Bluetooth wireless technology. The Icons make it simple to gy punderstand what a Bluetooth enabled device can do and how it will work with th d i f i ti filother devices for printing, file
transferring, listening to stereo audio and moreand more.
• Headset• Headset
• Music• Music
P int• Print
I t• Input
• Transfer
Bluetooth for today – v3.0 + HS
• Ratified in Apr 2009• Ratified in Apr 2009• Uses 2.4 and 5.0 GHz• Main feature is AMP - alternate MAC/PHY - this /
allows using WiFi• Connection is set up and negotiated over
Bluetooth stdBluetooth std• Bluetooth using secondary (Wi-Fi) radio
already in a devicey• OTA data rate: up to 54Mbps• Application throughput: up to 24Mbps
• 128bit AES security layer• 128bit AES security layer• Only uses Wi-Fi when needed and isn't
announced when not neededannounced when not needed• Saves on power use• More secure• More secure• Less than 100ms latency• Lower power consumption than• Lower power consumption than
Bluetooth v2.1• Enhanced power control• Enhanced power control
Cool 3 0 + HS examplesCool 3.0 + HS examples• Bulk data transfer = updating your iPod
music catalogmusic catalog• Send photos to a printer w/o
intermediate stepsintermediate steps• Video streaming• Send video from video cam corder to• Send video from video cam corder to
your TV• To role player googles? - imersionTo role player googles? imersion
Bluetooth for tomorrow – v4.0 & LEP
• New Bluetooth Core Specification v4 0• New Bluetooth Core Specification v4.0– Adopted 17dec09– Class 3 (1mW)( )
• Low energy protocols– Way to tie your phone to you via a 'key fob'
l k dlike device– Way to tether a kid to being near you - else
a warning beep for out of rangea warning beep for out of range– Create a link between you and work out
monitors(pulse, pedometers, etc)
– 1st products before end of '101st products before end of 10– Coin cell batteries may last for years of use
(like garage door openers?)
• Examples of 4.0 devices:– Expected use cases include watches
displaying Caller ID information, sports sensors monitoring the wearer's heart rate during exercise and medicalrate during exercise, and medical devices.
– The Medical Devices Working Group is g palso creating a medical devices profile and associated protocols to enable this
k tmarket.
- Bluetooth low energy technology is- Bluetooth low energy technology is designed for devices to have a battery life of up to one year.p y
• May need to install Bluetooth sw stack to get BT between PC and deviceg– Bluetooth not built in to Windows XP
• Added to SP2
Security – everybody’s favorite!Safe Bluetooth recommendationsSafe Bluetooth recommendations• Don't link to unknown Bluetooth devices• Do change the default name used to broadcast g
your Bluetooth status• It could keep someone from knowing your
device's weaknessdevice's weakness• You may want to consider AV sw for your
phone/pda/devicep /p /
• Do change the pairing code (PIN) away from• Do change the pairing code (PIN) away from default
• Remember to delete any access if a Bluetooth device is lost
Bluecasting a Bluetooth server in a• Bluecasting - a Bluetooth server in a bluetooth kiosk sends data to passers-by
• Temples in India can offer ringtones, wallpaper p g , p pimages of deity's, etc
• Could lead to Bluejacking - the sending of unsolicited messages over Bluetooth (cof unsolicited messages over Bluetooth (c 2003)
– Bar room prankBar room prank– Guerrilla advertizing campaigns
• Used to be only text, but can now be any kind of file– Ex: vBusiness cards
Example programs are bluesniff bloover• Example programs are bluesniff, blooverCould lead to Bluesnarfing - the unauthorized
access of information from a wireless device through a Bluetooth connection– No known code doing this at this time -
mo e se io s than Bl ejackingmore serious than Bluejacking– A hole in the original Bluetooth std allowed
this, but has since been patched, p
Could lead to Bluebugging - more of a socialCould lead to Bluebugging more of a social networking thing - cons user into pairing with a hacker's device - which then could use your d i ith t l ( 2004)device without your approval (c 2004)– takes control of your device and can either
listen in or make calls, etc (c 2004)ste o a e ca s, etc (c 00 )• There have been real viruses aimed at
Bluetooth, but for the most part few of them h b i th ild (L A 29Ahave been in the wild (Lasco.A, 29A, velasco.sis file, cabir worm)
• One use of auto linking was for thieves to scanOne use of auto linking was for thieves to scan locked cars in parking lots to look for laptops and other devices inside and worth stealing
Tips to protect your dataTips to protect your data• Non-Discoverable Mode
To prevent others from seeing your– To prevent others from seeing your device, you can set it to a non-discoverable mode. You can still use your Bluetooth services, like talking on a headset, but your device will not be found by other Bluetooth devicesfound by other Bluetooth devices.
• Only Pair with Known DevicesDon't "pair" with unknown devices Just– Don t pair with unknown devices. Just like you would not open your door to a stranger, do not accept content or pair g , p pwith devices from unknown users.
• Change your PIN• Change your PIN– Pair your device in private to make the
permanent connection. And if your device ith d f lt P l Id tifi ticomes with a default Personal Identification
Number (PIN), change it to only one you know.
• May want to keep Bluetooth off on phones to save on battery life
The End