如何防止iBeacons的欺骗? [英] How to prevent spoofing of iBeacons?

问题描述

据我所知，没有任何限制可以限制任何开发人员将其信标编程为使用特定的UUID，主要，次要或标识符.

As far as I can tell, there is nothing to restrict any developer from programming their beacon to use a particular UUID, major, minor or identifier.

如果我创建一个UUID为"foo"的iBeacon，是什么防止其他开发人员创建一个具有相同ID的信标，并且(偶然或恶意地)导致我的应用显示不正确的数据?

In the event I create an iBeacon with a UUID of "foo", what is to prevent another developer of creating a beacon with the same ID and (either accidentally or maliciously) causing my app to display incorrect data ?

我是否误解了iBeacons的工作原理?如果我错了，请纠正我.

Have I misunderstood how iBeacons work ? Please correct me if I'm wrong.

推荐答案

这是绝对正确的.我俩都欺骗了苹果商店的iBeacons (以证明这一点)，并且有

This is absolutely true. I have both spoofed the Apple Store's iBeacons (to prove this point) and had my beacons spoofed by Make magazine for the Consumer Electronics Show Scavenger Hunt.

这根本不是缺陷.您只需要设计一个使用iBeacons的应用程序即可，因此欺骗相对无关紧要.如果您设计应用程序没什么大不了，谁在乎呢?

This is not a flaw at all. You just need to design an app that uses iBeacons so spoofing is relatively inconsequential. If you design your app so it doesn't much matter, who cares?

用于解决此问题的特定安全机制取决于所涉及的应用程序，但是存在无数种可能性.

The specific security mechanisms appropriate to counter this depend on the app in question, but there are countless possibilities.

例如，对于CES Scavenger搜索，我们只保留带有时间戳的审核日志，这样我们就可以知道是否有人很快找到了所有目标.最终没有人这样做-我们的参与者都是很好的运动！

For the CES Scavenger hunt, for example, we simply kept an audit log with timestamps so we'd know if somebody found all the targets impossibly quickly. In the end nobody did this -- our participants were all good sports!

这篇关于如何防止iBeacons的欺骗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！