Guys/Gals....
I might be slow to know about this, so I figured some others here might be too. No disrespect intended, but I watched a program this weekend 'The Real Hustle' on British TV. It explored a serious vulnerability in the Bluetooth technology.
Apparently there exists software which can be installed on O/S based Mobile phones/PPC's that allow its user to scan for BT devices i.e. in busy areas like train stations etc.
They can then hijack your phone..'Without Your Knowledge'!! They can then use your available credit/contract minutes, to make calls to a purpose made premium number @ £1.50 per minute....all without leaving a trace on your phone!
You won't know until you get your whopping bill and will have no way out of paying for it, as calls will have registered as having been made from your phone!
Bottom line for Athena users with BT earpieces and other people too. ONLY switch your BT on when you are going to use it and be sure to switch it right back off when you're finished.
The program did not reveal whether this was possible if the devices/BT mode was set to invisible, but that is something I intend to find out.
Scary eh?
P.S. Something like this happened to a relative of mine only last week as his BT is always on (for phone calls). Just thought I'd share my concerns with you. Sorry if its old news already.
Yup, old news I'm afriad. The Ameo AFAIK and can test, seems to have a fairly sturdy bluetooth stack, as do most phones from the last 18months - 2years. But it is quite surprising how many phones are vulnerable to various bluetooth exploits. I have found that its not impossible to crash the BT stack, but its not trivial, and doesn't really seem to do too much damage, apart from requiring a restart of the BT module. Unlike my old T68 which locks up tighter than a locked up tight thing, gives out my contacts and calendar, make calls e.t.c.
Oh, and I generally leave the BT off on the Ameo because its such a battery drain.
Digital.Diablo said:
Yup, old news I'm afriad. The Ameo AFAIK and can test, seems to have a fairly sturdy bluetooth stack, as do most phones from the last 18months - 2years. But it is quite surprising how many phones are vulnerable to various bluetooth exploits. I have found that its not impossible to crash the BT stack, but its not trivial, and doesn't really seem to do too much damage, apart from requiring a restart of the BT module. Unlike my old T68 which locks up tighter than a locked up tight thing, gives out my contacts and calendar, make calls e.t.c.
Oh, and I generally leave the BT off on the Ameo because its such a battery drain.
Click to expand...
Click to collapse
Thanks for that Diablo. So what you are saying is that newer devices (like our) with newer BT stacks are NOT vulnerable to these attacks? Only the older types of mobile phones?
Is the hidden option didn't make any difference?
I have tested a couple of "available" software.
Generally it is quite trivial to establish a connection with older mobiles phones. SonyEricssons seem to be particularly vulnerable.
I haven't been able to successfully intercept the Athena though. Although I have many shortcomings in my very limited abilities... I'm sure a dedicated person would be able to intercept and <do whatever> given enough time.
Normally it should be enough to enable "Beam authentication" and uncheck "Make this device visible to other devices".
mackaby007 said:
Thanks for that Diablo. So what you are saying is that newer devices (like our) with newer BT stacks are NOT vulnerable to these attacks? Only the older types of mobile phones?
Click to expand...
Click to collapse
I wouldn't go as far as to say they're invulnerable, however they're stronger than other targets. Bluetooth in itself is quite basic in its security mechanisms, but Ameo stands up well to attack. As mentioned, its possible to crash the stack, but this doesn't bring any benefit to the attacker, apart from the knowledge that they've been able to do that. I suppose it could be used as a buffer overflow exploit, but with so few devices around, its probably not worth the effort to try.
One thing TO be aware of though is that when pairing a device, its possible for a 3rd party to grab the keys off the air, and then you can impersonate a bluetooth device. So if someone were to capture a key pairing between a mobile and a laptop for the laptop to be able to make internet connections via the phone, then you could impersonate the laptop to make these calls. But this is fairly unlikely if the phones are already paired. However, the cool thing is, if you've got a vulnerable phone, you can make it loose the pair key, when Mr End User resync's the phone, snap it out of the air and do naughty things. I work in Network Security so I try and experiment with these things for the good of our staff, and bluetooth hacking is one of the cooler things IMO.
Oh, another cool point is that people think bluetooth is 10m or 100m radius. Some researchers have managed to send a bluetooth message about 3km (I think).
And finally, the other thing you can do to really bug someone is repeatedly make bluetooth requests to their phone for 'services available'. Most phones will provide this without pairing, and in doing so, it can generally cause the power consumption to increase. Once again, I killed my T68 with this technique in about 2hrs from full charge, as each time it made the request, the screen redrew, the backlight and key led's came on and I suspect the radio power draw increased.
WM5 and espicially 6 are practically safe
Done a bit of research on this now and coupled with your feedback guys, I feel Athena owners are pretty safe from random attacks. Thanks a bunch for putting my mind at ease...I will however remain cautious in public areas and turn my bluetooth off if I am spending a considerable amount of time there.
The fact is that the only way this vulnerability works is by exploiting the Symbian Bluetooth stack for now. Conversely, WM is one of the more secure O/S's out there at present. WM6 is even more so. There's a lot of snakeoil within the industry, although with the Ameo, I would look into getting AV if you plan on doing a lot of downloading off the web. Yes, there is no serious malware for the WM platform, but the device can still be a carrier for the host Windows systems. As HSDPA becomes more widespread, the benefits fo attacking these platforms becomes greater; it's not there yet but will become an issue.
mackaby007 said:
Done a bit of research on this now and coupled with your feedback guys, I feel Athena owners are pretty safe from random attacks. Thanks a bunch for putting my mind at ease...I will however remain cautious in public areas and turn my bluetooth off if I am spending a considerable amount of time there.
Click to expand...
Click to collapse
It should* be enough to disable visibility. If need BT for your headset but care about battery drain just enable powersafe mode for the audio gateway in the registry.
I'm running bluetooth all the time on my ameo. I'm around a lot on public areas like train stations and airports and every now and then I'm using btCrawler to scan for other devices just to see how many are in visibile mode.
So the best practicefor using bluetooth (on laptops, handhelds or whatever) is:
- Turn off visibility
- Use encryption AND authentication for every connection
- Don't accept messages or transfers from unknown devices
- Don't use easy PINs like 0000 or 1234
- Use different PINs for every connection
If you follow the above, using bluetooth should* be safe
* Should, because if an attacker knows your device address, he's still able to try to attack you directly. There is an interesting article by Max Moser about using the expensive (but excellent) Bluetooth Diagnostic Tool from Fronline (FTS4BT) with a normal inexpensive bluetooth dongle. Using this you are able to sniff bluetooth connections by following the hopping sequence. You can sniff audio connections, data transfers, etc. If no encryption is enabled everthing is tranfered in plaintext. However it is still possible to decrypt encrypted BT traffic if you are able to sniff the pairing process. If you have successfully sniffed the whole pairing process you can extract the link key and PIN with btcrack and then use the frontline sniffer to decrypt the traffic.
Related
hi guys, i couldnt help noticing that when i previously used nokia 6600 (symbian s60) they had few 3rd party that is able to make use of their audio mechanism during callls. for example, one software can make selected background noise for opposite callers so they think that u are at a train station for example when infact u r silently at home. another software is an on board answering machine, which after the phone rang for a few times it answer the fonecall with your automated recorded voice and recorded a msg left by the caller on the fone. this is convenient for us so we dont need to call back our voicemail and reduce cost as well as some telco charge to use their voicemail service. im surprised these kind of software have not came out for our windows mobile device when its already available for symbian. im sure it shouldnt be that hard to make it. any coder expert wanna give it a go??
cutefox, what kind of searches have you made for this software on this board? Did you have much luck?
V
i already tried commercial such as handango and pocket gear.. even freeware sites also no luck.. jus dun understand why no 1 made one yet.. shouldnt b too hard to make one.. it will be a big market to sell such a software for our ppc phone device now that more devices is coming out..
Cutefox: have you tried searching this board? Let me save you the effort, but it'll be a good idea next time. It's not generally considered possible, at least on WM2003 devices because of both hardware and software limitations. It's not that no one has thought of it before: someone seems to think of it approximately every two days... but there are many many threads on this issue.
V
Look at what I said here...
http://forum.xda-developers.com/viewtopic.php?t=9761
That sums up why we can't do it using the api's available to us now. The funny thing is the way bluetooth sends the audio stream to a headset. Obviously the data is getting there somehow but I suspect it is not (directly) via windows. Dose anyone know if the radio hardware for bluetooth is connected to the radio hardware for the phone? My guess is that if you could write a program that windows "sees" as a headset then you could get the audio that way. But thats a problem in itself.
I would love this kind of program myself. How is it that such usefull devices with so many capeabilities can be kept secret from us. We can't use the camera, we can't get the cell id on towers, we can't programatically controll the partnerships in blutooth, we cant get the audio stream of our own phone, the events on some ppc's that control brightness are secret..... the list goes on. This kind of #@!!$$ is going to hurt the future of these devices which I otherwise love.
OdeeanRDeathshead: I had read your previous posts, and as ever, very interesting and informative reading. I had the same idea regarding a "dummy" bluetooth device a while back, but mamaich put me in my place!
http://forum.xda-developers.com/viewtopic.php?p=179839#179839
V
thanks vijay555, thats what I have suspected about the hardware. What I want to do is a bit different. The bluetooth can communicate to many devices at once. If your program could appear to be a headset to the os, then the phone bluetooth hardware could transmit the audio to the headset at the same time your program uses bluetooth to receive it. Kind of like a loop out of the box to bridge the lack of functionality. This shifts the problem to how dose a hardware bluetooth headset communicate. Emulate this and we are on a winner. I don't think I have the willingness to pull my devices appart. I also do not have the money for some of the hardware (eg good digital oscilliscope) that I would need to measure whats going on. I did read that microsoft are about to expose some new api to allow control over the pairing process (but not the audio stream). I hope that we get some soon.
Is there going to be any new (for 2005) free development tools like the evc versions used today?
OdeeanRDeathshead: re eVC, I don't think so. The "express editions" are free, but they specifically omit the functionality to develop "mobile solutions".
Re the loop back. That's a good idea. I think mamaich is our best bet on schematics, I think that would be very helpful. As you "rave", it's mindboggling that Microsoft still haven't revealed or implemented a way to interact with the audio channels. It must have been one of the first things one could imagine doing once you develop a PDA with a phone stuck on the back of it.
Any idea if the bluetooth stacks could support transmitting and receiving simultaneously in this manner? I know some of the boys are working on alternative bluetooth support for the stereo headset profiles, so they might be able to shed some light on the issues involved. I guess the processor overhead could be hefty, but for the benefit it would be beneficial.
V
(I moved this out of the widcomm bt stack post)
How hard would it be, to write a semi-universal application for the WinCE environment, to simply emulate a router? I know a little C/C++, but nothing else. I say bypass this BT garbage.
What you would need hardware wise IMO,
Have GRPS/EDGE or some other true 3G data connection... and 802.11b or g, with a chipset that can go into AP mode (which I think I read that the wizard's chip technically can, and same with the H6315 25 45 models).
Then enough ram and CPU left over to do basic routing and DHCP to any clients around you. Viola, handheld, portable router all in one! It would sell like hotcakes, especially for some of our companies events (outdoor sports promotions). It would also make it very universal, at least to clients, if not a couple PPC servers with the right hardware.
I really really hate bluetooth. The ONLY bt devices that have not given me much grief, is an old Jabra Bt200 headset, and an altina USB GPS mouse (with iguidance mapping software). I have had 3 sets/brands of A2DP headsets, another USB mouse that never worked right, numerous dongles to numerous PC builds to share different things... all worked not at all or mediocrely at best. I have also owned an Axim X50, and and X5 (with CF bluetooth).
There is no standard interface, or guarantee with bt, it's just mostly bad luck and voodoo out of the box, and the company hoping you will forget to return their "best effort" product. I don't blame them. I blame widcomm, broadcom, and MS, for their stupid BT stacks, with separate capabilities, millions of version/build numbers, license issues, and general apathy for creating a solid standard product. In a way, MS tries to do this... by cutting out 90% of BT proported features it seems LOL!. If I wanted diversity (aka headaches) in something computer related, It would not be BT, it would be Linux, which somehow works most of the time, and if not, you can make it work... because it's OPEN. Dumb dll's.
This is worse than IRQ conflicts with ISA cards back in the early 90's. Then plug and pray came to save us... and it took like 6 years! How long has BT been out?
Werner, I've read about your PPC proxy thing, but I would like to use more than just HTTP proxy, I need to be able to orb, and try other things.
Thanks for the info new2city! (from old post)
So who remembers this? (I'm showing my age huh lol)
+++ATH0
NO CARRIER
This sounds like a very interesting idea. You may not even need a 802.11x chip that can do AP mode. As long as it can do ad-hoc, you should be able to do something simmlar to ICS in desktop windows.
