You are reading a single comment by @Gordon and its replies.
Click here to read the full conversation.
Espruino is a JavaScript interpreter for low-power Microcontrollers. This site is both a support community for Espruino and a place to share what you are working on.
@Gordon
If the watch wasn't already connected to someone's phone then maybe. On Bangle.js you can add Pin pairing, whitelist, or turn off Bluetooth totally though.
No - while technically possible to do, realistically the chances of someone opening your Bangle, reading out the flash reverse-engineering Espruino's filesystem really is quite small. I think you're in danger of tin-foil-hat wearing security paranoia.
But of could someone could (once they have physical access to your watch) change bluetooth settings and load the data out with the IDE/app loader.
Yes and no - I mean, if you encrypt the data with a PIN code that the user has to enter, I don't see a big problem there. There is AES encryption built into Bangle.js so you can easily encrypt individual files if needed.
Of course someone could brute-force a PIN but they would have to be able to find a way of knowing if the password was legit or not - but the same would apply to any device.
And yes, you wouldn't store unencrypted data - just keep it in RAM, or even better dispose of it as soon as you've drawn what you need to on the screen