Please create an account to participate in the Slashdot moderation system


Forgot your password?
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×

Submission + - Sniff and decrypt BLE with Ubertooth->

mpeg4codec writes: Hot on the heels of Omri Iluz's BLE-sniffer-on-the-cheap, I decided to write up the BLE (Bluetooth Smart) sniffer I built on Ubertooth. My sniffer is highly robust, can capture data from connections, and is 100% open source.

I also discovered a major flaw in BLE's crypto that allows an attacker to crack its encryption key and decrypt data, 100% passively. I wrote a tool called crackle that will automatically decrypt encrypted BLE data captured by Ubertooth.

Link to Original Source

Comment Re:RTFA, everyone... (Score 1) 46

I built a BLE sniffer on Ubertooth which does capture traffic on BLE data channels. Also I wrote a tool that can crack the pairing protocol and decrypt the data.

It is more expensive than the sniffer in the article ($120) but very robust. I achieve the requisite frequency agility by handling timing in real-time on the microcontroller on the dongle.

Comment Re:What security does Bluetooth have? (Score 4, Informative) 46

Hi, I'm a Bluetooth Security researcher. My primary focus is on BLE for which I built a highly robust sniffer on the Ubertooth platform. I have experience in other aspects of Bluetooth.

TL;DR: Classic Bluetooth is very secure, BLE is secure under some circumstances. Even if you leave your Bluetooth on in discoverable mode, there isn't much an attacker can do to harm you barring bugs in your Bluetooth stack.

Bluetooth is a well-designed protocol stack that takes security seriously in its design. Implementation quality (and bugs therein) varies from stack to stack. It's always a good idea to disable Bluetooth if you aren't using it, as is the case with any other remotely accessible feature.

Classic Bluetooth has used Secure Simple Pairing (SSP) since 2.1 in 2007. This pairing mechanism is based on ECDH to provide perfect forward secrecy and is highly secure. There was one weakness discovered in the numeric entry pin mode in 2008 by Andrew Lindell. This mode is not commonly used in older devices and more recent devices do not implement it. It's effectively impossible for an attacker to sniff any data sent over Bluetooth with SSP.

BLE has major weaknesses in its pairing protocol that I spoke about at BlackHat USA 2013 and other venues. For the most recent video see my presentation at USENIX WOOT 13.

In BLE, a passive eavesdropper who is present during pairing can recover the secret key used to encrypt all communications. This effectively makes the security worthless. However, if the attacker is not present during pairing then the encryption is very effective. It uses AES-CCM and doesn't have any major flaws in the design. AES-CCM is used in WPA2-AES; it's well-established and has no major shortcomings.

Finally, some Bluetooth stack implementations have bugs. I've found remote bugs in one major vendor's stack.


More Brains Needed 232

Hugh Pickens writes "BBC reports that more people need to donate their brains to medical research if cures for diseases like dementia are to be found and are urging healthy people as well as those with brain disorders to become donors. 'For autism, we only have maybe 15 or 20 brains that have been donated that we can do our research on. That is drastically awful,' said Dr Payam Rezaie of the Neuropathology Research Laboratory at the Open University. 'We would need at least 100 cases to get meaningful data. A lot of research is being hindered by this restriction.' Part of the problem, according to Professor Margaret Esiri at the University of Oxford, may be that people are reluctant to donate their brains because they see the organ as the basis of their identity. 'It used to be other parts of the body that we thought were important,' says Esin. 'But now people realize that their brain is the crucial thing that gives them their mind and their self.' Dr Kieran Breen, of the Parkinson's Disease Society, said over 90% of the brains in their bank at Imperial College London were from patients, with the remaining 10% of 'healthy' brains donated by friends or relatives of patients. 'Some people are under the impression that if they sign up for a donor card that will include donating their brain for research. But it won't,' says Breen. 'Donor cards are about donating organs for transplant, not for medical science.'"

Overzealous AirTran Boots 9 Passengers Off 1002

An anonymous readerwrites "On Friday the wonderfully customer centric AirTran decided to remove a family of 9 US born Muslims after a comment between two family members regarding how close to the Jet engine they had been seated. The wonderful part is that after the FBI cleared the family 2 hours later, AirTran refused to fly the family, and refused to rebook them on their way from Washington to Orlando, Florida. The family purchased additional tickets on US Airways later that day, after AirTran requested that the irate father be escorted from their booking podiums by security. This whole story highlights the pathetic customer service we are getting from the Airlines these days — they actually treat us like criminals first and ask questions later. Just don't get me started on Delta." It's nice to see that stupidity still knows no bounds.

