Bluetooth vulnerability puts billions of devices at risk

0
28


One advantage of Bluetooth calling is that when you move within range of a previously paired device, the connection must be reconnected immediately. This is useful when you have wireless headphones or amplifiers, or are trying to connect to your car’s infotainment system, but unfortunately, it appears that a flaw in this technology is putting billions of devices at risk.

Purdue University researchers discovered a vulnerability that exploited a mechanism for reconnecting previously paired devices. Technically speaking, when the devices reconnect, they must re-verify each other’s encryption keys.

However, given the language of the protocol, it turns out that this re-validation is not mandatory and it appears to be optional. Even when applied, it can also be circumvented. This means that in theory, attackers might be able to impersonate the connections of previously connected devices, allowing them to trick users into connecting to an entirely different device, intercepting their traffic, and launch malicious attacks.

The good news is that based on what researchers found, it appears that Windows devices are immune to this attack, as well as Apple devices as the company fixed this flaw in May. However, Internet Of Things, Android devices, and Linux laptops are at risk, but we hope that manufacturers will release updates to address this issue soon.







LEAVE A REPLY

Please enter your comment!
Please enter your name here