On 11/15/11 14:14 , Ted Lemon wrote: > On Nov 15, 2011, at 1:43 PM, Joel jaeggli <[email protected]> wrote: >> A decade and a half worth of bluetooth security associations >> including really bad ones says otherwise. > > Yes, and the reason it works is because for most devices, there is no > security,
It's more concise to describe them as offering no MITM protection. The association is either the product of a predefined shared secret (which isn't secret) or after bluetooth 2.1 by SSP. the intent to pair in either case is deliberately initiated. > and for the remaining devices, there's a screen that can > give you instructions. Have you ever owned a bluetooth headset that > didn't have a PIN of 0000? yes but that was 1998 and it wasn't the most usable device ever. >> Personal devices by in large are shedding data-ports where possible >> and especially for low speed interaction. > > Maybe so. Do you expect the iPad three to get rid of its USB port? I expect that devices like the i*/and* as well as other consumer electronics that are moving onto the network (like televisions speakers and so forth) will continue to down the road towards shedding their dependance on tethering to each in a physical fashion. when that happens precisely is a business decision on the part of their manufacturers and the suppliers of the application stack and the supporting accoutrements. ... _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
