Expert says risk of Bluetooth ‘BlueBorne’ attacks across multiple devices overblown

Security firm says 'BlueBorne' is only a risk if your device isn't updated

Bluetooth was originally created in 1998 to serve as a secure short-range wireless connection between two devices. It pairs our wireless mice to our laptops, our smartwatches to our smartphones, and so on. But a recent report published by security firm Armis points to eight Bluetooth-related vulnerabilities — four of which are critical — that reside on more than 5 billion Android, Windows, Linux, and pre-iOS 10 devices. The company dubs this “epidemic” BlueBorne.

“These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date,” Armis said on September 12. “Previously identified flaws found in Bluetooth were primarily at the protocol level. These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device.”

The problem starts with the complexity of Bluetooth itself. The specification stretches across 2,822 pages, which is massive compared to the base Wi-Fi specification (802.11), which consists of only 450 pages. Because of its complexity, Bluetooth does not receive the same scrutinized audits as other less-complicated protocols. That means vulnerabilities get buried as Bluetooth evolves.

Many issues prior to Bluetooth v2.1 were resolved with the introduction of Secure Simple Pairing, thus the security community shifted its attention away from Bluetooth. But a thorough inspection still needed to be performed and Armis says that its discovery of eight vulnerabilities in a recent analysis of Bluetooth could very well be “the tip of the iceberg.”

Overall, the BlueBorne set of vulnerabilities can enable a hacker to take control of a device, access its content, and use it to infect other Bluetooth-enabled devices with malware. Outside the actual vulnerabilities, the root of the issue stems from keeping Bluetooth turned on. A device will listen for Bluetooth traffic even if it is not set to discoverable mode, so all a hacker needs to know is its Bluetooth device address (BDADDR), and its MAC address.

But how do you get this information? By using open-source hardware sold online that can sniff out encrypted Bluetooth connections passing through the air. These packets of information contain plain text data pointing to the Bluetooth device address. Hackers can then use that address to send unicast traffic if they are within physical proximity of the target device: 33 feet for mobile phones and headsets, and 328 feet for laptops and desktops.

“If the device generates no Bluetooth traffic, and is only listening, it is still possible to ‘guess’ the BDADDR, by sniffing its Wi-Fi traffic,” the firm explains. “This is viable since Wi-Fi MAC addresses appear unencrypted over the air, and due to the MACs of internal Bluetooth/Wi-Fi adapters are either the same, or only differ in the last digit.”

But according to Mike Weber of cyber risk management service provider Coalfire, there is no need to panic. There are no known instances of hackers taking advantage of the vulnerabilities. Even more, creating malware to possibly attack a multitude of devices spanning Windows, iOS, and Linux in a single sweep would be extremely difficult. The discovery of the vulnerabilities only points to possibilities, not an actual attack in the wild.

“If you are on a device that is no longer supported, cannot be updated, or has not yet received a patch from a vendor, it is recommended to keep Bluetooth on the device turned off except when necessary,” Weber suggests.

Microsoft produced a patch for Windows on September 12, 2017. Apple nuked the vulnerabilities on its products with the release of iOS 10, but all devices running iOS 9.3.5 and older are still vulnerable. Google patched the issues on Android 6.0 (Marshmallow) and Android 7.0 (Nougat) on August 7, 2017, but if you’re still worried about BlueBorne, Armis Security provides an app on the Google Play Store.

Updated: Now reflects new information provided by Coalfire.


Cities looking to get smart take a lesson from an iconic shopping mall

From Disney World to the Mall of America, public venues are becoming microcosms for smart city projects. We dove into both, to show what government officials can learn – and what you can expect from your city.

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.

How to switch from iPhone to Android: The ultimate guide

If you've decided to bridge the great tech divide and leave Apple's walled garden for the unknown shores of Android, then you'll find all the tips and advice you need to begin switching from an iPhone to an Android device.

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.

With our Steam guide, you can give the gift of gaming this holiday season

The holidays may have passed, but it's always a good time to give the gift of gaming (especially when there's a Steam sale)! Here's our quick guide on how to give a Steam game as a gift.

Forget painting-style transfers, this A.I. creates realistic portraits of fake people

Do these images look computer-generated? Nvidia researchers recently published a paper on a new variation on style transfer artificial intelligence that's able to generate entirely new portraits.

Leaked HP laptop listing reveals entry-level Nvidia MX250 GPU

Alongside powerful graphics cards, Nvidia may have more mobile GPUs to show off at next year's CES show in January. The MX250 has been spotted in a listing for an HP laptop, potentially replacing the entry-level MX150.

ZSpace’s laptop brings education to life with its own 3D technology

The ZSpace laptop wants to overhaul education and training by offering affordable access to 3D mixed reality through a bespoke screen and glasses technology that is already supported by a wide array of applications.

Former Microsoft intern claims Google may have sabotaged Edge browser

Google's Chrome web browser has been able to establish such dominance that Microsoft is abandoning its web rendering engine, switching Edge over to Chromium, but did Google play dirty in an attempt to force Microsoft to make the decision?

ViewSonic’s 1080p gaming monitor lets you experience the action in style

ViewSonic is catering to gamers with its latest monitor, the XG240R. Featuring a 1080p 144Hz panel, RGB lighting, and a fast 1ms response time, you can conquer your opponents and do it in style.

Here’s why you might still be using Wi-Fi after cellular 5G launches

Cellular 5G might be around the corner and promising to deliver lightning fast speeds, but the folks over at the Wi-Fi Alliance have a few reasons why they think you shouldn't dump Wi-Fi just yet.

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.

Detangle your desk with a mighty wireless mouse. Here are our six favorites

If you're looking for the best wireless mouse on the market, we've got the list for you!. These six models have something for everyone, whether you're a hardcore gamer or simply looking to ward off carpal tunnel.

Canceling Amazon Prime is easy, and you might get a refund

Don't be intimidated. Learning how to cancel Amazon Prime is easier than you might think. You might even get a partial or full refund on the cost, depending on how much you've used it. Check out our quick-hit guide for doing so.