From Android documentation:
Caution: When a user pairs their device with another device using BLE, the data that's communicated between the two devices is accessible to all apps on the user's device.
For this reason, if your app captures sensitive data, you should implement app-layer security to protect the privacy of that data.
Is this also true for iOS? I haven't found anything on it and I assumed because iOS doesn't show the true MAC addresses of devices this wouldn't be an issue, but just wanted to check. Thanks
Yes, iOS also works in a similar way. And if you want private communication, you also need to maintain app layer security. Thus android wear, galaxy watch, and other similar devices use encrypted communication in the app layer.
If you already know the details. BLE communication works via Gatt Characteristics.
Consider there are two health applications running on an iOS device and the user also using an activity tracker device. In that case if the user wants to connect both of the health apps with that tracker, he certainly can do it. Both apps will be able to communicate with the activity tracker and get sensor data using the CBCentral module. Look at the diagram for Details.
On the other hand, In general, vice versa will not possible. Because if both iOS apps use Peripheral Role they will register two different instances of BLE-Service even if using the same UUID. Thus it will force two apps to communicate with completely different characteristics instances. However, it is also possible to work with two peripheral apps with the same UUID but this is not what the BLE developers ever wanted.
you need to provide app level security based on Service UUID, so that devices having the app with only same service UUID can connect.
Related
I'm trying to write a super-simple iOS app, just for personal use (i.e. it doesn't need to conform to any App Store stuff). I want it to do the following. Assume it's installed on two devices, both of which I own/control.
On device 1, it has a button that, when pressed, will immediately cause a notification to pop up on device 2.
I'm fine with hardcoding specific apple IDs, device IDs, whatever; it's also fine if this only works when the two devices are on the same LAN/Wifi. all I want is for the above to work, in the easiest way possible, and preferably without needing anything to run on a server anywhere.
How simply can this be implemented? I've set up a whole push-notification system once before, but that required some server-side stuff. Hoping to be able to do this without any of that.
====
Update: realized I wasn't clear in the original post that I need the notification on Device 2 to pop up whether or not the app is currently open/running on that device.
I think that what you are searching for is multipeer connectivity framework.
The Multipeer Connectivity framework supports the discovery of
services provided by nearby devices and supports communicating with
those services through message-based data, streaming data, and
resources (such as files). In iOS, the framework uses infrastructure
Wi-Fi networks, peer-to-peer Wi-Fi, and Bluetooth personal area
networks for the underlying transport. In macOS and tvOS, it uses
infrastructure Wi-Fi, peer-to-peer Wi-Fi, and Ethernet.
source: https://developer.apple.com/documentation/multipeerconnectivity.
You can also check those tutorials:
https://www.ralfebert.com/ios-app-development/multipeer-connectivity/
https://www.hackingwithswift.com/example-code/networking/how-to-create-a-peer-to-peer-network-using-the-multipeer-connectivity-framework
Send sms to port is a way (the protocol will become SMS): https://developer.apple.com/documentation/foundation/nsportmessage
and Maybe Firebase Remote Config can help you: you can get your data in FCM remote config (key-value) from the app :
https://www.raywenderlich.com/17323848-firebase-remote-config-tutorial-for-ios
https://firebase.google.com/docs/remote-config/get-started?platform=ios
, and you can modify your data whenever you want, and the app can fetch it.
I have similar requirements, and it seems like APNS (Apple Push Notification Service) is required for this because it's one of the only ways to 'activate' an application that is in the background.
As a result, then the question is how to make APNS as painless as possible? It seems like combining Firebase Cloud Messaging (or FCM) (to manage APNS / sending messages), and Firebase Functions (to help manage FCM server-side requirements) is one decent option.
What is the best practice for using the Bluetooth Low Energy Generic Access Profile Service (0x1800)?
Is there a reason that iOS prevents developers from using the Generic Access Profile Services and Characteristics?
Section 3.12 (page 24) documents the fact iOS does not
let a developer use that Service (and a couple others)
https://developer.apple.com/hardwaredrivers/BluetoothDesignGuidelines.pdf
I've also seen some hardware implementations on microcontrollers that also seem to hide this Service from a developer in the firmware.
The work around that I (and most others) have done to allow an app to update the device_name to is to make a separate custom Service-Characteristic that updates the local device name and updates the name in the advertising packet. This is not ideal for many reasons and I am wondering if I am missing something. Should we all be able to use the 0x2A00 Characteristic just like any other Characteristic?
I'm hoping to create a BLE advertisement on iOS where I can control the advertisement on a byte level.
One use case would be to mimic an iBeacon advertisement. What is the iBeacon Bluetooth Profile (I want to advertise while my app is in the background which is why I'm not using CoreLocation)
I do not see a way to do this with the Core Bluetooth API. Is this correct? Are there alternatives using private API's or jailbreaking?
As the others already pointed out, there is no API on iOS that allows you to do this.
You can advertise as an iBeacon, but only when your app is in the foreground. When in background, the advertisement is removed and therefore cannot be discovered anymore (except for other iOS devices which explicitly scan for that service UUID). Also see the documentation here: Core Bluetooth Background Processing
If you would share your use case and what you want to achieve, maybe there are other ways to realise it.
My experience with iOS is that if it is something is not exposed in the API, there is no way around, except jailbreaking. For Bluetooth low energy the API is at GAP/GATT level, and very little at the lower levels (if anything) is exposed. Advertising is a LL (link layer) feature.
To illustrate how restricted the access is: When scanning for BLE devices you will not have access to the advertiser's MAC address iOS. In Android you have it.
I do not see a way to do this with the Core Bluetooth API. Is this
correct?
Since you have to set Manufacture Specific Data in order to achieve this, if nothing has changed you will experience exactly the same issue that I did. Explained here:
The advertisement key 'Manufacturer Data' is not allowed in CoreBluetooth
It is not possible.
I’m currently working on a small project with the goal of using an iOS App to provide a secure, centralized login for a network of WiFi hotspots in small and medium sized businesses. The plan was to configure the routers as open networks and DHCP forward all the traffic from the router to our (cloud-hosted) server, where each query is authenticated and the user’s query is allowed to pass to its intended destination.
Our current problem is that in order to configure the server to know which users are accessing it we need the Mac Addresses of the users, which the Apple API requires they type in manually the first time they use the app (which is a lot of work) so we are trying to come up with a work around.
Any thoughts or suggestions would be hugely appreciated.
Thanks,
Alex
:)
Since iOS 7 you can no longer get the MAC Address. Based on what you are trying to do, I would recommend using one of the device identifiers available through iOS like identifierForVendor which will give you an unique id.
as per Apple Docs:
In iOS 7 and later, if you ask for the MAC address of an iOS device,
the system returns the value 02:00:00:00:00:00. If you need to
identify the device, use the identifierForVendor property of UIDevice
instead. (Apps that need an identifier for their own advertising
purposes should consider using the advertisingIdentifier property of
ASIdentifierManager instead.)
Currently, iOS does not support the combination GAP Central role and ATT Server role as well as the combination GAP Peripheral role and ATT Client role.
Is Apple working on this? Does someone know when it will be possible to do so ?
If you develop a non iOS peripheral, then you should be able to start acting as ATT client once the iOS central connected to you. The ATT database is shared accross applications and should be accessible this way. You can initialize it in a separate app or in the same app using a CPBeripheralManager.
Otherwise, there has been no indication from Apple that they would be considering this use case so I wouldn't expect it be implemented in the foreseeable future.