Security vulnerability in Bluetooth puts iOS and Windows 10 devices at risk

In News

In a research paper titled Tracking Anonymized Bluetooth Devices, researchers have revealed that a security flaw in Bluetooth communication protocol affects iPhones, iPads, Apple Watch models, and Microsoft tablets and laptops. The flaw can be used to spy on users’ devices and collect their locations and IDs despite the native OS protections.

The researchers had successfully managed to exploit the thing by creating a new algorithm called an address-carryover algorithm. The algorithm is able to “exploit the asynchronous nature of payload and address changes to achieve tracking beyond the address randomization of a device.”

“The algorithm does not require message decryption or breaking Bluetooth security in any way, as it is based entirely on public, unencrypted advertising traffic,” the research paper reads.

During the experiment, the researchers had set up a testbed of Apple and Microsoft devices to analyze BLE advertising channels. Over a period of time, they had managed to collect advertising files and log files. They were also able to gather elicit data structures which revealed device ID tokens.

Comments

You may also read!

Infoblox announces 5-city cybersecurity tour throughout MEA

Infoblox announced that it is hosting a 5-city cybersecurity tour throughout Middle East & Africa (MEA) under the theme

Read More...

Tenable CTO and co-founder to be a part of the Cybersecurity Tech Accord panel

Tenable today announced Renaud Deraison, the company’s co-founder and CTO, will join other global leaders in Davos, Switzerland for

Read More...

Ransomware attacks are here to stay and can get more disruptive

The media’s attention on ransomware attacks is on the wane but their impact is as disruptive as ever, says

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu