I acknowledge that the situation with Bluetooth peripherals is complicated† and accept that there are probably a bunch of vendors that are unsafe to use. It might be reasonable to simply require Apple peripherals --- not because they're the best, but because Apple is more accountable to peripherals security than most other vendors are.
On the other hand, what we can't reasonably do is create a Bluetooth Keyboard Product Guide in a simple set of security recommendations. Not only will it not be effective, but it will discourage the audience, who will fall back to their previous insecure configurations.
So I'd ask to what extent we think Bluetooth sniffing attacks on journalists are a spy movie threat. No matter what device they use, simply by using a wireless device as an input, they're exposing those inputs to timing as well. But then, as well, Apple's software update could be targeted too.
The basic idea behind the "use a Bluetooth keyboard recommendation" is, I presume, to convince people who would otherwise use computers to do sensitive work to instead use an iDevice. That's a very sound security principle; those iDevices are far more secure than the median fully-functional computer.
If I had to pick between telling a journalist to use a random Bluetooth keyboard with an iPad, or use a Macbook or Thinkpad, I would have a hard time deciding, but I think I'd ultimately go with the random Bluetooth keyboard --- there are too many different ways the computer can be undetectably (to a typical user) owned up, and only one fairly elaborate scenario where the BT keyboard will screw them.
What I'm learning from working with at-risk normal users is that a lot of security steps we all take for granted are simply not on the table for the people who need security the most.
† Way more complicated than the people claiming "Bluetooth keyboards are trivially sniffable" are letting on
I completely agree with your ranking/preference and your logic here, but I don't think listing a bunch of models nor even listing your ranking is beyond the comprehension or ability of journalists, lawyers, or activists. I think we differ in how much faith we have in the abilities of those groups of people.
In my experience, people, especially people with budgets like most mainstream journalists and lawyers, want a list of specific things, best of all SKUs, they can buy that will give them the most security.
I don't think they're incapable of following advice; I think they have a lot of competing demands on their time. Any bullet on this list needs to earn its place, and the list itself needs to work without requiring constant updates, because most people who use the list will only see a single snapshot of it in time.
> I don't think listing a bunch of models nor even listing your ranking is beyond the comprehension or ability of journalists, lawyers, or activists.
IME this greatly overestimates how hard this is for typical end users.
Imagine if you were asked to understand and implement a technical legal function. Maybe you could do it, but it would not be trivial, you'd have to figure out what the heck it meant and what was going on, and then try to implement it. You would need to hope you received good advice, because you have no way of discerning good from bad, and that the instructions were accurate, clear and complete.
At HN we are inside a bubble where these thing are trivial. As another analogy, appendectomies may be trivial for surgeons but incredibly difficult for me.
I acknowledge that the situation with Bluetooth peripherals is complicated† and accept that there are probably a bunch of vendors that are unsafe to use. It might be reasonable to simply require Apple peripherals --- not because they're the best, but because Apple is more accountable to peripherals security than most other vendors are.
On the other hand, what we can't reasonably do is create a Bluetooth Keyboard Product Guide in a simple set of security recommendations. Not only will it not be effective, but it will discourage the audience, who will fall back to their previous insecure configurations.
So I'd ask to what extent we think Bluetooth sniffing attacks on journalists are a spy movie threat. No matter what device they use, simply by using a wireless device as an input, they're exposing those inputs to timing as well. But then, as well, Apple's software update could be targeted too.
The basic idea behind the "use a Bluetooth keyboard recommendation" is, I presume, to convince people who would otherwise use computers to do sensitive work to instead use an iDevice. That's a very sound security principle; those iDevices are far more secure than the median fully-functional computer.
If I had to pick between telling a journalist to use a random Bluetooth keyboard with an iPad, or use a Macbook or Thinkpad, I would have a hard time deciding, but I think I'd ultimately go with the random Bluetooth keyboard --- there are too many different ways the computer can be undetectably (to a typical user) owned up, and only one fairly elaborate scenario where the BT keyboard will screw them.
What I'm learning from working with at-risk normal users is that a lot of security steps we all take for granted are simply not on the table for the people who need security the most.
† Way more complicated than the people claiming "Bluetooth keyboards are trivially sniffable" are letting on