The idea that device pairing can and must only be secured at hardware level is a fallacy whose goal is to ensure that only apple products work well with apple products.
For the spam example, nothing prevents apple from offering a ble api with auth that ensures that only devices manually paired by the user access it.
As for automating spam... when we’re discussing ble, we’re talking about a device a few meters away from your phone. What are spammers going to do, send a jogger right behind you that spams you after somehow hacking apple’s auth system?!
For the spam example, nothing prevents apple from offering a ble api with auth that ensures that only devices manually paired by the user access it.
As for automating spam... when we’re discussing ble, we’re talking about a device a few meters away from your phone. What are spammers going to do, send a jogger right behind you that spams you after somehow hacking apple’s auth system?!