I am concerned with the MAC spoofing on a Bluetooth LE Device.
Is it possible during only the bonding or would be possible in any step of the connection (pairing, bonding, scan, data exchange, etc...)
Yes, it is achievable.
Mike Ryan from iSEC Partners used specific hardware to achieve injection, in his article Bluetooth: with low energy comes low security
From Ubertooth we send undirected advertising messages broadcasting
the existence of a device with a user-specified MAC address.
And here is the presentation at Usenix WOOT'13 conference.
Related
There are many Bluetooth profiles specified, but no clear information as to which underlying protocol they use, i.e. Bluetooth Classic or Bluetooth Low Energy (BLE).
https://www.bluetooth.com/specifications/specs/
https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles
Are profiles specific to either Bluetooth Classic or BLE or compatible with both?
Is there a list of compatibility?
Many thanks
I am new to Bluetooth technology and I came across this term "Bluetooth Smart Ready". I understand that this term means that both SPP and low energy are supported. But Can anyone help me understand what is it exactly.
Does Smart Ready refer to a Bluetooth profile like for example SPP or it is some capability of a device?
Thanks in advance.
Bluetooth Smart and Bluetooth Smart Ready were new branding designations promoted by the Bluetooth SIG for Bluetooth 4.0. That lead to 3 different designations for devices:
Bluetooth devices - Pre-4.0 devices.
Bluetooth Smart devices - Basically Bluetooth low energy devices such as peripherals (think heart monitors, fitness equipment, etc.).
Bluetooth Smart Ready devices - Basically devices that could support both Bluetooth low energy and Bluetooth BR/EDR (Classic Bluetooth).
According to the Bluetooth SIG brand usage guide published May 2016, that terminology has been deprecated.
You almost answered your own question here:
I understand that this term means that both SPP and low energy are supported.
In what case would you need a device to support both? A Computer, or mother device which would possibly talk with other devices that may be based on Bluetooth 4.0, such accessories as speakers, headphones, fitness accessories, and even medical tools such as heart-rate monitors and electronic thermometers, etc.
It has got nothing to do with the profile it is configured in, and its more about compatibility.
To put it in simple words, Bluetooth Smart Ready is compatible to communicate with Classic Bluetooth device, Bluetooth Smart device and and Bluetooth Smart Ready device.
On the other hand, A Classic Bluetooth device is able to communicate with other Classic Bluetooth devices and Bluetooth Smart Ready devices.
And, lastly a Bluetooth Smart device can only communicate with Bluetooth Smart and Bluetooth Smart Ready device.
What I want to ask is - Will a BLE device be able to answer calls, play music, etc... or that Bluetooth 4.0 is intended for a kind of NFC alternative?
Bluetooth Low Energy is part of the Bluetooth 4.0 specification. Bluetooth 4.0 includes Classic Bluetooth, Bluetooth Low Energy and Bluetooth High Speed.
Bluetooth Low Energy (BLE) uses a different radio protocol with fewer, wider channels and a lower transmission rate and power than Bluetooth Classic (although it uses the same frequencies) and most importantly it implements a different set of profiles.
Classic Bluetooth has profiles such as Serial Port Profile (SPP) and Handsfree Profile (HFP) while the most commonly used profile in BLE is the Generic Attribute profile (GATT). This profile allows for the transfer of small amounts of data at relatively low speeds and is not suitable high-bandwidth time-critical applications such as audio streaming.
Dual-mode Bluetooth chipsets that support Classic Bluetooth and BLE are available although often they can only operate in one mode at a time. Many BLE chipsets are BLE only, however as it reduces cost and complexity.
The short answer is that BLE can't support the classic Bluetooth functions you described.
Bluetooth 4.0 has all backwards compatibility with it's older versions.
BLE is a form of connect using low energy technology.
BLE = Bluetooth Low energy.
They are different technologies with different proposes. BLE tend to be used in heart rate monitors, bike computers, medicinal applications and etc. Whenever the power supply is limited.
BLE intent is not for headsets and similar devices. That's why you see on phone specifications Bluetooh 4.0 + BLE (or LE). Bluetooh is a technology, BLE is a 'protocol of communication'
Is it possible to use the Bluetooth Message Access Profile (MAP) with the Bluetooth Low Energy (Bluetooth Smart) technology? From a quick read of the specification, it seems that MAP is only available on the traditional BT side. That would prohibit using MAP + LE for things like smart watches. Is this the case?
Message access profile cannot be supported over Bluetooth LE. Bluetooth LE is meant for transfer of small packets while in MAP ,large packets are send across device. MAP is a OBEX based profile which depends on RFCOMM and L2CAP, RFCOMM is not available on BT LE.
Ok so the answer based on reading the Bluetooth spec for MAP 1 and others' feedback is that MAP is only supported in traditional Bluetooth, not Bluetooth LE. That's bad news for small battery powered information devices like smart watches that are otherwise perfect for MAP.
I'm looking to implement the Bluetooth protocol over a physical Wi-Fi based transport, if that makes sense.
Basically my phone has Bluetooth, and my laptop has a Wi-Fi card (802.11a/b/g).
I know that Wi-Fi operates over the range 2.412 GHz - 2.472 GHz, and that Bluetooth operates over the range 2.402 GHz - 2.480 GHz.
I couldn't help but notice the overlap here. So my questions are:
What sort of low-level APIs would I need (preferably in C, on Windows) in order to send a signal out at certain frequencies on the Wi-Fi card?
Would I be able to implement a Bluetooth stack on top of this?
So basically, can I transmit Bluetooth using my Wi-Fi card as essentially a radio transmitter?
Thanks
Implementing the Bluetooth protocol over a physical Wi-Fi based transport does make sense!
Bluetooth high speed (v3.0) defines the possibility to use alternate MAC/PHY layers, known as AMP feature. The L2CAP and higher layer protocols from Bluetooth can be transmitted over a Wi-Fi MAC/PHY layer rather than a Bluetooth MAC/PHY layer with a resulting higher throughput. Some products are on the marked supporting this - look for 'Bluetooth High Speed', AMP or Bluetooth v3.0 support.
No, you can't do this. Bluetooth devices are typically wrapped up all in one chip. Plus, they use completely different modulation techniques. No low-level anything is going to allow you to transmit anything different, unless you are flashing the device. Even then, it may not get you much closer.
Bluetooth Modulation Information:
http://www.palowireless.com/infotooth/tutorial/radio.asp and http://classes.engr.oregonstate.edu/eecs/spring2003/ece44x/groups/g9/jon_gillen/white_paper_jon.pdf
About the only thing you can share between WiFi and Bluetooth devices is the antenna. (Assuming only one device is using it at a time... don't blast 32mW into the receiver of the other radio!) The radio itself is all wrapped up into the same chip. The same is generally true for WiFi.
Bluetooth and Wifi have different phy layer protocols and thats what is coded into their chips, hence you can't use one chip to transmit packets of the other protocol.
Moreover most of the chip vendors, do not expose any RF logic.
Technically yes but there are some things to consider such as the pre existing coding on the chip and if the chip can support Bluetooth coding as well as wifi coding, I mean if you have two separate wifi chips go ahead and try but be warned I tried and nearly killed my computer because of preexisting copyright protection coding on other parts of my pc that prevented any programs on the chip from starting until I reset the chip to factory defalts.