A Bluetooth error has been discovered that allows a bad actor to track a wide range of devices – including iPhones, iPads, Macs and Apple Watches.
Other vulnerable devices are laptops and tablets that run Windows 10 and Fitbit useful. However, Android devices are not in danger …
TNW reports on the vulnerability discovered by Boston University researchers.
Researchers from Boston University (BU) have discovered an error in the Bluetooth communication protocol that can reveal most third-party tracking devices and leak identifiable data […]
The vulnerability allows an attacker to passively track one device by utilizing an error in the way that Bluetooth Low Energy (BLE) is implemented to extract identifying symbols such as the device type or other identifiable data from a manufacturer […]
To make pairing between two units simple, BLE uses public non- encrypted advertising channels to announce their presence to other nearby entities. The protocol originally attracted private problems to send permanent Bluetooth MAC addresses to devices – a unique 48-bit identifier – on those channels.
However, BLE attempted to solve the problem by allowing the device manufacturers to use a periodically changed random address instead of their permanent Media Access Control (MAC) address.
The security discovery of BU researchers utilizes this secondary random MAC address to successfully track a device. The researchers said that the "identifying symbols" contained in promotional messages are also unique to a device and remain static long enough to be used as secondary identifiers in addition to the MAC address.
In other words, it is possible to link the current random address to the next, and identify it as the same unit. It can then be tracked indefinitely, but only on the relatively short range of Bluetooth signals.
The researchers have a suggested solution for the security problem.
To protect devices from address transfer attacks, researchers suggest device implementations should synchronize payload exchanges with random MAC addresses.
Assuming large-scale Bluetooth devices are growing, they ensure that "establishing tracking-resistant methods, especially on unencrypted communication channels, is of the utmost importance".
It is unclear whether Apple and other concerned companies could implement this change in an air update, but in the meantime, it's easy to make sure the device is tracked.
Turns off Bluetooth and on in the system settings (or in the menu bar on macOS) randomises the address and changes the payload.
You can read the whole paper here. [1 9659002] The discovery follows a newer that affects Mac: A vulnerability in multiple video conferencing apps that can allow the webcam to be remotely enabled.
Check out the 9to5Mac on YouTube for more Apple news: