The very technology that aims to keep your Bluetooth from being tracked and hacked is the very one that can make your devices vulnerable. To avoid tracking, Bluetooth is continuously changing identifying tokens and using random MAC addresses.
Bluetooth flaw lets hackers track and identify Windows, macOS and iOS devices
At that point, hackers not only can follow your device, but they can also get information about its identity and your user activity. This flaw was found in the latest Bluetooth 5 standard and impacts macOS, Windows and iOS devices.
The Bluetooth flaw is found on Windows 10, iOS and macOS devices. These devices include iPhones, iPads, Apple Watch models, MacBooks, as well as Microsoft tablets and laptops. Unlike Windows and Apple products, Androids are immune to this flaw because they do not actively and continuously track the device while in Bluetooth mode.
The vulnerability allows an attacker to passively track a device by exploiting a flaw in the way Bluetooth Low Energy (BLE) is implemented to extract identifying tokens like the device type or other identifiable data from a manufacturer.
"Any device which regularly advertises data containing suitable advertising tokens will be vulnerable to the carry-over algorithm if it does not change all of its identifying tokens in sync with the advertising address," the researchers say. "As Bluetooth adoption is projected to grow from 4.2 to 5.2 billion devices between 2019 and 2022 [...] establishing tracking-resistant methods, especially on unencrypted communication channels, is of paramount importance."
A security vulnerability in the Bluetooth communication protocol has the potential to allow malicious actors to track and identify devices from Apple and Microsoft, according to new research from Boston University that was highlighted by ZDNet.
To prevent tracking, most devices broadcast a randomized address that periodically changes rather than a Media Access Control (MAC) address, but the researchers have found that it is possible to extract identifying tokens that allow a device to be tracked even when this randomized address changes by exploiting the address-carryover algorithm.
We present an online algorithm called the address-carryover algorithm, which exploits the fact that identifying tokens and the random address do not change in sync, to continuously track a device despite implementing anonymization measures. To our knowledge, this approach affects all Windows 10, iOS, and macOS devices.
However, we can still track nearby Bluetooth devices, read from them, and even write specific characteristics. Because of that, it's useful to do the reconnaissance in case we can either take control of the device, identify a vulnerability, or find a vulnerability later that matches up with one that's nearby.
Bluetooth is the technology that allows electronic devices like smartphones, tablets, portable speakers, digital assistants, wearable fitness trackers and home security equipment to wirelessly connect to each other through a network. 2ff7e9595c
Opmerkingen