v0.8.3 Security Release: fix for Download Diagnostics

[agittins]

🔒 Security Fix

Version 0.8.2beta3, released May 20 2025 at 02:46 GMT, as well as v0.8.2 contain a bug that exposed IRKs and some temporary MAC addresses in the "Download Diagnostics" without being redacted.

Who is affected

If you posted a diagnostics to a public place while running v0.8.2beta3 or v0.8.2 please take steps to remove it from public access if possible.

All github issues in the Bermuda repository that contain a diagnostic from the affected versions have been scrubbed already. Only a single instance of this occurrence has been found.

If you have not uploaded a "Download Diagnostics" in the last three days you are not affected, but should update to v0.8.3 as soon as practicable.

Consequences & Mitigation

• The temporary MAC addresses are only in use for 15 minutes from their first creation, so are extremely unlikely to present any privacy risk.
• The IRKs are more permanent, and with access to these another party would be able to identify your device's bluetooth traffic as belonging to your device. Obviously this risk has a limited physical radius which reduces the exposure risk.

Other Changes

• fix: redactions in irk_manager diagnostics @agittins (fix: redactions in irk_manager diagnostics #582)
• improved performance of redact_data, to reduce instances of system lockup during download diagnostics
• logic improvements to redact_data which may have caused corner-case lockups of download diagnostics
• removed logging for "no ads for metadevice.."
• reduced logging for "scanner stamps for .. should not go backwards" to debug, as it seems they often have significant jitter (fixes Scanner stamps should not go backwards #580 )

---

This discussion was created from the release v0.8.3 Security Release: fix for Download Diagnostics.