From owner-freebsd-bluetooth@FreeBSD.ORG Fri Apr 4 19:20:57 2008 Return-Path: Delivered-To: freebsd-bluetooth@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 39DA0106564A for ; Fri, 4 Apr 2008 19:20:57 +0000 (UTC) (envelope-from gamato@users.sf.net) Received: from slimak.dkm.cz (smtp.dkm.cz [62.24.64.34]) by mx1.freebsd.org (Postfix) with SMTP id 8FECC8FC19 for ; Fri, 4 Apr 2008 19:20:56 +0000 (UTC) (envelope-from gamato@users.sf.net) Received: (qmail 13402 invoked by uid 0); 4 Apr 2008 19:20:55 -0000 Received: from r5j117.net.upc.cz (HELO ?192.168.11.3?) (86.49.9.117) by smtp.dkm.cz with SMTP; 4 Apr 2008 19:20:55 -0000 Message-ID: <47F67F97.9040908@users.sf.net> Date: Fri, 04 Apr 2008 21:20:55 +0200 From: mato User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.13) Gecko/20080402 SeaMonkey/1.1.9 MIME-Version: 1.0 To: Iain Hibbert References: <47DBE7A4.3060006@users.sf.net> <47EF6AA5.60403@users.sf.net> <47F13FEB.10503@users.sf.net> <1207143124.467349.1017.nullmailer@galant.ukfsn.org> In-Reply-To: <1207143124.467349.1017.nullmailer@galant.ukfsn.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-bluetooth@freebsd.org Subject: Re: BT issues X-BeenThere: freebsd-bluetooth@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Using Bluetooth in FreeBSD environments List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2008 19:20:57 -0000 Iain Hibbert wrote: > On Mon, 31 Mar 2008, mato wrote: > > >> However, Windows can manage this as it asks for PIN key when connection >> initiation fails. While I don't expect FreeBSD asking for a PIN, it might be >> quite useful if it could automatically (upon a connection establishing >> failure) throw away its stored link key and recreate it from PIN as Windows >> does. >> > > btw That would be the wrong thing to do. The stored link key is the > 'password' for the remote BDADDR to connect to your services and it is > possible on many devices to change the bluetooth device address (BDADDR) > > You don't want to make it so that a remote attacker can just cause a > 'password' reset by pretending to be an authorised device, and this is the > reason PINs should not be permanently stored.. > > iain > Well, I haven't thought of this and you've got a point. On the other hand, stored link key doesn't have to be reset. I can imagine that if the link key didn't work FreeBSD could fall back to PIN as it does in the beginning and only if PINs matched new link key would be stored. Thus attacker would need to know the PIN which is normally not likely. Also, PIN can and should be longer and even composed of alphanumerals. Well, at least this is what Windows do AFAIK -- when link key was changed they pop up dialogue asking for (new) PIN. The only problem I see now is with devices with predefined or, worse, set-in-stone PINs. :-/ Regards, Martin