Security vulnerability in Bluetooth puts iOS and Windows 10 devices at risk

In News

In a research paper titled Tracking Anonymized Bluetooth Devices, researchers have revealed that a security flaw in Bluetooth communication protocol affects iPhones, iPads, Apple Watch models, and Microsoft tablets and laptops. The flaw can be used to spy on users’ devices and collect their locations and IDs despite the native OS protections.

The researchers had successfully managed to exploit the thing by creating a new algorithm called an address-carryover algorithm. The algorithm is able to “exploit the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device.”

“The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic,” the research paper reads.

During the experiment, the researchers had set up a testbed of Apple and Microsoft devices to analyze BLE advertising channels. Over a period of time, they had managed to collect advertising files and log files. They were also able to gather elicit data structures which revealed device ID tokens.

Comments

You may also read!

Five indicators that ascertain an impending ransomware attack

Peter Mackenzi, Global Malware Escalations Manager,Sophos, highlights the five indicators that point to an impending ransomware attack on any

Read More...

ESET to highlight KrØØk and Stantinko at Black Hat USA 2020

ESET, will highlight its latest research during Black Hat USA 2020. ESET researchers Robert Lipovský, Štefan Svorenčík and Vladislav

Read More...

Actionable DDoS Weapons Intelligence: a proactive way to successfully defend against DDoS attacks

Ehab Halablab, Regional Sales Director – Middle East at A10 Networks, emphasizes on the need to deploy Actionable DDoS

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu