Researchers discovered a flaw in the Bluetooth communication of many devices that would allow hackers to track their locations. The vulnerability impacts Bluetooth devices running on Windows 10, iOS, and macOS, as well as Fitbit and Apple Watch smartwatches.
According to researchers from Boston University (BU) who have identified the vulnerability, the bug allows an attacker to passively track a device by exploiting a flaw in the way Bluetooth Low Energy (BLE) is implemented to extract identifying tokens like the device type or other identifiable data from a manufacturer.
BLE is the latest version of Bluetooth which was officially incorporated into the specification in 2010. It is meant to provide a moderate communication range but with reduced power consumption. Most manufacturers began incorporating BLE in their devices in 2012.
Usually, when pairing a device to an external Bluetooth, one end — the main device — acts as a primary connection while the other plays a peripheral device. The peripheral device sends out a signal — similar to an IP address — that contains data about the connection.
By design, that connection is supposed to be a random address which automatically reconfigures periodically to protect users privacy. However, by using a ‘sniffer’ program –a public software that scans for Bluetooth connections– researchers were able to get ID devices even after addresses changed.
‘Most computer and smartphone operating systems do implement address randomizations by default as a means to prevent long-term passive tracking,’ reads the paper.
‘However, we identified that devices running Windows 10, iOS or macOS regularly transmit advertising events containing custom data structures which are used to enable certain platform-specific interaction with other devices within BLE range.’
These ‘advertising events’ can be used to uniquely identify device data say, researchers. However, the vulnerability does not leak any personal data.
Android devices were not able to be tracked according to researchers, due to a difference in the way the devices communicate with their Bluetooth partner, but iOS, Microsoft, and especially FitBit devices were susceptible.