I had to dig a little to figure this out, so, to keep yourself safe:
Android: disable Bluetooth when you're not using it (but you'll be vulnerable while you are). My Pixel just got the 12/5/2023 security update, which fixes the issue; not sure about non-Pixel phones.
Linux: Open up /etc/bluetooth/input.conf and set ClassicBondedOnly=true (in my case I just had to uncomment this, not add anything). The next version of bluetoothd should default to =true, but you can set this yourself now. Don't forget to restart the bluetooth service after doing so.
Not sure about macOS or iOS; I don't have devices running either of those.
Too bad iOS makes it very hard to disable bluetooth. Android was swipe+click, iOS it's swipe, two long presses, two clicks. Or you can type it, but that's obviously more clicks (though possibly faster).
I used to make the effort when I switched from Android, but I already gave up...
I had to create custom shortcuts to disable WiFi and Bluetooth after Apple made the ones from Control Center useless.
Is it possible to do for Location as well? Last time I tried to search for it, it really wasn't possible except through Siri somehow.
I made one to open locations in settings via open URL: prefs:root=Privacy&path=LOCATION
Wow, that's bonkers. I thought apple cared about privacy?
it's route for the settings menu, not sure it works in the browser :)
here's a list with all settings urls: https://github.com/FifiTheBulldog/ios-settings-urls/blob/mas...
It makes sense for most people. When they want to turn those off they want to either disconnect from WiFi or disconnect from Bluetooth audio, and they don’t expect things like airdrop or their Apple Watch to stop working when they turn them off.
Sounds like an excellent opportunity for a UI affordance to me. Instead, Apple has chosen the path of least-yet-most-unpleasant surprise.
Am I missing something? Swipe from the top, tap to disable BT?
Notice the difference in color when you do that. As the other comment pointed out, it only disconnects devices. Apple makes it hard for their users to disable bluetooth (or gps) so features like airtag work well.
You are sacrificing your battery life (and I guess privacy and security) for the ecosystem to work.
Google won't let you use GPS for maps without also turning on wifi for similar reasons I guess. It does make it more accurate but shouldn't be required.
Wasn’t there this thing that Google collected a list of SSIDs using their Google Maps cars, and that gave them “good enough” geolocation using passive WiFi scanning, which was much less battery intensive and faster than GPS?
That's nonsense, Maps works perfectly fine with wifi off
That’s unfortunately only disconnecting until the next day (see text appearing above when pressing).
Depending on whether you have the Settings icon on your Home Screen, that’s three taps (Settings -> Bluetooth -> Off). Not even any scrolling.
You can make a shortcut with the action Toggle and set Bluetooth
I’m trying this now and can’t figure this out. I’ve been trying for months now.
I’m adding a new action, I search toggle and Bluetooth and I’m not getting any actions to set Bluetooth. What am I doing wrong? Edit: Scratch that! I figured it out! Realised I wanted a way to connect to a Bluetooth device (my flaky headphones don’t always connect, pain to dig into the settings every time)
Setting doesn't always open on "home".
Annoyingly so it doesn't even always open on the expected screen, e.g. when opening "Wifi settings" from the network selection you might end up in notifications if it was the last screen you used. Not a consistent bug.
On iOS you can scroll diagonally from top right corner and one more click to disable it.
It is not permanent and comes back when disabling airplane mode, in addition to updates too.
The toggle in control centre does not disable Bluetooth. It disconnects Bluetooth until tomorrow. It even says that in control centre when you tap on the toggle.
It’s impossible to permanently disable Bluetooth on iOS. Every iOS update re-enables it.
Same on MacOS. It got to the point where I made a start up script to check and disable Bluetooth.
Apples official stance is that this behavior “functions as intended”.
https://lapcatsoftware.com/articles/bluetooth.html
To be fair, the default behavior does exactly what I want: Disconnect me from a broken Wi-Fi network/Bluetooth headphone/speaker implementation that is hijacking my audio output, without breaking "Find My", Airdrop or Wi-Fi geolocation.
AirPods can stay connected, which is maybe unfair towards third-party vendors, but they also don't insist on connecting to all paired devices at once and usually pick the two wrong ones and steal audio from whoever in my home is using that device at the moment.
Make a shortcut to disable or enable and add that shortcut to your Home Screen
Seems like the flag defaults to true since December 7 (Fedora 38) with bluez v5.70-4:
This seems correct, however 'ClassicBondedOnly=true' is commented out in '/etc/bluetooth/input.conf' in Fedora 39 with bluez v5.70-4 anyways.
Presumably so you can't turn it off simply by uncommenting the line. The default is defined in some source file.
Mine says
(which is the patch indicated)I don't follow your point.
Generally commented out lines are defaults, right?
Often yes, but not always. Here both the default is mentioned and a commented line is offered (I like commented lines as they show a proper format).
Page says it only works for stuff that doesn't require password or biometrics.
I actively lock my phone when not using it, and surely I'd see the activity of the keystrokes being sent when using my device, no?
In that case it doesn't seem that horrible to leave Bluetooth enabled.
That was my first thought as well. Then I remembered how much time my device spends in my pocket or on my nightstand
Right, but can it enter keystrokes when the device is locked? As in use the device "behind" the lock screen?
I don't have a device lock because I keep the thing on my body and anyone violating that will also get the password anyhow and I don't want to have to authenticate a million times a day. That logic worked until now I guess :/
Does this even work without pairing?
Not sure. Doesn't the iphone lock you out for a day if you enter your pin wrong too often? If that pin-entering can be done via bluetooth.... More a prank than an attack, but still quite annoying.
I don't have an input.conf file on my OnePlus phone. There are bt_stack.conf and bt_did.conf in the same directory though.
iOS: https://support.apple.com/en-us/HT214035
macOS: https://support.apple.com/en-us/HT214035
Both say:
I always hated that after an ios update bluetooth always came back as enabled... when I never actually used it... this puzzled me for a long time......
also, the emmentaler like wifi cannot be fully turned off from the control panel either
As someone with bluetooth devices (Smartwatch, buds, headphones, glasses etc) this is...difficult lol
Ubuntu 2022, the default appears to be true already:
# Defaults to true for security. #ClassicBondedOnly=true
Any idea how to tell if grapheneOS fixed this in its sunfish (4a) branch? I'm stuck on android 13 with a 4a and I need Bluetooth to open my car door. If graphene fixed this, it would spur me to finally move to it. I just can't justify getting a new phone when this one works fine.
I'm really glad I went with a Pixel!