Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Deep into Android Bluetooth Bug Hunting - New Attack Surfaces and Weak Code Patterns

Black Hat via YouTube

Overview

Explore the intricacies of Android Bluetooth security vulnerabilities in this 35-minute Black Hat conference talk. Delve into the AOSP Bluetooth module's history of security flaws, including Blueborne and BlueFrag, and understand how these vulnerabilities often stem from improper validation of remote user-supplied data during Bluetooth request packet parsing. Learn about Google's hardening methods to improve Bluetooth security, such as packet length validation, implementation of a more secure AVRCP profile, and the Gabeldorsche project rewriting the Bluetooth stack in Rust. Discover new approaches focusing on the lifecycle of Bluetooth packet data and weak architectural logic that have uncovered additional hidden vulnerabilities. Gain insights into the Bluetooth protocol architecture in AOSP, existing research results, and known attack surfaces to enhance your understanding of Android Bluetooth bug hunting techniques.

Syllabus

Deep into Android Bluetooth Bug Hunting: New Attack Surfaces and Weak Code Patterns

Taught by

Black Hat

Reviews

Start your review of Deep into Android Bluetooth Bug Hunting - New Attack Surfaces and Weak Code Patterns

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.