Pages

Slide 1 title

Click to Next

Slide 2

Click to Next

Slide 3

Click to Next

Slide 4

Click to Next

Slide 5

Click to Next

Friday, March 25, 2016

Cloud Security of Google

                              Cloud Security of Google
The Google security model is an finish-to-end process, crafted on about 15 years of working
experience centered on keeping customers Harmless on Google apps like Gmail and Google Applications. With Google Cloud Platform your purposes and data make use of the exact same protection design. Find out more concerning the Google protection model in our in-depth whitepaper.

Details Security Team

At the middle from the Google stability model is our Information Safety Crew consisting of more than five hundred major specialists in information, application, and network security. This staff is tasked with preserving the organization’s defense programs, building stability evaluate processes, constructing stability infrastructure and applying Google’s security policies. Their noteworthy achievements involve: identifying the Heartbleed vulnerability, beginning a reward plan for reporting application stability troubles, and employing an “SSL by default” plan at Google.


Data Heart Actual physical Stability

Google facts centers characteristic a layered protection model, which include safeguards like custom-built Digital accessibility playing cards, alarms, auto obtain barriers, perimeter fencing, metallic detectors, and biometrics. The info Heart floor characteristics laser beam intrusion detection. Our data facilities are monitored 24/7 by higher-resolution interior and exterior cameras which will detect and monitor thieves. Accessibility logs, action data, and digicam footage are reviewed in the event an incident occurs. Details centers will also be routinely patrolled by professional security guards who definitely have been through arduous background checks and coaching. Under one % of Googlers will at any time established foot in a single of our info facilities.

Server and Software Stack Safety

At Google we run tens of 1000s of equivalent, custom made-crafted servers. We’ve built almost everything from components and networking to the customized Linux software package stack with protection in your mind. Homogeneity, combined with ownership of the entire stack, enormously cuts down our security footprint and permits us to respond to threats quicker.


Information Access

Google has controls and tactics to protect the security of customer details. The levels on the Google software and storage stack involve that requests coming from other elements are authenticated and authorized. Accessibility by generation application administrative engineers to manufacturing environments is usually controlled. A centralized team and purpose management process is used to outline and Manage engineers’ use of creation companies, utilizing a safety protocol that authenticates engineers through the use of small-lived private general public key certificates; issuance of personal certificates is in turn guarded by two-factor authentication.

Details Disposal

When retired from Google’s programs, tough disks made up of purchaser info are subjected to a data destruction method in advance of leaving Google’s premises. 1st, disks are logically wiped by authorized individuals employing a approach approved because of the Google Security Staff. Then, another licensed individual performs a second inspection to verify that the disk has been efficiently wiped. These erase outcomes are logged with the travel’s serial selection for tracking. Lastly, the erased generate is produced to stock for reuse and redeployment. When the generate cannot be erased on account of hardware failure, it really is securely stored right until it can be bodily destroyed. Each facility is audited on a weekly foundation to monitor compliance Using the disk erase coverage.

System Security Features

All goods at Google, such as Cloud Platform, are designed with safety as a core style and development requirement. Additionally, Google’s web page dependability engineering groups oversee operations in the System systems to be certain substantial availability, and stop abuse of platform resources. Merchandise distinct security features are explained in each product’s documentation, but all subscribe to specific System-broad capabilities.

Secured Support APIs and Authenticated Access

All solutions are managed via a secured international API gateway infrastructure. This API serving infrastructure is simply available more than encrypted SSL/TLS channels, and every request involves the inclusion of the time-restricted authentication token created by using human login or non-public crucial primarily based secrets throughout the authentication method explained previously mentioned.

All access to Google Cloud System assets is controlled with the exact robust authenticated infrastructure that powers other Google providers. This means that You need to use present Google accounts, or build a regulated Google managed area. Characteristics out there when you find yourself handling customers contain password coverage, enforced 2-variable authentication, and new innovation for authentication enforcement in the shape of hardware protection keys.

Logging

All platform API requests, which include Internet requests, storage bucket entry, and person account entry, are logged. With Cloud Platform resources, you may read through functions and obtain logs for Compute Engine, Application Engine, BigQuery, Cloud SQL, Deployment Manager, Cloud VPN, and Cloud Storage.

Knowledge Encryption

Cloud System companies mechanically encrypt information just before it truly is prepared to disk. By way of example, the data for each Cloud Storage object and its metadata is encrypted underneath the 256-little bit Advanced Encryption Regular, and every encryption essential is itself encrypted having a routinely rotated list of grasp keys. Exactly the same encryption and vital management insurance policies employed for your data in Cloud Platform are employed by many of Google's output providers, like Google Docs, Gmail, and Google's own company information.

Secure International Community

As it’s associated with most ISPs on the planet, Google’s global community assists to improve the security of information in transit by limiting hops throughout the public World-wide-web. Cloud Interconnect and managed VPN help you develop encrypted channels between your non-public IP atmosphere on premises and Google’s community. This allows you to keep situations fully disconnected from the general public World-wide-web while however reachable from a possess personal infrastructure.

Intrusion Detection

Google intrusion detection consists of tightly controlling the dimensions and make-up of Google’s assault surface by preventative measures, utilizing intelligent detection controls at info entry details, and using systems that quickly solution specified risky scenarios.

Security Scanning

Cloud Security Scanner helps Application Motor developers establish the most typical vulnerabilities, especially cross-web site scripting (XSS) and mixed articles, inside their Website applications.

Compliance and Certifications

Cloud System and Google infrastructure is Licensed to get a escalating range of compliance benchmarks and controls. Go through more about the particular certifications on our compliance website page.


Holding Your Cloud Platform Initiatives Safe

Google is committed to doing its portion in holding your tasks safe, but protection is usually a shared obligation. We’ve supplied capabilities You may use to keep the job protected.

Functioning Procedure and Software Patches

Google Compute Motor and Google Container Motor are run by virtual devices (VM). If you employ these systems as part of your assignments, it can be your duty to keep the VM operating method and applications updated with the latest stability patches. Google maintains security and patching with the host OS environments.

Person and Credential Management

Google Cloud System enables you to set person permissions within the undertaking stage. Deliver crew associates with minimum privileged entry.

Network Firewall Rule Maintenance

By default, all incoming traffic from outside the house a network is blocked and no packet is authorized right into a VM occasion devoid of express firewall rules. To allow incoming community website traffic, you need to arrange firewalls to allow these connections. This approach to community permissions helps you to specify the origin and kind of site visitors permitted to achieve your compute situations.

Penetration Testing

If you intend to evaluate the security of your Cloud System infrastructure with penetration screening, You're not needed to contact us. You'll have to abide with the Cloud Platform Suitable Use Policy as well as the Phrases of Services and make sure your exams only have an affect on your jobs (and never other consumers’ programs). If a vulnerability is uncovered, remember to report it by means of the Vulnerability Reward Method.

Sensitive Information Administration

Info has various degrees of sensitivity. Cloud Platform provides the elemental capabilities necessary to Construct safe apps; however, it can be your accountability to enforce the suitable movement and use of this info at the level of the software. This incorporates blocking your conclude end users from sharing significant info beyond your corporate community / community cloud infrastructure (i.e., details loss prevention) and making sure you retain information which could establish a certain specific safe (i.e., personally identifiable data).

Thursday, March 24, 2016

Telescope Technology

                        Telescope Technology

Telescope Technology (TT) is a Universe Information System that offers a truly unprecedentedof the world’s store of online astronomical data. TT has woven astronomical images at all wavelengths into an “interface” that resembles their natural appearance and high quality images will attracts every one and simultaneously offering much deeper opportunities to learn about the science behind the images. The TT program, which is free for all non-commercial use, has now had more than 2 million downloads and has been used many more millions of times in its web client form.And this project will be sponsored by Microsoft technology only.
view

A telescope is an instrument that aids in the observation of remote objects by collecting electromagnetic radiation (such as visible light). The first known practical telescopes were invented in the Netherlands at the beginning of the 17th century, using glass lenses. They found use in terrestrial applications and astronomy. Within a few decades, the reflecting telescope was invented, which used mirrors. In the 20th century many new types of telescopes were invented, including radio telescopes in the 1930s and infrared telescopes in the 1960s. The word telescope now refers to a wide range of instruments detecting different regions of the electromagnetic spectrum, and in some cases other types of detectors.

History of Telescope
The earliest recorded working telescopes were the refracting telescopes that appeared in the Netherlands in 1608. Their development is credited to three individuals: 

Hans Lippershey and Zacharias Janssen, who were spectacle makers in Middelburg, and Jacob Metius of Alkmaar. Galileo heard about the Dutch telescope in June 1609, built his own within a month, and improved upon the design in the following year. In the same year, Galileo became the first person to point a telescope skyward in order to make telescopic observations of a celestial object. The idea that the objective, or light-gathering element, could be a mirror instead of a lens was being investigated soon after the invention of the refracting telescope. The potential advantages of using parabolic mirrors reduction of spherical aberration and no chromatic aberration led to many proposed designs and several attempts to build reflecting telescopes. In 1668, Isaac Newton built the first practical reflecting telescope, of a design which now bears his name, the Newtonian reflector. The invention of the achromatic lens in 1733 partially corrected color aberrations present in the simple lens and enabled the construction of shorter, more functional refracting telescopes. Reflecting telescopes, though not limited by the color problems seen in refractors, were hampered by the use of fast tarnishing speculum metal mirrors employed during the 18th and early 19th century a problem alleviated by the introduction of silver coated glass mirrors in 1857, and aluminized mirrors in 1932. The maximum physical size limit for refracting telescopes is about 1 meter (40 inches), dictating that the vast majority of large optical researching telescopes built since the turn of the 20th century have been reflectors. The largest reflecting telescopes currently have objectives larger than 10 m (33 feet), and work is underway on several 30-40m designs.

The 20th century also saw the development of telescopes that worked in a wide range of wavelengths from radio to gamma-rays. The first purpose built radio telescope went into operation in 1937. Since then, a tremendous variety of complex astronomical instruments have been developed.

Typesof Telescope
Gamma-ray telescopes
X-ray telescopes
Radio telescopes
Optical telescopes
Other telescopes

Saturday, March 19, 2016

Samsung Galaxy S7 locked bootloader


             Samsung Galaxy S7 locked bootloader

New technology, new world, new mobile we introduce Samsung Galaxy S7. Samsung Galaxy S7
mobile is related 5th generation of computer. Samsung appears to have a hit on its hands with the new Galaxy S7 and S7 Edge  the reviews are glowing and carriers are having trouble keeping them on the shelves. However, some users are up in arms about the state of Samsung’s software. According to enthusiasts, the T-Mobile version of the Galaxy S7 has a locked-down bootloader. This is causing so much consternation that owners have started a petition to get a bootloader unlock. But why all the fuss?

The bootloader on a device does exactly what the name implies. It contains the instructions on how to boot up a phone, tablet, PC or virtually any device with an operating system. The bootloader acts as a gatekeeper to make sure the code running on the phone is authentic as a security measure. A locked bootloader on Android will only allow properly signed software to be flashed to a device, and an unlocked one lets you install anything.

