#001: The future of Bluetooth connectivity with Blecon Founder, Simon Ford

11/27/24 • 68 min

In today’s Coredump Session, we unpack the full story of Bluetooth—from its PDA-era beginnings to its rising role in cloud-connected devices. With insights from Memfault’s Chris Coleman and François Baldassari, along with Blecon’s Simon Ford, this wide-ranging conversation explores how Bluetooth Low Energy has evolved, where it thrives (and doesn’t), and why it’s often the right tool, even if it’s not a perfect one. Expect history, hot takes, and practical guidance for building better Bluetooth-powered products.

Key Takeaways:

Bluetooth Low Energy (BLE) and Bluetooth Classic are fundamentally different—and BLE was never just a “lite” version.
BLE's strength lies in its low power consumption and quick connection setup, making it ideal for peripheral devices that sleep most of the time.
Use cases like audio, asset tracking, and cloud sync continue to shape BLE’s evolution, and new specs like LE Audio and PAwR are expanding its reach.
Bluetooth wins not because it’s perfect—but because it’s practical: globally adopted, low-cost, and well-supported.
Debugging Bluetooth at scale requires collecting connection parameters, analyzing retries, and understanding phone ecosystem quirks.
BLE Mesh adoption has been underwhelming, with real-world complexity often outweighing its theoretical benefits.
Expect to see BLE turn up in more places, including MEMS sensors and energy-harvesting devices, not just consumer gadgets.
Designers should understand trade-offs in connection intervals, latency, and power draw when choosing Bluetooth for cloud or local connectivity.

Chapters:

00:00 Episode Teasers & Intro

01:10 Meet the Guests: Bluetooth Roots at Pebble, Fitbit, and Blecon

06:51 BLE’s Breakthrough: The iPhone 4S Moment

10:22 BLE vs Classic: Why It Took Off

14:39 Specs That Shifted Everything: Packet Length, Coded PHY & LE Audio

21:41 Is BLE Still Interoperable? And Does It Matter?

28:22 The BLE Cloud Puzzle: Gateways, Phones & Golden Gate

38:40 BLE’s Sweet Spot: Power, Latency & When It Just Works

47:12 Operating BLE Devices in the Wild: What to Track & Why

57:40 Mesh Ambitions vs Reality

⁠⁠Join the Interrupt Slack

Watch this episode on YouTube

Follow Memfault

Other ways to listen:

⁠⁠Visit our website

Key Takeaways:

Bluetooth Low Energy (BLE) and Bluetooth Classic are fundamentally different—and BLE was never just a “lite” version.
BLE's strength lies in its low power consumption and quick connection setup, making it ideal for peripheral devices that sleep most of the time.
Use cases like audio, asset tracking, and cloud sync continue to shape BLE’s evolution, and new specs like LE Audio and PAwR are expanding its reach.
Bluetooth wins not because it’s perfect—but because it’s practical: globally adopted, low-cost, and well-supported.
Debugging Bluetooth at scale requires collecting connection parameters, analyzing retries, and understanding phone ecosystem quirks.
BLE Mesh adoption has been underwhelming, with real-world complexity often outweighing its theoretical benefits.
Expect to see BLE turn up in more places, including MEMS sensors and energy-harvesting devices, not just consumer gadgets.
Designers should understand trade-offs in connection intervals, latency, and power draw when choosing Bluetooth for cloud or local connectivity.

Chapters:

00:00 Episode Teasers & Intro

01:10 Meet the Guests: Bluetooth Roots at Pebble, Fitbit, and Blecon

06:51 BLE’s Breakthrough: The iPhone 4S Moment

10:22 BLE vs Classic: Why It Took Off

14:39 Specs That Shifted Everything: Packet Length, Coded PHY & LE Audio

21:41 Is BLE Still Interoperable? And Does It Matter?

