Privacy

Privacy is a swinging topic. On one hand we seem to not care at all with open social media every time and everywhere. But on the other hand we start to understand. And care. Privacy is also a very important topic from a system design perspective. It is very delicate and has to be taken care of since the very beginning.

In wireless networks we talk a lot about security. Key exchanges, encryption, authentication. But how about privacy? It is not all that rosy everywhere...While the modern wireless systems seem to had learned how to do proper encryption (and that includes learning basic things like a nonce), many of them don't protect privacy properly. Or even at all.

The culmination of misunderstanding of privacy was at the dawn of IPv6, when we were triumphant saying that every grain of sand could have an IPv6 address, not to mention humans of course and all their [connected] belongings. The addresses would be static - of course. That means every grain of sand could be traced. Globally. Not to mention humans of course and all their [connected] belongings...

So, after all, a static, public, exposed IPv6 address is not such a great idea. Nor is the 48-bit public MAC address that every networked device uses and exposes. MAC addresses are globally unique, so like the IPv6 addresses, they can be used to identify things (and people) and track them.

Add many communication protocols that consider themselves modern and secure, use MAC addresses and IPv6 addresses encrypted, allowing everyone to track everyone. And just by capturing the traffic deduce information about the number of devices participating in a network and their types / models (MAC addresses point to their manufacturers...).

Bluetooth mesh is different in this aspect. It encrypts destination addresses and obfuscates source addresses. So just by sniffing the traffic, you learn nothing... Except that there is some traffic. You cannot tell (by capturing Bluetooth mesh messages) how many devices participate in the network: is it 2 or 200...  If you don't know the security keys, all radio transmissions are just noise.

Privacy is often an overlooked feature of Bluetooth mesh, but it was designed there since the very beginning to protect the information about the network and its owners and users. It is - at the same time - a stand-out feature. None of the competing low power mesh networking protocols have that.