FIDO is blocked in web-bluetooth due to system-wide pairing poses security risks [source], which I can understand but not entirely sure why the extend to block it. A good ble token design can possible overcome the issue (button on token...etc).
But when it comes to usb token why is it not consider as a same level of risk too [source] and block the access, isn't usb system-wide pairing too?
Both Specifications block FIDO devices:
Web Bluetooth Blocklist
WebUSB Blocklist
Related Chromium implementation details:
Bluetooth Blocklist
USB Blocklist
USB Class Restrictions
Related
When connection to a custom BLE device from an app (android and ios) I have two options
a) first pair the device on the phone (like a headset or other devices) and then use it from the app to read and write data
b) without pairing on the phone, go inside the app, search for a device with a specific name or address, and just connect to it and read and write data.
when is one preferred over the other one ?
Its just when it needs to interact in the background or am I missing something?
The devices you see in your phones Bluetooth settings are Bluetooth Classic devices. There are some devices using both BLE and Bluetooth Classic which show up in the settings too, but the settings page is only for the Bluetooth Classic part of the device. Headphones for example are streaming music trough the Bluetooth Classic profile A2DP but might offer BLE services for additional features.
You always have to use a special app to communicate with the BLE part of a device. This could be an app provided by a manufacturer or a generic BLE scanner app such as nRF Connect.
As alexander.cpp already told you in his answer pairing (the exchange of keys) and bonding (saving of said keys) is not required for the communication with BLE devices and only needed if the device requires a secured connection.
Bonding (technically correct term for BLE, often called Pairing in non-technical speech) is mostly for security, we can send sensitive information because the receiver is verified and data is transferred in encrypted form.
Prefer to use bonding if the data is sensitive (means users feel uncomfortable if somebody they don't know receive their data). For example, I consider "current temperature = 25" as NOT sensitive. For detailed explanation, find "Bonding with a BLE device" in BLE guide by PunchThrough.
Also this is a good answer to a similar question: https://stackoverflow.com/a/42916081/10380092.
Your second question about background - no, bonding is not related to interaction in background.
My question is very basic.I need to know where does all Bluetooth profile such HID, HFP or HSP loaded in Bluetooth stack? Is it in Host layer or in Bluetooth Hardware Chipset such as USB dongle/module or in both Host and Chipset Side?
According to my understanding, we can implement Bluetooth profiles on Host side using packages like BlueZ but at same time Bluetooth chipset which is connected to Host should need some sort of firmware and logic(like CSVD, A-law ) inside its chipset.
A quote found in BlueZ Android package doc: "Wideband Speech support in HFP it is required that BT chip assumes mSBC codec". This means Host layer can implement that Profile only if BT chipset provides the low-level support like mSBC.
My Answer is like this: " We can build any Bluetooth Profile say 'X' on Host layer if BT chipset is equipped with underlining Low-level firmware which support the Profile 'X'".Please agree or disagree with my understanding.
PFA diagram of my understanding
Position of profile and its low-level firmware
I need to select a USB Bluetooth dongle compatible to Raspberry Pi and customize the HID and HFP using BlueZ.
Advance Thanks to all Bright minds!
There are multiple ways how Bluetooth functionality is implemented in a system based on how much is implemented in the controller and host.
Everything in the controller - App, Upper stack, may or may not HCI(lower and upper stacks communicate through HCI commands and events), Lower stack. Example: Most of Bluetooth Mouse, Keyboard etc, where a single controller is responsible for everything (Bluetooth, RTOS/scheduler, Controlling LED's in the device, etc)
App in Host and lower and upper part of stack in controller. May or may not implement HCI in controller.
Example: Where we use a dedicated Bluetooth chip and integrate it with the Device. Here device will transmit application data to the Dedicated Bluetooth chip. All the Bluetooth protocol related things will be done from BT controller/chip. If you are using an HC-05 module with Arduino module, Arduino will transfer the serial data to the HC-05 module.
App and upper stack in host and lower stack in the controller. Bluez, Bluedroid and all other stacks in Operating systems are of this type. This will communicate with the controller with HCI commands and events.
Example: Mobile phones, Computers, TV with Bluetooth etc (Devices having a powerful Application processor)
So lets assume you are asking about the 3rd type. In this case your assumption is correct. Here all profiles are implemented in the host only. But protocols/codec needed to support them will be implemented in the controller(either firmware or hardware block). For example GAP(For BR-EDR) is implemented in the host but encryption and decryption algorithms are implemented in the controller as Firmware or hardware blocks. For A2DP profiles audio codec/decoders will be implemented in the controller. BT chip then transfers this audio data to host with I2S or other protocols. For BLE Security manager profile, encryption/decryption algorithm is implemented in the host itself, But whitelist, auto connection etc, will be implemented in the controller.
