Abacwaningi abavela e-École Polytechnique Federale de Lausanne ukuba sengozini ezindleleni zokumatanisa zamadivayisi athobelana nezinga le-Bluetooth Classic (Bluetooth BR/EDR). Ukuba sengozini kunikezwe igama lekhodi (). Inkinga ivumela umhlaseli ukuthi ahlele ukuxhunywa kwedivayisi yakhe mbumbulu esikhundleni sedivayisi yomsebenzisi exhunywe ngaphambilini, futhi aqedele ngempumelelo inqubo yokuqinisekisa ngaphandle kokwazi ukhiye wokuxhumanisa owenziwe ngesikhathi sokumataniswa kokuqala kwamadivayisi futhi avumele umuntu ukuthi agweme ukuphinda inqubo yokuqinisekisa mathupha ukuxhumana ngakunye.
Ingqikithi yendlela iwukuthi lapho uxhumeka kumadivayisi asekela imodi Yokuxhumaniseka Okuvikelekile, umhlaseli umemezela ukungabikho kwale modi futhi abuyele ekusebenziseni indlela yokuqinisekisa ephelelwe yisikhathi (imodi "yefa"). Kumodi "yefa", umhlaseli uqala ushintsho lwendima yesigqila esikhulu, futhi, ethula idivayisi yakhe ngokuthi "inkosi," uzibophezele ekuqinisekiseni inqubo yokuqinisekisa. Umhlaseli ube esethumela isaziso sokuthi ukufakazela ubuqiniso kube yimpumelelo, ngisho nangaphandle kokuba nokhiye wesiteshi, futhi idivayisi iqinisekiswa kolunye uhlangothi.
Ngemuva kwalokhu, umhlaseli angafinyelela ukusetshenziswa kokhiye wokubethela omfushane kakhulu, oqukethe kuphela i-byte engu-1 ye-entropy, futhi asebenzise ukuhlasela okwakhiwe ngaphambilini ngabacwaningi abafanayo. ukuze uhlele uxhumano lwe-Bluetooth olubethelwe ngaphansi kokucasha kwedivayisi esemthethweni (uma idivayisi ivikelwe ekuhlaselweni kwe-KNOB futhi usayizi wokhiye awukwazanga ukuncishiswa, umhlaseli ngeke akwazi ukusungula isiteshi sokuxhumana esibethelwe, kodwa uzoqhubeka ukuze uhlale ugunyaziwe kumsingathi).
Ukuze usebenzise ngempumelelo ukuba sengozini, kuyadingeka ukuthi idivayisi yomhlaseli ifinyeleleke kudivayisi ye-Bluetooth esengozini futhi umhlaseli kufanele anqume ikheli ledivayisi ekude lapho uxhumano lwenziwe khona ngaphambilini. Abacwaningi i-prototype yekhithi yamathuluzi ngokusetshenziswa kwendlela yokuhlasela ehlongozwayo kanye indlela yokusebenzisa i-laptop ene-Linux nekhadi le-Bluetooth fake umgunyathi uxhumano lwe-smartphone ebhanqiwe ngaphambilini ye-Pixel 2.
Inkinga ibangelwa iphutha lokucaciswa futhi izibonakalisa kuzitaki ezihlukahlukene ze-Bluetooth nama-chip firmwares e-Bluetooth, okuhlanganisa I-Intel, i-Broadcom, i-Cypress Semiconductor, i-Qualcomm, i-Apple ne-Samsung esetshenziswa kuma-smartphones, ama-laptops, ama-PC ebhodi elilodwa kanye nama-peripherals avela kubakhiqizi abahlukahlukene. Abacwaningi Amadivayisi angu-30 (i-Apple iPhone/iPad/MacBook, Samsung Galaxy, LG, Motorola, Philips, Google Pixel/Nexus, Nokia, Lenovo ThinkPad, HP ProBook, Raspberry Pi 3B+, njll.) asebenzisa ama-chips angu-28 ahlukene, nabakhiqizi abazisiwe mayelana ukuba sengozini ngoDisemba wonyaka odlule. Imuphi kubakhiqizi osevele ekhiphe izibuyekezo ze-firmware ngokulungiswa akukacaciswanga.
I-Bluetooth SIG, inhlangano enesibopho sokuthuthukisa amazinga e-Bluetooth, mayelana nokuthuthukiswa kwesibuyekezo sokucaciswa kwe-Bluetooth Core. Uhlelo olusha luzichaza ngokucacile izimo lapho kuvunyelwe khona ukushintsha izindima zesigqila esiyinhloko, lwethule imfuneko eyisibopho yokuqinisekisa okufanayo lapho ubuyela emuva kumodi “yefa”, futhi watusa ukuhlola uhlobo lokubethela ukuze kuvinjelwe ukwehla kwezinga ukuphepha kokuxhumana.
Source: opennet.ru