Difference between revisions of "Bluetooth"

From MgmtWiki
Jump to: navigation, search
(Created page with "==Full Title== A data interchange standard using a radio with limited range. ==Context== * In the late 1990's big companies like Intel were trying to find a mechanism that cou...")
 
(Beacons)
Line 6: Line 6:
 
* Security was not designed into the protocol at the beginning.
 
* Security was not designed into the protocol at the beginning.
 
===Beacons===
 
===Beacons===
While beacons using [[Bluetooth]] was introduced to solve a problem, in just substituted one problem for another. This attack was recently published:<ref>Michelle Hampson ''Widespread Vulnerability Identified in Phones and Bluetooth Devices'' (2021-11-04) IEEE Spectrum https://spectrum.ieee.org/bluetooth-security</ref><blockquote>Bluetooth hardware contains a security flaw that may compromise about 40% of mobile devices, according to University of California, San Diego (UCSD) researchers. The hardware underlies the operation of phone-tracking applications, which UCSD's Nishant Bhaskar said "require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices. Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices." Defects or imperfections during manufacture can slightly distort Bluetooth signals from individual devices, resulting in the generation of a unique signature. Experiments showed approximately 40% of mobile devices could be identified individually within crowds based on their Bluetooth signal signatures. </blockquote>
+
While beacons using [[Bluetooth]] was introduced to solve a problem, but in just substituted one problem for another. This attack was recently published:<ref>Michelle Hampson ''Widespread Vulnerability Identified in Phones and Bluetooth Devices'' (2021-11-04) IEEE Spectrum https://spectrum.ieee.org/bluetooth-security</ref><blockquote>Bluetooth hardware contains a security flaw that may compromise about 40% of mobile devices, according to University of California, San Diego (UCSD) researchers. The hardware underlies the operation of phone-tracking applications, which UCSD's Nishant Bhaskar said "require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices. Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices." Defects or imperfections during manufacture can slightly distort Bluetooth signals from individual devices, resulting in the generation of a unique signature. Experiments showed approximately 40% of mobile devices could be identified individually within crowds based on their Bluetooth signal signatures. </blockquote>
  
 
==References==
 
==References==

Revision as of 11:13, 11 November 2021

Full Title

A data interchange standard using a radio with limited range.

Context

  • In the late 1990's big companies like Intel were trying to find a mechanism that could be used to transfer more data than NFC that consumed low power.

Problems

  • Security was not designed into the protocol at the beginning.

Beacons

While beacons using Bluetooth was introduced to solve a problem, but in just substituted one problem for another. This attack was recently published:[1]
Bluetooth hardware contains a security flaw that may compromise about 40% of mobile devices, according to University of California, San Diego (UCSD) researchers. The hardware underlies the operation of phone-tracking applications, which UCSD's Nishant Bhaskar said "require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices. Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices." Defects or imperfections during manufacture can slightly distort Bluetooth signals from individual devices, resulting in the generation of a unique signature. Experiments showed approximately 40% of mobile devices could be identified individually within crowds based on their Bluetooth signal signatures.

References

  1. Michelle Hampson Widespread Vulnerability Identified in Phones and Bluetooth Devices (2021-11-04) IEEE Spectrum https://spectrum.ieee.org/bluetooth-security