Having an unlocked bootloader is desirable for modding purposes. It makes it easy to install custom recoveries and root your phone. Almost all phones ship with locked bootloaders now, but some have support for user unlocking. The Nexus phones are famously unlockable, but HTC, Motorola, and others also support unlocking on most of their phone models too. The T-Mobile Galaxy phones have always offered an unlockable haven for fans of Samsung modding as AT&T and Verizon have always locked the bootloaders. Not so, this year. Samsung chose to lock the bootloader on the T-Mobile variant of the device, and there doesn’t appear to be any way to unlock it.

When we talk about locked bootloaders in this context, they are actually locked and encrypted. You can’t just issue a command to the phone after flipping the OEM unlock switch in settings like you can with a Nexus phone even those are locked out of the box. According to T-Mobile’s John Legere, the decision to lock down the T-Mobile phone is Samsung’s. The carrier has reached out to see about getting a bootloader unlock solution that it can support, but that could take a long time.

The fact of the matter is, most users should have devices that are bootloader locked. It’s an important security measure, especially now that Android supports factory reset protection. This prevents a stolen device from being used without the owner’s login details. If a phone has an unlocked bootloader, custom software can be flashed that bypasses that feature. This is probably why Samsung has started shipping all its devices locked. The problem is that Samsung doesn’t have an official bootloader unlock program.

Without a bootloader unlock, there won’t be any custom ROM development for the Galaxy S7. Rooting the device will also be extremely difficult, relying upon rare kernel and system vulnerabilities that can be patched in security updates. The petition has hit the goal of 1,000 signatures after less than two days, so Legere might have to respond with more than tweets. Petitions don’t usually do much good, but Android enthusiasts can be pretty persistent. Therefore Samsung Galaxy S7 is called 21st centuary mobile in the world.

Thursday, March 17, 2016

Best job for goat in Google

                          Best job for goat in Google

If it is strange information for you and there are 200 goats having job in the many more offices.
Google has brought to the goat grazing in the ground. I think now you  don't believe that 200 goats grazing on the ground job is possible. In the company of software, Hardware there must not be the engineer. I think you want to eager some thing lastly. Now what do 200 goats do in the google ?

The work of google goats is that goats must graze(feed) google ground in every weeks in one time. Then after the google get then salary for grazing on the ground. The grass must cut by the machine. It throws pollution, Like, Sound pollution, Smoke dirty things(air). Because of all people in the world. Undergo different kinds of pollution. Loud noises makes world as well as people disturb in every working time. So the google has just adopted a new information technology that goats are for grazing on the ground. But there are not kept goats in the google ground. The google's rules is that regularly goats are brought to graze in the google ground. But there is not kept. In this way first time in 2007 yahoo has managed for having job goats job for grazing. After which google has copied. So that all people in the world environment is
safe as well as the people.

Wednesday, March 16, 2016

Projector Technology

                            Projector Technology
A projector or image projector is an optical device that projects an image (or moving images) onto a surface, commonly a projection screen. Projector is modern technology for movies.


Most projectors create an image by shining a light through a small transparent lens, but some newer types of projectors can project the image directly, by using lasers. A virtual retinal display, or retinal projector, is a projector that projects an image directly on the retina instead of using an external projection screen.

The most common type of projector used today is called a video projector. Video projectors are digital replacements for earlier types of projectors such as slide projectors and overhead projectors. These earlier types of projectors were mostly replaced with digital video projectors throughout the 1990s and early 2000s (decade), but old analog projectors are still used at some places. The newest types of projectors are handheld projectors that use lasers or LEDs to project images. Their projections are hard to see if there is too much ambient light.

Movie theaters use a type of projector called a movie projector. Another type of projector is the enlarger, a device used to produce photographic prints from negatives.


History of projectors and cameras

Projectors share a common history with cameras. As far back as the 4th century BC, Greeks such as Aristotle and Euclid wrote on naturally-occurring rudimentary pinhole cameras. For example, light may travel through the slits of wicker baskets or the crossing of tree leaves. (The circular dapples on a forest floor, actually pinhole images of the sun, can be seen to have a bite taken out of them during partial solar eclipses opposite to the position of the moon's actual occultation of the sun because of the inverting effect of pinhole lenses.)

It was the 10th-century Ibn al-Haytham (Alhazen), who published this idea in the Book of Optics in 1021. When Ibn al-Haytham began experimenting with the camera obscura, he himself stated, Et nos non inventimus ita, "we did not invent this". He improved on the camera after realizing that the smaller the pinhole, the sharper the image (though the less light). He provides the first clear description for construction of a camera obscura (Lat. dark chamber). As a side benefit of his invention, he was credited with being first man to shift physics from a philosophical to an experimental basis.

In the 5th century BC, the Mohist philosopher Mo Jing in ancient China mentioned the effect of an inverted image forming through a pinhole. The image of an inverted Chinese pagoda is mentioned in Duan Chengshi's (died 863) book Miscellaneous Morsels from Youyang written during the Tang Dynasty (618–907). Along with experimenting with the pinhole camera and the burning mirror of the ancient Mohists, the Song Dynasty (960–1279) Chinese scientist Shen Kuo (1031–1095) experimented with camera obscura and was the first to establish geometrical and quantitative attributes for it.


Ancient pinhole camera effect caused by balistrarias in the Castelgrande in Bellinzona
In the 13th century, Robert Grosseteste and Roger Bacon commented on the pinhole camera. Between 1000 and 1600, men such as Ibn al-Haytham, Gemma Frisius, and Giambattista della Porta wrote on the pinhole camera, explaining why the images are upside down. Pinhole devices provide safety for the eyes when viewing solar eclipses because the event is observed indirectly, the diminished intensity of the pinhole image being harmless compared with the full glare of the Sun itself.

The first image projectors
The first known record of what might portray the idea of projecting an image on a surface is a drawing by Johannes de Fontana from 1420. The drawing was of a nun holding something that might be a lantern. The lantern had a small translucent window that contained an image of a devil holding a lance . Leonardo da Vinci also made a similar sketch in 1515. These drawings are likely to have inspired the creation of the earliest image projector, a device called a magic lantern.

In the 17th century, the first magic lantern was developed. With pinhole cameras and camera obscura it was only possible to project an image of actual scene, such as an image of the sun, on a surface. The magic lantern on the other hand could project a painted image on a surface, and marks the point where cameras and projectors became two different kinds of devices. There has been some debate about who the original inventor of the magic lantern is, but the most widely accepted theory is that Christiaan Huygens developed the original device in the late 1650s. However, other sources give credit to the German priest Athanasius Kircher. He describes a device such as the magic lantern in his book Ars Magna Lucis et Umbrae. There are possible mentions of this device associated with Kircher as early as 1646. Even in its earliest use, it was demonstrated with monstrous images such as the Devil. Huygen’s device was even referred to as the “lantern of fright” because it was able to project spooky images that looked like apparitions. In its early development, it was mostly used by magicians and conjurers to project images, making them appear or disappear, transform from one scene into a different scene, animate normally inanimate objects, or even create the belief of bringing the dead back to life. In the 1660s, a man named Thomas Walgensten used his so-called “lantern of fear” to summon ghosts. These misuses of this early machine were not uncommon. In fact, a common setup of the machine was to keep parts of the projector in a separate, adjoining room with only the aperture visible, to make it seem more magical and scare people. By the 18th century, use by charlatans was common for religious reasons. For example, Count Cagliostro used it to ‘raise dead spirits’ in Egyptian masonry. Johann Georg Schröpfer used the magic lantern to conjure up images of dead people on smoke. He staged routines doing this at his coffee shop in Leipzig. He did this to scare people and make them think he was a good actor. Schröpfer ended up going crazy and thinking he himself was pursued by real devils, and shot himself after promising an audience he would later resurrect himself.

The 20th century to present day
In the early and middle parts of the 20th century, a new type of low-cost projectors called opaque projectors were produced and marketed as toys for children. The opaque projector is a predecessor to the overhead projector. The light source in early opaque projectors was often limelight, with Incandescent light bulbs and halogen lamps taking over later.

In the late 1950s and early 1960s, overhead projectors began to be widely used in schools and businesses. The first overhead projector was used for police identification work. It used a cellophane roll over a 9-inch stage allowing facial characteristics to be rolled across the stage. The U.S. Army in 1945 was the first to use it in quantity for training as World War II wound down.

Another type of projector called slide projectors were common in the 1950s to the 1990s for presentations and as a form of entertainment; family members and friends would gather to view slideshows.

In the early 2000s, slides were largely replaced by digital images.

Tuesday, March 15, 2016

Bluetooth Technology

                      Bluetooth Technology

Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength UHF radio waves in the ISM band from 2.4 to 2.485 GHz)from fixed and mobile devices, and building personal area networks (PANs). Invented by telecom vendor Ericsson in 1994, it was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices,
overcoming problems of synchronization.

Bluetooth is managed by the Bluetooth Special Interest Group (SIG), which has more than 25,000 member companies in the areas of telecommunication, computing, Networking, and consumer electronics. The IEEE standardized Bluetooth as IEEE 802.15.1, but no longer maintains the standard. The Bluetooth SIG oversees development of the specification, manages the qualification program, and protects the trademarks. A manufacturer must make a device meet Bluetooth SIG standards to market it as a Bluetooth device. A network of patents apply to the technology, which are licensed to individual qualifying devices.

The Origin of Bluetooth
The development of the "short-link" radio technology, later named Bluetooth, was initiated in 1989 by Dr. Nils Rydbeck CTO at Ericsson Mobile in Lund and Dr. Johan

Ullman. The purpose was to develop wireless headsets, according to two inventions by Johan Ullman, SE 8902098-6, issued 1989-06-12 and SE 9202239, issued 1992-07-24.

Nils Rydbeck tasked Tord Wingren with specifying and Jaap Haartsen and Sven Mattisson with developing. Both were working for Ericsson in Lund, Sweden. The

specification is based on frequency-hopping spread spectrum technology

Communication and connection
A master Bluetooth device can communicate with a maximum of seven devices in a piconet (an ad-hoc computer network using Bluetooth technology), though not all devices

reach this maximum. The devices can switch roles, by agreement, and the slave can become the master (for example, a headset initiating a connection to a phone

necessarily begins as master as initiator of the connection—but may subsequently operate as slave).

The Bluetooth Core Specification provides for the connection of two or more piconets to form a scatternet, in which certain devices simultaneously play the master role

in one piconet and the slave role in another.

At any given time, data can be transferred between the master and one other device (except for the little-used broadcast mode.) The master chooses which slave device

to address; typically, it switches rapidly from one device to another in a round-robin fashion. Since it is the master that chooses which slave to address, whereas a

slave is (in theory) supposed to listen in each receive slot, being a master is a lighter burden than being a slave. Being a master of seven slaves is possible; being

a slave of more than one master is difficult. The specification is vague as to required behavior in scatternets.

Many USB Bluetooth adapters or "dongles" are available, some of which also include an IrDA adapter.

