[QUOTE=Handsome Matt;48276857]"Two of the devices could be easily paired with a different phone if stolen" - not really an issue, kind of a nice thing really for if I switch devices??
"Only half the watches had a lock function to prevent people other than the owner accessing data stored on it" - why do I want a lock feature on a watch, there's gonna be no data on it, it's literally good design to not have lock on it[/QUOTE]
Yeah but the unencrypted data is bad
It doesn't specify what is unencrypted, just that some data is unencrypted.
They probably want to save cycles on the phone and only encrypt the data that actually needs to be encrypted. Who cares if it sends battery status update, or pings unencrypted.
to explain the encryption:
the bluetooth tunnel is encrypted, but there's no E2E inside that tunnel
if you bruteforce the bluetooth PIN, you can see the communications
[QUOTE=LordCrypto;48278825]to explain the encryption:
the bluetooth tunnel is encrypted, but there's no E2E inside that tunnel
if you bruteforce the bluetooth PIN, you can see the communications[/QUOTE]
Yeah but bluetooth pins are like, really insecure. Assuming this is talking about the 4-6 digit ones. I'm not fully up to date with Bluetooth spec.
Sorry, you need to Log In to post a reply to this thread.
