Security vulnerability in Bluetooth puts iOS and Windows 10 devices at risk

In News

In a research paper titled Tracking Anonymized Bluetooth Devices, researchers have revealed that a security flaw in Bluetooth communication protocol affects iPhones, iPads, Apple Watch models, and Microsoft tablets and laptops. The flaw can be used to spy on users’ devices and collect their locations and IDs despite the native OS protections.

The researchers had successfully managed to exploit the thing by creating a new algorithm called an address-carryover algorithm. The algorithm is able to “exploit the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device.”

“The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic,” the research paper reads.

During the experiment, the researchers had set up a testbed of Apple and Microsoft devices to analyze BLE advertising channels. Over a period of time, they had managed to collect advertising files and log files. They were also able to gather elicit data structures which revealed device ID tokens.

Comments

You may also read!

Help AG and SentinelOne to arm enterprises against endpoint attacks

Help AG has partnered with SentinelOne to thwart the efforts of cybercriminals that have shifted their focus towards targeting

Read More...

ESET’s Endpoint Security picks up Top Player position

ESET, a global leader in cybersecurity has been recognized as a ‘Top Player’ for the second consecutive year in

Read More...

SophosLabs 2020 Threat Report released

Sophos, today launched its 2020 Threat Report providing insights into the rapidly evolving cyberthreat landscape. The report, produced by SophosLabs researchers,

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu