Tuesday , April 20 2021

So a hacker could manipulate your devices with Bluetooth



Researchers found a worrying failure in Bluetooth connectivity between paired devices. And it's that a security breach allowed some hackers to come in and manipulate the devices that are intervening with this wireless connection.

For example, if a cyber pirate took control of a phone or a hearing aid, he might have heard the user's conversation.

The problem that gives way to this violation is when encryption of both devices is performed, the key can be manipulated, the establishment of a shorter key, which can then be resolved through a brute force attack to monitor or manipulate traffic.

There are 17 chips which can be vulnerable which companies like Apple, Qualcomm, Broadcom, Intel and Chicony have verified some issues with this type of attack.

However, there is already a solution to this problem as Bluetooth SIG has updated the specification of Bluetooth Core to recommend a minimum encryption length of 7 octets to manufacturers BR / LDR connections.

A manipulation that sounds worrying but requires some specifications to be performed.

Specifically, it is not that a hacker will be on the other side of the world and will control your devices, but that it must be within wireless range, since if you do not meet this requirement, you will not be able to execute your task.

Additionally, you need both devices to have the same non-updated driver because if one of them already has the update fix, the process is interrupted.


Source link