Great news! Hope you do manage to do it!
I'm thinking it would be pretty hard to do or else someone would have done it already.
I had the same idea myself a while ago but as I have no PPC programming experiance I just let it go.
Hi,
I am currently looking for a piece of software that will do a specific job, or possibly a better solution to what I am trying to do. Let me give you a little bit of background...
I have got an O2 XDA Mini S, and a Parrot hands-free kit that does not support the A2DP bluetooth profile (only the handsfree profile). I am currently using TomTom 6 on my XDA with a bluetooth GPS unit. Everything works really nicely together, except I cannot get instructions from TomTom through my parrot (which is ultimately my goal).
The only way I can see of getting the TT instructions through my Parrot is to make use of the programs floating about that allow you to turn on and off redirection of sound through bluetooth. The idea I had was that if there was a program about (or maybe even write something myself) that would be able to signal when the sound coming out of the XDA exceeded and then dropped back below a threshold level, and then somehow link that into the bluetooth redirection programs, I could basically have any sound that is produced go through the Parrot only when they occur (including obviously the TT instructions).
Does anybody have any ideas on this? Any help would be greatly appreciated.
Thanks.
Point UI, a UI wrapper, has a feature similar to what you're describing. It's used just to save battery power by turning on BT only when an incoming call is detected, and then killing BT after the call is ended. I don't know if it's open source, but you might want to head over to their forums and see if you can find out how they did it.
You probably also want to haunt any TomTom forum sites (if any even exist).
As a final option, look into Mortscripts. People have done amazing tricks with Mortscripts, and this might be just the ticket. Mort haunts these boards, and may pipe in with an "I can (or cannot) do that with Mortscript" too...
I have a question, though. What's wrong with using the Wizard's built-in speakers for getting directions?
Myrddin Wyllt said:
I have a question, though. What's wrong with using the Wizard's built-in speakers for getting directions?
Click to expand...
Click to collapse
To be honest, it's not too bad through the speakers although if I have my radio on which I usually do, sometimes it can be a little bit hard to hear, and it would be nice to just have the radio mute while it gives me the directions.
It's more of a "want" than a "need" really.
Thanks very much for the info
Myrddin Wyllt said:
Point UI, a UI wrapper, has a feature similar to what you're describing. It's used just to save battery power by turning on BT only when an incoming call is detected, and then killing BT after the call is ended. I don't know if it's open source, but you might want to head over to their forums and see if you can find out how they did it.
Click to expand...
Click to collapse
It is quite easy for programs to detect when you're in a call - MortScript, I presume, probably can detect that quite easily as it's an overall Windows feature and will probably have a readily available part in the API.
The problem is not with turning the bluetooth on and off, it's actually detecting when TomTom is giving an instruction. To be honest I think I'll look into MortScript and if that can't do it then I'll probably just give up.
Detecting phone calls isn't that easy, and it's especially not easy to make a check in a simple procedural script language like MortScript (up to WM5, there's no way to check whether a call is active, you have to monitor all the time if a call is accepted or hung up).
Detecting sound output of another application is entirely impossible - at least for most applications. If the app opens the output channel only during output (which most don't because it takes valuable time and causes ugly "click" noises on some devices), one could maybe query the number of free output channels - but that would need a CPU hog monitoring all the time, or half of the message would be over until it's detected.
And even if that would work, there's simply no way to redirect output to a BT headset (except with A2DP). At least on most devices. Once there was a simple way to do that (you just had to open a virtual port, and as long as it's open, everything was redirected similar to the A2DP way nowadays), but most manufacturers didn't implement it, and nowadays it seems like no modern device supports it anymore. (Had it for test purposes in a MortPlayer beta, no user reported it works...)
So, to put it short: Currently it's impossble. Maybe WM8 might change that... (Few hope for WM7, it's proposed to have the same kernel as WM5 and WM6.x)
I'm a Desktop .Net developer with NO bluetooth experience and only a bit of low-level networking experience so I'm speaking from limited knowledge, but not complete ignorance.
I use my phone as an A2DP source and AVRCP client for quite a few devices (Jabra JX20 Pura, Jabra BT3030, Windows Vista, various BT speaker systems) and Alpine BT300) around my house, garage, car, and on the go. They all work wonderfully (some have better range than others, some better sound), but using any of them presents a couple common issues.
