We've already discussed buying beacons and different types of beacons in Chapter 1, Welcome to iBeacon and Chapter 7, Vendor SDKs – Buying and Configuring Beacons, so we already know that there are various differences in the way beacon vendors implement their security models.

Beacon vendors have a catch-22 situation. They need a way to allow you as the owner to configure the UUID, major, and minor values, while at the same time stopping malicious persons hijacking the beacons and repurposing them for their own requirements.

Most beacons are configured over the air using Bluetooth devices, so if they aren't properly locked down, you only need a hacker within 100 meters of your beacon to repurpose them. For example, if you place beacons ...