Alien Comet May Have Infiltrated the Solar System 208

New Scientist has a piece about Comet Machholz 1, whose uncommon molecular composition suggests, but does not prove, that it may be an interloper from another star system. "Comet Machholz 1 isn't like other comets. David Schleicher of the Lowell Observatory in Flagstaff, Arizona, measured the chemical makeup of 150 comets, and found that they all had similar levels of the chemical cyanogen (CN) except for Machholz 1, which has less than 1.5% of the normal level. Along with some other comets, it is also low on the molecules carbon-2 and carbon-3."

Comment Re:Someone sent us up the brain! (Score 3, Informative) 204

The taxes may be higher in Canada, and it is true that healthcare and education costs are lower. However, as an American who goes to university (McGill) in Canada, I can tell you that its far from being a socialist paradise.

You say that infrastructure is crumbling in California, and I think you are probably right (I've only been to California a couple of times). But on the other hand, it is too in Quebec, which has had a spate of lethal collapses in the last couple of years (this being the most recent). Last year a bridge collapsed and killed a person on a busy highway, and the same thing happened several years before that. This spring, a major elevated concrete highway interchange in Montreal (the Turcot Interchange) was closed after the authorities discovered a 1m (!!) deep pothole IN THE BRIDGE. Canadians like to blame the weather, but having grown up in New England, where we get all the same weather, I can assure you that our bridges are not collapsing.

Sure the healthcare is free, and everyone has access, but I'll tell you, having to wait 4 hours to see a doctor (as I have done many times) really sucks.

The public high schools are sufficient, but are not by any means greatly superior to americans. 50% dropout rates are commonplace in many places and years of price freezes on tuition has greatly hindered the ability of universities to fund their students (everything from research to maintenance of buildings has been cut for the last 5 years at my university). Many of the cuts would be unheard of at an American university. My first year undergrad chemistry class was 1500 students.

To be fair, Canada does a lot of things better than the United States. And we do things better than Canada, although I think we could both learn from each other, and I don't mean to repudiate social democracy or universal healthcare. These are certainly things we could use in the US. But to say that Californians are "royally screwed" is uninformed - Canadians are plenty screwed in other ways (that you take for granted in the states).

Bay Area To Install Electric Vehicle Grid 388

Mike writes "Recently San Francisco, San Jose, and Oakland unveiled a massive concerted effort to become the electric vehicle capitol of the United States. The Bay Area will be partnering with Better Place to create an essential electric vehicle infrastructure, marking a huge step towards the acceptance of electric vehicles as a viable alternative to those that run on fossil fuels." has some conceptual illustrations and a map showing EV infrastructure, such as battery exchange stations, stretching from Sacramento to San Diego — though this is far more extensive than the Bay Area program actually announced, which alone is estimated to cost $1 billion.

Artist Wants to Replace Lost Eyeball With Webcam 156

A one-eyed San Francisco artist, Tanya Vlach, wants to replace her missing eye with a Web cam. There has even been talk of her shooting a reality TV show using the video eye. "There have been all sorts of cyborgs in science fiction for a long time, and I'm sort of a sci-fi geek, with the advancement of technology, I thought, 'Why not?'" said Vlach. I'm a bit perplexed that the obvious things you'd want in a cyborg eye: range finder, infrared/lowlight vision, and a hypno-ray are not discussed in the article.
The Internet

Only 4.13% of the Web Is Standards-Compliant 406

Death Metal writes "Browser maker Opera has published the early results of an ongoing study that aims to provide insight into the structure of Internet content. To conduct this research project, Opera created the Metadata Analysis and Mining Application (MAMA), a tool that crawls the web and indexes the markup and scripting data from approximately 3.5 million pages."
The Almighty Buck

Facebook Finds Grass Greener In Ireland 287

theodp writes "Facebook announced it has chosen tax-haven Dublin for its international HQ, but not all are buying COO Sheryl Sandberg's line about local world-class talent being the motivation behind the move. The Irish Times recently reported that Irish subsidiaries owned by US multinationals are opting to convert to unlimited liability status, concealing the financial performance of their Irish operations from public view. They include Microsoft's incredibly profitable Irish subsidiaries Round Island One and Flat Island Company, Google Ireland Holdings, and a subsidiary of Apple Computer. The conversions have occurred as US tax authorities have increased their scrutiny of international mechanisms used by American multinationals to reduce their taxes at home."

Comment Re:No, they didn't (Score 1) 200

When Time Warner did the same thing on my connection, they actually returned the RCODE as NXDOMAIN (implying a failure) along with the A records for the advert page. Resolvers which properly/strictly adhere to the RFC would treat the lookup as a failure, which means that for spam purposes this probably wouldn't have caused an issue. My guess is that web browsers aren't quite as concerned with a strict interpretation of the standards, since they want the users to get to the web site they're looking for under even the strangest of circumstances.

In either case, it's still a shady move by the ISP. At least they provide opt-out, which I guess is better than nothing.

"You know, we've won awards for this crap." -- David Letterman