Is it possible anyone to clone our bluetooth address?

rizqifeb · January 25, 2022, 5:13am

Is it possible that someone can clone a bluetooth address? If so, what methods can be used to verify the "real" bluetooth address? Because I have a keyless project , and my code only verifies from bluetooth address.

This is my code :

#include <BLEDevice.h>
#include <BLEUtils.h>
#include <BLEScan.h>
#include <BLEAdvertisedDevice.h>
String knownBLEAddresses[] = {"xx:yy:zz:aa:bb:cc"};
int RSSI_THRESHOLD = -55;
bool device_found;
int scanTime = 1; //In seconds
bool session = false;
BLEScan* pBLEScan;
class MyAdvertisedDeviceCallbacks: public BLEAdvertisedDeviceCallbacks {
    void onResult(BLEAdvertisedDevice advertisedDevice) {
      for (int i = 0; i < (sizeof(knownBLEAddresses) / sizeof(knownBLEAddresses[0])); i++)
      {
        //Uncomment to Enable Debug Information
        //Serial.println("*************Start**************");
        //Serial.println(sizeof(knownBLEAddresses));
        //Serial.println(sizeof(knownBLEAddresses[0]));
        //Serial.println(sizeof(knownBLEAddresses)/sizeof(knownBLEAddresses[0]));
        //Serial.println(advertisedDevice.getAddress().toString().c_str());
        //Serial.println(knownBLEAddresses[i].c_str());
        //Serial.println("*************End**************");
        if (strcmp(advertisedDevice.getAddress().toString().c_str(), knownBLEAddresses[i].c_str()) == 0)
                        {
          device_found = true;
                          break;
                        }
        else
          device_found = false;
      }
      Serial.printf("Advertised Device: %s \n", advertisedDevice.toString().c_str());
    }
};
void setup() {
  Serial.begin(115200); //Enable UART on ESP32
  Serial.println("Scanning..."); // Print Scanning
  pinMode(LED_BUILTIN, OUTPUT); //make BUILTIN_LED pin as output
  BLEDevice::init("");
  pBLEScan = BLEDevice::getScan(); //create new scan
  pBLEScan->setAdvertisedDeviceCallbacks(new MyAdvertisedDeviceCallbacks()); //Init Callback Function
  pBLEScan->setActiveScan(true); //active scan uses more power, but get results faster
  pBLEScan->setInterval(100); // set Scan interval
  pBLEScan->setWindow(99);  // less or equal setInterval value
}
void loop() {
  // put your main code here, to run repeatedly:
  BLEScanResults foundDevices = pBLEScan->start(scanTime, false);  
  if (session == false)
    for (int i = 0; i < foundDevices.getCount(); i++)
    {
      BLEAdvertisedDevice device = foundDevices.getDevice(i);
      int rssi = device.getRSSI();
      Serial.print("RSSI: ");
      Serial.println(rssi);
      if (rssi > RSSI_THRESHOLD && device_found == true)
        session = true;
  
      if (session == true)
        digitalWrite(LED_BUILTIN, HIGH);
    }
    pBLEScan->clearResults();   // delete results fromBLEScan buffer to release memory
}

cedarlakeinstruments · January 25, 2022, 2:36pm

Not a very good idea. First, you can spoof a BLE address. Second, if you're interfacing to an app, some platforms will not provide the "real" address to your code. Apple/iOS has been doing this for some time and I think Android and Microsoft are also doing it now. This is for user privacy to make it harder to track someone by their bluetooth address, so the BLE stack on the device itself will provide a "fake" and variable address to the application.

Lots of processors have a unique ID, maybe try using that?

system · July 24, 2022, 2:36pm

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.