Shmoocon 2013: Sniffing Bluetooth low energy

Posted on Thursday, April 11th, 2013 in RF, security, Videos by the machinegeek

In this presentation from the recent Shmoocon 2013 conference in Washington, DC, Mike Ryan from iSec Partners discusses the new generation of wireless hacking tools to intercept and inject Bluetooth Low Energy (BTLE) communications. Also known as Bluetooth Smart, BTLE was defined in the BT 4.0 spec and will be appearing in a growing number of sports sensors, medical devices, etc.

This talk covers both the Bluetooth LE protocol and the tools and techniques used to study it, as well as live demos of sniffing BTLE using Ubertooth and other hardware.

For links to slides of this and other Bluetooth related presentations visit Mike Ryan’s webpage.

This entry was posted on Thursday, April 11th, 2013 at 2:00 pm and is filed under RF, security, Videos. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

5 Responses to “Shmoocon 2013: Sniffing Bluetooth low energy”

  1. wam says:

    PC’s suck at RF?


    Uh… whoa. Apples to oranges. PC’s and mac’s suck anyway.

    For most applications (usually about as complicated as a coin acceptor on a soda machine) using a PC is like having me and a bunch of my old fart friends do porn. Just imagine the overhead in Viagra, EMT’s, defibrillators (maybe even defibrillator toasters – Google it), scene retakes, etc… instead of just getting some young, dumb, full of.. 20 yo’s.

    Having to load a crap load of OS, kernel drivers is just silly.

  2. “sniffing BTLE is hard”? Um….TI gives out for CC2540-based USB dongles and their site gives out firmware for them to sniff BTLE easily. If this is “hard” I am afraid to ask what easy is…

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Drone: Gee, just the sight of one of these HP493A TWT laboratory amps brings back decades-old memories. There are four models covering 1-12.4 GHz in steps...
  • KH: After reading all the comments, I have questions: Does this mean STM32 and AVR boards/parts from dodgy online sellers are suspect? What are your opinions?...
  • Sjaak: They are available with more flash then their ST counterparts which makes them more interesting. You don't have to port the code, but use another...
  • Sjaak: I dunno if you can 'license' register definitions, but I'm not a lawyer. Since the chip is available since 2015 and I haven't heard of...
  • Sjaak: They can be found on taobao or the Chinese markets in Shenzhen.