Uses
Class Max. permitted power Typ. range
(m)
(mW) (dBm)
1 100 20 ~100
2 2.5 4 ~10
3 1 0 ~1
Bluetooth is a standard wire-replacement communications protocol primarily designed for low-power consumption, with a short range based on low-cost transceiver

microchips in each device. Because the devices use a radio (broadcast) communications system, they do not have to be in visual line of sight of each other, however a

quasi optical wireless path must be viable.[6] Range is power-class-dependent, but effective ranges vary in practice; see the table on the right.

Officially Class 3 radios have a range of up to 1 metre (3 ft), Class 2, most commonly found in mobile devices, 10 metres (33 ft), and Class 1, primarily for

industrial use cases,100 metres (300 ft). Bluetooth Marketing qualifies that Class 1 range is in most cases 20–30 metres (66–98 ft), and Class 2 range 5–10 metres

(16–33 ft).

Version Data rate Max. application throughput
1.2 1 Mbit/s >80 kbit/s
2.0 + EDR 3 Mbit/s >80 kbit/s
3.0 + HS 24 Mbit/s See Version 3.0 + HS
4.0 24 Mbit/s See Version 4.0 LE
The effective range varies due to propagation conditions, material coverage, production sample variations, antenna configurations and battery conditions. Most

Bluetooth applications are for indoor conditions, where attenuation of walls and signal fading due to signal reflections make the range far lower than specified line-

of-sight ranges of the Bluetooth products. Most Bluetooth applications are battery powered Class 2 devices, with little difference in range whether the other end of

the link is a Class 1 or Class 2 device as the lower powered device tends to set the range limit. In some cases the effective range of the data link can be extended

when a Class 2 device is connecting to a Class 1 transceiver with both higher sensitivity and transmission power than a typical Class 2 device. Mostly however the

Class 1 devices have a similar sensitivity to Class 2 devices. Connecting two Class 1 devices with both high sensitivity and high power can allow ranges far in excess

of the typical 100m, depending on the throughput required by the application. Some such devices allow open field ranges of up to 1 km and beyond between two similar

devices without exceeding legal emission limits.

The Bluetooth Core Specification mandates a range of not less than 10 metres (33 ft), but there is no upper limit on actual range. Manufacturers' implementations can

be tuned to provide the range needed for each case.

Bluetooth profiles
Main article: Bluetooth profile
To use Bluetooth wireless technology, a device must be able to interpret certain Bluetooth profiles, which are definitions of possible applications and specify general

behaviours that Bluetooth-enabled devices use to communicate with other Bluetooth devices. These profiles include settings to parametrize and to control the

communication from start. Adherence to profiles saves the time for transmitting the parameters anew before the bi-directional link becomes effective. There are a wide

range of Bluetooth profiles that describe many different types of applications or use cases for devices.

List of applications
A typical Bluetooth mobile phone headset.
Wireless control of and communication between a mobile phone and a handsfree headset. This was one of the earliest applications to become popular.
Wireless control of and communication between a mobile phone and a Bluetooth compatible car stereo system.
Wireless control of and communication with tablets and speakers such as iOS and Android devices.
Wireless Bluetooth headset and Intercom. Idiomatically, a headset is sometimes called "a Bluetooth".

Bluetooth vs. Wi-Fi
Bluetooth and Wi-Fi (the brand name for products using IEEE 802.11 standards) have some similar applications: setting up networks, printing, or transferring files.

Wi-Fi is intended as a replacement for high speed cabling for general local area network access in work areas. This category of applications is sometimes called

wireless local area networks (WLAN). Bluetooth was intended for portable equipment and its applications. The category of applications is outlined as the wireless

personal area network (WPAN). Bluetooth is a replacement for cabling in a variety of personally carried applications in any setting, and also works for fixed location

applications such as smart energy functionality in the home (thermostats, etc.).

Wi-Fi and Bluetooth are to some extent complementary in their applications and usage. Wi-Fi is usually access point-centered, with an asymmetrical client-server

connection with all traffic routed through the access point, while Bluetooth is usually symmetrical, between two Bluetooth devices. Bluetooth serves well in simple

applications where two devices need to connect with minimal configuration like a button press, as in headsets and remote controls, while Wi-Fi suits better in

applications where some degree of client configuration is possible and high speeds are required, especially for network access through an access node. However,

Bluetooth access points do exist and ad-hoc connections are possible with Wi-Fi though not as simply as with Bluetooth. Wi-Fi Direct was recently developed to add a

more Bluetooth-like ad-hoc functionality to Wi-Fi.

Devices
A Bluetooth USB dongle with a 100 m range.
Bluetooth exists in many products, such as telephones, tablets, media players, robotics systems, handheld, laptops and console gaming equipment, and some high

definition headsets, modems, and watches. The technology is useful when transferring information between two or more devices that are near each other in low-bandwidth

situations. Bluetooth is commonly used to transfer sound data with telephones (i.e., with a Bluetooth headset) or byte data with hand-held computers (transferring

files).

Bluetooth protocols simplify the discovery and setup of services between devices. Bluetooth devices can advertise all of the services they provide. This makes using

services easier, because more of the security, network address and permission configuration can be automated than with many other network types.

Computer requirements

A typical Bluetooth USB dongle.

An internal notebook Bluetooth card (14×36×4 mm).
A personal computer that does not have embedded Bluetooth can use a Bluetooth adapter that enables the PC to communicate with Bluetooth devices. While some desktop

computers and most recent laptops come with a built-in Bluetooth radio, others require an external adapter, typically in the form of a small USB "dongle."

Unlike its predecessor, IrDA, which requires a separate adapter for each device, Bluetooth lets multiple devices communicate with a computer over a single adapter.

Operating system implementation
For more details on this topic, see Bluetooth stack.
Apple products have worked with Bluetooth since Mac OS X v10.2, which was released in 2002.

For Microsoft platforms, Windows XP Service Pack 2 and SP3 releases work natively with Bluetooth v1.1, v2.0 and v2.0+EDR. Previous versions required users to install

their Bluetooth adapter's own drivers, which were not directly supported by Microsoft. Microsoft's own Bluetooth dongles (packaged with their Bluetooth computer

devices) have no external drivers and thus require at least Windows XP Service Pack 2. Windows Vista RTM/SP1 with the Feature Pack for Wireless or Windows Vista SP2

work with Bluetooth v2.1+EDR. Windows 7 works with Bluetooth v2.1+EDR and Extended Inquiry Response (EIR).

The Windows XP and Windows Vista/Windows 7 Bluetooth stacks support the following Bluetooth profiles natively: PAN, SPP, DUN, HID, HCRP. The Windows XP stack can be

replaced by a third party stack that supports more profiles or newer Bluetooth versions. The Windows Vista/Windows 7 Bluetooth stack supports vendor-supplied

additional profiles without requiring that the Microsoft stack be replaced.

Linux has two popular Bluetooth stacks, BlueZ and Affix. The BlueZ stack is included with most Linux kernels and was originally developed by Qualcomm. The Affix stack

was developed by Nokia. FreeBSD features Bluetooth since its v5.0 release. NetBSD features Bluetooth since its v4.0 release. Its Bluetooth stack has been ported to

OpenBSD as well.

Specifications and features
The specifications were formalized by the Bluetooth Special Interest Group (SIG). The SIG was formally announced on 20 May 1998. Today it has a membership of over

20,000 companies worldwide. It was established by Ericsson, IBM, Intel, Toshiba and Nokia, and later joined by many other companies.

All versions of the Bluetooth standards support downward compatibility. That lets the latest standard cover all older versions.

The Bluetooth Core Specification Working Group (CSWG) produces mainly 4 kinds of specifications

The Bluetooth Core Specification, release cycle is typically a few years in between
Core Specification Addendum (CSA), release cycle can be as tight as a few times per year
Core Specification Supplements (CSS), can be released very quickly
Errata
Bluetooth v1.0 and v1.0B
Versions 1.0 and 1.0B[citation needed] had many problems and manufacturers had difficulty making their products interoperable. Versions 1.0 and 1.0B also included

mandatory Bluetooth hardware device address (BD_ADDR) transmission in the Connecting process (rendering anonymity impossible at the protocol level), which was a major

setback for certain services planned for use in Bluetooth environments.

Bluetooth v1.1
Ratified as IEEE Standard 802.15.1–2002
Many errors found in the v1.0B specifications were fixed.
Added possibility of non-encrypted channels.
Received Signal Strength Indicator (RSSI).
Bluetooth v1.2
Major enhancements include the following:

Faster Connection and Discovery
Adaptive frequency-hopping spread spectrum (AFH), which improves resistance to radio frequency interference by avoiding the use of crowded frequencies in the hopping

sequence.
Higher transmission speeds in practice, up to 721 kbit/s, than in v1.1.
Extended Synchronous Connections (eSCO), which improve voice quality of audio links by allowing retransmissions of corrupted packets, and may optionally increase audio

latency to provide better concurrent data transfer.
Host Controller Interface (HCI) operation with three-wire UART.
Ratified as IEEE Standard 802.15.1–2005
Introduced Flow Control and Retransmission Modes for L2CAP.
Bluetooth v2.0 + EDR
This version of the Bluetooth Core Specification was released in 2004. The main difference is the introduction of an Enhanced Data Rate (EDR) for faster data transfer.

The nominal rate of EDR is about 3 Mbit/s, although the practical data transfer rate is 2.1 Mbit/s. EDR uses a combination of GFSK and Phase Shift Keying modulation

(PSK) with two variants, p/4-DQPSK and 8DPSK. EDR can provide a lower power consumption through a reduced duty cycle.

The specification is published as Bluetooth v2.0 + EDR, which implies that EDR is an optional feature. Aside from EDR, the v2.0 specification contains other minor

improvements, and products may claim compliance to "Bluetooth v2.0" without supporting the higher data rate. At least one commercial device states "Bluetooth v2.0

without EDR" on its data sheet.

Bluetooth v2.1 + EDR
Bluetooth Core Specification Version 2.1 + EDR was adopted by the Bluetooth SIG on 26 July 2007.

The headline feature of v2.1 is secure simple pairing (SSP): this improves the pairing experience for Bluetooth devices, while increasing the use and strength of

security. See the section on Pairing below for more details.

Version 2.1 allows various other improvements, including "Extended inquiry response" (EIR), which provides more information during the inquiry procedure to allow

better filtering of devices before connection; and sniff subrating, which reduces the power consumption in low-power mode.

Bluetooth v3.0 + HS
Version 3.0 + HS of the Bluetooth Core Specification was adopted by the Bluetooth SIG on 21 April 2009. Bluetooth v3.0 + HS provides theoretical data transfer speeds

of up to 24 Mbit/s, though not over the Bluetooth link itself. Instead, the Bluetooth link is used for negotiation and establishment, and the high data rate traffic is

carried over a colocated 802.11 link.

