Bluetooth spec updated to improve security for IoT

Security was badly needed as many Bluetooth hacks already exist.

The Bluetooth Special Interest Group has announced a new version of its wireless connectivity specification designed to improve secure connections with Internet of Things (IoT) in mind.

The update was badly needed. Just do a Google search for Bluetooth hacks and you'll see how insecure the spec really is. With Bluetooth finding its way into cars and appliances, that kind of weakness was simply not acceptable.

In Bluetooth 4.2, most of the changes are in Bluetooth Smart, or Bluetooth LE, the low-power version of the technology used in smaller, low power devices, like wearables and smartphones. It also gained direct Internet access, rather than the usual BT device-to-BT device communications.

Bluetooth 4.2 adds low-power IPv6 support and the Bluetooth Smart Internet gateway for accessing the Internet through a gateway device, like a router, to send and receive messages. But the big changes are in security.

For example, Bluetooth 4.2 includes FIPS-compliant encryption to keep data encrypted as it is transferred. The new privacy functions will keep LE devices from being tracked, since right now they broadcast a wide open signal looking to pair with anything in range, as anyone who has paired a headset to a smartphone knows.

At the same time, the 4.2 spec has increased the packet capacity by 10-fold, which the SIG claimed will increase throughput by 2.5 times the older version. The SIG maintains that 4.2 devices will be backwards compatible with Bluetooth LE 4.1 and 4.0 devices.

The full details of the Bluetooth 4.2 standard are available in a massive 2,700 page PDF document. There's also a much shorter FAQ (in PDF format).

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon