Hacker News new | past | comments | ask | show | jobs | submit login

According to someone at DerbyCon (I know who, but don't have permission to say who), they made the claim that Bluetooth is always on and does not randomize the management frames. And that when phones turn off Bluetooth, they actually just turn off data comms from the BT chip TO the mobile CPU.

Their claim was that BT still responds to mgmt frames even when off, doesnt randomize MAC addresses, and some data can even be sent that will then turn on when the BT is 'turned on'.

I saw demonstrations of it. It, well, scared and awed me.




Is this person planning on releasing their findings soon?


I believe they already have on GH. But I'm unable to find it. It was loud in the lobby when they said what repo it was.

I'll message them via Twitter and ask for the repo to build their device.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: