Attacking Wearable Device Communication over BLE - When Encryption Is Not Enough

Explore a conference talk from AppSecUSA 2016 that delves into the security vulnerabilities of Bluetooth Low Energy (BLE) communication between wearable devices and mobile applications. Learn about the insufficiencies of BLE encryption protocols and how rogue mobile apps can exploit these weaknesses to access personal information or cause denial of service conditions on wearables. Discover high-level flows for designing secure communication channels between phone applications and wearable devices. Gain insights from security experts Chandra Prakash Gopalaiah, Sumanth Naropanth, and Kavya Racharla as they discuss case studies, security assumptions made by popular mobile operating systems, and the need for additional security measures in BLE communication.