Bluetooth LE security
Does anyone know of best practices for securing Bluetooth LE?. I would like a button on the device to activate Bluetooth and use that connection to manage the configuration of the device. What are the best practices to ensure that anyone can not just reconfigure the device?
If your going to have a physical button to enable it to be reconfigured you dont have many options.
An idea may be to write something to flash storage after the first time its been configured and not allow additional setup attempts unless that file is removed but if someone has physical access to the device there's nothing stopping them connecting over uart and removing it via repl.
Alternatively. A physical preventative might be more suitable (lock it in a box)