iOS Question BLE Chat issues

Discussion in 'iOS Questions' started by techknight, Jun 13, 2019.

  1. techknight

    techknight Well-Known Member Licensed User

    I started playing around with the BLE chat example, Mainly so I can do remote control from a phone "remotes" and an iOS Tablet (as a controller device). The Tablet is the peripheral because multiple remotes/phones can connect back into it.

    It works fine, however, there is absolutely zero security. it doesn't ask for pairing, it will simply allow the connection. Any connection for that matter, without repercussion.

    This is ok, but, on the Peripheral side (the device at which I am connecting to) there doesnt seem to be a way to boot a connection by CentralID, or even a connection at all.

    Not being able to do Pairing, I am ok with. but I need to at least be able to negotiate a handshake within my own app if someone connects in and "subscribes". I want to challenge that person/connection, and if it doesn't reply or replies wrong, Boot it.

    So any "rogue" person or device could connect in, subscribe and intercept/control the traffic between remote and tablet.

    any help here would be appreciated. Thanks!
     
  2. Erel

    Erel Administrator Staff Member Licensed User

    Don't add new centrals to the map until they send a message with their id and some secret value.
     
  3. techknight

    techknight Well-Known Member Licensed User

    Only thing is, the map really isnt doing anything except keeping a list of IDs. because I do a Peripheral.Write(Null, XXXXX).

    So I would have to modify the routine to use a For Each statement?

    Also I noticed the centraID isnt sent with the newdata event, so I dont know who is sending what.

    I maybe could send it in the payload, But, 20 bytes is precious space. Even then I dont know if the CentralID that shows up in the peripheral side during subscribe, is the same on the other end.
     
    Last edited: Jun 14, 2019
  4. Erel

    Erel Administrator Staff Member Licensed User

    One option. Another option is to close the peripheral.
     
  5. techknight

    techknight Well-Known Member Licensed User

    How do I do option two without kicking everyone off?
     
  6. Erel

    Erel Administrator Staff Member Licensed User

    If you think that this is a real issue that you need to take care of then change your code to only send to the allowed clients.
     
  7. techknight

    techknight Well-Known Member Licensed User

    What is the connection limit on iOS?

    Here is where I am going with this. My app will be used on devices that are in schools. And we all know how kids are, especially the nerdy ones. Why? Because I did things like this when I was that age. I would screw with teachers/coaches when doing goofball things with the PC.

    Last thing I want is a kid and his friends sitting up in the bleachers trying to take control of a scorekeeping device during a game, (which I can solve by only accepting/sending data from authorized devices). Or having a bunch of people make and open connections to the active bluetooth device and causing the App to crash or killing off communication to the scoreboard which it too, is over BT.

    So im just trying to think of ways to secure this.
     
  8. Erel

    Erel Administrator Staff Member Licensed User

    I don't think that it is documented anywhere.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice