File tree Expand file tree Collapse file tree 1 file changed +16
-0
lines changed Expand file tree Collapse file tree 1 file changed +16
-0
lines changed Original file line number Diff line number Diff line change @@ -8,3 +8,19 @@ This is the Github repository for the `BLE_API`. Please see the [Mbed OS Example
88* [ Mbed OS example BLE GitHub repo] ( https://github.com/ARMmbed/mbed-os-example-ble ) for all Mbed OS BLE examples.
99* [ Mbed OS BLE introduction] ( https://os.mbed.com/docs/latest/apis/ble.html ) for an introduction to Mbed BLE.
1010* [ Mbed OS BLE API page] ( https://os.mbed.com/docs/latest/apis/bluetooth.html ) for the Mbed BLE API documentation.
11+
12+ ## Privacy notice
13+
14+ The Cordio Bluetooth stack only stores one single signing key. This key is then
15+ shared across all bonded devices. If a malicious device bonds with the Mbed OS
16+ application it then gains knowledge of the shared signing key of the Mbed OS device.
17+ The malicious device can then track the Mbed OS device whenever a signing write
18+ is issued from it.
19+
20+ To overcome this privacy issue do not issue signed writes from the Mbed OS device.
21+ A signed write occurs when the member function ` write ` of ` GattClient ` is called
22+ with its ` cmd ` argument set to ` GATT_OP_SIGNED_WRITE_CMD ` .
23+
24+ Instead of using signed writes, enable encryption on the connection. This is achieved
25+ by calling the function ` setLinkEncryption ` of the ` SecurityManager ` . Set the encryption
26+ to at least ` ENCRYPTED ` .
You can’t perform that action at this time.
0 commit comments