iBeacon is a promising new technology. But how secure is it? Bluetooth Low Energy (BLE) can be secure when encryption is enabled. However, this is only the case when communication is established. But the iBeacon framework isn't meant to allow communication between devices. It even isn't possible to communicate through the iBeacon framework (CoreBluetooth should then be used). An iBeacon is only capable of advertising (data). But are those advertising packets secured or are these open for public?
I am missing a more detailed (technical) report on iBeacon.
Another thing which isn't very clear: who starts 'talking'? Is it the advertising iBeacon device or the monitoring application/device. Is an advertising iBeacon device always advertising?