📅 Original date posted:2015-02-05
📝 Original message:On Thu, Feb 5, 2015 at 2:10 PM, Eric Voskuil <eric at voskuil.org> wrote:
> A MITM can receive the initial broadcast and then spoof it by jamming the
> original. You then only see one.
You are right, of course. There is no way to make Bluetooth 100%
secure, since it is an over-the-air technology. You could try securing
it using a CA or other identity server, but now you've excluded ad-hoc
person-to-person payments. Plus, you need an active internet
connection to reach the CA.
You can try using proximity as a substitute for identity, like
requiring NFC to kick-start the connection, but at that point you
might as well use QR codes.
This BIP is not trying to provide absolute bullet-proof security,
since that's impossible given the physical limitations of the
Bluetooth technology. Instead, it's trying to provide the
best-possible security given those constraints. In exchange for this,
we get greatly enhanced usability in common scenarios.
There are plenty of usable, real-world technologies with big security
holes. Anybody with lock-picking experience will tell you this, but
nobody is welding their front door shut. The ability to go in and out
is worth the security risk.
Bluetooth payments add a whole new dimension to real-world Bitcoin
usability. Do we shut that down because it can't be made perfect, or
do we do the best we can and move forward?
-William
William Swanson [ARCHIVE] /
npub159…jtxgs
2023-06-07 15:29:44
in reply to nevent1q…z002
Author Public Key
npub159u2fkxuq00hvmtypwllna99xh0vk9k9jkk5w89taev70au0gwwsmjtxgsPublished at
2023-06-07 15:29:44Event JSON
{
"id": "17eaa3435f0dac61d0a20b7adadf61531014297b15b0732250572e6b1d2bae0e",
"pubkey": "a178a4d8dc03df766d640bbff9f4a535decb16c595ad471cabee59e7f78f439d",
"created_at": 1686151784,
"kind": 1,
"tags": [
[
"e",
"5faa01afc6e1169d2a086249776b02fde5bfa851fa5197990b9cbcbf92c53f4a",
"",
"root"
],
[
"e",
"971793dd0f63fde9b515ac7779bd7099d718d6e1171536b64088609408c26b04",
"",
"reply"
],
[
"p",
"8e86fc16ba0a39c10614cf22b657d2bd0244999b590ae5f82344a361ed4121f2"
]
],
"content": "📅 Original date posted:2015-02-05\n📝 Original message:On Thu, Feb 5, 2015 at 2:10 PM, Eric Voskuil \u003ceric at voskuil.org\u003e wrote:\n\u003e A MITM can receive the initial broadcast and then spoof it by jamming the\n\u003e original. You then only see one.\n\nYou are right, of course. There is no way to make Bluetooth 100%\nsecure, since it is an over-the-air technology. You could try securing\nit using a CA or other identity server, but now you've excluded ad-hoc\nperson-to-person payments. Plus, you need an active internet\nconnection to reach the CA.\n\nYou can try using proximity as a substitute for identity, like\nrequiring NFC to kick-start the connection, but at that point you\nmight as well use QR codes.\n\nThis BIP is not trying to provide absolute bullet-proof security,\nsince that's impossible given the physical limitations of the\nBluetooth technology. Instead, it's trying to provide the\nbest-possible security given those constraints. In exchange for this,\nwe get greatly enhanced usability in common scenarios.\n\nThere are plenty of usable, real-world technologies with big security\nholes. Anybody with lock-picking experience will tell you this, but\nnobody is welding their front door shut. The ability to go in and out\nis worth the security risk.\n\nBluetooth payments add a whole new dimension to real-world Bitcoin\nusability. Do we shut that down because it can't be made perfect, or\ndo we do the best we can and move forward?\n\n-William",
"sig": "b676d8aafcdec58f2487fd558dadf02587867c15ec91df30785e899e79f751f316f5e80d83e176b4a72a06d7b4ffc550b1cb350abbb75017db35e04a7f53d70c"
}