The main new feature is AMP (Alternative MAC/PHY), the addition of 802.11 as a high speed transport. The High-Speed part of the specification is not mandatory, and

hence only devices that display the "+HS" logo actually support Bluetooth over 802.11 high-speed data transfer. A Bluetooth v3.0 device without the "+HS" suffix is

only required to support features introduced in Core Specification Version 3.0 or earlier Core Specification Addendum 1.

L2CAP Enhanced modes
Enhanced Retransmission Mode (ERTM) implements reliable L2CAP channel, while Streaming Mode (SM) implements unreliable channel with no retransmission or flow control.

Introduced in Core Specification Addendum 1.
Alternative MAC/PHY
Enables the use of alternative MAC and PHYs for transporting Bluetooth profile data. The Bluetooth radio is still used for device discovery, initial connection and

profile configuration. However, when large quantities of data must be sent, the high speed alternative MAC PHY 802.11 (typically associated with Wi-Fi) transports the

data. This means that Bluetooth uses proven low power connection models when the system is idle, and the faster radio when it must send large quantities of data. AMP

links require enhanced L2CAP modes.
Unicast Connectionless Data
Permits sending service data without establishing an explicit L2CAP channel. It is intended for use by applications that require low latency between user action and

reconnection/transmission of data. This is only appropriate for small amounts of data.
Enhanced Power Control
Updates the power control feature to remove the open loop power control, and also to clarify ambiguities in power control introduced by the new modulation schemes

added for EDR. Enhanced power control removes the ambiguities by specifying the behaviour that is expected. The feature also adds closed loop power control, meaning

RSSI filtering can start as the response is received. Additionally, a "go straight to maximum power" request has been introduced. This is expected to deal with the

headset link loss issue typically observed when a user puts their phone into a pocket on the opposite side to the headset.

Ultra-wideband
The high speed (AMP) feature of Bluetooth v3.0 was originally intended for UWB, but the WiMedia Alliance, the body responsible for the flavor of UWB intended for

Bluetooth, announced in March 2009 that it was disbanding, and ultimately UWB was omitted from the Core v3.0 specification.

On 16 March 2009, the WiMedia Alliance announced it was entering into technology transfer agreements for the WiMedia Ultra-wideband (UWB) specifications. WiMedia has

transferred all current and future specifications, including work on future high speed and power optimized implementations, to the Bluetooth Special Interest Group

(SIG), Wireless USB Promoter Group and the USB Implementers Forum. After successful completion of the technology transfer, marketing, and related administrative items,

the WiMedia Alliance ceased operations.

In October 2009 the Bluetooth Special Interest Group suspended development of UWB as part of the alternative MAC/PHY, Bluetooth v3.0 + HS solution. A small, but

significant, number of former WiMedia members had not and would not sign up to the necessary agreements for the IP transfer. The Bluetooth SIG is now in the process of

evaluating other options for its longer term roadmap.

Bluetooth v4.0
See also: Bluetooth low energy
The Bluetooth SIG completed the Bluetooth Core Specification version 4.0 (called Bluetooth Smart) and has been adopted as of 30 June 2010. It includes Classic

Bluetooth, Bluetooth high speed and Bluetooth low energy protocols. Bluetooth high speed is based on Wi-Fi, and Classic Bluetooth consists of legacy Bluetooth

protocols.

Bluetooth low energy, previously known as Wibree, is a subset of Bluetooth v4.0 with an entirely new protocol stack for rapid build-up of simple links. As an

alternative to the Bluetooth standard protocols that were introduced in Bluetooth v1.0 to v3.0, it is aimed at very low power applications running off a coin cell.

Chip designs allow for two types of implementation, dual-mode, single-mode and enhanced past versions. The provisional names Wibree and Bluetooth ULP (Ultra Low Power)

were abandoned and the BLE name was used for a while. In late 2011, new logos “Bluetooth Smart Ready” for hosts and “Bluetooth Smart” for sensors were introduced as

the general-public face of BLE.

In a single-mode implementation, only the low energy protocol stack is implemented. STMicroelectronics, AMICCOM, CSR, Nordic Semiconductor and Texas Instruments have

released single mode Bluetooth low energy solutions.
In a dual-mode implementation, Bluetooth Smart functionality is integrated into an existing Classic Bluetooth controller. As of March 2011, the following semiconductor

companies have announced the availability of chips meeting the standard: Qualcomm-Atheros, CSR, Broadcom and Texas Instruments. The compliant architecture shares all

of Classic Bluetooth’s existing radio and functionality resulting in a negligible cost increase compared to Classic Bluetooth.
Cost-reduced single-mode chips, which enable highly integrated and compact devices, feature a lightweight Link Layer providing ultra-low power idle mode operation,

simple device discovery, and reliable point-to-multipoint data transfer with advanced power-save and secure encrypted connections at the lowest possible cost.

General improvements in version 4.0 include the changes necessary to facilitate BLE modes, as well the Generic Attribute Profile (GATT) and Security Manager (SM)

services with AES Encryption.

Core Specification Addendum 2 was unveiled in December 2011; it contains improvements to the audio Host Controller Interface and to the High Speed (802.11) Protocol

Adaptation Layer.

Core Specification Addendum 3 revision 2 has an adoption date of 24 July 2012.

Core Specification Addendum 4 has an adoption date of 12 February 2013.

Bluetooth v4.1
The Bluetooth SIG announced formal adoption of the Bluetooth v4.1 specification on 4 December 2013. This specification is an incremental software update to Bluetooth

Specification v4.0, and not a hardware update. The update incorporates Bluetooth Core Specification Addenda (CSA 1, 2, 3 & 4) and adds new features that improve

consumer usability. These include increased co-existence support for LTE, bulk data exchange rates—and aid developer innovation by allowing devices to support multiple

roles simultaneously.

New features of this specification include:

Mobile Wireless Service Coexistence Signaling
Train Nudging and Generalized Interlaced Scanning
Low Duty Cycle Directed Advertising
L2CAP Connection Oriented and Dedicated Channels with Credit Based Flow Control
Dual Mode and Topology
LE Link Layer Topology
802.11n PAL
Audio Architecture Updates for Wide Band Speech
Fast Data Advertising Interval
Limited Discovery Time
Notice that some features were already available in a Core Specification Addendum (CSA) before the release of v4.1.

Bluetooth v4.2
Bluetooth v4.2 was released on December 2, 2014. It Introduces some key features for IoT. Some features, such as Data Length Extension, require a hardware update. But

some older Bluetooth hardware may receive some Bluetooth v4.2 features, such as privacy updates via firmware.

The major areas of improvement are:

LE Data Packet Length Extension
LE Secure Connections
Link Layer Privacy
Link Layer Extended Scanner Filter Policies
IP connectivity for Bluetooth Smart devices to become available soon after the introduction of BT v4.2 via the new Internet Protocol Support Profile (IPSP).
IPSP adds an IPv6 connection option for Bluetooth Smart, to support connected home and other IoT implementations.
Technical information

Bluetooth protocol stack

Bluetooth Protocol Stack
Bluetooth is defined as a layer protocol architecture consisting of core protocols, cable replacement protocols, telephony control protocols, and adopted protocols.

Mandatory protocols for all Bluetooth stacks are: LMP, L2CAP and SDP. In addition, devices that communicate with Bluetooth almost universally can use these protocols:

HCI and RFCOMM.

LMP
The Link Management Protocol (LMP) is used for set-up and control of the radio link between two devices. Implemented on the controller.

L2CAP
The Logical Link Control and Adaptation Protocol (L2CAP) is used to multiplex multiple logical connections between two devices using different higher level protocols.

Provides segmentation and reassembly of on-air packets.

In Basic mode, L2CAP provides packets with a payload configurable up to 64 kB, with 672 bytes as the default MTU, and 48 bytes as the minimum mandatory supported MTU.

In Retransmission and Flow Control modes, L2CAP can be configured either for isochronous data or reliable data per channel by performing retransmissions and CRC

checks.

Bluetooth Core Specification Addendum 1 adds two additional L2CAP modes to the core specification. These modes effectively deprecate original Retransmission and Flow

Control modes:

Enhanced Retransmission Mode (ERTM): This mode is an improved version of the original retransmission mode. This mode provides a reliable L2CAP channel.
Streaming Mode (SM): This is a very simple mode, with no retransmission or flow control. This mode provides an unreliable L2CAP channel.
Reliability in any of these modes is optionally and/or additionally guaranteed by the lower layer Bluetooth BDR/EDR air interface by configuring the number of

retransmissions and flush timeout (time after which the radio flushes packets). In-order sequencing is guaranteed by the lower layer.

Only L2CAP channels configured in ERTM or SM may be operated over AMP logical links.

SDP
The Service Discovery Protocol (SDP) allows a device to discover services offered by other devices, and their associated parameters. For example, when you use a mobile

phone with a Bluetooth headset, the phone uses SDP to determine which Bluetooth profiles the headset can use (Headset Profile, Hands Free Profile, Advanced Audio

Distribution Profile (A2DP) etc.) and the protocol multiplexer settings needed for the phone to connect to the headset using each of them. Each service is identified

by a Universally Unique Identifier (UUID), with official services (Bluetooth profiles) assigned a short form UUID (16 bits rather than the full 128).

RFCOMM
Radio Frequency Communications (RFCOMM) is a cable replacement protocol used to generate a virtual serial data stream. RFCOMM provides for binary data transport and

emulates EIA-232 (formerly RS-232) control signals over the Bluetooth baseband layer, i.e. it is a serial port emulation.

RFCOMM provides a simple reliable data stream to the user, similar to TCP. It is used directly by many telephony related profiles as a carrier for AT commands, as well

as being a transport layer for OBEX over Bluetooth.

Many Bluetooth applications use RFCOMM because of its widespread support and publicly available API on most operating systems. Additionally, applications that used a

serial port to communicate can be quickly ported to use RFCOMM.

BNEP
The Bluetooth Network Encapsulation Protocol (BNEP) is used for transferring another protocol stack's data via an L2CAP channel. Its main purpose is the transmission

of IP packets in the Personal Area Networking Profile. BNEP performs a similar function to SNAP in Wireless LAN.

AVCTP
The Audio/Video Control Transport Protocol (AVCTP) is used by the remote control profile to transfer AV/C commands over an L2CAP channel. The music control buttons on

a stereo headset use this protocol to control the music player.

AVDTP
The Audio/Video Distribution Transport Protocol (AVDTP) is used by the advanced audio distribution profile to stream music to stereo headsets over an L2CAP channel

intended for video distribution profile in the Bluetooth transmission.

TCS
The Telephony Control Protocol – Binary (TCS BIN) is the bit-oriented protocol that defines the call control signaling for the establishment of voice and data calls

between Bluetooth devices. Additionally, "TCS BIN defines mobility management procedures for handling groups of Bluetooth TCS devices."

TCS-BIN is only used by the cordless telephony profile, which failed to attract implementers. As such it is only of historical interest.

