Security vulnerability in Bluetooth puts iOS and Windows 10 devices at risk

In News

In a research paper titled Tracking Anonymized Bluetooth Devices, researchers have revealed that a security flaw in Bluetooth communication protocol affects iPhones, iPads, Apple Watch models, and Microsoft tablets and laptops. The flaw can be used to spy on users’ devices and collect their locations and IDs despite the native OS protections.

The researchers had successfully managed to exploit the thing by creating a new algorithm called an address-carryover algorithm. The algorithm is able to “exploit the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device.”

“The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic,” the research paper reads.

During the experiment, the researchers had set up a testbed of Apple and Microsoft devices to analyze BLE advertising channels. Over a period of time, they had managed to collect advertising files and log files. They were also able to gather elicit data structures which revealed device ID tokens.

Comments

You may also read!

Bulwark to showcase state-of-the-art IT security products at GITEX

UAE-based value added distributor, Bulwark Technologies announced that its portfolio of internationally acclaimed products lined up to be showcased

Read More...

Hacking my airplane

ESET’s security researcher, Cameron Camp points out that after welcoming hacking research, automobile technology started to get better at

Read More...

Are you building an effective SOC?

Haider Pasha, regional chief security officer, emerging markets, Palo Alto Networks shares his take on what makes an SOC

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu