The convenience that Bluetooth technology brings to our lives can be seen everywhere, but its potential security risks are often ignored. In 2019, researchers disclosed a Bluetooth security vulnerability in Apple devices, which sounded a wake-up call for users who rely on wireless connections.
How Bluetooth technology works
Bluetooth is a short-range wireless communication technology that allows devices to exchange data without the presence of cables, such as listening to songs with wireless headphones and projecting the mobile phone screen onto the car's central control.
This technology relies on devices building a temporary network with each other, called a piconet. Each device has a unique identifier that can be used to be identified during the connection process, which is the basis for achieving convenient interconnection.
Core vulnerabilities revealed by research
In 2019, researchers from Boston University and other institutions discovered that there was a design flaw in the Bluetooth protocol of Apple devices. This flaw was not a simple connection error, but a deep-seated problem involving the device's identity recognition mechanism.
Specifically, when the device sends a signal through broadcast to find an object that can be paired, it will use a changing MAC address to protect privacy. However, at the same time, the system will send another fixed token called the "identity resolution key", and the two are not updated simultaneously.
How attackers exploit vulnerabilities
An attacker who can exploit this desynchronization vulnerability to track human accessibility can write an inexpensive detection device to scan for surrounding Bluetooth signals in public places.
When the detection device captures the fixed "identity resolution key", even if the device's MAC address changes later, the attacker can still use this key to uniquely identify and continue to track the device.
Range of devices affected by the vulnerability
The impact of this vulnerability is extremely broad. Research clearly shows that Apple devices running iOS are at risk, Apple devices running iPadOS are at risk, Apple devices running macOS are at risk, and Apple devices running watchOS are at risk.
It should be noted that only Apple's latest beta systems were considered safe at that time because they enabled an improved Bluetooth addressing mechanism. This suggests that the vast majority of Apple devices sold are likely to be exposed to the risk.
Real risks faced by users
For ordinary users, this means that there is a possibility that their whereabouts privacy may be violated. Attackers can deploy detection devices in shopping malls, airports or streets to track the movement of specific devices over a long period of time.
If data from other sources are combined, such as surveillance videos, attackers are very likely to construct a user's identity description, home address or daily behavioral habits, which is particularly dangerous for high-risk groups such as journalists and activists.
Current response and protection recommendations
As of now, the active protective actions that ordinary users can take are extremely limited. The most straightforward way is to turn off the unused Bluetooth function at any time. Although this will result in the sacrifice of convenience, it is the most effective temporary solution.
The research team reported this problem to Apple in September 2018, but by the time the vulnerability was made public, Apple had not released a patch, which highlighted the possible delay between manufacturer response and user security needs.
Whenever you use those Bluetooth devices on a daily basis, will you first think about the so-called convenience, or will you focus more on blocking Bluetooth to protect privacy? We sincerely welcome you to share your personal opinions in the comment area. If you find this article helpful, please also support it by moving your finger and giving it a like.
