Ubertooth (Re: How to listen quietly for other Bluetooth devices?)

[Maksim Yevmenkin]

On Sun, Jul 9, 2017 at 4:11 PM, Mikhail T. <mi+thun at aldan.algebra.com> wrote:
> On 09.07.2017 18:54, maksim yevmenkin wrote:
>
> Interesting... I personally have not seen this. Thank you for the pointer.
> It looks like custom hardware running custom firmware. This should be able
> to give full access to baseband. Still kinda pricey. Ubertooth one hardware
> sells for $120 at sparkfun. That's 3x price of raspberry pi 2/3 :) for a
> fraction of general usability :) could make an relatively inexpensive
> Bluetooth scanner though.
>
> They are using "bluez" to flush their own firmware into the dongle, it
> seems. I doubt, they make their own chipset -- it may be possible to flush
> the same firmware into a much cheaper dongle with the same chipset...

hmm... i don't see it. sorry. may be i'm looking in the wrong place.

so, yes, they have custom firmware that is flashed onto ubertooth-zero
or ubertooth-one dongle. my understanding is that those are not
off-the-shelf dongles.

https://www.sparkfun.com/products/10573 is $120 (ubertooth-one)

https://www.amazon.com/Great-Scott-Gadgets-WRL-10573-Ubertooth/dp/B007R9UPHA
(Amazon)

yes, they are not making completely custom chip, they are reusing some
off-the-shelf components. however, final board it custom. in fact, i'm
not even 100% sure that ubertooth-one is a complete bluetooth dongle.
according to schematics they use CC2400  Single-Chip 2.4 GHz ISM Band
Transceiver and CC2591 2.4 GHz Range Extender strapped to LPC175x ARM
Cortex-M3 microcontroller. it may be just designed for the purpose of
scanning and may be injecting packets.

there are references to a modded CSR firmware that can be flashed onto
off-the-shelf CSR dongle. however, even with modded firmware, it will
not act as full scanner. according to the posts it will sniff traffic
for known BD_ADDR.

as far as porting it, i don't see what's the big deal. it seems like
it should be possible to port this.

thanks!
max