Please note, your smartphone’s Bluetooth can track you

The Bluetooth on your smartphone, computer, tablet or headphones is a boon for hackers. By exploiting the signal emitted by each device, an attacker with the right tools is able to follow you. Explanations.

According to a study by seven researchers from the University of California at San Diego, a security breach of the Bluetooth telecommunications standard allows an attacker to track users. The standard, the aim of which is to simplify connections between nearby electronic devices, requires devices to issue a single Bluetooth fingerprint.

This breach makes it possible to locate a user by locating the Bluetooth fingerprint of his telephone. Modern Bluetooth enabled devices such as smartphones, tablets, laptops, and headphones all have slightly different network chips, according to the researchers. These components have unique anomalies that can be identified to locate the signaling machine.

On the same subject: Google replaces Titan security keys following a Bluetooth breach

Bluetooth helps spy on iPhone and Android smartphone users

“Bluetooth transmissions contain the same hardware imperfections as Wi-Fi”, explain the researchers in their report. Ultimately, each device emits a slightly different signal. During the experiment, the researchers analyzed the signal emitted by an iPhone X, a Thinkpad X1 Carbon computer (Windows), a 2016 MacBook Pro (macOS), an Apple Watch Series 4 (watchOS), a Google Pixel 5 (Android ) and Bose QuietComfort 35 wireless headphones. All devices, regardless of their operating system or hardware characteristics, are vulnerable.

As part of their experiment, the researchers equipped themselves with a receiver and a detection software developed by them. After several hours of interception of Bluetooth signals in “Six cafes, a university library and a food court”, the experts came to identify 47.1% of the 647 devices. 97% of the terminals identified were able to be traced without difficulty.

However, the researchers point out that it is more complicated to differentiate between devices that are powered by the same chipset, such as several iPhone models in the same range. On the other hand, smartphones designed by Apple emit stronger bluetooth signal, which usually sets them apart from other devices.

Worse, it is not enough to turn off the bluetooth connection on your smartphone to prevent a possible hacker from tracking you. According to the researchers, a device with Bluetooth turned off continues to transmit and be detectable. “We’ve found that just turning off Bluetooth on some phones won’t stop the trackers. For example, on some Apple devices, disabling Bluetooth in the Control Center may not be enough ”, warn researchers. To protect yourself from potential spies, you must turn off your smartphone, which is obviously not very practical.

Even more worrying, it seems that the flaw can easily be exploited by hackers. “We believe this attack is feasible, so device vendors should consider mitigating measures. Many devices in use today have unique fingerprints, and the hardware for the attack costs less than $ 200 ”, warn experts, who admit that “The attack is not guaranteed to be successful in all situations”.

For the record, it is not It is not uncommon for a flaw to be spotted in the Bluetooth standard. In early September, a Bluetooth breach put billions of Android smartphones at risk. A few months earlier, theANSSI (National Agency for the Security of Computer Systems) was already sounding the alarm by claiming that the Bluetooth standard is riddled with dangerous flaws.

Leave a Comment