Re: Bluetooth support status
On Wed, Aug 7, 2019 at 10:40 AM Theo de Raadt wrote: > Wow, look -- more useless chatter on the topic. > > The bt stack we had was designed as "network code", and all sorts of > complex layer violations and device hand-offs were very complicated and > troublesome. > > The code was not deleted because bluetooth is shit. The code was > deleted *because it was shitty and unsuited to the purpose* > > And then noone stepped up to write new code. THAT IS THE WHOLE STORY. > > People on misc often want some complicated conspiracy, and fails to > understand it is ALWAYS that "someone has to write the code and maintain > it", and if such a person doesn't exist then either (a) the code doesn't > exist, or (b) the code sucks and people complain about it until (c) we > delete it and then (d) people on misc try to invent fake history. > > Since no such person existed, (a) led to (c) and here we are at (d). > > I wish everyone would stop making uneducated guesses and trying to > rewrite history that isn't STUDIED and understand. In particular what > bothers me is the LACK OF STUDY, but this is misc, STUDYING stuff is > clearly too hard, and making uneducated guesses is the norm. > Might find following from "Axis of Easy #109" by Mark E. Jeftovic of easyDNS: Major bluetooth security flaw discovered. Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) have discovered a major new vulnerability in the 20+ year-old Bluetooth protocol. The “Key Negotiation of Bluetooth”, aka “KNOB” attack lets attackers, without any prior knowledge of details of either side of the conversation, trick two endpoints in a Bluetooth handshake into using an encryption key that can then be brute-forced (I think they do this by tricking each side into using a 1-byte encryption key). Of course, once the key is cracked the attacker has access to all communications on the Bluetooth channel. The Bluetooth spec is being upgraded to specify longer encryption keys, and users are urged to remain current with all manufacturer updates. Read: https://www.forbes.com/sites/zakdoffman/2019/08/15/critical-new-bluetooth-security-issue-leaves-your-devices-and-data-open-to-attack/ And: https://knobattack.com/ And if your "manufacturer" has EOLed your product, you're SOOL. --patrick > John Brahy wrote: > > > Right, without reading the code and only reading this commit message > it's all conjecture. > > I was just hoping to hear something more if someone was inclined to > share. > > inclined. The commit message seems like some sort of inside joke. > > > > Log message: > > "It's not the years, honey; it's the mileage." > > > > bluetooth support doesn't work and isn't going anywhere. the current > > design is a dead end, and should not be the basis for any future support. > > general consensus says to whack it so as to not mislead the unwary. > > > > On Wed, Aug 7, 2019 at 10:06 AM Theo de Raadt > wrote: > > > > Bryan Wright wrote: > > > > > Are there technical/philosophical problems that make all versions of > > > Bluetooth incompatible with the project, or is it a just matter of > > > removing what is not being maintained? > > > > I'm sure a bunch of you can come up with theories about what actually > > transpired, without reading any of the code that used to be here, or > > the commit messages. > > > > Basically, feel free to keep making up stuff. > > > >
Re: Bluetooth support status
Ha. I was about to start out with how I can guess how complicated managing an operating system is. Then I see the last line of your email saying, "How about if you don't know, stop making guesses". My comments only apply to my experience coding for bluetooth on mobile devices and it was just overcomplicated for me and I felt it was opening up an unnecessary attack surface. That opinion has nothing to do with OpenBSD. Just writing this here in case someone tries to use this in a future conversation. On Wed, Aug 7, 2019 at 10:22 AM Theo de Raadt wrote: > Bryan Wright wrote: > > > > On Aug 7, 2019, at 10:06, Theo de Raadt wrote: > > > > > > Bryan Wright wrote: > > > > > >> Are there technical/philosophical problems that make all versions of > > >> Bluetooth incompatible with the project, or is it a just matter of > > >> removing what is not being maintained? > > > > > > I'm sure a bunch of you can come up with theories about what actually > > > transpired, without reading any of the code that used to be here, or > > > the commit messages. > > > > > > Basically, feel free to keep making up stuff. > > > > > > > I’m sorry, Theo. I’ve read some, but I’m sure I haven’t read all the > history. I didn’t mean anything by my question, but perhaps I should have > done more reading before asking. Apologies. > > Beyond the commit messages, none of us owes anyone any sort of explanation, > no matter how much it is begged for. > > What bothers me greatly is the begging pattern of introducing fake > theories, and a year or so later those fake theories are used as part of > the evidence chain in a new discussion, and another few years later even > more fake discussion is used to create new fake discussion, and > eventually everyone believes parts of it. > > How about if you don't know, stop making up guesses. > > >
Re: Bluetooth support status
Bryan Wright wrote: > > On Aug 7, 2019, at 10:06, Theo de Raadt wrote: > > > > Bryan Wright wrote: > > > >> Are there technical/philosophical problems that make all versions of > >> Bluetooth incompatible with the project, or is it a just matter of > >> removing what is not being maintained? > > > > I'm sure a bunch of you can come up with theories about what actually > > transpired, without reading any of the code that used to be here, or > > the commit messages. > > > > Basically, feel free to keep making up stuff. > > > > I’m sorry, Theo. I’ve read some, but I’m sure I haven’t read all the > history. I didn’t mean anything by my question, but perhaps I should have > done more reading before asking. Apologies. Beyond the commit messages, none of us owes anyone any sort of explanation, no matter how much it is begged for. What bothers me greatly is the begging pattern of introducing fake theories, and a year or so later those fake theories are used as part of the evidence chain in a new discussion, and another few years later even more fake discussion is used to create new fake discussion, and eventually everyone believes parts of it. How about if you don't know, stop making up guesses.
