Bluetooth Authentication



  • First off let me just state that the Onewheel is the most amazing product I've purchased in the last couple years! However...

    Being a programmer myself it scares me how easy it is to connect to and write to the Bluetooth characteristics of the device without any form of pin code/ owner verification. As for now I'll keep my phone connected to the board to prevent it from advertising data so freely (too many nosy programmers in the bay area). The issue can be resolved in 3 (or more) ways:

    1. Have the user hold the power button for a few seconds to enter pairing mode (this would also extend battery life since there would be no need to run the Bluetooth radio when not needed).

    2. Use the last 4 digits of the serial number on the bottom of the board as a pin code (this would also require the board to stop advertising the last portion of the serial as the device name).

    3. Modify the app to only connect to a board when the rssi is high (meaning that the phone is relatively close to the board). This one isn't a total solution because you would still be able to use a Bluetooth scanner to connect but at least it would prevent non-technical people from changing your shaping when they are in range.



  • Agreed. Kind of mind blowing that there's absolutely no security on the Bluetooth connection on these things.



  • If the OW gets really popular and if a lot of people starts riding them, then there will always be douchebags who will hack them and instant break us or something. So yeah, a more difficult system like you mentioned should be made


Log in to reply
 

Looks like your connection to Onewheel Forum was lost, please wait while we try to reconnect.