Speaker Deck

Security review of proximity technologies: beacons and physical web

by Renaud Lifchitz

Published November 15, 2017 in Research

With the growing expansion of the IoT, proximity technologies are becoming more and more important to interact with things around us. Apple and Google have released their own beacon protocol, namely iBeacon and Eddystone, but are they really secure for any kind of use? We will study thoroughly both protocols and their capabilities, and discuss several vulnerabilites, illustrating them with live demos. Additionally, we will see that future protocols (W3C Web Bluetooth API) will unfortunately allow very long-range fingerprinting and attacks on most IoT devices, so we will give recommendations to reduce these threats.