Researchers have shown how simple it is to monitor and record Bluetooth low energy signals transmitted by phones and wearable devices, allowing the user to be easily identified and tracked.
Researchers at Context Information Security have demonstrated how easy it is to monitor and record Bluetooth Low Energy signals transmitted by many mobile phones, wearable devices and iBeacons, including the iPhone and leading fitness monitors, raising concerns about privacy and confidentiality. The researchers have even developed an Android app that scans, detects and logs wearable devices.
The app can be downloaded along with a detailed blog explaining the research at: www.contextis.co.uk/resources/blog/emergence-bluetooth-low-energy
The Context findings follow recent reports that soldiers in the People’s Liberation Army of China have been warned against using wearables to restrict the possibility of cyber-security loopholes. “Many people wearing fitness devices don’t realise that they are broadcasting constantly and that these broadcasts can often be attributed to a unique device,” said Scott Lester, a senior researcher at Context. “Using cheap hardware or a smartphone, it could be possible to identify and locate a particular device – that may belong to a celebrity, politician or senior business executive – within 100 metres in the open air. This information could be used for social engineering as part of a planned cyber attack or for physical crime by knowing peoples’ movements.”
Bluetooth Low Energy (BLE) was released in 2010 specifically for a range of new applications that rely on constantly transmitting signals without draining the battery. Like other network protocols it relies on identifying devices by their MAC addresses; but while most BLE devices have a random MAC address, Context researchers found that in most cases the MAC address doesn’t change. “My own fitness tracker has had the same MAC address since we started the investigation, even though it’s completely run out of battery once,” said Lester. Sometimes the transmitted packets also contain the device name, which may be unique, such as the ‘Garmin Vivosmart #12345678′, or even give the name of the user, such as ‘Scott’s Watch’.
BLE is also increasingly used in mobile phones and is supported by iOS 5 and later, Windows Phone 8.1, Windows 8, Android 4.3 and later, as well as the BlackBerry 10. The Bluetooth Special Interest Group (SIG) has predicted that, “By 2018, more than 90 percent of Bluetooth enabled smartphones are expected to be Smart Ready devices,” supporting BLE; while the number of Bluetooth enabled passengers cars is also predicted to grow over to 50 million by 2016.
iBeacons, which also transmit BLE packets in order to identify a location, are already used in Apple Stores to tailor notifications to visiting customers, while BA and Virgin use iBeacons with their boarding pass apps to welcome passengers walking into the lounge with the WiFi password. House of Fraser is also trialling iBeacons on manikins to allow customers to look at the clothes and their prices on their phones. The current model for iBeacons is that they should not be invasive; you have to be running the application already, for it to detect and respond to a beacon. But the researchers have concerns: “It doesn’t take much imagination to think of a phone manufacturer providing handsets with an iBeacon application already installed, so your phone alerts you with sales notifications when you walk past certain shops,” said Lester.
The current version 4.2 of the Bluetooth Core Specification makes it possible for BLE to implement public key encryption and keep packet sizes down, while also supporting different authentication schemes. “Many BLE devices simply can’t support authentication and many of the products we have looked at don’t implement encryption, as this would significantly reduce battery life and increase the complexity of the application,” said Lester.
“It is clear that BLE is a powerful technology, which is increasingly being put to a wide range of uses,” concludes Context’s Lester. “While the ability to detect and track devices may not present a serious risk in itself, it certainly has the potential to compromise privacy and could be part of a wider social engineering threat. It is also yet another demonstration of the lack of thought that goes into security when companies are in a rush to get new technology products to market.”
* Follow Gadget on Twitter on @GadgetZA
Win Funko Fortnite in Vinyl
Gadget and Gammatek are giving away a set of three Funko Fortnite figurines to three readers.
A Funko Pop figurine based on a character set is indicative of reaching the heights of pop culture. It is no surprise, then, that the world’s biggest online game, Fortnite, has its own line of Funko Pop figurines. The Funkos are modeled on the characters in game, including Drift, Ragnarok, Dark Vanguard, Volar, Tracera Ops, and Sparkle Specialist.
Now, local Funko distributor Gammatek has released the Fortnite figurines in South Africa. To celebrate, Gadget and Gammatek are giving away a set of three Funko Fortnite figurines to each of three readers. To enter,
Click here to see the Funko Fortnite characters and to select the one you want to tweet.
CES: ThirdEye X2 mixed-reality glasses
The X2 mixed reality (MR) glasses, unveiled at CES last week, are the smallest mixed reality devices yet. They boast a 42-degree field of view, HD resolution, and run on the Android platform. The glasses are not connected to wires or tethered packs, and boast a built-in VisionEye Simultaneous Localization and Mapping (SLAM) system for accurate environment tracking. The UI allows the user to wear it while completing tasks indoors and outdoors.
Click through to read how the software makes these glasses a reality.
Nick Cherukuri, founder of ThirdEye, said: “The goal of the X2 was to integrate SLAM into a small glasses form factor – that is the future of making MR Glasses mass produced.”
ThirdEye has also partnered with a major manufacturer, which will enable the X2 to be shipped in mass scale, which is currently a significant hurdle for many startups.
The glasses have built-in software like the ThirdEye App Suite, which provides a full MR software platform built into the units. The App Suite includes live audio and video streaming, AR data communication between remote users in the form of a “see what I see” application, and 3D scanning capabilities. The glasses run on Android 8.0, creating a platform for a worldwide community of developers to submit AR, VR, and MR applications to the ThirdEye App Store.