Masu bincike daga École Polytechnique Federale de Lausanne rauni a cikin hanyoyin haɗin na'urorin da suka dace da ƙa'idar Bluetooth Classic (Bluetooth BR/EDR). An sanya raunin sunan lamba (). Matsalar tana bawa maharin damar tsara haɗin na'urarsa ta bogi maimakon na'urar mai amfani da aka haɗa a baya, kuma ya sami nasarar kammala aikin tantancewa ba tare da sanin maɓallin hanyar haɗin da aka samar a farkon haɗa na'urori ba tare da barin mutum ya guje wa maimaita hanyar tabbatarwa da hannu a. kowace haɗi.
Ma'anar hanyar ita ce lokacin haɗi zuwa na'urorin da ke goyan bayan yanayin Haɗin Tsaro, maharin yana sanar da rashin wannan yanayin kuma ya koma yin amfani da tsohuwar hanyar tantancewa (yanayin "legacy"). A cikin yanayin "legacy", maharin ya fara canjin aikin bawa-bawa, kuma, yana gabatar da na'urarsa a matsayin "maigida," yana ɗaukar kansa don tabbatar da hanyar tabbatarwa. Daga nan maharin ya aika da sanarwar cewa an yi nasarar tantancewa, ko da ba tare da mallakar maɓallin tashar ba, kuma na'urar ta zama ta ainihi ga ɗayan ɓangaren.
Bayan haka, maharin zai iya cimma amfani da maɓalli na ɓoyewa wanda ya yi gajere, mai ɗauke da 1 byte na entropy kawai, kuma ya yi amfani da harin da masu binciken suka yi a baya. don tsara haɗin haɗin Bluetooth da aka ɓoye a ƙarƙashin na'urar halal (idan na'urar tana da kariya daga hare-haren KNOB kuma ba za a iya rage girman maɓalli ba, to maharin ba zai iya kafa hanyar sadarwa ta ɓoye ba, amma zai ci gaba. don ci gaba da ingantawa ga mai gida).
Don samun nasarar cin gajiyar raunin, ya zama dole na'urar maharin ta kasance a kusa da na'urar Bluetooth mai rauni kuma maharin dole ne ya tantance adireshin na'urar nesa wacce aka yi haɗin kai a baya. Masu bincike samfurin kayan aiki tare da aiwatar da tsarin harin da aka tsara da kuma yadda ake amfani da kwamfutar tafi-da-gidanka tare da Linux da katin Bluetooth karya haɗin wayar Pixel 2 da aka haɗa a baya.
Matsalar tana faruwa ne ta hanyar ƙayyadaddun ƙayyadaddun ƙayyadaddun bayanai kuma tana bayyana kanta a cikin faifan Bluetooth daban-daban da firmwares guntu na Bluetooth, gami da Intel, Broadcom, Cypress Semiconductor, Qualcomm, Apple da Samsung da ake amfani da su a cikin wayoyi, kwamfyutocin tafi-da-gidanka, kwamfutoci guda ɗaya da na'urori daga masana'antun daban-daban. Masu bincike Na'urorin 30 (Apple iPhone/iPad/MacBook, Samsung Galaxy, LG, Motorola, Philips, Google Pixel/Nexus, Nokia, Lenovo ThinkPad, HP ProBook, Raspberry Pi 3B+, da sauransu) waɗanda ke amfani da kwakwalwan kwamfuta 28 daban-daban, kuma masu masana'antun sun sanar game da rauni a watan Disambar bara. Wanene daga cikin masana'antun ya riga ya fitar da sabuntawar firmware tare da gyara ba tukuna dalla-dalla ba.
Bluetooth SIG, ƙungiyar da ke da alhakin haɓaka ƙa'idodin Bluetooth, game da haɓaka sabuntawa zuwa ƙayyadaddun Core Bluetooth. Sabuwar fitowar ta bayyana karara a cikin lamuran da ya halatta a canza matsayin ubangida-bayi, gabatar da wani abin da ake bukata don tabbatar da juna yayin jujjuyawa zuwa yanayin “gado”, kuma ya ba da shawarar duba nau'in boye-boye don hana raguwa a matakin matakin. tsaro dangane.
source: budenet.ru