Flaw in Bluetooth Protocols Could Allow Tracking of iPhone, MacBook Users
Bluetooth is one of the most common wireless protocols in the world, allowing a vast range of devices to connect together for shared functionality. From playing music in your car to controlling the temperature of your flatiron, Bluetooth enables us to do many things — and as a result, Bluetooth protocols are standard on iPhones, in MacBooks, and in many other products, too. According to a new study published by researchers from Boston University, though, almost all those devices currently contain a Bluetooth flaw that can erase a user’s privacy.
Bluetooth’s protocols were written in part with privacy in mind, and the way in which devices, such as your iPhone, search for Bluetooth connections is supposed to prevent tracking. However, the researchers found that these methods are not entirely in sync with one another, leading to the opportunity for a savvy bad actor to snoop on public, unencrypted Bluetooth “advertising” (e.g., looking for a device with which to pair) and determine whose device created the signal; with that information, they could determine the identity of the device and track it continuously. Matching that data with information from other sources could expose a user’s activity and more.
It works like this: Bluetooth devices use something called a MAC address to identify themselves when trying to pair with a device, but change these addresses semi-frequently to avoid an identifiable pattern. However, those same devices, iPhones, iPads and MacBooks included, also use a unique “identifying token” in tandem with the MAC address; the issue lies with the simple fact that these tokens don’t change at the same time. Thus, the researchers were able to create an algorithm that could analyze Bluetooth pairing traffic, identify the unique token, and trace it back to a device even after its MAC address changes.
Of major systems that offer Bluetooth capability, researchers identified only the Android family of OSes as safe from the exploit, owing to the different way those devices search for available Bluetooth connections.
For now, there is little users can do short of disabling Bluetooth functionality on their affected devices. The researchers reported that they disclosed their findings to both Apple and Microsoft nearly nine months back in November 2018. Neither company has released a patch in the intervening period, nor has either yet publicly commented on if or when they plan to address the concern. However, the average user should note they are unlikely to be a target of a bad actor looking to track their phones via Bluetooth — though it does present concerns for those such as journalists or politicians who are more likely targets.
Though the researchers say that there is no current evidence that this flaw has been leveraged in an actual real-world attack, they do note that the possibility continues to rise so long as the issue goes unaddressed.