On Tue, Jan 6, 2009 at 7:10 PM, Qwavel <qwa...@gmail.com> wrote: > > Is there any update on this? > > Specifically, have decisions been made about whether to limit > bluetooth comm to paired devices - as discussed below? >
We are unlikely to have this in the first Bluetooth API release. I don't think developers would be very excited about us holding up a first release while we debate and then implement this. That doesn't mean we can not add it later. Android moves pretty quick. > Thanks, > Tom. > > On Dec 22 2008, 1:01 am, Qwavel <qwa...@gmail.com> wrote: > > Nick, > > > > Thanks for participating in this open conversation about thebluetooth > > API - this is the first time that I'm aware of that outside developers > > have had the opportunity to express themselves at this stage in the > > development of a phone OS/API. > > > > As I'm sure you are aware,Bluetoothdata connection between apps are > > supported by JSR82. To the best of my knowledge, the only platform on > > which pairing is required for these connections is the Blackberry. As > > far as I can tell, this was done for the pretense of security since > > the platform was originally only targeted at the enterprise market. > > On the Blackberry dev forums I regularly see confusion and surprise > > about this restriction. > > > > The only other platform (beside the Blackberry) which really > limitsbluetoothis the iPhone, but this is expected of Apple. > > > > I am being dismissive about the security advantages of the blackberry > > approach for these reasons: > > > > - The majority of phones available now (in Europe but not in the US) > > allow full access to JSR82, without requiring pairing, and without > > even requiring that the midlet be signed. > > > > - More importantly, I've not encountered any regret about this, or any > > sense that it is a mistake. Instead, easy access to JSR82 is > > spreading: now, even LG and Samsung are starting to provide this. > > > > - Security concerns like this should not be addressed by limiting the > > functionality of the system, when they can be addressed at the > > application security level. I can't comment on the difficulty of > > implementing this, but certainly it would be better to produce an OS > > that is not limited in the way that the BB and iPhone are. > > > > If you really believe thatbluetoothcommunication without pairing is > > a security hole - and I believe that Nokia and SE have shown that it > > isn't - then I think it would be better handled by the application > > level security mechanisms. > > > > Thanks, > > Tom. > > > > On Dec 3, 12:22 pm, Nick Pelly <npe...@google.com> wrote: > > > > > We are likely to preventBluetoothdata connections (RFCOMM) from apps > > > unless the two phones have been paired. It's really hard to make > > > security work any other way. > > > > > Nick > > > Android Systems Engineer > > > > > On Wed, Dec 3, 2008 at 1:37 AM, whitemice <markbr...@zedray.co.uk> > wrote: > > > > > > Hi Nick > > > > While we are on the subject, I am looking for Android *Ad-hoc* > > > >Bluetoothsupport. > > > > > > Example: Alice and Bob both have my client running on their phones, > > > > and walk withinBluetoothrange of each other in a social setting. I > > > > want the application to: > > > > (a) Be able to detect the otherBluetoothphone in the room > > > > (b) Detect that the same application is running on the other phone > > > > (c) Create a data connection between the two phones without asking > for > > > > the user's permission (permission is granted beforehand). > > > > > > Is this considered a security problem, or will this kind of thing be > > > > allowed in the new API? > > > > > > Some more info on what I am doing…. > > > >http://blog.zedray.com/snowball/ > > > > > > Regards > > > > Mark > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
