Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

EXPERT SAYS RISK OF BLUETOOTH ‘BLUEBORNE’ ATTACKS ACROSS MULTIPLE DEVICES OVERBLOWN
Digital Trends ^ | September 13, 2017 10:38 am | By Kevin Parrish

Posted on 09/14/2017 1:24:17 PM PDT by Swordmaker

Security firm says 'BlueBorne' is only a risk if your device isn't updated

VIDEO

A recent report warned of a possible attack based on vulnerabilities found in Bluetooth, but Google, Microsoft, and Apple already addressed the issue.

Bluetooth was originally created in 1998 to serve as a secure short-range wireless connection between two devices. It pairs our wireless mice to our laptops, our smartwatches to our smartphones, and so on. But a recent report published by security firm Armis points to eight Bluetooth-related vulnerabilities — four of which are critical — that reside on more than 5 billion Android, Windows, Linux, and pre-iOS 10 devices. The company dubs this “epidemic” BlueBorne.

“These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date,” Armis said on September 12. “Previously identified flaws found in Bluetooth were primarily at the protocol level. These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device.”

The problem starts with the complexity of Bluetooth itself. The specification stretches across 2,822 pages, which is massive compared to the base Wi-Fi specification (802.11), which consists of only 450 pages. Because of its complexity, Bluetooth does not receive the same scrutinized audits as other less-complicated protocols. That means vulnerabilities get buried as Bluetooth evolves.

Many issues prior to Bluetooth v2.1 were resolved with the introduction of Secure Simple Pairing, thus the security community shifted its attention away from Bluetooth. But a thorough inspection still needed to be performed and Armis says that its discovery of eight vulnerabilities in a recent analysis of Bluetooth could very well be “the tip of the iceberg.”

Overall, the BlueBorne set of vulnerabilities can enable a hacker to take control of a device, access its content, and use it to infect other Bluetooth-enabled devices with malware. Outside the actual vulnerabilities, the root of the issue stems from keeping Bluetooth turned on. A device will listen for Bluetooth traffic even if it is not set to discoverable mode, so all a hacker needs to know is its Bluetooth device address (BDADDR), and its MAC address.

But how do you get this information? By using open-source hardware sold online that can sniff out encrypted Bluetooth connections passing through the air. These packets of information contain plain text data pointing to the Bluetooth device address. Hackers can then use that address to send unicast traffic if they are within physical proximity of the target device: 33 feet for mobile phones and headsets, and 328 feet for laptops and desktops.

“If the device generates no Bluetooth traffic, and is only listening, it is still possible to ‘guess’ the BDADDR, by sniffing its Wi-Fi traffic,” the firm explains. “This is viable since Wi-Fi MAC addresses appear unencrypted over the air, and due to the MACs of internal Bluetooth/Wi-Fi adapters are either the same, or only differ in the last digit.”

But according to Mike Weber of cyber risk management service provider Coalfire, there is no need to panic. There are no known instances of hackers taking advantage of the vulnerabilities. Even more, creating malware to possibly attack a multitude of devices spanning Windows, iOS, and Linux in a single sweep would be extremely difficult. The discovery of the vulnerabilities only points to possibilities, not an actual attack in the wild.

“If you are on a device that is no longer supported, cannot be updated, or has not yet received a patch from a vendor, it is recommended to keep Bluetooth on the device turned off except when necessary,” Weber suggests.

Microsoft produced a patch for Windows on September 12, 2017. Apple nuked the vulnerabilities on its products with the release of iOS 10, but all devices running iOS 9.3.5 and older are still vulnerable. Google patched the issues on Android 6.0 (Marshmallow) and Android 7.0 (Nougat) on August 7, 2017, but if you’re still worried about BlueBorne, Armis Security provides an app on the Google Play Store.

Updated: Now reflects new information provided by Coalfire.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: applepinglist; blueborne; bluetooth; malware; windowspinglist

1 posted on 09/14/2017 1:24:17 PM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: Swordmaker

To be vulnerable you have to leave Bluetooth on all the time, which eats up your battery.


