Skip to main content

Design flaw could open Bluetooth devices to hacking

posted onNovember 14, 2019
by l33tdawg
TechXplore
Credit: TechXplore

Mobile apps that work with Bluetooth devices have an inherent design flaw that makes them vulnerable to hacking, new research has found.

The problem lies in the way Bluetooth Low Energy devices—a type of Bluetooth used by most modern gadgets—communicate with the mobile apps that control them, said Zhiqiang Lin, associate professor of computer science and engineering at The Ohio State University. Lin presented the findings this week at the Association for Computing Machinery's Conference on Computer and Communications Security (ACM CCS 2019).

"There is a fundamental flaw that leaves these devices vulnerable—first when they are initially paired to a mobile app, and then again when they are operating," Lin said. "And while the magnitude of that vulnerability varies, we found it to be a consistent problem among Bluetooth low energy devices when communicating with mobile apps."

Consider a wearable health and fitness tracker, smart thermostat, smart speaker or smart home assistant. Each first communicates with the apps on your mobile device by broadcasting something called a UUID—a universally unique identifier. That identifier allows the corresponding apps on your phone to recognize the Bluetooth device, creating a connection that allows your phone and device to talk to one another.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th