Overview
Explore the vulnerabilities in Bluetooth stacks through this Black Hat conference talk. Dive into the Host-Controller Interface (HCI) and its role in controlling firmware link managers and baseband controllers. Learn about the IOBluetoothFamily implementation, HCI sniffing techniques, and MacOS Bixer. Examine six specific vulnerability case studies, uncovering potential security risks in Bluetooth systems. Gain insights into attacking vendor-specific commands and understand the implications for Bluetooth security.
Syllabus
Introduction
Design Implementation
Bluetooth Subsystem
HCI Sniffer
MacOS Bixer
Vulnerability Case Study
First Vulnerability
Second Vulnerability
Third Vulnerability
Fifth Vulnerability
Sixth Vulnerability
Taught by
Black Hat