• First of all thank you @fanoush, when I made this thread 8 months ago I was not aware which Espruino help articles are about Espruino in general and which also apply to Bangle.js 2 in particular. Maybe the homepage could be more specific here!

    I know that there is a whitelist functionality. And AFIK also a BETA feature PIN to connect. But those, I believe, are both filters at the device level not on the app level!

    On Android usually not all apps can read the notifications! Apps need to request android.permission.BIND_NOTIFICATION_LISTENER_SERVICE. Would it be possible for an app to break this security sandbox by requesting the Bluetooth permission instead and then reading the notifications back from the Android companion app on the Bangle.js 2 watch? Or otherwise create mischief on the watch? (By installing additional apps or setting the time). Or sending notifications that I think came from the OS/Gadgetbridge but come instead from evilapp.

    Maybe the functionality to install more apps onto the watch should only be possible from some apps or the browser with an extra programming PIN, and not from all apps from that (whitelisted) device.

    I guess what I would love to see is some sort of threat model how the watch behaves and what is guaranteed to work and what isn't. What is the responsiblity of the user to secure and what isn't and what the guarantees in terms of isolation and security are.

    Thanks in advance!

About

Avatar for user141359 @user141359 started