Data security has been a burning topic in recent times especially as the industry begins to migrate to 5G connectivity technology. Recently, researchers from Boston University (BU) detected a vulnerability in several high-profile Bluetooth devices. The vulnerability could allow third-parties to determine your location and other sensitive information. The fear is that this could be exploited by persons with sinister intentions to extract information that could be used for stalking or abuse. With Bluetooth devices almost everywhere, this finding should be of concern to you.
The susceptibility has to do with the way Bluetooth-enabled gadgets pair with one another. one device serves as the central connection and the other plays a peripheral role. The peripheral device sends out a signal that contains a unique address — similar to an IP address — and data about the connection. Most devices produce a randomized address which automatically reconfigures periodically. That’s meant to protect users’ privacy, but the BU researchers found that, using an open-source “sniffer” algorithm, they could identify Bluetooth connections even when their addresses changed.
EDITOR’S PICK: US Senators introduce Bill to block Huawei from Buying or Selling US Patents
Despite being susceptible to attack, individual information is not revealed. However, that lacuna could be used to follow Bluetooth gadgets and their clients. Android may get a go here. The scientists state Android gadgets don’t have all the earmarks of being defenceless, however, Windows 10 and iOS gadgets can be followed.
Of particular concern is Fitbit users’ vulnerability clients which are said to be the worst. According to the researchers, Fitbits don’t automatically update or randomize their addresses, making them even easier to track. However, a Fitbit spokesperson has responded to an inquiry about this by Engadget. He stated: “As the leader in connected health and fitness category, Fitbit is committed to protecting consumer privacy and keeping data safe. The trust of our customers is paramount and we carefully design security measures for new products, continuously monitor for new threats, and rapidly respond to identified issues.”
The company also said that Fitbit devices aren’t able to share personally identifiable information for any users and that it believes it would be extremely difficult to actually stalk someone using this method. “Bluetooth Low Energy (BLE) technology is widespread and allows all types of devices to connect easily without draining battery power. It’s important to note that this technology can only be used to confirm that an active tracker is nearby. No personally identifiable information is shared or accessible. It’s highly unlikely that someone could stumble across a particular device, know who it belongs to, and track the device’s movement,” the company’s statement says. Nevertheless, the company is also monitoring the situation carefully.
UP NEXT: Xiaomi shares Mi A3 disassembly video but skips screen components to showcase cameras
(source)
