Security

PASS KEY or PIN CODE

The AIRcable OS always requires a pass code or PIN the first time a connection is established. PIN codes are required for all incomming and outgoing connections, SPP FTP or OBEX. Authenticaton cannot be disabled.
There are 3 levels of response on PIN code requests depending on the configuration.

  • Unconfigured: When the AIRmote is unconfigured (for example, after a firmware upgrade and no config.txt and no AIRcable.bas program has been loaded), the PIN code required to access the AIRcable is fixed at "1234" - very unsecure.
  • Configured:After config.txt is uploaded, the PIN code is the PIN code configured in config.txt. If the PIN code length in the config.txt file is zero, it will default to "1234" as well - a bit unsecure if the ObexFTP server is active.
  • Programmed: The BASIC program can also respond to PIN code requests. The application knows who is asking for the pass code and can respond accordingly. If a BASIC program responds to a PIN code request, the PIN code used is the result of the PIN_REQ interrupt routine of the BASIC program - the most secure solution, even though ObexFTP server running can make it unsecure as Configured.

PAIRING

A correct PIN code response leads to a successful pairing. The pairing mechanism allows access.
A successful pairing stores a unique link key on both partners. The link key is stored automatically as the pairing information for the two partners. Matching keys then allow access to all wireless channels. This pairing data consists of the Bluetooth address of the partner and its calculated link key. Both have to match before access is granted. If for some reason the partner's link key is removed, the pairing information will no longer match and a new pairing must be established.
For added security the new pairing information will not be updated automatically. Instead of asking for a PIN code again, the connection attempt will fail.
To reestablish pairing, the AIRcable pairing information can be deleted. There are two ways to delete pairing information: delete all stored pairing information or delete individual pairing information. A line containing the keyword @UNPAIR in the BASIC program will erase all pairing information, just as @ERASE deletes the BASIC program.
The first device paired with is the default device. The pairing information of the default device can only be removed by deleting all pairing information. The AIRcable can store the pairing information of 8 other Bluetooth devices. As more pairing is added the oldest pairing information is deleted. Paired devices can be removed in the BASIC program via the built-in function 'unpair bt_addr'. All pairing information is removed with 'unpair 0'. After removing the pairing information a connection attempt will ask for a PIN code again.

ACCESS RESTRICTION

Access to the configuration files AIRcable.bas and config.txt in the file system can be restricted. If bit zero of the first entry in place @0006 is set to one, the two files are invisible. It is not longer possible to download or upload new configuration files.

// config security: no access to config files
@0006 = 0001 0000 0000

Access to user files in the file system is still possible.
Access to the file system service (Obex FTP) can be blocked completely. If bit 2 in the first entry is set to 1, the FTP service will not longer be available. No files, and no configuration can be up or downloaded. The Obex FTP service is not longer available.

// config security: no Obex FTP service
@0006 = 0002 0000 0000

The service to exchange objects such as business cards, vNotes, messages etc. (Obex Object Push) can be disabled as well. The AIRcable can no longer receive messages or business cards from other Bluetooth devices. Set bit 3 to 1.

// config security: no Obex Object Push service
@0006 = 0004 0000 0000

See chapter UNLOCK for information about unlocking the AIRcable.

SECURITY SETTINGS

The security key "@0006" is composed of four 16 bits numbers groups (but only the latest 8 are used in each group), where each of this groups allows you to configure different settings from the AIRcable

FIRST GROUP

0x80 unused
0x40 registers DUN profile when slave is called.
0x20 registers SPP profile when slave is called.
0x10 disable E2FS.
0x08 write protect E2FS.
0x04 disable FTP.
0x02 disable OBEX.
0x01 invisible files in E2FS.

SECOND GROUP

0x01 erase protect BASIC, when stack overflow.
0x00 no stack overflow protection

THIRD AND FOURTH GROUPS

This two groups allows you to take control over the FAT file system processor.

DISCOVERABLE

The AIRcable normally is discoverable. This means that other Bluetooth devices will be able to find the AIRcable. The AIRcable provides its name and available services to anyone who can find it.
Using the slave function the BASIC program can control the discoverability of the device. All profiles are affected by this mode even though only the slave function controls it. Even after the timeout the inquiry scan is still off. Only a positive value in the slave command will restart inquiry scans.
By setting the number of seconds parameter to a negative number, the AIRmote will become undiscoverable. Even after the timeout the inquiry scan is still off. Only a positive value in the slave command will restart inquiry scans.
After that time, the @IDLE function is called and the slave function can decide to make the AIRcable discoverable again or not.
As long as an external device knows the Bluetooth address a connection can still be made. Whether the AIRcable is discoverable or not, it will still require a successful authentication to grant access.

UNLOCK

It may be necessary for several reasons to unlock the AIRcable once some of the security measures are implemented, or to disable the execution of the BASIC program. Once you lose access to the configuration, there is no way wirelessly to enable configuration again. Certainly a special BASIC program can reenable access again, but that program must already be installed.
The only way to gain access again is to open the housing of the AIRcable Industrial. Inside the AIRcable is a security unlock pin. When this jumper is installed the effect is:

  • The AIRcable is discoverable
  • Obex FTP and Obex is enabled
  • Access to both config files is enabled
  • The BASIC interpreter is switched off
  • Security PIN code is set to default "1234"
  • Device firmware can be updated (dfumode)

This way the configuration and the BASIC program can be updated. Once uploaded the AIRcable has to be switched off, the unlock jumper taken out and the AIRcable then switched on again. If the jumper stays in during reboot, the configuration and the BASIC program will be erased.

dcvjvpkp_23d3v4f9.jpg

On the AIRcable SMD the unlock pin is called SEC or security overwrite.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License