Rogue bluetooth connections

[koisama]

I have a bunch of LYWSD03MMC's flashed with custom firmware. However it seems like some rogue device is constantly attempting to connect to one of those over bluetooth, and once it succeeds, it keeps the connection open forever, draining the battery and preventing the sensor from broadcasting the data. I confirmed this by taking the sensor outside and observing that bluetooth icon would no longer show up on the display.

I would like to secure the sensors. Is there any possibility to ignore unwanted connections?

[pvvx]

The connection is established by Windows or another OS if the binding is done. Remove the device from Windows.

Set a PIN code. Remember your PIN code, because... There is no way to reset it if you forget.

[koisama]

I'm positive that the connection did not originate from any of my devices, hence no possibility to remove it. PIN alone did not help the case, at least I observed connection attempts and received no data even after the pin was successfully set.

In the end I was able to work around the issue by changing the mac of the sensor, that's when connection attempts finally stopped.

Just now I tried to connect to the pin-protected sensor from a different device, and it looks like sensor does not broadcast when connection is being established as well. So, as long as pairing never completes and is re-attempted fast enough, it seems like the sensor will not be able to broadcast.

[fanoush]

some mac address white list in thermometer could help with this, it would not allow connection or immediately disconnect from devices with address not in the list. too bad there is no button to override it or enable some 'learning mode' that would add currently connecting device to the whitelist when button is held.

[koisama]

Great idea. Don't even need a button - it would make sense to enable learning mode for a short amount of time after sensor is powered on, then turn it off. Same approach could be used to set a new pin in case old one was forgotten.

[pvvx]

The pin code is made in such a way that it is impossible to change anything. Removing the Pin code is only possible by flashing the hardware with eraser of the entire Flash.