Bluetooth is notoriously bad with security. Especially Bluetooth 4 and earlier. I’d put money on a gas station pumps Bluetooth to not be using the most up to date protocol.
Transport layer is absolutely a security vulnerability vector.
TCP is absolutely low security if not configured correctly.
I don’t know what it is you’re trying to say. I agree that this instance was probably security through obscurity failing, but to say that Bluetooth, TCP, and other transport layer protocols are not security considerations is absolutely ridiculous (see for example, heartbleed). It’s exactly the reason there are multiple versions of Bluetooth. It’s why FTP is (should be) all but deprecated and SFTP and FTPS are standard. It’s why Google doesn’t index webpages without an SSL certificate.
It does not complicate things in a way that makes things less secure than using Bluetooth 4.0 or earlier.
USB is way safer.
It’s amusing that you won’t just give up and admit that the blanket statement is 100% accurate. But you do you; just remind me not to use any services that you’re on the opsec team for.
USB is way safer lol.
Bluetooth is notoriously bad with security. Especially Bluetooth 4 and earlier. I’d put money on a gas station pumps Bluetooth to not be using the most up to date protocol.
deleted by creator
Come on now! The pumps required you to enter the secret pairing code: “12345”
You fool! It was 00000, now you’ll never have free gas!
Transport layer is absolutely a security vulnerability vector.
TCP is absolutely low security if not configured correctly.
I don’t know what it is you’re trying to say. I agree that this instance was probably security through obscurity failing, but to say that Bluetooth, TCP, and other transport layer protocols are not security considerations is absolutely ridiculous (see for example, heartbleed). It’s exactly the reason there are multiple versions of Bluetooth. It’s why FTP is (should be) all but deprecated and SFTP and FTPS are standard. It’s why Google doesn’t index webpages without an SSL certificate.
USB is way safer
deleted by creator
Okay, but your claim that my comparing Bluetooth to USB being like comparing Bluetooth to TCP is misinformed at best.
deleted by creator
You can disable a USB port and require remote SSH to enable it.
USB is way safer.
deleted by creator
It does not complicate things in a way that makes things less secure than using Bluetooth 4.0 or earlier.
USB is way safer.
It’s amusing that you won’t just give up and admit that the blanket statement is 100% accurate. But you do you; just remind me not to use any services that you’re on the opsec team for.
You can disable Bluetooth and require remote SSH to enable it… 🙄
BTW, have you heard about BadUSB?
that’s not how this works
Ah, brilliant. Another expert.
Yes, it is how it works. Cheers.
This is the kind of rigorous debate I’m here for.