- Researchers from Ohio State University have found a fundamental design flaw in Bluetooth devices that makes them vulnerable to hacking.
- They advise that improving authentication during initial pairing can mitigate this flaw.
The issue
The flaw is said to be in the way Bluetooth low energy devices communicate with the mobile applications that control them.
- Every device communicates with the mobile device that manages it by broadcasting a unique identifier known as UUID.
- This identifier is used by the mobile devices to recognize the device and establish a connection.
- This identifier is embedded in the mobile phone code, and this makes the device vulnerable to fingerprinting attacks.
- In the case of poor or no encryption, attackers would be able to listen to the connection and gather data.
“At a minimum, a hacker could determine whether you have a particular Bluetooth device, such as a smart speaker, at your home, by identifying whether or not your smart device is broadcasting the particular UUIDs identified from the corresponding mobile apps,” said Zhiqiang Lin, associate professor of computer science and engineering at The Ohio State University.
Assessing the impact of the issue
To test how the issue impacted devices in the real world, the team of researchers built a hacking device to identify Bluetooth devices based on broadcasting messages.
- They were able to identify several Bluetooth low energy devices, of which most of them were vulnerable to either fingerprinting or eavesdropping attacks.
- The issue is said to lie in the initial pairing of the device with the phone. The flaw could be resolved if the initial authentication was made more secure, according to researchers.
Vulnerable apps
The Google Play Store was found to contain more than 18,000 apps that were vulnerable to this security flaw.