Some devices (like my car), constantly seek out the last paired device until they connect, while most of the other require a connection to be initiated from the phone. The phone doesn't care which is around or has the best signal, just which one successfully connects first.
I'd like an app that could have profiles setup which would let me control certain variables OR at a more basic function (see below):
Bluetooth Profile
Device Priority
Minimum Strength (to be used when more than one device has the same priority)
That would be my ultimate goal, but in the meantime I'd be happy with something as simple as a command line app that could be bound to a key or shortcut which would try to connect to a predefined list of BT MACs for a given profile and stop when the first one connects successfully. Variations on this might allow a connection attempt to a specific device instead of a list. This way I could have StartMenu or Today shortcuts.
The point here is largely to have to avoid nagivigating all the menus needed to initiate an A2DP connection, but I'm sure there are MANY other uses people would find.
If someone could point me in the right direction (I'm researching already of course) to the namespace(s) and or class(es) in .Net 2 or newer which would allow me to enumerate and/or initiate connections, this may be something I could bring to the community (assuming it doesn't already exist, and I have asked MANY times).
I've created a poll also to see what kind of interest is out there for this software and how much support I might receive.
I've been knocking an app up to suit my own personal A2DP needs... and a lot of yours by the look of things ;-) Things it does:
Kinetic scrolling finger friendly list of A2DP devices known to your phone (tap to select then tap again to attempt connection).
Toolbar buttons indicating active A2DP connection status (tap to disconnect active connection).
Bluetooth devices applet shortcut.
Switch bluetooth on (a good few of my devices need the phone to be discoverable so the app forces the phone to be discoverable at all times *blush*).
Switch bluetooth off.
Shortcut to program launcher list (automatically displays this list when you initiate a connection to a selected device... and there's items to display in the list of course).
Command line access (via secondary exe) allowing you to attempt connection (to a named , the last connected or first found device) and disconnect an active A2DP connection. I've only really tested the named device connection but the other 2 modes *should* work
QVGA / VGA and orientation aware.
I've been wanting to work towards getting it up on XDA... but time constraints (and a baby on the way ) have gotten in the way and it's unlikely I'll have the time to do it for a good while. I'd be happy to pass on the code to someone willing to take it further if that's any use. It's written (very quickly!) in VB.net BTW.
It uses a few bits and bobs from other people though:
A2DPToggle's "a2dp.exe" to handle initiating a connection.
Icons from lord only knows where I found them.
The kinetic list code found on here (http://forum.xda-developers.com/showthread.php?t=333124&highlight=klist). IIRC, I used the gingercat updated version and tweaked it to my own needs. There's many a kludge I've put in to the code to get things working quick-smart (D-Pad navigation mainly).
InTheHand 32feet.NET libraries (http://inthehand.com/content/32feet.aspx). These work with MS Bluetooth stack only.
So permission from the respective folks above would be needed before releasing it into the wild I guess.
Here's a screeny
Hey great tool! When I click a device will it auto connect or only open the BT Explorer and will it work with Broadcom BT Stack? Thanks
Oops, meant to say it's been developed for the MS bluetooth stack only. Sorry about that.
When you attempt to connect to a device it first checks the device is reachable and only then attempts to initiate an A2DP connection.
Northernmost said:
I've been knocking an app up to suit my own personal A2DP needs... and a lot of yours by the look of things ;-) Things it does:
Click to expand...
Click to collapse
Absolutely. I can get around in VB.Net and C# just fine. If you don't want to publish the code publicly, PM me your email address and I'll invite you to my Sharepoint site (easiest way I know to share files and manage communique), otherwise attach here.
It sounds like you've already covered 99% of what I was looking for, but I'd be more than happy to do what I can to more the idea forward, even taking suggestions from others in this thread.
About the BT stack, I'm running a Vogue with a ROM cooked in PPCKitchen, how do I determine which stack I'm running and can that be changed?
rainabba said:
About the BT stack, I'm running a Vogue with a ROM cooked in PPCKitchen, how do I determine which stack I'm running and can that be changed?
Click to expand...
Click to collapse
I've no idea what stack Vogues come with but the MS stack device list looks like the attachment below. If yours looks the same it's the MS one. I guess the Vogue forum should have any info on swapping stacks if it's possible.