28:22 The BLE Cloud Puzzle: Gateways, Phones & Golden Gate

38:40 BLE’s Sweet Spot: Power, Latency & When It Just Works

47:12 Operating BLE Devices in the Wild: What to Track & Why

57:40 Mesh Ambitions vs Reality

⁠⁠Join the Interrupt Slack

Watch this episode on YouTube

Follow Memfault

Other ways to listen:

⁠⁠Visit our website

Previous Episode

#000: How New IoT Security Regulations Will Shape the Industry's Future

In today's Coredump Session, Memfault’s François Baldassari and Chris Coleman unpack the sweeping impact of new IoT security regulations like the CRA and the Cyber Trust Mark. From shocking real-world exploits to smart compliance strategies, they explore what these changes mean for hardware teams and the future of connected devices. If you ship firmware or build IoT products, this one’s essential listening.

Key takeaways:

IoT security is no longer optional—new regulations like the CRA and Cyber Trust Mark make it mandatory.
Most connected devices today are still dangerously undersecured, with outdated stacks and poor OTA support.
Open source platforms like Zephyr can make compliance easier by pooling security resources across companies.
OTA (over-the-air) updates are now a requirement in both US and EU regulations.
The CRA introduces SBOM (Software Bill of Materials) requirements to track vulnerabilities in dependencies.
Observability, encryption, and secure boot need to be built in from the start—not as last-minute add-ons.
Compliance will vary based on device criticality, but self-certification will be the norm for most companies.
Ignoring security costs more in the long run—both in reputation and risk.

Chapters:

00:00 Episode Teasers & Intro

01:03 Meet the Hosts: François and Chris from Memfault

03:40 Why IoT Security Is Still So Behind

07:15 Vulnerabilities, Legacy Chips, and Who’s to Blame

10:12 Wireless Protocols: Still a Huge Attack Surface

13:28 If You Ship Without OTA, You're Asking for Trouble

20:50 Introducing the CRA and Cyber Trust Mark

23:38 What the CRA Actually Requires

31:45 Reconciling Security Monitoring with GDPR

34:07 Cyber Trust Mark vs CRA: US vs EU Approaches

41:05 What You Can Do Today to Prepare

46:33 How Long Do You Have to Support a Device?

52:19 Attack Surfaces: Even a Projector Isn't Safe

56:06 Lifecycle Support and Product Lifespan Realities

58:51 Observability in Low-Resource Devices

1:00:34 Connected Architectures & Multichip Compliance

1:01:43 IoT Devices with Limited Bandwidth & OTA Constraints

Join the Interrupt Slack

⁠⁠⁠⁠Watch this episode on YouTube

Follow Memfault

Other ways to listen:

⁠⁠Visit our website

Next Episode

#002: The secrets to building secure & scalable OTA infrastructure with Nick Sinas

In today’s Coredump Session, the team dives deep into the world of over-the-air (OTA) updates—why they matter, how they break, and what it takes to get them right. From horror stories involving IR updates in a snowstorm to best practices for deploying secure firmware across medical devices, this conversation covers the full stack of OTA: device, cloud, process, and people. It's equal parts cautionary tale and technical masterclass.

Key Takeaways:

OTA is essential for modern hardware—without it, even small bugs can require massive field operations.
Good OTA starts early, ideally at the product design and architecture phase.
Bootloaders, memory maps, and security keys must be carefully planned to avoid long-term issues.
Staged rollouts and cohorts help mitigate fleet-wide disasters.
Signing keys and root certificates should be treated like firmware—versioned, updatable, and secure.
Real-world constraints (medical, smart home, etc.) make OTA more complex—but not optional.
Testing both the update and the update mechanism itself is critical before going live.
When OTA fails, fallback plans (like dual banks or A/B slots) can be the difference between a patch and a catastrophe.

Chapters:

00:00 Episode Teasers & Intro

03:29 Meet the Guests + OTA Gut Reactions

05:33 Why OTA Is Non-Negotiable

03:29 The OTA Wake-Up Call: Why You Need It

09:31 Building OTA into Hardware from Day One

16:49 Cloud-Side OTA: Cohorts, Load, and Timing

21:53 OTA in Regulated Industries

30:10 When OTA Breaks Itself

34:44 Minimizing OTA Risk: The Defensive Playbook

41:18 OTA and the Matter Standard

47:17 Networking Stacks, Constraints, and Reliability