On Thu, Feb 5, 2015 at 2:10 PM, Eric Voskuil <e...@voskuil.org> wrote:
> A MITM can receive the initial broadcast and then spoof it by jamming the
> original. You then only see one.

You are right, of course. There is no way to make Bluetooth 100%
secure, since it is an over-the-air technology. You could try securing
it using a CA or other identity server, but now you've excluded ad-hoc
person-to-person payments. Plus, you need an active internet
connection to reach the CA.

You can try using proximity as a substitute for identity, like
requiring NFC to kick-start the connection, but at that point you
might as well use QR codes.

This BIP is not trying to provide absolute bullet-proof security,
since that's impossible given the physical limitations of the
Bluetooth technology. Instead, it's trying to provide the
best-possible security given those constraints. In exchange for this,
we get greatly enhanced usability in common scenarios.

There are plenty of usable, real-world technologies with big security
holes. Anybody with lock-picking experience will tell you this, but
nobody is welding their front door shut. The ability to go in and out
is worth the security risk.

Bluetooth payments add a whole new dimension to real-world Bitcoin
usability. Do we shut that down because it can't be made perfect, or
do we do the best we can and move forward?


Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Bitcoin-development mailing list

Reply via email to