Bluetooth Gains Direct Internet Access, Security Enhancements 47
jfruh writes: The Bluetooth spec never quite became the worldbeater it was billed as, but it's aiming to become indispensible to the Internet of Things. Updates to the spec make it possible for low-powered Bluetooth devices to gain direct access to the Internet, and, perhaps more importantly, make those devices a lot harder to hack.
Re: (Score:1)
I don't get it (Score:1)
> The Bluetooth spec never quite became the worldbeater it was billed as, but it's aiming to become indispensible to the Internet of Things. Updates to the spec >make it possible for low-powered Bluetooth devices to gain direct access to the Internet, and, perhaps more importantly, make those devices a lot harder to hack.
How does being connected to the internet make a device harder to hack? It seems to me the more connected a device is the EASIER it is to hack.
Re: (Score:2, Informative)
Reading comprehension.
They have made updates to the spec. Those updates make devices following that spec harder to hack and allow internet access.
Re: (Score:2)
Reading comprehension.
They have made updates to the spec. Those updates make devices following that spec harder to hack and allow internet access.
Except that nothing is "harder to hack" than a device with no network connectivity; something that gets forgotten in the Internet of Things hype. Your toaster really doesn't need to be online, no matter how good the spec is.
Re: (Score:1)
My toaster does not need to be online. But neither does your phone, or even your home or office for that matter. If we're going to limit ourselves to "need" as the basis for which technology we build you're gonna have to give up a lot of things.
No one is going to make you put your toaster online if you don't want to. But just because you can't think of anything to do with that technology doesn't mean that no one else can, and whining that other people want to try is just sad and selfish.
Re: (Score:2)
Re: (Score:2)
My computer is online, similar with my Wi-Fi network...
But, my Internet connected devices are behind a solid firewall that puts the kibosh on unauthorized connections in, and out (for example, nothing, and I mean -nothing- needs to ever send traffic to the Internet on port 25 from my LAN. Receiving, perhaps a different story if I went with a dynamic DNS approach, but outgoing E-mail gets relayed to a proper SMTP server via port 465 and SSL/TLS in place no matter what.)
What needs to be a part of IoT is a LA
Re: (Score:2)
Except that nothing is "harder to hack" than a device with no network connectivity; something that gets forgotten in the Internet of Things hype. Your toaster really doesn't need to be online, no matter how good the spec is.
Not the point, GP is right. They've made enhancements to Bluetooth that a) give it internet addresses AND b)new security features. The statement in the story suggests that b) more than compensates for a).
Yeah, the toaster or coffee maker doesn't need to be online. But it is useful if the home security system is online. Say I'm at work and my kid is locked out of the house, I can, sitting at my desk, send a command from my phone to open the garage door and let him in, without having to leave my offic
Contradiction (Score:1)
I've literally never seen the words "gains direct internet access" and "security enhancements" in the same sentence before and I hope never to do so again. A quick look at the links does indeed show that these two things are promised by the new standard, but I'm not a programmer or a security expert, I couldn't hope to penetrate the 2700 page official document.There's no requirement for manufacturers to jump to the new specification either (check the FAQ document) so if the security stuff is the slightest b
Re: (Score:2)
In the above case, the Bluetooth enabled phone connects to the PC using Bluetooth, and the PC then connects to the internet using WiFi/ethernet. Turn off the PC, but leave the router on, but the phone will still lose its internet connectivity (unless its WiFi is invoked)
The new version of the specification would allow a Bluetooth enabled toy which can benefit from the internet to actually use the internet.
Version# != Feature list (Score:2)
The version number of a standard should not be conflated with the number of features that the standard offers. USB 1 offered just low speed and full speed options, USB 2 added high speed options and USB 3 has added super speed options.
Now, that doesn't imply that a USB 2 keyboard works at 480Mbps. An USB 2 keyboard is still a low speed USB peripheral, but it supports version 2 of the standard - the features that are not tied to high speed. Same would go for a USB 3 mouse - it would still be a low spee
"Internet of things"? (Score:1)
BINGO!
Hack or Crack? (Score:3)
Harder to hack or harder to crack? It would be nice if we could use hack to mean hack at least here "News for nerds".
Re: (Score:2)
Re: (Score:2)
No, Bluetooth devices needed to connect to something else that had internet connection. There was no way Bluetooth could get IPv4 addresses, since those are already limited. But with the adaption of IPv6 addresses, Bluetooth devices now have native internet addressing, as opposed to having to have a separate addressing scheme of their own.
If Bluetooth is supposed to be a player in the 'Internet of things', it only makes sense that it adapts the addressing standard capable of addressing everything.
How ? It doesn't have 3G / WiFi. Needs a router... (Score:4, Interesting)
How exactly does it connect "directly to the internet" ? It doesn't have 3G/WiFi capability.
All I can see is that a BT 4.2 device can connect to an 'internet connected' router / phone which also supports this BT 4.2 profile (similar to PAN in BT3 with which we could do an internet tether or file share etc).
How is this "directly connected to the internet" when it is using a router to access the net. And all BT4 devices connected to smartphones are anyway getting data to/fro from the internet - like uploading your running data to a website etc.
Anyone with a better understanding care to explain ?
Re:How ? It doesn't have 3G / WiFi. Needs a router (Score:5, Informative)
DRTFA and BRTFS but I can give you an few lil tidbits about this:
1) Everything connected to the internet is connected to a router somewhere along the line... that's not interesting.
2) There are a lot of ways to connect to the internet that have absolutely nothing to do with WiFi or 3G.
