Details

About the talk

This talk by Mike Ryan described how to reverse engineer Bluetooth data on a variety of devices including a heart monitor, a padlock, a music listening device, a Bluetooth credit card, and a Bluetooth-controlled skateboard. Although the techniques depended on physical access to the device (attacks that did not have this access would require a protocol sniffer), it was an exciting demonstration of how to extract Bluetooth data from the device before it goes out to the air. And that said, the threat model for some Bluetooth devices (such as that credit card) should assume that someone will be handling those devices out of your sight. [Talk summery by @VirtualChrista]

Presentation from the talk
Mike Ryan

Mike Ryan

Founder ICE9 Consulting

Mike Ryan is a noted expert on Bluetooth security. He has discovered several Bluetooth-related CVEs: CVE-2018-9119 (stealing credit card numbers via Bluetooth), CVE-2014-4428 (affecting OS X, iOS, and Apple TV), and along with Richo Healey discovered CVE-2015-2249 (affecting Boosted electric skateboards). In 2016 Mike founded ICE9 Consulting to address the increasing demand for security reviews of IoT devices. Mike’s personal motto is “If you like it, you should¬†put Bluetooth on it.”