• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Bluetooth Flaw Allows Tracking Of Windows, iOS, macOS Devices But Android Is Safe

by Cyber360 News
November 11, 2019
in Security
0
Bluetooth Flaw Allows Tracking Of Windows, iOS, macOS Devices But Android Is Safe
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

A recent flaw found in Bluetooth can be used to track Bluetooth devices, which mostly include phones, laptops and other devices by Microsoft and Apple (both iOS and macOS).

As per a research paper published by researchers from Boston University, the vulnerability can be used to track users and can also be exploited to leak user data. 

jamf now

How does it work?

Bluetooth-enabled devices use non-encrypted advertising channels to establish a connection with other Bluetooth devices. To prevent tracking on these non-encrypted channels, devices tend to use randomized and changing addresses instead of the permanent MAC address. This very process makes the devices prone to tracking.

The flaw arises from the fact that identifying tokens and random MAC addresses don’t change in sync. To prove this, the researchers used an “address-carryover algorithm” that exploits the asynchronous nature of the payloads and identifies tokens from the payloads of the advertising messages.

This allows the algorithm to uncover the anonymity of the devices in broadcasting channels.

The study was conducted on Bluetooth Low Energy (BLE) specification, which is found in the latest Bluetooth 5 standard. It uses random addresses instead of permanent MAC address, as opposed to previous Bluetooth versions (where it was static).

The most frightening part of this flaw is that the algorithm doesn’t need to break into Bluetooth security or use the advertising message decryption to track the devices.

jamf now

One thing worth noting is that the flaw doesn’t work on Android devices, meaning Android remains safe from the vulnerability. Only Microsoft devices running Windows 10, Surface devices and Apple’s iOS and macOS devices are victims of the flaw.

How Android managed to avoid this exploit

Android devices broadcast their traffic in a completely different way. It scans for nearby advertising and there is no active or continuous tracking. This is why Android devices are immune to the vulnerability.

Is there a solution?

Researchers have listed ways via which the vulnerable devices could be protected. But all of them point towards synchronizing the changes in tracking information with the changing MAC address.

Meanwhile, switching Bluetooth on and off on iOS and macOS devices can serve as a temporary solution. Unfortunately, this workaround doesn’t work on Windows devices. For a more permanent solution, we will have to wait until manufacturers roll out a fix.

jamf now
Also Read: 152 Fraud Jio Apps Found On Play Store Promising Free Data
Cyber360 News

Cyber360 News

Next Post
WhatsApp, Telegram Vulnerable To ‘Media File Jacking’: Change Your Settings Now!

WhatsApp, Telegram Vulnerable To ‘Media File Jacking’: Change Your Settings Now!

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In