Jump to content
Sign in to follow this  

Turn off your Bluetooth, warn security experts

Recommended Posts



Turn off your Bluetooth, warn security experts



Your Bluetooth connection is unsafe. Very unsafe. That’s the message from the largest hacker convention.

Bluetooth, which is a wireless technology for connecting everything from wireless earphones to car entertainment systems, is hacker heaven.

It's bad enough that attendees at the hacker convention DEF CON are advising to turn it off when not in use, as noted in reports from Security Boulevard and Mashable.

“People can track you with your Bluetooth devices. The problem is chronic with devices like headphones [and] fitness trackers,” noted Security Boulevard in a post entitled “Securing devices for DEF CON,” adding that many Bluetooth devices “seem to have gaping holes just waiting to be hacked.”

The recent KNOB attack, disclosed on Aug. 13, is an example of how unsafe Bluetooth connections can be. The “severe” vulnerability in the Bluetooth specification can allow an attacker to potentially change the content of nearby Bluetooth devices, according to a web page on the attack.

If you use your Bluetooth for music or audio, the danger is small, said Adam Kujawa, director of Malwarebytes Labs, to Fox News.

“When using Bluetooth for other things, like data transmission, calls … the likelihood that an attack could result in damage increases, but I don’t think this increases the likelihood of being attacked,” he said.

Most of the tools to do effective hacking are expensive, he said.

“In addition, the skills required to launch this kind of attack are at least in the intermediate area," he said.

But Jake Kouns, chief information security officer at Risk Based Security, says that the big picture is less sanguine.

“The widespread use of Bluetooth means a single vulnerability can have a devastating impact on an ever-growing list of devices,” he said in an email to Fox News.

“Further compounding the problem, many Bluetooth-enabled consumer devices are not typically easy to update, and in some cases can’t be updated," he said, making them forever vulnerable to attack.

But is it practical to turn off your Bluetooth every time after using it?

“Any time I hear the advice to turn off Bluetooth, it does feel a bit dirty on the surface as there should be a better option,” Kouns said.

“But realistically and unfortunately, in many cases turning off Bluetooth is the best suggestion,” he added.

One thing to keep in mind, Kouns said, is that many consumer devices only need to have Bluetooth enabled for one-time setup procedures. After that, Bluetooth can be turned off.

The issue is when a device needs to have a Bluetooth connection turned on all the time.

"Bluetooth headsets, fitness trackers and smartwatches are just a few examples that typically require Bluetooth to be turned on all the time to allow real-time data syncing, including receiving alerts and messages,” Kouns said.

Be aware of which devices are using Bluetooth, he noted.  Often, consumers have no idea which devices are using Bluetooth and which are accessing confidential data, according to Kouns.

“The development of Bluetooth is focused on functionality and expansion of use rather than security,” Malwarebytes Labs’ Kujawa said.

But this will likely change going forward, he said.

The Bluetooth Special Interest Group (SIG) prioritizes security and the specification provides advanced security features that adhere to global requirements. The SIG also provides member companies with extensive developer tools and resources to assist in effective implementation of Bluetooth technology, including its security features.

The Bluetooth Special Interest Group, the trade association that oversees Bluetooth technology, told Fox News that it prioritizes security and that the Bluetooth specification "provides advanced security features that adhere to global requirements."

"The SIG also provides member companies with extensive developer tools and resources to assist in effective implementation of Bluetooth technology, including its security features," a spokeswoman added, in a statement emailed to Fox News.

Founded in 1998, Bluetooth SIG encompasses more than 35,000 member companies, according to its website.



Share this post

Link to post
Share on other sites

I've always been leery of bluetooth and never turned it on until recently.  I put an android stereo head unit in my truck and it's convenient to use bluetooth to access my music list on my phone.  I don't even have to take the phone out of my pocket.  Just get in the truck and the bluetooth connects and starts playing.  I'm working on putting music on a stick to put in one of the USB plugs in the glove box but it's a slow process.  I don't want to just copy the list over because there's a lot of junk on the phone and I'm trying to download new stuff in high quality flac files.

Edited by SkyMan

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Sailfish Bay Fishing Charters

  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy and Guidelines. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..