BIAS: Bluetooth Impersonation AttackS

BIAS: Bluetooth Impersonation AttackS”

Bluetooth-enabled devices including smartphones, laptops, tablets and Internet of Things (IoT) devices are vulnerable to attack due to fundamental flaws in the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) configuration.

"Devices updated afterwards might be fixed".

What's more, BIAS can be combined with other attacks, including the KNOB (Key Negotiation of Bluetooth) attack, which occurs when a third party forces two or more victims to agree on an encryption key with reduced entropy, thus allowing the attacker to brute-force the encryption key and use it to decrypt communications.

Any device that supports the Bluetooth Classic protocol is vulnerable to this type of attack.

These days there's no shortage of security vulnerabilities that keep being discovered in our devices, and while a lot of them tend to be software-based, and therefore easily patched, there's a new hardware vulnerability that's recently been found by security researchers that might make you want to leave Bluetooth turned off on your iPhone, iPad, or MacBook. However, the same vulnerability is also found in chips made by Intel, Qualcomm, and Samsung, which means a wide-range of non-Apple devices are also affected by this bug.

The Bluetooth SIG noted that the attacker must know the Bluetooth address of a device that has previously been paired with the device that is targeted by the attack.

Given the widespread impact of the vulnerability, the researchers said they responsibly disclosed the findings to the Bluetooth Special Interest Group (SIG), the organization that oversees the development of Bluetooth standards in December 2019.

Most smartphones tablets and computers only allow pairing with one Bluetooth enabled device at a time

The attacks can be carried out without the target being aware because the standard does not require users to be notified about the outcome of an authentication procedure, or of the lack of mutual authentication, the researchers said.

The BIAS security flaw leverages the way that devices handle link keys or long-term keys that are generated when two Bluetooth devices pair for the first time.

"Our attacks are standard-compliant, and are therefore effective against any standard-compliant Bluetooth device regardless of the Bluetooth version, the security mode (e.g., Secure Connections), the device manufacturer, and the implementation details", they wrote.

During the authentication process, researchers say that attacking devices can spoof the address of a previously-paired device.

By initiating a KNOB attack, a threat actor could gain complete access as the remote paired device. If the attack is unsuccessful, the attacker can not establish an encrypted link, but may still appear authenticated to the host, according to researchers. Researchers stated that they conducted BIAS attacks on 28 unique Bluetooth chips, concluding that all devices tested were vulnerable to this type of attack, including chips from Cypress, Qualcomm, Apple, Intel, Samsung, and CSR.

The Bluetooth SIG, the body that manages the Bluetooth standard, was informed back in December about this vulnerability, and has been working on updating the Bluetooth Core Specification to mitigate against it, and has been encouraging manufacturers to issue a fix in the meantime. These changes will be introduced into a future specification revision, it said. A spokesperson explained in length that they closely work with developers and security research community to be able to protect all Bluetooth devices.

More news: Mafia: Trilogy launches today, with a Mafia remake releasing in August

Like this



21 May 2020
Apple Shares iPhone 12 Camera Module Orders Between Three Suppliers
Prosser claims to have seen a prototype of Apple Glass, which thankfully is "meant to look like glasses, not intimidating tech". Another day brings another Apple leak, this time targeting the company's long-rumored augmented reality glasses .

21 May 2020
When can you download Amazon's Crucible?
If there's something I gleaned from the short time I spent playing Crucible , it's that there's a hunter for everyone. Then, once you know that you like the game, you can dive into that paid-for battle pass and/or additional cosmetics.

21 May 2020
Mysterious PS3 Gears Of War 3 Footage Appears Online
Our guess is that Gears of War 3 was probably never planned for release on PS3, but Epic Games had some fun experimenting anyway. That partnership lasted through until the release of Gears of War: Judgement in 2013, with Epic owning the IP throughout.

21 May 2020
Notre Dame will allow students back on campus for 2020 fall semester
They also canceled all summer classes, except for a small number of students who needed to complete summer work to prepare for the fall semester.

21 May 2020
World sees highest daily increase in Corona-virus cases
He added that the World Health Organization "is committed to transparency, accountability and continuous improvement". Tedros acknowledged receiving a letter from Trump, but declined to comment further.

21 May 2020
Coronavirus: Long queues as McDonald's reopens drive-thrus
There will be protective equipment for staff, including gloves for customer and courier facing positions and face masks. Six McDonald's restaurants will re-open their drive thru services across Dublin from 11am-10pm today.

21 May 2020
AAI issues guidelines for domestic flying, not final as yet says ministry
Passengers are being advised to carry minimal luggage as the use of trolleys may not be allowed unless one has a genuine reason. State governments and administrations have to ensure public transport and private taxis for passengers and airline crew.

21 May 2020
UK's COVID-19 tracking system under fire amid warning of second spike
President Donald Trump says he takes, Brokenshire said that all drugs were tested carefully. When asked about a trial in Britain of anti-malarial drug hydroxychloroquine, the drug U.S.

21 May 2020
Japan lifts COVID-19 state of emergency for three prefectures
One numerical target is that the number of infections should be down to around 0.5 or fewer per 100,000 people in the past week. At the time of writing, there are 5,075 cases in Tokyo and 16,402 cases in Japan total.

21 May 2020
Volkswagen pulls ad, apologizes for racist overtones
The hand pinches the man by head and then uses a finger to flick him inside the doorway of the cafe.called Petit Colon. Founded on orders by Adolf Hitler to build the "people's car", VW employed forced labourers for the Nazi war effort.