From 5a4ea39566621431e931d5bc09957e04f18bbeee Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Wed, 31 Jul 2019 18:30:57 +0000
Subject: [PATCH 1/2] Create blacklist-bluetooth.conf

---
 etc/modprobe.d/blacklist-bluetooth.conf | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 etc/modprobe.d/blacklist-bluetooth.conf

diff --git a/etc/modprobe.d/blacklist-bluetooth.conf b/etc/modprobe.d/blacklist-bluetooth.conf
new file mode 100644
index 0000000..ca8c419
--- /dev/null
+++ b/etc/modprobe.d/blacklist-bluetooth.conf
@@ -0,0 +1,3 @@
+# Blacklists bluetooth.
+install bluetooth /bin/true
+install btusb /bin/true

From 4a6f87f3fa104f0e0a62809fe08f7d07d15dd9f7 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Wed, 31 Jul 2019 18:33:28 +0000
Subject: [PATCH 2/2] Update control

---
 debian/control | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/debian/control b/debian/control
index 1693bba..d5756e1 100644
--- a/debian/control
+++ b/debian/control
@@ -68,6 +68,9 @@ Description: enhances misc security settings
  .
   * The kernel now panics on oopses to prevent it from continuing running a
  flawed process.
+ .
+  * Bluetooth is blacklisted to reduce attack surface. Bluetooth also has
+ a history of [security concerns](https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns).
  .
  Uncommon network protocols are blacklisted:
  These are rarely used and may have unknown vulnerabilities.