ZeroChaos-
commented
6 years ago I'm going to respond once, and then close this issue. If for some reason my response merits further discussion then please open one new issue for each unrelated question.
Bluetooth 5 signal: I get this information from Bluez, I have no control over it.
Device detection: the ubertooth is presently only used for sniff for bluetooth classic packets, so bluetooth le devices will be missed if they don't send advertisements (which most smart watches don't)
Database: The most recent builds age things out of the db at 2 weeks. Most likely the issue is that microsoft isn't in the vendor field, it's likely in another field like company. The main ui overloads certain fields based on what it sees, for example showing the oui vendor for a random mac address would be pointless so we show company from the company field if available.
Which dongle: this is actually on the list of things I want to add, but it's not there right now. If this is a big deal for you then open a ticket to track it.
RSSI: we don't presently track RSSI for things seen by the ubertooth. There is a branch where work was started but never completed for this. If this is a big deal for you then open a ticket to track it.
Working on a setup involving BlueHydra on a Raspberry Pi 3, mostly following the instructions from here: https://www.youtube.com/watch?v=UvfNjQFtp_A - libbtbb and ubertooth versions were replaced with the newest build numbers (2017-03-R2 for both). Current setup is using a Sena UD100 and Ubertooth One.
I've noticed some oddities with BlueHydra. The only thing that I'm pretty sure is actually an issue is Bluetooth 5. For the rest, I'm not exactly sure these are bugs, but it isn't what I would expect, so I wanted to give some feedback and ask some questions regarding the behavior.
Bluetooth 5 Signal CL(0x09) <-- that's the VERS that appeard on one of my devices, a Pixel 2. Is there a new Bluetooth mode that isn't in BlueHydra? lmp_version shows as:
Reserved (0x09) - Subversion 702 (0x02be).Techspecs on Pixel 2 list Bluetooth 5Unusual Status I'm seeing an unusual Ubertooth Status. The Ubertooth status line in BlueHydra goes from "Found Hardware" -> "Hardware Responsive" -> "Ubertooth-rx" -> "151525XXXX" where the X's are digits. Values here increment periodically. From what I've seen in demo's, this isn't an expected status message, but I'm not really sure what is supposed to go here. The demo's I'm watching might be old, I wish there was more on youtube/blogs.
Device Detection I feel as though I'm only picking up active devices. Nearby smartwatches and phones aren't seen even when I would expect them to be communicating via bluetooth. Alerts are populated on the watch when email is received, so the phone sent an alert to the watch via bluetooth, but the device isn't populated in BlueHydra. However, if I turn the watch off and on, it's typically picked up as it pairs with the phone. Basically, I don't feel like I'm seeing devices I should, when I should. Does bluetooth do periodic beaconing? Checking in either for devices, or checking in with already paired devices? Should this traffic be picked up? Any reading material that anyone has here would be awesome.
Devices not stored in database When poking through the database, I've noticed that some devices I've seen don't appear. For example, there was a "Microsoft" device somewhere in my house that appears to periodically randomize it's MAC (though UUID seems to be constant). However, a dump of the database shows no Microsoft devices at all. What determins if a device gets added to the database? Are devices periodically pruned? Does the database researt after every startup?
This goes back to my pervious question regarding the database, but it's a seperate observation. I've periodically dumped the database to poke through it with:
sqlite3 -header -csv ./blue_hydra.db "select * from blue_hydra_devices;" > dump.csvI've noticed that one time, I may have 8 devices, the next 14, the next 7. It's incrementing at times, and decrementing at others. I haven't found out exactly what's going on here, is it starting completely fresh? Or aging out devices?Which dongle detected a device? This would help with troubleshooting on my end. As far as I can tell, there's no way to tell what dongle (Ubertooth or SENA) detected a device. I've looked through raw logs and everything. If there is a way, I would apperciate it if someone could point it out.
Some devices don't have an RSSI value Pretty much just this. I would expect anything giving out a signal to have a signal strength value.
This is my first time taking a deep look at bluetooth traffic. I've tried to reason things out on my own, but I apologize if I've missed something obvious and wanted to warn people not to assume I know what I'm doing.