Completely New nRF Connect for iOS

As we have previously mentioned, nRF Connect is the the best app for detecting if a Bluetooth LE device such as a beacon is working. The Android version has always had more features than the iOS version but that is changing. nRF Connect for iOS has been completely re-written and now has a very pretty UI.

We still recommend using the Android rather than the iOS version because iOS apps can’t see Bluetooth MAC addresses due to some peculiar decisions made by people at Apple. Scanning also can’t see an iBeacon UUID, major and minor in the advertising. It’s more difficult to uniquely identify Bluetooth devices in apps such as nRF Connect on iOS than it is on Android.

EgiGeoZone Geofence for Android

EgiGeoZone Geofence is a useful app for Android with over 10,000 users that allows you set up triggering based on location. There’s also a Bluetooth version that allows triggering in the vincinity of iBeacons.

The app is also open source on GitHub. Note that the app doesn’t yet work with the Android 8.0 background changes. The author is hoping someone else will fork the code and keep the app alive.

Bluetooth MAC Randomization Can Be Defeated

The Register has an article Brilliant Boston boffins blow big borehole in Bluetooth’s ballyhooed barricades: MAC addy randomization broken.

Beneath the hyperbolic alliteration is some research (pdf) that Bluetooth MAC randomization isn’t foolproof. Researchers have found that similarities between the non-MAC information in advertising allows devices to be uniquely identified:

“What is perhaps even more concerning, say the Boston Uni trio, is the message Bluetooth vendors are putting out to the public when they advertise Bluetooth LE as being an untrackable standard.”

In actual fact, very few vendors do MAC randomization. The majority of beacon manufacturers don’t because the whole idea of a beacon is that it can be identified via MAC address or iBeacon id. For the same reason, most Bluetooth accessories don’t as they want to be identified via apps. Android smartphones don’t do MAC randomization but iOS and Windows 10 do to improve end-user privacy. It’s mainly iOS devices that will be moving around and possibly tracked in-store or on-site via the ‘vulnerability’ described in the paper.

Android WiFi Direct via Bluetooth

A problem with many IoT projects is the need to connect the device to WiFi. It’s a ‘chicken and egg‘ situation in that you need to connect to the device in order to set the WiFi settings but you can’t connect because you aren’t WiFi connected. This is usually solved in one of two ways. The first relies on a WPS button on the WiFi router which sets it into a mode where it will accept a new device without the user having to enter or select anything. Security flaws in WPS and the possibility of anyone pressing the WPS button mean this isn’t a great solution for IoT applications. The second method involves the IoT device itself acting as a WiFi router in ‘station mode’ while the user on a phone, laptop or other device connects and uses a http web interface to set the WiFi settings and reboot. Upon reboot, it’s no longer in station mode and connects to the assigned access point. However, users need simpler mechanisms.

Android used to support WPS but this has been deprecated in favour Wi-Fi Easy Connect. The latest Android Q documentation explains that the Wi-Fi Direct connection information (a URI) needs to reach the device somehow such as through a QR Code scan NFC receipt or a Bluetooth scan. Hence, it’s possible for an unprovisioned device to be scanning for a particular beacon that provides a connection URI that’s used for provisioning the WiFi. This allows retailers’ Android apps or Android IoT devices to easily connect to location-specific WiFi.

The API mentions that Easy Connect does not require Location or Wi-Fi permissions which is a bit misleading. It will need the Location permission if you use a Bluetooth scan to provision.

Bluetooth Low Energy now in Amazon FreeRTOS

Amazon has recently announced support for Bluetooth Low Energy in Amazon FreeRTOS. Amazon FreeRTOS is an IoT operating system for microcontrollers. Support for Bluetooth LE allows you to see Bluetooth devices and extract sensor data. Amazon’s implementation also allows you to subscribe to MQTT topics over Bluetooth Low Energy through an iOS or Android mobile device.

There’s an example how to Perform OTA Updates on Espressif ESP32 using Amazon FreeRTOS Bluetooth Low Energy. It shows how to connect Amazon FreeRTOS devices using Bluetooth Low Energy to AWS IoT Core via Android and iOS devices.

Clearing the Android Bluetooth Cache

In our post on compatibility we explained how Bluetooth LE connection problems are more likely to be with Android rather than the devices (beacons) with which they are communicating.

If you are experiencing such problems you can try clearing your Android Bluetooth cache:

Settings
Select Application Manager
Display system apps (swipe left/right or choose from the menu in the top right corner)
Select Bluetooth
Select Storage
Tap Clear Cache
Restart the phone

Note that these menus are not available on the latest versions of (vanilla, non-OEM) Android because Google has unhelpfully removed access to system apps.