I understand the general issues with bluetooth being vulnerable and vulnerabilities of any wireless technologies. Just hitting the market is Logitech’s Bolt based on Bluetooth Security 3&4 including encryption and authentication. This might be of general interest to broaden adoption of Qubes and provide at least a reasonable secure option for using wireless devices?
Thoughts?
false sense of security (i’m might wrong here, wireless can’t 100% private and buletooth is not meant to be secure)
I guess my thoughts are is there not a balance of functionality/security? Everything is a risk/reward evaluation. I agree core bluetooth is a vulnerability both physically as well as logically. But like most tech there are several flavors that most are not aware of that have more involved encryption and authentication. While it may not be difficult to “sniff” a bluetooth connection from a distance, I have seen demonstrations of researchers “sniffing” the very radio frequencies of wired keyboards and motherboards.
My question revolves exclusively around bluetooth security mode 3 and 4 which appear to be significantly more secure and I am not aware of any publish vulnerabilities.
Everything with Qubes is a trade off and while some may need as close to absolute security as possible, but clearly there are trade offs made by documenting USB keyboard use. I am asking any with more strict security knowledge and possibly specifically with mode 3 and 4 if it is realistically any more insecure than a wired usb keyboard/mouse.
I just noticed this. Be aware that according to logitech, some of the modern logitech mice include a cut and paste buffer in the mouse. If the particular mouse has this, then this means that you probably just enabled a new cut and paste channel between qubes, including to dom0.
(I believe the intended marketing advantage of this was that when you were using a KVM, it allowed you to cut and paste between computers)