W3C home > Mailing lists > Public > public-web-bluetooth-log@w3.org > August 2016

Re: [web-bluetooth] Specify a Bluetooth Scanning API.

From: Luiz Augusto von Dentz via GitHub <sysbot+gh@w3.org>
Date: Wed, 03 Aug 2016 11:03:52 +0000
To: public-web-bluetooth-log@w3.org
Message-ID: <issue_comment.created-237207639-1470222229-sysbot+gh@w3.org>
> Is the security issue just that processes that can intercept IPC 
messages will find out the advertisements?

No, I meant that the browser itself is not a privileged application 
which shouldn't be given direct access for things that have shared 
control such as scanning.

This is actually acknowledge in the Android API:

- Note: Most of the scan methods here require BLUETOOTH_ADMIN 
permission. (Btw, I wouldn't be surprised if this gets bumped to 

In Linux this would translate to have CAP_NET_ADMIN a.k.a root and 
then using the kernel Bluetooth Management socket to control the 
scanning parameters and results.

GitHub Notification of comment by Vudentz
Please view or discuss this issue at 
 using your GitHub account
Received on Wednesday, 3 August 2016 11:05:55 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 3 August 2016 11:05:56 UTC