My Answer is like this: " We can build any Bluetooth Profile say 'X' on Host layer if BT chipset is equipped with underlining Low-level firmware which supports the Profile 'X'".Please agree or disagree with my understanding.
For BlueZ use case this is correct. You need to use the controller with the required hardware capabilities(Firmware + hardware resources).
For the scenarios 1 and 2 the profiles and supporting protocols will be implemented in the controller.
I got an issue with reconnection to my BLE device.
Senario that works
- BLE Device is not paired
- Pi boots and start my App, find's the BLE device, pair and connect, receiving data
- Boot Pi and start my App, it will not pair as its already paired, it connects fine and receiving data.
Senario that does not work
- BLE Device is not pair or pair, does not matter
- If my BLE device disconnect due to power loss or out of range and gets powered up or back in range the Pi will reconnect and throw:
'System.Exception' in mscorlib.ni.dll
There is no user session key for the specified logon session. (Exception from HRESULT: 0x80070572)
If I try to reboot the Pi, the same message is thrown when I try to execute: await _readCharacteristic.WriteClientCharacteristicConfigurationDescriptorAsync(GattClientCharacteristicConfigurationDescriptorValue.Notify);
The only thing that works is if I unpair the device every time it disconnect.
This is the same issue that this guy has: https://social.msdn.microsoft.com/Forums/sqlserver/en-US/b98d77f2-bf5e-45fc-9495-1c444b54450e/uwpreconnecting-to-a-ble-csac-device-causes-exception?forum=wpdevelop
Maybe there is anyone here that has seen the same issue and solved it ?
Thanks
The reason for this particular error you are receiving is almost certainly that the BLE device itself is not storing the bonding information that is negotiated during the pairing process. For an existing BLE pairing to be re-used, the device must retain the bonding with its partner for future communication sessions.
Developers can sometimes work around this device shortcoming in their (non-Windows) PC or phone application by having the PC or Mobile app delete any previous pairings with the device already retained, and negotiate a new pairing each time it sees the Bluetooth device. This is possible because many Bluetooth devices have a static PIN, require no interaction for pairing, and remain in open pairing mode. So the app creates a new device pairing upon each communication. The Mac BLE API requires no user interaction for pairing and un-pairing as well.
But this solution is unworkable under Windows BLE API, because unlike regular Bluetooth, the Bluetooth Low Energy API requires user interaction during both the pairing, and un-pairing "ceremonies". The user must agree to every pairing, and must agree to every un-pairing. This makes this workaround solution a non-starter from a UX standpoint on Windows. My guess is the BLE device manufacturer isn't storing the bonding.
We ran into such a situation ourselves developing our own BLE driver to speak with our own BLE board; we had to re-do the firmware running our BLE device because while it would work under Mac OS and Android with the method described above, the BLE API available on the Microsoft UWP requires user interaction during the pairing ceremony. This seems the right way to do things, anyway.
I have Quectel M66 modem which is bluetooth enabled. I need some hints about how can I provide internet to my embedded device (which has M66 as a peripheral) using Android or iOS, or other device which supports bluetooth tethering.
I believe Android has that feature by default. Take a look at this link:
https://www.androidpit.com/share-wifi-over-bluetooth
I believe you can just approach the tethering device as a wifi acces point following the above guide.
This link sheds some light on choosing what tethering approach is appropriate:
http://m.pocketnow.com/2014/03/21/tethering-methods
My initial thought was "why would you want to tether through Bluetooth?" but looking at the power consumption, it might be a good choice for an embedded system, or if Wi-Fi is not available on the board.
Can a WindowsCE device connect so more than one BlueTooth device? The device needs to both serve as a BlueTooth hands-free speaker for a phone and connect to a third device via a serial BlueTooth connection.
Can an application do this without the need of a speciel driver?
You must understand that Windows CE is a modular OS and any specific platform capabilities are implemented by an OEM. An OEM can create a Windows CE device with absolutely no Bluetooth support or they might choose to implement just a Bluetooth client profile (say as a bluetooth audio device) or they may choose to implement a Bluetooth server so they can consume a Bluetooth serial device. They may also choose to implement both. Beyond what the OEM does in software, the hardware itself might allow only one or the other (or both or neither for that matter).
The short of this is that we can't actually answer your question becasue there is no generic answer that fits all devices. You have to ask the Device OEM what they support and if they can extend that support if they don't support what you need.