-
Notifications
You must be signed in to change notification settings - Fork 16
/
gatt_blocklist.txt
67 lines (53 loc) · 2.78 KB
/
gatt_blocklist.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# This file holds a list of GATT UUIDs that websites using the Web
# Bluetooth API are forbidden from accessing.
## Services
# org.bluetooth.service.human_interface_device
# Direct access to HID devices like keyboards would let web pages
# become keyloggers.
00001812-0000-1000-8000-00805f9b34fb
# Firmware update services that don't check the update's signature
# present a risk of devices' software being modified by malicious web
# pages. Users may connect to a device believing they are enabling
# only simple interaction or that they're interacting with the
# device's manufacturer, but the site might instead persistently
# compromise the device.
#
# Nordic's Legacy Device Firmware Update service, http://infocenter.nordicsemi.com/topic/com.nordic.infocenter.sdk5.v11.0.0/examples_ble_dfu.html:
00001530-1212-efde-1523-785feabcd123
# TI's Over-the-Air Download service, http://www.ti.com/lit/ug/swru271g/swru271g.pdf:
f000ffc0-0451-4000-b000-000000000000
# Cypress's Bootloader service. Documentation at
# http://www.cypress.com/file/175561/download requires an account.
# Linked as CYPRESS BOOTLOADER SERVICE_001-97547.pdf from
# http://www.cypress.com/documentation/software-and-drivers/cypresss-custom-ble-profiles-and-services:
00060000-0000-1000-8000-00805f9b34fb
# The FIDO Bluetooth Specification at
# https://fidoalliance.org/specs/fido-u2f-bt-protocol-id-20150514.pdf
# section 6.7.1 "Bluetooth pairing: Client considerations" warns that
# system-wide pairing poses security risks. Specifically, a website
# could use raw GATT commands to impersonate another website to the
# FIDO device.
0000fffd-0000-1000-8000-00805f9b34fb
# fff9 is also assigned to FIDO
0000fff9-0000-1000-8000-00805f9b34fb
# fde2 is assigned to Google and used for pairingless FIDO
# https://btprodspecificationrefs.blob.core.windows.net/assigned-values/16-bit%20UUID%20Numbers%20Document.pdf
0000fde2-0000-1000-8000-00805f9b34fb
## Characteristics
# org.bluetooth.characteristic.gap.peripheral_privacy_flag
# Don't let web pages turn off privacy mode.
00002a02-0000-1000-8000-00805f9b34fb exclude-writes
# org.bluetooth.characteristic.gap.reconnection_address
# Disallow messing with connection parameters
00002a03-0000-1000-8000-00805f9b34fb
# org.bluetooth.characteristic.serial_number_string
# Block access to standardized unique identifiers, for privacy reasons.
00002a25-0000-1000-8000-00805f9b34fb
## Descriptors
# org.bluetooth.descriptor.gatt.client_characteristic_configuration
# Writing to this would let a web page interfere with other pages'
# notifications and indications.
00002902-0000-1000-8000-00805f9b34fb exclude-writes
# org.bluetooth.descriptor.gatt.server_characteristic_configuration
# Writing to this would let a web page interfere with the broadcasted services.
00002903-0000-1000-8000-00805f9b34fb exclude-writes