Adopted protocols
Adopted protocols are defined by other standards-making organizations and incorporated into Bluetooth’s protocol stack, allowing Bluetooth to code protocols only when

necessary. The adopted protocols include:

Point-to-Point Protocol (PPP): Internet standard protocol for transporting IP datagrams over a point-to-point link.
TCP/IP/UDP: Foundation Protocols for TCP/IP protocol suite
Object Exchange Protocol (OBEX): Session-layer protocol for the exchange of objects, providing a model for object and operation representation
Wireless Application Environment/Wireless Application Protocol (WAE/WAP): WAE specifies an application framework for wireless devices and WAP is an open standard to

provide mobile users access to telephony and information services.
Baseband error correction
Depending on packet type, individual packets may be protected by error correction, either 1/3 rate forward error correction (FEC) or 2/3 rate. In addition, packets

with CRC will be retransmitted until acknowledged by automatic repeat request (ARQ).

Setting up connections
Any Bluetooth device in discoverable mode transmits the following information on demand:

Device name
Device class
List of services
Technical information (for example: device features, manufacturer, Bluetooth specification used, clock offset)
Any device may perform an inquiry to find other devices to connect to, and any device can be configured to respond to such inquiries. However, if the device trying to

connect knows the address of the device, it always responds to direct connection requests and transmits the information shown in the list above if requested. Use of a

device's services may require pairing or acceptance by its owner, but the connection itself can be initiated by any device and held until it goes out of range. Some

devices can be connected to only one device at a time, and connecting to them prevents them from connecting to other devices and appearing in inquiries until they

disconnect from the other device.

Every device has a unique 48-bit address. However, these addresses are generally not shown in inquiries. Instead, friendly Bluetooth names are used, which can be set

by the user. This name appears when another user scans for devices and in lists of paired devices.

Most cellular phones have the Bluetooth name set to the manufacturer and model of the phone by default. Most cellular phones and laptops show only the Bluetooth names

and special programs are required to get additional information about remote devices. This can be confusing as, for example, there could be several cellular phones in

range named T610 (see Bluejacking).


Pairing and bonding
Motivation
Many services offered over Bluetooth can expose private data or let a connecting party control the Bluetooth device. Security reasons make it necessary to recognize

specific devices, and thus enable control over which devices can connect to a given Bluetooth device. At the same time, it is useful for Bluetooth devices to be able

to establish a connection without user intervention (for example, as soon as in range).

To resolve this conflict, Bluetooth uses a process called bonding, and a bond is generated through a process called pairing. The pairing process is triggered either by

a specific request from a user to generate a bond (for example, the user explicitly requests to "Add a Bluetooth device"), or it is triggered automatically when

connecting to a service where (for the first time) the identity of a device is required for security purposes. These two cases are referred to as dedicated bonding and

general bonding respectively.

Pairing often involves some level of user interaction. This user interaction confirms the identity of the devices. When pairing successfully completes, a bond forms

between the two devices, enabling those two devices to connect to each other in the future without repeating the pairing process to confirm device identities. When

desired, the user can remove the bonding relationship.

Implementation
During pairing, the two devices establish a relationship by creating a shared secret known as a link key. If both devices store the same link key, they are said to be

paired or bonded. A device that wants to communicate only with a bonded device can cryptographically authenticate the identity of the other device, ensuring it is the

same device it previously paired with. Once a link key is generated, an authenticated Asynchronous Connection-Less (ACL) link between the devices may be encrypted to

protect exchanged data against eavesdropping. Users can delete link keys from either device, which removes the bond between the devices—so it is possible for one

device to have a stored link key for a device it is no longer paired with.

Bluetooth services generally require either encryption or authentication and as such require pairing before they let a remote device connect. Some services, such as

the Object Push Profile, elect not to explicitly require authentication or encryption so that pairing does not interfere with the user experience associated with the

service use-cases.

Pairing mechanisms
Pairing mechanisms changed significantly with the introduction of Secure Simple Pairing in Bluetooth v2.1. The following summarizes the pairing mechanisms:

Legacy pairing: This is the only method available in Bluetooth v2.0 and before. Each device must enter a PIN code; pairing is only successful if both devices enter the

same PIN code. Any 16-byte UTF-8 string may be used as a PIN code; however, not all devices may be capable of entering all possible PIN codes.
Limited input devices: The obvious example of this class of device is a Bluetooth Hands-free headset, which generally have few inputs. These devices usually have a

fixed PIN, for example "0000" or "1234", that are hard-coded into the device.
Numeric input devices: Mobile phones are classic examples of these devices. They allow a user to enter a numeric value up to 16 digits in length.
Alpha-numeric input devices: PCs and smartphones are examples of these devices. They allow a user to enter full UTF-8 text as a PIN code. If pairing with a less

capable device the user must be aware of the input limitations on the other device, there is no mechanism available for a capable device to determine how it should

limit the available input a user may use.
Secure Simple Pairing (SSP): This is required by Bluetooth v2.1, although a Bluetooth v2.1 device may only use legacy pairing to interoperate with a v2.0 or earlier

device. Secure Simple Pairing uses a form of public key cryptography, and some types can help protect against man in the middle, or MITM attacks. SSP has the following

authentication mechanisms:
Just works: As the name implies, this method just works, with no user interaction. However, a device may prompt the user to confirm the pairing process. This method is

typically used by headsets with very limited IO capabilities, and is more secure than the fixed PIN mechanism this limited set of devices uses for legacy pairing. This

method provides no man-in-the-middle (MITM) protection.
Numeric comparison: If both devices have a display, and at least one can accept a binary yes/no user input, they may use Numeric Comparison. This method displays a 6-

digit numeric code on each device. The user should compare the numbers to ensure they are identical. If the comparison succeeds, the user(s) should confirm pairing on

the device(s) that can accept an input. This method provides MITM protection, assuming the user confirms on both devices and actually performs the comparison properly.
Passkey Entry: This method may be used between a device with a display and a device with numeric keypad entry (such as a keyboard), or two devices with numeric keypad

entry. In the first case, the display is used to show a 6-digit numeric code to the user, who then enters the code on the keypad. In the second case, the user of each

device enters the same 6-digit number. Both of these cases provide MITM protection.
Out of band (OOB): This method uses an external means of communication, such as Near Field Communication (NFC) to exchange some information used in the pairing

process. Pairing is completed using the Bluetooth radio, but requires information from the OOB mechanism. This provides only the level of MITM protection that is

present in the OOB mechanism.

SSP is considered simple for the following reasons:

In most cases, it does not require a user to generate a passkey.
For use-cases not requiring MITM protection, user interaction can be eliminated.
For numeric comparison, MITM protection can be achieved with a simple equality comparison by the user.
Using OOB with NFC enables pairing when devices simply get close, rather than requiring a lengthy discovery process.

Security concerns
Prior to Bluetooth v2.1, encryption is not required and can be turned off at any time. Moreover, the encryption key is only good for approximately 23.5 hours; using a

single encryption key longer than this time allows simple XOR attacks to retrieve the encryption key.

Turning off encryption is required for several normal operations, so it is problematic to detect if encryption is disabled for a valid reason or for a security attack.
Bluetooth v2.1 addresses this in the following ways:

Encryption is required for all non-SDP (Service Discovery Protocol) connections
A new Encryption Pause and Resume feature is used for all normal operations that require that encryption be disabled. This enables easy identification of normal

operation from security attacks.
The encryption key must be refreshed before it expires.
Link keys may be stored on the device file system, not on the Bluetooth chip itself. Many Bluetooth chip manufacturers let link keys be stored on the device—however,

if the device is removable, this means that the link key moves with the device.

Air interface
The protocol operates in the license-free ISM band at 2.402–2.480 GHz. To avoid interfering with other protocols that use the 2.45 GHz band, the Bluetooth protocol

divides the band into 79 channels (each 1 MHz wide) and changes channels, generally 1600 times per second. Implementations with versions 1.1 and 1.2 reach speeds of

723.1 kbit/s. Version 2.0 implementations feature Bluetooth Enhanced Data Rate (EDR) and reach 2.1 Mbit/s; this comes with a concomitant higher power consumption. In

some cases, the higher data rate is expected to offset this increased drain.

Security

Bluetooth implements confidentiality, authentication and key derivation with custom algorithms based on the SAFER+ block cipher. Bluetooth key generation is generally

based on a Bluetooth PIN, which must be entered into both devices. This procedure might be modified if one of the devices has a fixed PIN (e.g., for headsets or

similar devices with a restricted user interface). During pairing, an initialization key or master key is generated, using the E22 algorithm. The E0 stream cipher is

used for encrypting packets, granting confidentiality, and is based on a shared cryptographic secret, namely a previously generated link key or master key. Those keys,

used for subsequent encryption of data sent via the air interface, rely on the Bluetooth PIN, which has been entered into one or both devices.

An overview of Bluetooth vulnerabilities exploits was published in 2007 by Andreas Becker.

In September 2008, the National Institute of Standards and Technology (NIST) published a Guide to Bluetooth Security as a reference for organizations. It describes

Bluetooth security capabilities and how to secure Bluetooth technologies effectively. While Bluetooth has its benefits, it is susceptible to denial-of-service attacks,

eavesdropping, man-in-the-middle attacks, message modification, and resource misappropriation. Users and organizations must evaluate their acceptable level of risk and

incorporate security into the lifecycle of Bluetooth devices. To help mitigate risks, included in the NIST document are security checklists with guidelines and

recommendations for creating and maintaining secure Bluetooth piconets, headsets, and smart card readers.

Bluetooth v2.1  finalized in 2007 with consumer devices first appearing in 2009  makes significant changes to Bluetooth's security, including pairing. See the pairing

mechanisms section for more about these changes.

Bluejacking
Bluejacking is the sending of either a picture or a message from one user to an unsuspecting user through Bluetooth wireless technology. Common applications include

short messages, e.g., "You've just been bluejacked!". Bluejacking does not involve the removal or alteration of any data from the device. Bluejacking can also involve

taking control of a mobile device wirelessly and phoning a premium rate line, owned by the bluejacker. Security advances have alleviated this issue.


Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength UHF radio waves in the ISM band from 2.4 to 2.485 GHz)

from fixed and mobile devices, and building personal area networks (PANs). Invented by telecom vendor Ericsson in 1994, it was originally conceived as a wireless

alternative to RS-232 data cables. It can connect several devices, overcoming problems of synchronization.

Bluetooth is managed by the Bluetooth Special Interest Group (SIG), which has more than 25,000 member companies in the areas of telecommunication, computing,

networking, and consumer electronics. The IEEE standardized Bluetooth as IEEE 802.15.1, but no longer maintains the standard. The Bluetooth SIG oversees development of

the specification, manages the qualification program, and protects the trademarks. A manufacturer must make a device meet Bluetooth SIG standards to market it as a

Bluetooth device. A network of patents apply to the technology, which are licensed to individual qualifying devices.

The Origin of Bluetooth
The development of the "short-link" radio technology, later named Bluetooth, was initiated in 1989 by Dr. Nils Rydbeck CTO at Ericsson Mobile in Lund and Dr. Johan

Ullman. The purpose was to develop wireless headsets, according to two inventions by Johan Ullman, SE 8902098-6, issued 1989-06-12 and SE 9202239, issued 1992-07-24.

