Misc

Research Diary: Bluetooth. Part 2

Recently we posted first part of our Bluetooth research diary. Today, we want to continue on that topic and tell you about Bluetooth proxying and packet replay with a new tool.

This time we had a new gadget to play with: our colleague Florian Grunow shared with us a curious IoT device – Bluetooth socks… real socks that you control with an app to heat your feet. The future is here… ūüėČ Continue reading “Research Diary: Bluetooth. Part 2”

Continue reading
Misc

Research Diary: Bluetooth

As you probably know we perform research on a regular base at ERNW.

We – Olga and Rafael – started with a research project about Bluetooth. Our first goal was to gain some knowledge about the tools used by most Linux systems to communicate with Bluetooth hardware, such as BlueZ. A good help for that was the amazing Bluetooth hacking workshop we had before (check the link in our blog!)

Continue reading “Research Diary: Bluetooth”

Continue reading
Breaking

Hardware Hacking Week @ ERNW

Internal workshops are one of the reoccurring events at ERNW, that help us to gain knowledge in areas outside our usual expertise. One of the recent workshops which happened during the week from August 22nd-25th was Hardware Hacking. Held by Brian Butterly (@BadgeWizard) and Dominic Spill (@dominicgs), this workshop took place in two parts. Brian kickstarted the introductory session by guiding us through the fundamental steps of Hardware Hacking. Brian did an excellent job of making things simpler by giving a detailed explanation on the basic concepts. For a beginner in hardware hacking, the topic could be rather intimidating if not handled properly.

Continue reading “Hardware Hacking Week @ ERNW”

Continue reading
Breaking

How Safe is Smart?

Bluetooth Smart Ready LogoAbout two months ago the Bluetooth SIG renamed their latest standard, which was previously known as “Bluetooth v4.0”. When version numbers get higher and higher marketing likes to interfere and try something new. In this case: Bluetooth Smart.

Sounds smart, but is it?

Without getting into too much detail, let me quickly quote Wikipedia to get started:

¬†“Cost-reduced single-mode chips, which enable highly integrated and compact devices, feature a lightweight Link Layer providing ultra-low power idle mode operation, simple device discovery, and reliable point-to-multipoint data transfer with advanced power-save and secure encrypted connections at the lowest possible cost.”

http://en.wikipedia.org/wiki/Bluetooth#Bluetooth_v4.0 (sounds more like a marketing text than a proper technical specification, but gives you a rough idea what you as an end-user can expect ;)).

So we’re talking about the usual stuff: Lower energy consumption combined with more functionality. Great!

Ubertooth One Description
Ubertooth One - Photo from: ubertooth.sourceforge.net

Sounds smart, but is it safe?

With “Bluetooth Smart Ready” products just coming in it’s too early to tell. But one thing is for sure: 2012 will be the year where every major consumer product (smartphones, heart-rate straps or even simple¬†clocks) will be equipped with it. Oh, and guess what… a new wireless standard doesn’t just come along with a new shiny gadget. Obviously you need an app for that. How about tracking¬†your heart beat? Personally I’m looking forward for the first Bluetooth Smart Ready¬†cardiac pacemaker…

And back to security: Either you trust the Bluetooth¬†committee¬†which states “Bluetooth technology is an industry leader when it comes to wireless data security.”, OR¬†you ask somebody who would tell you the plain truth (given there is one): Michael Ossmann.

Will it blend?

We did the latter and invited Michael to talk at TROOPERS12. He is a wireless security experts who also makes hardware tools to progress with his research. In early 2011 he successfully crowd-funded his latest gadget: Ubertooth One. A very capable Bluetooth monitoring device.

We’re looking forward to mid March where we all meet to discuss things in more depth at TROOPERS12. Until then keep yourself up-to-date and have a look into Michael’s latest blog entry: Bluetooth for Bad Guys

Have a wonderful Christmas time,
Florian

PS: Drop us a comment, when you find some “Bluetooth Smart Ready” labels under your Christmas tree ūüėČ

Continue reading