ST. LOUIS – More and more of your devices are using Bluetooth and some scientists recently discovered a potential security flaw with the technology on several popular phones, computers, and gadgets.
The flaw was found in Bluetooth Low Energy (BT-LE) technology. BT-LE is optimized for devices that involve infrequent data transfers and need to operate on low power consumption.
This type of technology goes into sleep mode and is not always on. It is often used for things like SmartTags and locating lost devices says Scott Schaffer with Blade Technologies. However, it can be used in phones, notebooks, tablets, watches, and more.
Researchers at the University of California San Diego tested the BT-LE implementations on several types of devices and found they can be tracked through their physical signaling characteristics.
Schaffer explains the researchers went to several public places, like a coffee house, and spent hours collecting data from people walking by them. He says they were able to gather information about 162 devices and found about 40% were uniquely identifiable.
The researchers then gathered information over a 10-hour period and saw 647 unique MAC addresses and were able to uniquely identify 47% of the devices.
He said the researchers were able to get information like the type of phone, the model, the type of operating system, and other unique identifiers.
Schaffer says, “that means the devices may emit a unique fingerprint, meaning it’s possible to look out for those fingerprints in multiple locations to figure out where those devices have been and when.”
The research also found that iPhone’s BT-LE signal transmitted a farther distance than Androids. The researchers say that means attackers may be able to track iPhones from a farther distance than Android devices.
The researchers say while they found the BT-LE does present a location tracking threat for mobile devices, attackers’ ability to target someone is essentially a matter of luck.
Schaffer says while this is not a threat today, you should still be aware of the risk. He says you also may want to turn your Bluetooth off when you are not using it. He also said it is likely patches are in the work to fix the flaw.