Sounds like I found the correct people to answer my question about BT. Is there a way / how can I: enable my Mogul 6800 phone to transmit the sound that would normally go through the speaker to my BT headset in order to listen to streaming audio from the net using Kinoma Play which goes out and picks up all sorts of "radio programs" , i.e. not using a direct URL. I am also not able to listen to audio files from the Audio Recorder through anything except the speaker, even not through a head phone. Do I need to download a program or set up my phone differently. I currently have Titan WM6.1 Build 20755 GPS kitchen from PPC Geeks. Thanks so much for your help.
jminor4326 said:
Sounds like I found the correct people to answer my question about BT. Is there a way / how can I: enable my Mogul 6800 phone to transmit the sound that would normally go through the speaker to my BT headset in order to listen to streaming audio from the net using Kinoma Play which goes out and picks up all sorts of "radio programs" , i.e. not using a direct URL. I am also not able to listen to audio files from the Audio Recorder through anything except the speaker, even not through a head phone. Do I need to download a program or set up my phone differently. I currently have Titan WM6.1 Build 20755 GPS kitchen from PPC Geeks. Thanks so much for your help.
Click to expand...
Click to collapse
You need an A2DP capable device (high quality), connected, THEN start your audio program OR use a program called Audio Gateway with a basic Bluetooth headset (low quality audio).
thank you very much.
Northernmost, how about that source code? If you want to pass it along less privately than a post here, PM me and I'll provide a solution (source control, WSS, etc.)
Sent you a PM the other day. Let's go the private way for now.
Hello to everyone.
From when i bought it the op8pro has some problem with the bluetooth. Is like if the device can connect to one device only. I have a fossil 5 gen, one fiesta mk8 with android auto and the bluetooth headset but is like if the bluetooth has some problem to connect to two or one devices. For example every time my car doesnt connect to the phone automatically and today when i was to the gym my headset doesnt connect automatically too. My previous note 10 pro was able to connect without any problem... Someone has some problem with the bluetooth? Thanks
I have another problem. Every time that i enter in my car the device is connect to android auto but if i want to play an audio from whatsapp i have to tap a lot of time on the play botton.!!!???why
I see this same issue, I'd say 80-90% of the time (the other 10-20%, it "just works", which is truly odd, given the protocol).
For example, I use some bone-conducting open-air headphones, while cycling (long time road cyclist), and sometimes I want to connect my Garmin Edge 1030, to download a route, when I'm out.
Good luck, even upon returning, I'm often sitting in the garage, trying 20+ times (after shutting my headphones off, even), to try and download my ride-data, for the day. Sometimes it requires rebooting both devices, flushing the Bluetooth app-cache, and the Garmin app-cache, and then it'll work, that's perhaps 40% of the time.
For another 40%, it will NOT connect, what-so-ever, across multiple reboots and app-cache flushes, period (I tend to give up at around the 20+ attempt mark, depending).
The last 20%, it works, perfectly, as you'd expect, and as my OP7 Pro did, I can't recall a single BT connectivity issue, with it, either solo (Garmin) or with headphones concurrently.
I've filed bugs with OP (along with NUMEROUS other radio bugs, like the fact you can't connect to a 5G-mobile signal, if you're connected to a WiFi signal, on the INO2025 model, bug filed, trace-logs submitted, including pointing out log-lines where the radio(s) fail).
Unfortunately, with the Bluetooth issues, it will not repro, if I use the OP debug-mode, which is how they want to receive logs (and how I've submitted many bugs, previously), so I'm at a loss, short of finding a hardware Bluetooth debug module (I used to work on h/w and s/w boundary driver stuff, so I've used a h/w BT debugger before, but not for some years, and have no access to one, currently).
OP seems to just ignore the bugs, at that point, when I can't provide the logs, they pretty much abandon the bug-thread, so I'm not sure how they're going to get some of these resolved (I've noted that the debug-mode seems to introduce some latency, or similar, that prevents repro, no response to that, what-so-ever).
I have reset the radio-stack, a couple of times, and did one full factory-reset (shortly after getting the phone, about 1 month back now), with no real change in results, for reference.
I feel like I'm back in the late-90's, when Bluetooth was super-flaky. on most devices, in the 1.x and 2.x days.
Not exactly a "flagship phone experience", or even a decent budget phone Bluetooth experience, for this day and age...
I'm open to ideas on how to debug further, I'm really more of a storage and display guy, and memory-management, in terms of the bulk of my dev/debug skills, communication protocols were something I did on the fringe, of sorts, when they overlapped, or similar.