dfu/no.nordicsemi.android.dfu/DfuBaseService/EXTRA_UNSAFE_EXPERIMENTAL_BUTTONLESS_DFU

EXTRA_UNSAFE_EXPERIMENTAL_BUTTONLESS_DFU

val EXTRA_UNSAFE_EXPERIMENTAL_BUTTONLESS_DFU: String = "no.nordicsemi.android.dfu.extra.EXTRA_UNSAFE_EXPERIMENTAL_BUTTONLESS_DFU"

Set this flag to true to enable experimental buttonless feature in Secure DFU from SDK 12. When the experimental Buttonless DFU Service is found on a device, the service will use it to switch the device to the bootloader mode, connect to it in that mode and proceed with DFU.

Please, read the information below before setting it to true.

In the SDK 12.x the Buttonless DFU feature for Secure DFU was experimental. It is NOT recommended to use it: it was not properly tested, had implementation bugs (e.g. this thread) and does not require encryption and therefore may lead to DOS attack (anyone can use it to switch the device to bootloader mode). However, as there is no other way to trigger bootloader mode on devices without a button, this DFU Library supports this service, but the feature must be explicitly enabled here. Be aware, that setting this flag to false will not protect your devices from this kind of attacks, as an attacker may use another app for that purpose. To be sure your device is secure remove this experimental service from your device.

Spec: Buttonless DFU Service UUID: 8E400001-F315-4F60-9FB8-838830DAEA50 Buttonless DFU characteristic UUID: 8E400001-F315-4F60-9FB8-838830DAEA50 (the same) Enter Bootloader Op Code: 0x01 Correct return value: 0x20-01-01 , where: 0x20 - Response Op Code 0x01 - Request Code 0x01 - Success The device should disconnect and restart in DFU mode after sending the notification.

In SDK 14 this issue was fixed by Buttonless Service With Bonds.