Nils Rydbeck tasked Tord Wingren with specifying and Jaap Haartsen and Sven Mattisson with developing. Both were working for Ericsson in Lund, Sweden. The

specification is based on frequency-hopping spread spectrum technology

Communication and connection
A master Bluetooth device can communicate with a maximum of seven devices in a piconet (an ad-hoc computer network using Bluetooth technology), though not all devices

reach this maximum. The devices can switch roles, by agreement, and the slave can become the master (for example, a headset initiating a connection to a phone

necessarily begins as master as initiator of the connection—but may subsequently operate as slave).

The Bluetooth Core Specification provides for the connection of two or more piconets to form a scatternet, in which certain devices simultaneously play the master role

in one piconet and the slave role in another.

At any given time, data can be transferred between the master and one other device (except for the little-used broadcast mode.) The master chooses which slave device

to address; typically, it switches rapidly from one device to another in a round-robin fashion. Since it is the master that chooses which slave to address, whereas a

slave is (in theory) supposed to listen in each receive slot, being a master is a lighter burden than being a slave. Being a master of seven slaves is possible; being

a slave of more than one master is difficult. The specification is vague as to required behavior in scatternets.

Many USB Bluetooth adapters or "dongles" are available, some of which also include an IrDA adapter.

Uses
Class Max. permitted power Typ. range
(m)
(mW) (dBm)
1 100 20 ~100
2 2.5 4 ~10
3 1 0 ~1
Bluetooth is a standard wire-replacement communications protocol primarily designed for low-power consumption, with a short range based on low-cost transceiver

microchips in each device. Because the devices use a radio (broadcast) communications system, they do not have to be in visual line of sight of each other, however a

quasi optical wireless path must be viable.[6] Range is power-class-dependent, but effective ranges vary in practice; see the table on the right.

Officially Class 3 radios have a range of up to 1 metre (3 ft), Class 2, most commonly found in mobile devices, 10 metres (33 ft), and Class 1, primarily for

industrial use cases,100 metres (300 ft). Bluetooth Marketing qualifies that Class 1 range is in most cases 20–30 metres (66–98 ft), and Class 2 range 5–10 metres

(16–33 ft).

Version Data rate Max. application throughput
1.2 1 Mbit/s >80 kbit/s
2.0 + EDR 3 Mbit/s >80 kbit/s
3.0 + HS 24 Mbit/s See Version 3.0 + HS
4.0 24 Mbit/s See Version 4.0 LE
The effective range varies due to propagation conditions, material coverage, production sample variations, antenna configurations and battery conditions. Most

Bluetooth applications are for indoor conditions, where attenuation of walls and signal fading due to signal reflections make the range far lower than specified line-

of-sight ranges of the Bluetooth products. Most Bluetooth applications are battery powered Class 2 devices, with little difference in range whether the other end of

the link is a Class 1 or Class 2 device as the lower powered device tends to set the range limit. In some cases the effective range of the data link can be extended

when a Class 2 device is connecting to a Class 1 transceiver with both higher sensitivity and transmission power than a typical Class 2 device. Mostly however the

Class 1 devices have a similar sensitivity to Class 2 devices. Connecting two Class 1 devices with both high sensitivity and high power can allow ranges far in excess

of the typical 100m, depending on the throughput required by the application. Some such devices allow open field ranges of up to 1 km and beyond between two similar

devices without exceeding legal emission limits.

The Bluetooth Core Specification mandates a range of not less than 10 metres (33 ft), but there is no upper limit on actual range. Manufacturers' implementations can

be tuned to provide the range needed for each case.

Bluetooth profiles
Main article: Bluetooth profile
To use Bluetooth wireless technology, a device must be able to interpret certain Bluetooth profiles, which are definitions of possible applications and specify general

behaviours that Bluetooth-enabled devices use to communicate with other Bluetooth devices. These profiles include settings to parametrize and to control the

communication from start. Adherence to profiles saves the time for transmitting the parameters anew before the bi-directional link becomes effective. There are a wide

range of Bluetooth profiles that describe many different types of applications or use cases for devices.

List of applications
A typical Bluetooth mobile phone headset.
Wireless control of and communication between a mobile phone and a handsfree headset. This was one of the earliest applications to become popular.
Wireless control of and communication between a mobile phone and a Bluetooth compatible car stereo system.
Wireless control of and communication with tablets and speakers such as iOS and Android devices.
Wireless Bluetooth headset and Intercom. Idiomatically, a headset is sometimes called "a Bluetooth".

Bluetooth vs. Wi-Fi
Bluetooth and Wi-Fi (the brand name for products using IEEE 802.11 standards) have some similar applications: setting up networks, printing, or transferring files.

Wi-Fi is intended as a replacement for high speed cabling for general local area network access in work areas. This category of applications is sometimes called

wireless local area networks (WLAN). Bluetooth was intended for portable equipment and its applications. The category of applications is outlined as the wireless

personal area network (WPAN). Bluetooth is a replacement for cabling in a variety of personally carried applications in any setting, and also works for fixed location

applications such as smart energy functionality in the home (thermostats, etc.).

Wi-Fi and Bluetooth are to some extent complementary in their applications and usage. Wi-Fi is usually access point-centered, with an asymmetrical client-server

connection with all traffic routed through the access point, while Bluetooth is usually symmetrical, between two Bluetooth devices. Bluetooth serves well in simple

applications where two devices need to connect with minimal configuration like a button press, as in headsets and remote controls, while Wi-Fi suits better in

applications where some degree of client configuration is possible and high speeds are required, especially for network access through an access node. However,

Bluetooth access points do exist and ad-hoc connections are possible with Wi-Fi though not as simply as with Bluetooth. Wi-Fi Direct was recently developed to add a

more Bluetooth-like ad-hoc functionality to Wi-Fi.

Devices
A Bluetooth USB dongle with a 100 m range.
Bluetooth exists in many products, such as telephones, tablets, media players, robotics systems, handheld, laptops and console gaming equipment, and some high

definition headsets, modems, and watches. The technology is useful when transferring information between two or more devices that are near each other in low-bandwidth

situations. Bluetooth is commonly used to transfer sound data with telephones (i.e., with a Bluetooth headset) or byte data with hand-held computers (transferring

files).

Bluetooth protocols simplify the discovery and setup of services between devices. Bluetooth devices can advertise all of the services they provide. This makes using

services easier, because more of the security, network address and permission configuration can be automated than with many other network types.

Computer requirements

A typical Bluetooth USB dongle.

An internal notebook Bluetooth card (14×36×4 mm).
A personal computer that does not have embedded Bluetooth can use a Bluetooth adapter that enables the PC to communicate with Bluetooth devices. While some desktop

computers and most recent laptops come with a built-in Bluetooth radio, others require an external adapter, typically in the form of a small USB "dongle."

Unlike its predecessor, IrDA, which requires a separate adapter for each device, Bluetooth lets multiple devices communicate with a computer over a single adapter.

Operating system implementation
For more details on this topic, see Bluetooth stack.
Apple products have worked with Bluetooth since Mac OS X v10.2, which was released in 2002.

For Microsoft platforms, Windows XP Service Pack 2 and SP3 releases work natively with Bluetooth v1.1, v2.0 and v2.0+EDR. Previous versions required users to install

their Bluetooth adapter's own drivers, which were not directly supported by Microsoft. Microsoft's own Bluetooth dongles (packaged with their Bluetooth computer

devices) have no external drivers and thus require at least Windows XP Service Pack 2. Windows Vista RTM/SP1 with the Feature Pack for Wireless or Windows Vista SP2

work with Bluetooth v2.1+EDR. Windows 7 works with Bluetooth v2.1+EDR and Extended Inquiry Response (EIR).

The Windows XP and Windows Vista/Windows 7 Bluetooth stacks support the following Bluetooth profiles natively: PAN, SPP, DUN, HID, HCRP. The Windows XP stack can be

replaced by a third party stack that supports more profiles or newer Bluetooth versions. The Windows Vista/Windows 7 Bluetooth stack supports vendor-supplied

additional profiles without requiring that the Microsoft stack be replaced.

Linux has two popular Bluetooth stacks, BlueZ and Affix. The BlueZ stack is included with most Linux kernels and was originally developed by Qualcomm. The Affix stack

was developed by Nokia. FreeBSD features Bluetooth since its v5.0 release. NetBSD features Bluetooth since its v4.0 release. Its Bluetooth stack has been ported to

OpenBSD as well.

Specifications and features
The specifications were formalized by the Bluetooth Special Interest Group (SIG). The SIG was formally announced on 20 May 1998. Today it has a membership of over

20,000 companies worldwide. It was established by Ericsson, IBM, Intel, Toshiba and Nokia, and later joined by many other companies.

All versions of the Bluetooth standards support downward compatibility. That lets the latest standard cover all older versions.

The Bluetooth Core Specification Working Group (CSWG) produces mainly 4 kinds of specifications

The Bluetooth Core Specification, release cycle is typically a few years in between
Core Specification Addendum (CSA), release cycle can be as tight as a few times per year
Core Specification Supplements (CSS), can be released very quickly
Errata
Bluetooth v1.0 and v1.0B
Versions 1.0 and 1.0B[citation needed] had many problems and manufacturers had difficulty making their products interoperable. Versions 1.0 and 1.0B also included

mandatory Bluetooth hardware device address (BD_ADDR) transmission in the Connecting process (rendering anonymity impossible at the protocol level), which was a major

setback for certain services planned for use in Bluetooth environments.

Bluetooth v1.1
Ratified as IEEE Standard 802.15.1–2002
Many errors found in the v1.0B specifications were fixed.
Added possibility of non-encrypted channels.
Received Signal Strength Indicator (RSSI).
Bluetooth v1.2
Major enhancements include the following:

Faster Connection and Discovery
Adaptive frequency-hopping spread spectrum (AFH), which improves resistance to radio frequency interference by avoiding the use of crowded frequencies in the hopping

sequence.
Higher transmission speeds in practice, up to 721 kbit/s, than in v1.1.
Extended Synchronous Connections (eSCO), which improve voice quality of audio links by allowing retransmissions of corrupted packets, and may optionally increase audio

latency to provide better concurrent data transfer.
Host Controller Interface (HCI) operation with three-wire UART.
Ratified as IEEE Standard 802.15.1–2005
Introduced Flow Control and Retransmission Modes for L2CAP.
Bluetooth v2.0 + EDR
This version of the Bluetooth Core Specification was released in 2004. The main difference is the introduction of an Enhanced Data Rate (EDR) for faster data transfer.

The nominal rate of EDR is about 3 Mbit/s, although the practical data transfer rate is 2.1 Mbit/s. EDR uses a combination of GFSK and Phase Shift Keying modulation

(PSK) with two variants, p/4-DQPSK and 8DPSK. EDR can provide a lower power consumption through a reduced duty cycle.

The specification is published as Bluetooth v2.0 + EDR, which implies that EDR is an optional feature. Aside from EDR, the v2.0 specification contains other minor

improvements, and products may claim compliance to "Bluetooth v2.0" without supporting the higher data rate. At least one commercial device states "Bluetooth v2.0

without EDR" on its data sheet.