Re: Bluetooth support status
Wow, look -- more useless chatter on the topic. The bt stack we had was designed as "network code", and all sorts of complex layer violations and device hand-offs were very complicated and troublesome. The code was not deleted because bluetooth is shit. The code was deleted *because it was shitty and unsuited to the purpose* And then noone stepped up to write new code. THAT IS THE WHOLE STORY. People on misc often want some complicated conspiracy, and fails to understand it is ALWAYS that "someone has to write the code and maintain it", and if such a person doesn't exist then either (a) the code doesn't exist, or (b) the code sucks and people complain about it until (c) we delete it and then (d) people on misc try to invent fake history. Since no such person existed, (a) led to (c) and here we are at (d). I wish everyone would stop making uneducated guesses and trying to rewrite history that isn't STUDIED and understand. In particular what bothers me is the LACK OF STUDY, but this is misc, STUDYING stuff is clearly too hard, and making uneducated guesses is the norm. John Brahy wrote: > Right, without reading the code and only reading this commit message it's all > conjecture. > I was just hoping to hear something more if someone was inclined to share. > inclined. The commit message seems like some sort of inside joke. > > Log message: > "It's not the years, honey; it's the mileage." > > bluetooth support doesn't work and isn't going anywhere. the current > design is a dead end, and should not be the basis for any future support. > general consensus says to whack it so as to not mislead the unwary. > > On Wed, Aug 7, 2019 at 10:06 AM Theo de Raadt wrote: > > Bryan Wright wrote: > > > Are there technical/philosophical problems that make all versions of > > Bluetooth incompatible with the project, or is it a just matter of > > removing what is not being maintained? > > I'm sure a bunch of you can come up with theories about what actually > transpired, without reading any of the code that used to be here, or > the commit messages. > > Basically, feel free to keep making up stuff. >
Re: Bluetooth support status
> On Aug 7, 2019, at 10:06, Theo de Raadt wrote: > > Bryan Wright wrote: > >> Are there technical/philosophical problems that make all versions of >> Bluetooth incompatible with the project, or is it a just matter of >> removing what is not being maintained? > > I'm sure a bunch of you can come up with theories about what actually > transpired, without reading any of the code that used to be here, or > the commit messages. > > Basically, feel free to keep making up stuff. > I’m sorry, Theo. I’ve read some, but I’m sure I haven’t read all the history. I didn’t mean anything by my question, but perhaps I should have done more reading before asking. Apologies.
Re: Bluetooth support status
Right, without reading the code and only reading this commit message it's all conjecture. I was just hoping to hear something more if someone was inclined to share. inclined. The commit message seems like some sort of inside joke. Log message: "It's not the years, honey; it's the mileage." bluetooth support doesn't work and isn't going anywhere. the current design is a dead end, and should not be the basis for any future support. general consensus says to whack it so as to not mislead the unwary. On Wed, Aug 7, 2019 at 10:06 AM Theo de Raadt wrote: > Bryan Wright wrote: > > > Are there technical/philosophical problems that make all versions of > > Bluetooth incompatible with the project, or is it a just matter of > > removing what is not being maintained? > > I'm sure a bunch of you can come up with theories about what actually > transpired, without reading any of the code that used to be here, or > the commit messages. > > Basically, feel free to keep making up stuff. > >
Re: Bluetooth support status
Bryan Wright wrote: > Are there technical/philosophical problems that make all versions of > Bluetooth incompatible with the project, or is it a just matter of > removing what is not being maintained? I'm sure a bunch of you can come up with theories about what actually transpired, without reading any of the code that used to be here, or the commit messages. Basically, feel free to keep making up stuff.
Re: Bluetooth support status
Are there technical/philosophical problems that make all versions of Bluetooth incompatible with the project, or is it a just matter of removing what is not being maintained?
Re: Bluetooth support status
ok, thanks. Bluetooth is overcomplicated and if it's not managed properly it just opens up the attack surface for no reason. It definitely makes some things easy but there are always workarounds. On Tue, Aug 6, 2019 at 11:52 PM Consus wrote: > On 17:12 Tue 06 Aug, John Brahy wrote: > > Hello, > > > > Just curious if there was any change in OpenBSD supporting bluetooth. > > Sadly, there is none. >
Re: Bluetooth support status
On 17:12 Tue 06 Aug, John Brahy wrote: > Hello, > > Just curious if there was any change in OpenBSD supporting bluetooth. Sadly, there is none.
Bluetooth support status
Hello, Just curious if there was any change in OpenBSD supporting bluetooth. In this commit from tedu@ it's saying that support was ripped out of the kernel because it never really worked. https://marc.info/?l=openbsd-cvs=140511572108715=2 man -k blue brings up nothing appros. Thanks, JB
