Security News

Academics from École Polytechnique Fédérale de Lausanne disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers. The attacks, dubbed Bluetooth Impersonation AttackS or BIAS, concern Bluetooth Classic, which supports Basic Rate and Enhanced Data Rate for wireless data transfer between devices.

Academics from École Polytechnique Fédérale de Lausanne disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers. The attacks, dubbed Bluetooth Impersonation AttackS or BIAS, concern Bluetooth Classic, which supports Basic Rate and Enhanced Data Rate for wireless data transfer between devices.

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. The bugs allow Bluetooth Impersonation Attacks on everything from internet of things gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne in Switzerland.

A vulnerability related to pairing in Bluetooth Basic Rate / Enhanced Data Rate connections could be exploited to impersonate a previously paired device, researchers have discovered. The security flaw allows for an attacker within Bluetooth range of an affected device to spoof the Bluetooth address of a previously bonded remote device, thus successfully authenticating without knowing the link key normally used for establishing an encrypted connection.

In a paper [PDF] entitled "MagicPairing: Apple's Take on Securing Bluetooth Peripherals," Dennis Heinze, Jiska Classen, and Felix Rohrbach observe that Apple's MagicPairing protocol overcomes two shortcomings of Bluetooth device pairing: poor scalability and a security model that collapses if the permanent key - the Link Key or Long-Term Key - gets compromised. The paper says that Apple's MagicPairing implementations in iOS and macOS contain a number of spelling mistakes in logging messages and, for macOS Bluetooth daemon bluetoothd, function names.

In a paper [PDF] entitled "MagicPairing: Apple's Take on Securing Bluetooth Peripherals," Dennis Heinze, Jiska Classen, and Felix Rohrbach observe that Apple's MagicPairing protocol overcomes two shortcomings of Bluetooth device pairing: poor scalability and a security model that collapses if the permanent key - the Link Key or Long-Term Key - gets compromised. The paper says that Apple's MagicPairing implementations in iOS and macOS contain a number of spelling mistakes in logging messages and, for macOS Bluetooth daemon bluetoothd, function names.

This week we discuss why Google abruptly pulled more than 500 Chrome extensions from its Web Store, the case of a man held in custody for refusing to decrypt two hard drives, and research detailing a number of security holes in Bluetooth chipsets. Greg Iddon plays host and producer this week and is joined by fellow Sophos experts Paul Ducklin and Peter Mackenzie.

A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named 'SweynTooth,' affecting millions of Bluetooth-enabled wireless smart devices worldwide-and worryingly, a few of which haven't yet been patched. All SweynTooth flaws basically reside in the way software development kits used by multiple system-on-a-chip have implemented Bluetooth Low Energy wireless communication technology-powering at least 480 distinct products from several vendors including Samsung, FitBit and Xiaomi.

A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named 'SweynTooth,' affecting millions of Bluetooth-enabled wireless smart devices worldwide-and worryingly, a few of which haven't yet been patched. All SweynTooth flaws basically reside in the way software development kits used by multiple system-on-a-chip have implemented Bluetooth Low Energy wireless communication technology-powering at least 480 distinct products from several vendors including Samsung, FitBit and Xiaomi.

Nine of the ten bugs can so far only be exploited to force an affected device either to reboot or to hang; only one can potentially be abused by crooks to access your device without needing you to let them pair with it first. The other bugs are somewhat milder - at the moment, all the researchers have been able to do with them is reboot or freeze a device.