A Bluetooth vulnerability can let hackers know your location

Others, Tech News
Share and like it on social platforms

Researchers discovered a flaw in the Bluetooth communication of many devices that would allow hackers to track their locations. The vulnerability impacts Bluetooth devices running on Windows 10, iOS, and macOS, as well as Fitbit and Apple Watch smartwatches.

According to researchers from Boston University (BU) who have identified the vulnerability, the bug allows an attacker to passively track a device by exploiting a flaw in the way Bluetooth Low Energy (BLE) is implemented to extract identifying tokens like the device type or other identifiable data from a manufacturer.

BLE is the latest version of Bluetooth which was officially incorporated into the specification in 2010. It is meant to provide a moderate communication range but with reduced power consumption. Most manufacturers began incorporating BLE in their devices in 2012.

Usually, when pairing a device to an external Bluetooth, one end — the main device — acts as a primary connection while the other plays a peripheral device. The peripheral device sends out a signal — similar to an IP address — that contains data about the connection.

By design, that connection is supposed to be a random address which automatically reconfigures periodically to protect users privacy. However, by using a ‘sniffer’ program –a public software that scans for Bluetooth connections– researchers were able to get ID devices even after addresses changed.

‘Most computer and smartphone operating systems do implement address randomizations by default as a means to prevent long-term passive tracking,’ reads the paper.

‘However, we identified that devices running Windows 10, iOS or macOS regularly transmit advertising events containing custom data structures which are used to enable certain platform-specific interaction with other devices within BLE range.’

These ‘advertising events’ can be used to uniquely identify device data say, researchers. However, the vulnerability does not leak any personal data.

Android devices were not able to be tracked according to researchers, due to a difference in the way the devices communicate with their Bluetooth partner, but iOS, Microsoft, and especially FitBit devices were susceptible.

 

Related Posts

22 comments

  • Thanks for some other great post. The place
    else could anybody get that type of information in such an ideal way of writing?

    I’ve a presentation next week, and I’m at the look for such
    info.

  • Fantastic blog! Do you have any tips for aspiring writers?
    I’m planning to start my own site soon but I’m a little lost on everything.

    Would you propose starting with a free platform like WordPress or
    go for a paid option? There are so many options out there that
    I’m totally confused .. Any recommendations? Appreciate it!

  • I am really enjoying the theme/design of your web site.

    Do you ever run into any browser compatibility problems? A small number
    of my blog visitors have complained about my site not working correctly in Explorer but looks great in Firefox.
    Do you have any advice to help fix this problem?

  • you’re in point of fact a excellent webmaster. The site loading pace is incredible.
    It sort of feels that you are doing any distinctive trick.
    In addition, The contents are masterwork. you’ve performed a great process in this topic!

  • Attractive element of content. I just stumbled upon your website and in accession capital to assert that I get in fact loved account your blog posts.
    Anyway I’ll be subscribing on your feeds or even I success you get entry to persistently quickly.

  • Pingback: Google
  • Do you mind if I quote a few of your articles as long as I provide credit and sources back
    to your website? My blog is in the very same area of interest as yours and my visitors would certainly benefit from some of the information you provide here.
    Please let me know if this alright with you. Cheers!

  • After checking out a handful of the blog articles on your web
    page, I really appreciate your way of blogging.

    I saved it to my bookmark site list and will be
    checking back in the near future. Take a look
    at my web site as well and tell me your opinion.

  • Hey would you mind letting me know which web host you’re using?
    I’ve loaded your blog in 3 completely different internet browsers and I
    must say this blog loads a lot faster then most.
    Can you suggest a good hosting provider at a
    fair price? Kudos, I appreciate it!

  • Pingback: Google
  • An interesting discussion is worth comment. I believe that you
    should publish more on this issue, it may not be a taboo matter
    but generally folks don’t talk about such subjects. To the next!
    All the best!!

  • Hi, I do think this is a great web site. I stumbledupon it 😉 I am going to return yet again since I book marked it.
    Money and freedom is the greatest way to change, may you be rich and continue to help others.

  • I do not know whether it’s just me or if perhaps everyone else experiencing
    problems with your site. It looks like some of the text in your
    content are running off the screen. Can someone else please comment and let me know if this is happening to
    them too? This might be a issue with my web browser because
    I’ve had this happen previously. Thanks

  • I like the valuable info you provide in your articles. I will bookmark your blog and check again here frequently.
    I’m quite certain I’ll learn a lot of new stuff right here!

    Best of luck for the next!

Leave a Reply