Like, what kind of idiot protocol lets users negotiate a “maximum key size” that can be as small as 1 byte. (A default that, fortunately, should be higher in recent versions.)pic.twitter.com/7yFJqaMJLI
U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
Like, what kind of idiot protocol lets users negotiate a “maximum key size” that can be as small as 1 byte. (A default that, fortunately, should be higher in recent versions.)pic.twitter.com/7yFJqaMJLI
What would you possibly do with a 1-byte key? Is anyone at Bluetooth SIG even awake when these idiot decisions get made?
“Hey maybe we should call some experts and ask them if 1 byte is a good minimum size for an encryption key?” “Nah, we’ve got all the expertise we need right here. That’s 256 whole keys.”
Bluetooth is the Michael Bay movie of encryption protocols.
Classic Bluetooth encryption (non-BLE) is quite good and has no known weaknesses. Bluetooth keyboards are absolutely the most secure wireless keyboards. People look to you for security advice, and a blanket statement of “all Bluetooth is bad” is counterproductive.
I’m not at all confident this is true, when you include legacy versions that are still supported in BT stacks. For example, the quote I gave above refers to the Bluetooth handshake (from a slightly older version) not BTLE specifically.
Do you mind if I quote this entire thread in next week's lecture on Bluetooth security? 
Haha. Um. Ok.
So can I use it to transmit credit card info
.https://twitter.com/troyhunt/status/1128059344417886208 …
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.