
Preface: Open data indeed is a foundation base of smart City. Since it is not only provide function. Meanwhile it also analyses the daily activities make the IoT function more efficiency. If no hacker in the world. We can living in world more comfortable because we do not need to concern about cyber security. As we know, the electronic & digital products objective is the function instead of defense.
Background: As time goes by, IoT in smart city not only relies on WiFi network. It also includes Bluetooth communication function. Compare with WiFi 802.11, Bluetooth power consumption is less. So the IoT can operate in a capillary network environment. A capillary network is a local network that uses short-range radio-access technologies to provide local connectivity to things and devices.
Vulnerability details: Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure. For more detail, please refer url – https://kb.cert.org/vuls/id/799380
Workaround: Devices should not accept their own public key from a peer during a pairing session. The pairing procedure should be terminated with a failure status if this occurs. This is because the specifics events will be activate the SIEM correlation firing rule.