3) Right now a Bluetooth device can connect to another device. That device may provide a variety of services for said Bluetooth device including providing network connectivity BUT that device isn't really connected to the Internet itself. The new spec provides this device to be connected "more directly" to the net as in it will have its own IP address. The router that it is connecting to supporting the BT4.2 protocol is really no different from the WiFi access point your WiFi equipped device is talking to. Just need to add to the alphabet soup: a,b,g,n,bt
Re:How ? It doesn't have 3G / WiFi. Needs a router (Score:5, Informative)
How is this "directly connected to the internet" when it is using a router to access the net.
By that definition, NOTHING connects directly to the internet.
Anyone with a better understanding care to explain ?
The proper definition of a host running an internet-facing application being "directly connecting to the internet" is using IP for the first hop, with the packets having a route from there to and from the rest of the Connected (capital-I) Internet.
Bluetooth 4.2 added support for IPv6 to/from bluetooth devices. This means IP packets formed on, or directed to, the Bluetooth 4.2 hosts, for delivery to/from other Internet-connected devices, do not require a protocol-translation gateway to select and translate some subset of the packet types, services, and features, modifying the transport semantics to support some tiny subset of functionality that the gateway explicitly understands. An IP packet formed on the bluetooth device goes all the way to its destination semantically unmodified, and ditto packets going from some other device to the bluetooth device. The full feature set of IP (or as much of it as the stack implementer choses to support) is available, while the routers can be "as dumb as rocks" and totally ignorant of what the application on the Bluetooth device is up to, in classic Internet style.
A Bluetooth 4.2 device, using IPv6 and with a route, IS on the Internet, and is a peer to all other internet-connected hosts.
Re: (Score:2)
How is this "directly connected to the internet" when it is using a router to access the net.
By that definition, NOTHING connects directly to the internet.
I feel like there is a Zen koan here:
The student asked the master, "How will I know when my computer has connected to the internet?" The master replied, "Only when it is connected to nothing will you know".
Re: (Score:2)
The main reason for this is that the maximum packet size in Bluetooth Smart is quite small (around 256 bytes in the original sp
Re: (Score:2)
I can't see how this will improve security... (Score:1)
From the Bluetooth 4.2 FAQ:
Are there any mandatory features that need to be implemented to claim compliance to Bluetooth 4.2?
No, as was the case with Bluetooth 4.1, there are no mandatory features that must be claimed to use the
Bluetooth 4.2 specification. However, manufacturers are required to implement all errata applied to Bluetooth 4.2
in order to comply with the specification.
In order words, Chinese equipment manufacturers will implement the least amount possible to be able to communicate with Bluetooth 4.2-compatable internet gateways but implement none of the FIPS-compliant security measures.
Bluetooth 4.2? (Score:2)
You misspelled Backdoor. We know how riddled with backdoors, default/fixed passwords, vulnerabilities that never gets fixed and so on are typical consumer embedded devices. And we know how pushy are governments forcing manufacturers to include their backdoors, or to use weak encryption standards, to make them hackeable at will (even assuming good will of the main/components manufacturers, that are not all saints).
What possibly could go wrong?
Re: (Score:3)
You will be attacked by your refrigerator.
Re: (Score:3)
"What possibly could go wrong?"
You will be attacked by your refrigerator.
When you step on the iScale you have to step on to access the menu screen of your SmartFridge, it might decide you've already had enough to eat that day, and report your repeated attempts to overeat to your insurance company, and activate your Schwinn Over the Airflow exercise bike to beep every 5 seconds until you hop on and do a brisk 5 miles before allowing the SmartFridge to open again.
After it allows it to open again, you decide you want a beer to cool off with. The beer has an rfid chip in it, and u
BT is the worldbeater it was billed as! (Score:3)
"The Bluetooth spec never quite became the worldbeater it was billed as"
What are you talking about, BT is the de-facto standard for connecting wirelessly with almost any device today, ranging from audio devices to input devices to applliances, how has it not beaten any comparable specification, in fact is there even another _usable_ alternative?
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
"The Bluetooth spec never quite became the worldbeater it was billed as"
What are you talking about, BT is the de-facto standard for connecting wirelessly with almost any device today, ranging from audio devices to input devices to applliances, how has it not beaten any comparable specification, in fact is there even another _usable_ alternative?
I'm assuming O.P. is of the opinion that Bluetooth was massively over-hyped when it was first introduced to the masses (c. 2001/2002... I seem to remember seeing a ridiculous billboard promising that it would change the world, etc.). However, nobody really used it for a long time. At this point in history, USB had firmly displaced PS/2 (while slowly encroaching on other ports--audio, ethernet, etc.) and WiFi had just gotten fast with the draft g spec. BT was the new kid on the block that everybody ignored.
Re: (Score:2)
"The Bluetooth spec never quite became the worldbeater it was billed as"
What are you talking about, BT is the de-facto standard for connecting wirelessly with almost any device today, ranging from audio devices to input devices to applliances, how has it not beaten any comparable specification, in fact is there even another _usable_ alternative?
How about IRDA for remote controllers? Do they have any reason to switch to Bluetooth?
Oxymoronic... (Score:2)
Security should be #1. (Score:2)
Shouldn't it be "makes it more secure and perhaps allows connectivity to Internet"
With all the holes we've seen in everything, security should be thought of the first minute, not even wait to the middle of first day of design. The only thing I saw in that landing page is "uses more encryption" which may improve information (read: privacy) leaks, but doesn't do much for security and being hacked into. This with the Sony hack still on the first page.