anelok: revisiting Bluetooth, the limits of one stop shopping
werner at almesberger.net
Fri Nov 22 00:35:54 EST 2013
802.15.4 has always been the "if you can't be with the one you
love, love the one you're with" kind of solution. So it makes
sense to look at the alternatives from time to time, to see if
anything has changed in the field.
Ron sent me a few pointers to Bluegiga BT modules, triggering
one of these scans. First, let's look at the Bluegiga products:
- Bluegiga are kinda cute and sourceable, but they also rely on
Windows-based development tools for putting applications into
their modules. The price tag is also significant, with 1000
units starting at USD 13.65 (BLE113).
For comparison, all the major components of Anelok (excluding
the PCB itself, case, etc., but including 802.15.4 transceiver,
balun, and PCB antenna), together cost around USD 15 at 1000
Of course, having BT would make the RF (802.15.4) dongle
optional, so even such an expensive module would be about
neutral if we look at the cost of the entire system.
Still, the closed development tools aren't nice. There are also
some discouraging things on their forum, like "problems loading
the licensing key into the module" that suggest that more
trouble awaits the ones taking that road.
- Ron also found out that Bluegiga use CSR and more recently TI
CC254x chips. Now CSR does not sound too good, but the TI
CC2xxx are fairly popular.
The problem with most of the available BT solutions, especially
if they're modules (and not chips) is that they tend to have some
proprietary firmware that is either completely closed or at least
not easily modified (even if there's an SDK, there may be
restrictions on redistribution, the SDK will be closed-source,
and so on.)
To avoid this, one would have to go one level below: just get a
chip that takes care of the physical layer (aether to bits) and
maybe also the link layer (bits to packets) but then do the rest
in the firmware.
Among other things, that also has the potential benefit of moving
the local end of the protection of any encryption that happens on
the radio link into the MCU. So any snooping on that interface
would be defeated. This may not be the most likely place where an
attack may occur, but today's far-fetched hypothetical weakness
may very well become the exploit in tomorrow's headline news.
Next: why we don't need to use the machete just yet.
More information about the discussion