• 1 Post
  • 12 Comments
Joined 1 year ago
cake
Cake day: June 25th, 2023

help-circle





  • Sorry 😅 I probably could have taken a closer look at other comments, but in any case this paints a nice picture for me, thank you :)

    Edit: Actually I decided to boot into Windows and test this a little myself, and turns out when bluetooth is on it is discoverable (Windows is a peripheral, the BlueZ device is a central wanting to connect). When i connected from my phone to my computer, It seemed more accurate to what you described too. If you dont use bluetooth disable it, or make your device not discoverable. 😅

    It does help to know it was a notification and to know what was in it. I was able to find an image which looked similar and led me to find a Windows feature called Swift Pair. It lets you connect to a bluetooth device via notification, rather than in the settings. You can try disabling Swift Pair if it is enabled.

    Here is my conclusion:

    As others said, BlueZ is essentially the program that allows bluetooth to run on Linux. The name alone doesn’t tell you if the person behind has malicious intent.

    It’s possible that somebody was making a swift pair compatible device using Linux. Maybe they thought 5AM was early enough that the swift pair notification would only show up on their computer since they wouldn’t be able to prevent other people from seeing it otherwise 🤷

    It could also just be some device rebroadcasting itself on a clock. I’m not sure why or what you would do with this other than to annoy people?

    If you especially don’t trust your neighbors and want to imagine a worst case scenario, it could be spoofing something like a bluetooth keyboard, rebroadcasting until someone connects, and runs a series of shortcuts / commands to infect your computer to replicate the virus further. ((Issue is, it doesn’t make sense they’d develop on Linux with BlueZ even though the virus could only propagate on Windows. Kinda fun to think about regardless though))

    I hope that answers your question :)


  • I think i’m still confused on how you came to know the device was trying to connect to you :D Was there a Windows notification? Did it ask you to enter or confirm a code? Were you using bluetooth in general at the time?

    I guess my main proposal is that central device can’t begin to initiate to another central device. In the discovery phase, a central device is like an ear, and a peripheral device is like a mouth. Ears can’t speak to other ears, and mouths can’t listen to other mouths. Mouths don’t know if ears are even there to listen, only the ears can initiate a connection.

    In most cases Windows is like an ear. Neither a central nor peripheral can initiate a connection to you. Only you can initiate a connection to some other peripheral.

    However Windows can act like a mouth under specific circumstances, specifically I found that you can use your computer as a hotspot and share over bluetooth. Sharing over bluetooth means Windows opens its bluetooth mouth to tell anyone willing to listen that it is connectable. So if you were doing something bluetooth related at the time it could have allowed a foreign (central) device to initiate a connection


  • This does sound very unusual that it would try to connect, so I wanted to add more context about how bluetooth works, which might help figure out where to look next or if you should look into it at all

    In bluetooth there is the idea of a central device and peripheral device. Peripheral devices advertise of their existence in hopes that a central device establishes a connection. The central device always has the final say. For example, a phone (central device) connecting to bluetooth headphones (peripheral device).

    Your computer should really only act as a central device. So you get to choose which devices are allowed to connect … but there are two exceptions:

    • a device can auto-connect to a previously paired device. Maybe you accidentally paired with the Linux device, or thought it was another device. You can unpair / forget the device if you did.
    • special software which auto-connects to devices. For example the nintendo switch auto-connects to controllers when the “change grip/order” menu is open. I think this would be very unusual, even for malware.

    Technically, the bluetooth spec does allow bluetooth devices to be a central and peripheral at the same time. In theory if Windows is advertising itself as a peripheral, then the Linux device could connect as a central. The issue is, I don’t know if or when Windows is sending these bluetooth advertising packets. Maybe when bluetooth settings are open or if you have a wifi hotspot enabled?

    Also, not all devices support running both modes at the same time, so you can rule it out if the device can’t be a peripheral. According to this guide, this is how you check that: https://www.howto-connect.com/see-if-windows-10-pc-supports-bluetooth-low-energy-peripheral-role/

    If it just appeared in the connectable device list, then there is nothing to worry about really, bluetooth has some range to it, and it could just be a neighbor’s device.




  • Agreed. First LMG needs to clean house to make it a mentally safe work environment so there is never a repeat of Madison’s case … cause wtf. Second, an apology to Billet Labs … cause wtf. Third, they need to slow down the pace of work so the employees can focus on quality and accuracy.

    The rate at which they pump out content is, in my opinion, unsustainable for the employees and unsustainable for the semi-regular viewer as well

    I’ve noticed my recommendations have largely stopped showing me LTT videos over the past several months, probably because youtube recognizes that im not watching a large % of their videos, so why would youtube recommend the next one? i feel like their pace is thinning out their semi-regular viewers and leaving a highly devout community. To me, the semi-regulars are what add balance to the community rather than it becoming an echo chamber.

    I think by slowing down, LTT will be in a much healthier happier place in the long term, even if the numbers don’t obviously show it. That said, idk if I can see their videos in the same light knowing what’s happened behind the curtains. I think for rn, that might be it for me.