Posted August 2, 2019
Bluetooth is one of the most common wireless protocols in the world, allowing a wide range of devices to connect for shared functionality. From playing music in your car to controlling the temperature of flatiron, Bluetooth enables us to do many things – and as a result, Bluetooth protocols are standard on iPhones, MacBooks and many other products as well. However, according to a new study published by Boston University researchers, almost all of these devices currently include a Bluetooth error that could erase user privacy.
Bluetooth protocols were partially written for privacy, and the way devices are used, such as your iPhone, search for Bluetooth connections is assumed to prevent tracking. However, the researchers found that these methods are out of sync with each other, leading to the ability of a knowledgeable, poor actor to sniff on public, unencrypted Bluetooth "advertising" (e.g., look for a device to pair) and determine if the device created the signal; with that information, they could determine the identity of the device and track it continuously. Matching data from information from other sources can expose the user's activity and more.
It works like this: Bluetooth devices use what is called a MAC address to identify themselves when trying to pair with a device, but switch these addresses semi-frequently to avoid an identifiable pattern. However, the same devices, iPhones, iPads and MacBooks, also use a unique "identifying token" in line with the MAC address; The problem lies in the simple fact that these symbols do not change at the same time. Thus, researchers were able to create an algorithm that could analyze Bluetooth pairing traffic, identify the unique token, and trace it back to a device even after the MAC address changes.
Of large systems that offer Bluetooth capability, researchers identified only the Android family of operating systems that secure against exploitation, due to the different way these devices search for available Bluetooth connections.
Currently, there are few users who can make cards to disable Bluetooth functionality on the affected devices. The researchers reported that they revealed their findings to both Apple and Microsoft almost nine months back in November 201
Although the researchers say that there is no current evidence that this error has been exploited in a real-world attack, they do note that the opportunity continues to increase as long as the problem is not addressed.