Bluetooth v2.1 + EDR
Bluetooth Core Specification Version 2.1 + EDR was adopted by the Bluetooth SIG on 26 July 2007.

The headline feature of v2.1 is secure simple pairing (SSP): this improves the pairing experience for Bluetooth devices, while increasing the use and strength of

security. See the section on Pairing below for more details.

Version 2.1 allows various other improvements, including "Extended inquiry response" (EIR), which provides more information during the inquiry procedure to allow

better filtering of devices before connection; and sniff subrating, which reduces the power consumption in low-power mode.

Bluetooth v3.0 + HS
Version 3.0 + HS of the Bluetooth Core Specification was adopted by the Bluetooth SIG on 21 April 2009. Bluetooth v3.0 + HS provides theoretical data transfer speeds

of up to 24 Mbit/s, though not over the Bluetooth link itself. Instead, the Bluetooth link is used for negotiation and establishment, and the high data rate traffic is

carried over a colocated 802.11 link.

The main new feature is AMP (Alternative MAC/PHY), the addition of 802.11 as a high speed transport. The High-Speed part of the specification is not mandatory, and

hence only devices that display the "+HS" logo actually support Bluetooth over 802.11 high-speed data transfer. A Bluetooth v3.0 device without the "+HS" suffix is

only required to support features introduced in Core Specification Version 3.0 or earlier Core Specification Addendum 1.

L2CAP Enhanced modes
Enhanced Retransmission Mode (ERTM) implements reliable L2CAP channel, while Streaming Mode (SM) implements unreliable channel with no retransmission or flow control.

Introduced in Core Specification Addendum 1.
Alternative MAC/PHY
Enables the use of alternative MAC and PHYs for transporting Bluetooth profile data. The Bluetooth radio is still used for device discovery, initial connection and

profile configuration. However, when large quantities of data must be sent, the high speed alternative MAC PHY 802.11 (typically associated with Wi-Fi) transports the

data. This means that Bluetooth uses proven low power connection models when the system is idle, and the faster radio when it must send large quantities of data. AMP

links require enhanced L2CAP modes.
Unicast Connectionless Data
Permits sending service data without establishing an explicit L2CAP channel. It is intended for use by applications that require low latency between user action and

reconnection/transmission of data. This is only appropriate for small amounts of data.
Enhanced Power Control
Updates the power control feature to remove the open loop power control, and also to clarify ambiguities in power control introduced by the new modulation schemes

added for EDR. Enhanced power control removes the ambiguities by specifying the behaviour that is expected. The feature also adds closed loop power control, meaning

RSSI filtering can start as the response is received. Additionally, a "go straight to maximum power" request has been introduced. This is expected to deal with the

headset link loss issue typically observed when a user puts their phone into a pocket on the opposite side to the headset.

Ultra-wideband
The high speed (AMP) feature of Bluetooth v3.0 was originally intended for UWB, but the WiMedia Alliance, the body responsible for the flavor of UWB intended for

Bluetooth, announced in March 2009 that it was disbanding, and ultimately UWB was omitted from the Core v3.0 specification.

On 16 March 2009, the WiMedia Alliance announced it was entering into technology transfer agreements for the WiMedia Ultra-wideband (UWB) specifications. WiMedia has

transferred all current and future specifications, including work on future high speed and power optimized implementations, to the Bluetooth Special Interest Group

(SIG), Wireless USB Promoter Group and the USB Implementers Forum. After successful completion of the technology transfer, marketing, and related administrative items,

the WiMedia Alliance ceased operations.

In October 2009 the Bluetooth Special Interest Group suspended development of UWB as part of the alternative MAC/PHY, Bluetooth v3.0 + HS solution. A small, but

significant, number of former WiMedia members had not and would not sign up to the necessary agreements for the IP transfer. The Bluetooth SIG is now in the process of

evaluating other options for its longer term roadmap.

Bluetooth v4.0
See also: Bluetooth low energy
The Bluetooth SIG completed the Bluetooth Core Specification version 4.0 (called Bluetooth Smart) and has been adopted as of 30 June 2010. It includes Classic

Bluetooth, Bluetooth high speed and Bluetooth low energy protocols. Bluetooth high speed is based on Wi-Fi, and Classic Bluetooth consists of legacy Bluetooth

protocols.

Bluetooth low energy, previously known as Wibree, is a subset of Bluetooth v4.0 with an entirely new protocol stack for rapid build-up of simple links. As an

alternative to the Bluetooth standard protocols that were introduced in Bluetooth v1.0 to v3.0, it is aimed at very low power applications running off a coin cell.

Chip designs allow for two types of implementation, dual-mode, single-mode and enhanced past versions. The provisional names Wibree and Bluetooth ULP (Ultra Low Power)

were abandoned and the BLE name was used for a while. In late 2011, new logos “Bluetooth Smart Ready” for hosts and “Bluetooth Smart” for sensors were introduced as

the general-public face of BLE.

In a single-mode implementation, only the low energy protocol stack is implemented. STMicroelectronics, AMICCOM, CSR, Nordic Semiconductor and Texas Instruments have

released single mode Bluetooth low energy solutions.
In a dual-mode implementation, Bluetooth Smart functionality is integrated into an existing Classic Bluetooth controller. As of March 2011, the following semiconductor

companies have announced the availability of chips meeting the standard: Qualcomm-Atheros, CSR, Broadcom and Texas Instruments. The compliant architecture shares all

of Classic Bluetooth’s existing radio and functionality resulting in a negligible cost increase compared to Classic Bluetooth.
Cost-reduced single-mode chips, which enable highly integrated and compact devices, feature a lightweight Link Layer providing ultra-low power idle mode operation,

simple device discovery, and reliable point-to-multipoint data transfer with advanced power-save and secure encrypted connections at the lowest possible cost.

General improvements in version 4.0 include the changes necessary to facilitate BLE modes, as well the Generic Attribute Profile (GATT) and Security Manager (SM)

services with AES Encryption.

Core Specification Addendum 2 was unveiled in December 2011; it contains improvements to the audio Host Controller Interface and to the High Speed (802.11) Protocol

Adaptation Layer.

Core Specification Addendum 3 revision 2 has an adoption date of 24 July 2012.

Core Specification Addendum 4 has an adoption date of 12 February 2013.

Bluetooth v4.1
The Bluetooth SIG announced formal adoption of the Bluetooth v4.1 specification on 4 December 2013. This specification is an incremental software update to Bluetooth

Specification v4.0, and not a hardware update. The update incorporates Bluetooth Core Specification Addenda (CSA 1, 2, 3 & 4) and adds new features that improve

consumer usability. These include increased co-existence support for LTE, bulk data exchange rates—and aid developer innovation by allowing devices to support multiple

roles simultaneously.

New features of this specification include:

Mobile Wireless Service Coexistence Signaling
Train Nudging and Generalized Interlaced Scanning
Low Duty Cycle Directed Advertising
L2CAP Connection Oriented and Dedicated Channels with Credit Based Flow Control
Dual Mode and Topology
LE Link Layer Topology
802.11n PAL
Audio Architecture Updates for Wide Band Speech
Fast Data Advertising Interval
Limited Discovery Time
Notice that some features were already available in a Core Specification Addendum (CSA) before the release of v4.1.

Bluetooth v4.2
Bluetooth v4.2 was released on December 2, 2014. It Introduces some key features for IoT. Some features, such as Data Length Extension, require a hardware update. But

some older Bluetooth hardware may receive some Bluetooth v4.2 features, such as privacy updates via firmware.

The major areas of improvement are:

LE Data Packet Length Extension
LE Secure Connections
Link Layer Privacy
Link Layer Extended Scanner Filter Policies
IP connectivity for Bluetooth Smart devices to become available soon after the introduction of BT v4.2 via the new Internet Protocol Support Profile (IPSP).
IPSP adds an IPv6 connection option for Bluetooth Smart, to support connected home and other IoT implementations.
Technical information

Bluetooth protocol stack

Bluetooth Protocol Stack
Bluetooth is defined as a layer protocol architecture consisting of core protocols, cable replacement protocols, telephony control protocols, and adopted protocols.

Mandatory protocols for all Bluetooth stacks are: LMP, L2CAP and SDP. In addition, devices that communicate with Bluetooth almost universally can use these protocols:

HCI and RFCOMM.

LMP
The Link Management Protocol (LMP) is used for set-up and control of the radio link between two devices. Implemented on the controller.

L2CAP
The Logical Link Control and Adaptation Protocol (L2CAP) is used to multiplex multiple logical connections between two devices using different higher level protocols.

Provides segmentation and reassembly of on-air packets.

In Basic mode, L2CAP provides packets with a payload configurable up to 64 kB, with 672 bytes as the default MTU, and 48 bytes as the minimum mandatory supported MTU.

In Retransmission and Flow Control modes, L2CAP can be configured either for isochronous data or reliable data per channel by performing retransmissions and CRC

checks.

Bluetooth Core Specification Addendum 1 adds two additional L2CAP modes to the core specification. These modes effectively deprecate original Retransmission and Flow

Control modes:

Enhanced Retransmission Mode (ERTM): This mode is an improved version of the original retransmission mode. This mode provides a reliable L2CAP channel.
Streaming Mode (SM): This is a very simple mode, with no retransmission or flow control. This mode provides an unreliable L2CAP channel.
Reliability in any of these modes is optionally and/or additionally guaranteed by the lower layer Bluetooth BDR/EDR air interface by configuring the number of

retransmissions and flush timeout (time after which the radio flushes packets). In-order sequencing is guaranteed by the lower layer.

Only L2CAP channels configured in ERTM or SM may be operated over AMP logical links.

SDP
The Service Discovery Protocol (SDP) allows a device to discover services offered by other devices, and their associated parameters. For example, when you use a mobile

phone with a Bluetooth headset, the phone uses SDP to determine which Bluetooth profiles the headset can use (Headset Profile, Hands Free Profile, Advanced Audio

Distribution Profile (A2DP) etc.) and the protocol multiplexer settings needed for the phone to connect to the headset using each of them. Each service is identified

by a Universally Unique Identifier (UUID), with official services (Bluetooth profiles) assigned a short form UUID (16 bits rather than the full 128).

RFCOMM
Radio Frequency Communications (RFCOMM) is a cable replacement protocol used to generate a virtual serial data stream. RFCOMM provides for binary data transport and

emulates EIA-232 (formerly RS-232) control signals over the Bluetooth baseband layer, i.e. it is a serial port emulation.

RFCOMM provides a simple reliable data stream to the user, similar to TCP. It is used directly by many telephony related profiles as a carrier for AT commands, as well

as being a transport layer for OBEX over Bluetooth.

Many Bluetooth applications use RFCOMM because of its widespread support and publicly available API on most operating systems. Additionally, applications that used a

serial port to communicate can be quickly ported to use RFCOMM.

BNEP
The Bluetooth Network Encapsulation Protocol (BNEP) is used for transferring another protocol stack's data via an L2CAP channel. Its main purpose is the transmission

of IP packets in the Personal Area Networking Profile. BNEP performs a similar function to SNAP in Wireless LAN.

AVCTP
The Audio/Video Control Transport Protocol (AVCTP) is used by the remote control profile to transfer AV/C commands over an L2CAP channel. The music control buttons on

a stereo headset use this protocol to control the music player.

AVDTP
The Audio/Video Distribution Transport Protocol (AVDTP) is used by the advanced audio distribution profile to stream music to stereo headsets over an L2CAP channel

intended for video distribution profile in the Bluetooth transmission.

TCS
The Telephony Control Protocol – Binary (TCS BIN) is the bit-oriented protocol that defines the call control signaling for the establishment of voice and data calls

between Bluetooth devices. Additionally, "TCS BIN defines mobility management procedures for handling groups of Bluetooth TCS devices."

TCS-BIN is only used by the cordless telephony profile, which failed to attract implementers. As such it is only of historical interest.

Adopted protocols
Adopted protocols are defined by other standards-making organizations and incorporated into Bluetooth’s protocol stack, allowing Bluetooth to code protocols only when

necessary. The adopted protocols include:

Point-to-Point Protocol (PPP): Internet standard protocol for transporting IP datagrams over a point-to-point link.
TCP/IP/UDP: Foundation Protocols for TCP/IP protocol suite
Object Exchange Protocol (OBEX): Session-layer protocol for the exchange of objects, providing a model for object and operation representation
Wireless Application Environment/Wireless Application Protocol (WAE/WAP): WAE specifies an application framework for wireless devices and WAP is an open standard to

provide mobile users access to telephony and information services.
Baseband error correction
Depending on packet type, individual packets may be protected by error correction, either 1/3 rate forward error correction (FEC) or 2/3 rate. In addition, packets

with CRC will be retransmitted until acknowledged by automatic repeat request (ARQ).

Setting up connections
Any Bluetooth device in discoverable mode transmits the following information on demand:

Device name
Device class
List of services
Technical information (for example: device features, manufacturer, Bluetooth specification used, clock offset)
Any device may perform an inquiry to find other devices to connect to, and any device can be configured to respond to such inquiries. However, if the device trying to

connect knows the address of the device, it always responds to direct connection requests and transmits the information shown in the list above if requested. Use of a

device's services may require pairing or acceptance by its owner, but the connection itself can be initiated by any device and held until it goes out of range. Some

devices can be connected to only one device at a time, and connecting to them prevents them from connecting to other devices and appearing in inquiries until they

disconnect from the other device.

Every device has a unique 48-bit address. However, these addresses are generally not shown in inquiries. Instead, friendly Bluetooth names are used, which can be set

by the user. This name appears when another user scans for devices and in lists of paired devices.

Most cellular phones have the Bluetooth name set to the manufacturer and model of the phone by default. Most cellular phones and laptops show only the Bluetooth names

and special programs are required to get additional information about remote devices. This can be confusing as, for example, there could be several cellular phones in

range named T610 (see Bluejacking).


Pairing and bonding
Motivation
Many services offered over Bluetooth can expose private data or let a connecting party control the Bluetooth device. Security reasons make it necessary to recognize

specific devices, and thus enable control over which devices can connect to a given Bluetooth device. At the same time, it is useful for Bluetooth devices to be able

to establish a connection without user intervention (for example, as soon as in range).

To resolve this conflict, Bluetooth uses a process called bonding, and a bond is generated through a process called pairing. The pairing process is triggered either by

a specific request from a user to generate a bond (for example, the user explicitly requests to "Add a Bluetooth device"), or it is triggered automatically when

connecting to a service where (for the first time) the identity of a device is required for security purposes. These two cases are referred to as dedicated bonding and

general bonding respectively.

Pairing often involves some level of user interaction. This user interaction confirms the identity of the devices. When pairing successfully completes, a bond forms

between the two devices, enabling those two devices to connect to each other in the future without repeating the pairing process to confirm device identities. When

desired, the user can remove the bonding relationship.

Implementation
During pairing, the two devices establish a relationship by creating a shared secret known as a link key. If both devices store the same link key, they are said to be

paired or bonded. A device that wants to communicate only with a bonded device can cryptographically authenticate the identity of the other device, ensuring it is the

same device it previously paired with. Once a link key is generated, an authenticated Asynchronous Connection-Less (ACL) link between the devices may be encrypted to

protect exchanged data against eavesdropping. Users can delete link keys from either device, which removes the bond between the devices—so it is possible for one

device to have a stored link key for a device it is no longer paired with.

Bluetooth services generally require either encryption or authentication and as such require pairing before they let a remote device connect. Some services, such as

the Object Push Profile, elect not to explicitly require authentication or encryption so that pairing does not interfere with the user experience associated with the

service use-cases.

Pairing mechanisms
Pairing mechanisms changed significantly with the introduction of Secure Simple Pairing in Bluetooth v2.1. The following summarizes the pairing mechanisms:

Legacy pairing: This is the only method available in Bluetooth v2.0 and before. Each device must enter a PIN code; pairing is only successful if both devices enter the

same PIN code. Any 16-byte UTF-8 string may be used as a PIN code; however, not all devices may be capable of entering all possible PIN codes.
Limited input devices: The obvious example of this class of device is a Bluetooth Hands-free headset, which generally have few inputs. These devices usually have a

fixed PIN, for example "0000" or "1234", that are hard-coded into the device.
Numeric input devices: Mobile phones are classic examples of these devices. They allow a user to enter a numeric value up to 16 digits in length.
Alpha-numeric input devices: PCs and smartphones are examples of these devices. They allow a user to enter full UTF-8 text as a PIN code. If pairing with a less

capable device the user must be aware of the input limitations on the other device, there is no mechanism available for a capable device to determine how it should

limit the available input a user may use.
Secure Simple Pairing (SSP): This is required by Bluetooth v2.1, although a Bluetooth v2.1 device may only use legacy pairing to interoperate with a v2.0 or earlier

device. Secure Simple Pairing uses a form of public key cryptography, and some types can help protect against man in the middle, or MITM attacks. SSP has the following

authentication mechanisms:
Just works: As the name implies, this method just works, with no user interaction. However, a device may prompt the user to confirm the pairing process. This method is

typically used by headsets with very limited IO capabilities, and is more secure than the fixed PIN mechanism this limited set of devices uses for legacy pairing. This

method provides no man-in-the-middle (MITM) protection.
Numeric comparison: If both devices have a display, and at least one can accept a binary yes/no user input, they may use Numeric Comparison. This method displays a 6-

digit numeric code on each device. The user should compare the numbers to ensure they are identical. If the comparison succeeds, the user(s) should confirm pairing on

the device(s) that can accept an input. This method provides MITM protection, assuming the user confirms on both devices and actually performs the comparison properly.
Passkey Entry: This method may be used between a device with a display and a device with numeric keypad entry (such as a keyboard), or two devices with numeric keypad

entry. In the first case, the display is used to show a 6-digit numeric code to the user, who then enters the code on the keypad. In the second case, the user of each

device enters the same 6-digit number. Both of these cases provide MITM protection.
Out of band (OOB): This method uses an external means of communication, such as Near Field Communication (NFC) to exchange some information used in the pairing

process. Pairing is completed using the Bluetooth radio, but requires information from the OOB mechanism. This provides only the level of MITM protection that is

present in the OOB mechanism.

SSP is considered simple for the following reasons:

In most cases, it does not require a user to generate a passkey.
For use-cases not requiring MITM protection, user interaction can be eliminated.
For numeric comparison, MITM protection can be achieved with a simple equality comparison by the user.
Using OOB with NFC enables pairing when devices simply get close, rather than requiring a lengthy discovery process.

Security concerns
Prior to Bluetooth v2.1, encryption is not required and can be turned off at any time. Moreover, the encryption key is only good for approximately 23.5 hours; using a

single encryption key longer than this time allows simple XOR attacks to retrieve the encryption key.

Turning off encryption is required for several normal operations, so it is problematic to detect if encryption is disabled for a valid reason or for a security attack.
Bluetooth v2.1 addresses this in the following ways:

Encryption is required for all non-SDP (Service Discovery Protocol) connections
A new Encryption Pause and Resume feature is used for all normal operations that require that encryption be disabled. This enables easy identification of normal

operation from security attacks.
The encryption key must be refreshed before it expires.
Link keys may be stored on the device file system, not on the Bluetooth chip itself. Many Bluetooth chip manufacturers let link keys be stored on the device—however,

if the device is removable, this means that the link key moves with the device.

Air interface
The protocol operates in the license-free ISM band at 2.402–2.480 GHz. To avoid interfering with other protocols that use the 2.45 GHz band, the Bluetooth protocol

divides the band into 79 channels (each 1 MHz wide) and changes channels, generally 1600 times per second. Implementations with versions 1.1 and 1.2 reach speeds of

723.1 kbit/s. Version 2.0 implementations feature Bluetooth Enhanced Data Rate (EDR) and reach 2.1 Mbit/s; this comes with a concomitant higher power consumption. In

some cases, the higher data rate is expected to offset this increased drain.

Security

Bluetooth implements confidentiality, authentication and key derivation with custom algorithms based on the SAFER+ block cipher. Bluetooth key generation is generally

based on a Bluetooth PIN, which must be entered into both devices. This procedure might be modified if one of the devices has a fixed PIN (e.g., for headsets or

similar devices with a restricted user interface). During pairing, an initialization key or master key is generated, using the E22 algorithm. The E0 stream cipher is

used for encrypting packets, granting confidentiality, and is based on a shared cryptographic secret, namely a previously generated link key or master key. Those keys,

used for subsequent encryption of data sent via the air interface, rely on the Bluetooth PIN, which has been entered into one or both devices.

An overview of Bluetooth vulnerabilities exploits was published in 2007 by Andreas Becker.

In September 2008, the National Institute of Standards and Technology (NIST) published a Guide to Bluetooth Security as a reference for organizations. It describes

Bluetooth security capabilities and how to secure Bluetooth technologies effectively. While Bluetooth has its benefits, it is susceptible to denial-of-service attacks,

eavesdropping, man-in-the-middle attacks, message modification, and resource misappropriation. Users and organizations must evaluate their acceptable level of risk and

incorporate security into the lifecycle of Bluetooth devices. To help mitigate risks, included in the NIST document are security checklists with guidelines and

recommendations for creating and maintaining secure Bluetooth piconets, headsets, and smart card readers.

Bluetooth v2.1  finalized in 2007 with consumer devices first appearing in 2009  makes significant changes to Bluetooth's security, including pairing. See the pairing

mechanisms section for more about these changes.

Bluejacking
Bluejacking is the sending of either a picture or a message from one user to an unsuspecting user through Bluetooth wireless technology. Common applications include

short messages, e.g., "You've just been bluejacked!". Bluejacking does not involve the removal or alteration of any data from the device. Bluejacking can also involve

taking control of a mobile device wirelessly and phoning a premium rate line, owned by the bluejacker. Security advances have alleviated this issue.