Difference between revisions of "Bluetooth"
From MgmtWiki
(→Beacons) |
(→Beacons) |
||
| Line 6: | Line 6: | ||
* Security was not designed into the protocol at the beginning. | * Security was not designed into the protocol at the beginning. | ||
===Beacons=== | ===Beacons=== | ||
| − | While beacons using [[Bluetooth]] was introduced to solve a problem, but in just substituted one problem for another. This attack was | + | While beacons using [[Bluetooth]] was introduced to solve a problem, but in just substituted one problem for another. This attack was published in late 2021:<ref>Michelle Hampson ''Widespread Vulnerability Identified in Phones and Bluetooth Devices'' (2021-11-04) IEEE Spectrum https://spectrum.ieee.org/bluetooth-security</ref><blockquote>Bluetooth hardware contains a security flaw that may compromise about 40% of mobile devices, according to University of California, San Diego (UCSD) researchers. The hardware underlies the operation of phone-tracking applications, which UCSD's Nishant Bhaskar said "require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices. Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices." Defects or imperfections during manufacture can slightly distort Bluetooth signals from individual devices, resulting in the generation of a unique signature. Experiments showed approximately 40% of mobile devices could be identified individually within crowds based on their Bluetooth signal signatures. </blockquote> |
==References== | ==References== | ||
Revision as of 11:14, 11 November 2021
Full Title
A data interchange standard using a radio with limited range.
Context
- In the late 1990's big companies like Intel were trying to find a mechanism that could be used to transfer more data than NFC that consumed low power.
Problems
- Security was not designed into the protocol at the beginning.
Beacons
While beacons using Bluetooth was introduced to solve a problem, but in just substituted one problem for another. This attack was published in late 2021:[1]Bluetooth hardware contains a security flaw that may compromise about 40% of mobile devices, according to University of California, San Diego (UCSD) researchers. The hardware underlies the operation of phone-tracking applications, which UCSD's Nishant Bhaskar said "require frequent and constant transmission of Bluetooth beacons to be detected by nearby devices. Unfortunately, this also means that an adversary can also find out where we are at all times by simply listening to the Bluetooth transmissions from our personal devices." Defects or imperfections during manufacture can slightly distort Bluetooth signals from individual devices, resulting in the generation of a unique signature. Experiments showed approximately 40% of mobile devices could be identified individually within crowds based on their Bluetooth signal signatures.
References
- ↑ Michelle Hampson Widespread Vulnerability Identified in Phones and Bluetooth Devices (2021-11-04) IEEE Spectrum https://spectrum.ieee.org/bluetooth-security