2 posted on 09/14/2017 1:29:52 PM PDT by E. Pluribus Unum ( "If fascism ever comes to America, it will be called liberalism." --Ronald Reagan)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
Long ago, before the internet, I had an idea for a sci-fi story. The idea was that electronic appliances that had infrared remotes could also transmit infrared messages and communicate with one another—conspiring against the owner. This occurred to me after two VCRs mysteriously conked out at almost the same time.
3 posted on 09/14/2017 1:34:12 PM PDT by snarkpup (The swamp is draining; and the alligators are allegating.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Famous last words!


4 posted on 09/14/2017 1:42:32 PM PDT by t4texas (Remember the Alamo!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: E. Pluribus Unum
To be vulnerable you have to leave Bluetooth on all the time, which eats up your battery.

As some of us pointed out on another thread on this topic, keep bluetooth turned off when not using it (which is what most people do anyway for the exact reason you cited above) and one doesn't have to be concerned with this vulnerability.

It's a big nothingburger, IMO.

5 posted on 09/14/2017 1:42:37 PM PDT by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 2 | View Replies]

To: snarkpup
...after two VCRs mysteriously conked out at almost the same time.
Murder-suicide?
6 posted on 09/14/2017 1:43:38 PM PDT by oh8eleven (RVN '67-'68)
[ Post Reply | Private Reply | To 3 | View Replies]

To: usconservative

Most people leave Bluetooth _on_ all the time, because they’re not thinking about the technical nuances of marginal power consumption - instead they’d rather just leave it on for convenience.

The only Bluetooth disabling I do is ensuring the car’s stereo doesn’t try to connect to my phone. Having a conference call switch mics to the sound of momma yelling at the kids when she starts the car is...undesirable.


7 posted on 09/14/2017 1:56:18 PM PDT by ctdonath2 (It's not "white privilege", it's "Puritan work ethic". Behavior begets consequences.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: dayglored; ThunderSleeps; ShadowAce; ~Kim4VRWC's~; 1234; 5thGenTexan; Abundy; Action-America; ...
More Information on BlueBorne Bluetooth Exploit that is in the wild threatening only non-updated devices out of the 8.5 Billion Bluetooth devices out there. The latest Apple, Microsoft, and some newer Android devices have already been updated, but older ones have not. Apple iOS devices running iOS 9.3.5 and earlier need to be updated. Many Android devices cannot be updated at all, and others depend on the carriers of their service to provide the updates. . . and for their users to find, download, and install any updates that may be provided. Other Android using devices such as automobiles, refrigerators, and TVs may not be ever updated and will remain at risk. — PING!

Pinging dayglored, ThunderSleeps, and ShadowAce for updates.


BlueBorne BlueTooth Malware Update
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

8 posted on 09/14/2017 2:12:55 PM PDT by Swordmaker (!This tag line is a Microsoft insult free zone... bet if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ctdonath2
Most people leave Bluetooth _on_ all the time, because they’re not thinking about the technical nuances of marginal power consumption

The only bigger consumer of a cellphone's battery is the Facebook application. Trust me. People know what eats up their cellphone battery and they turn that crap off as much as possible.

9 posted on 09/14/2017 5:06:32 PM PDT by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 7 | View Replies]

To: 109ACS; aimhigh; bajabaja; Bikkuri; Bobalu; Bookwoman; Bullish; Carpe Cerevisi; DarthDilbert; ...
Don't panic, but stay vigilant - ANDROID PING!

Android Ping!
If you want on or off the Android Ping List, Freepmail me.

10 posted on 09/14/2017 7:15:59 PM PDT by ThunderSleeps (Doing my part to help make America great again!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker; Abby4116; afraidfortherepublic; aft_lizard; AF_Blue; amigatec; AppyPappy; arnoldc1; ...
BlueTooth Malware update - how bad is it really? ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to Swordmaker for the ping!!

11 posted on 09/14/2017 7:37:46 PM PDT by dayglored ("Listen. Strange women lying in ponds distributing swords is no basis for a system of government.")
[ Post Reply | Private Reply | To 8 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson