Bluetooth is one of the most common and oldest wireless protocols used in the market. With the growing number of smartphones as well as smart home devices, there are estimated to be more than 8.2 billion devices using Bluetooth in one way or another. Now all of them are open to attack simply by just being there and being enabled, allowing hackers to easily take control of a device and, consequently, of other devices connected to it. All because of a few dangerous assumptions that developers and engineers have made regarding Bluetooth.
You’d think that, by now, Bluetooth developers would have already known how the technology’s core operates. Apparently not. Until now, everyone worked on the presumption that you could only attack a Bluetooth device if it’s discoverable or paired, and even then only with user interaction. Those presumptions are apparently flawed, and, thus, BlueBorne, the airborne Bluetooth vulnerability, came to be.
Bluetooth actually always looks for other devices, whether it’s discoverable or not, and that can be easily intercepted by attackers. These would be hackers can easily get the device’s unique MAC address identifier and, through that, identify the operating system of the device. Since Bluetooth usually runs with privileges on operating systems, it doesn’t take too much work for the hacker to get in or even take control of the system. It is then only a matter of time before it can crawl to other devices connected to the compromised one.
To put the scope of this vulnerability into perspective, here are the devices affected by BlueBorne:
• All Android devices , except those using Bluetooth Low Energy only
• All Windows computers running Vista or newer
• All Linux and Linux-based systems like Tizen and webOS using the BlueZ stack and running kernel versin 3.3-rc1 or newer
• All iOS devices running iOS 9 or older
The slightly good news is that platform vendors have already been informed and have started rolling out security updates for their users. Apple devices running iOS 10 or tvOS 7.2.2 are unaffected. And while Google has already made available the patch for BlueBorne in its recently released September security update, it might not reach OEM devices as quickly.
With the growing number of devices, from smart watches to smart bulbs to smart locks, the industry perhaps needs to pay better attention to the security of the underlying infrastructure before things get out of hand. We were lucky that the vulnerability was discovered by security researchers and not hackers. At lest for now.