You can now add Bluetooth to the list of privacy threats to be worried about

Security experts have found a way to track people using the Bluetooth chips integrated into their mobile devices, and laptops, but it’s a lot harder than it sounds (and not quite effective, yet). 

Researchers at the University of California, San Diego, have discovered that each individual Bluetooth chip has a tiny imperfection, created during the manufacturing process. In a sense, despite the fact that they’re being produced at scale, and have measures in place to prevent identification, all of these chips are somewhat unique.

That uniqueness, the researchers have found, can be tracked. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Fingerprinting the devices

However, to track the chip, the potential attacker would first need to identify the device, or “capture” its unique “fingerprint”, in order to identify that tiny imperfection. After that, they need a radio receiver capable of recording raw radio signals. Apparently, this can be done with off-the-shelf gear costing no more than $150. 

Furthermore, they would need to be relatively close to the victim to be able to snoop on the Bluetooth’s transmissions. To make things even more complicated - not all chips have the same capacity, and range.

"They will know when the target device is near the receiver when it captures one or more packets that matches the target's physical layer fingerprint," the researchers say.

"The more frequently the BLE device transmits, the more likely the attacker is to receive a transmission if a user passes by. Also, the more accurate the fingerprinting technique is, the better the attacker can differentiate the target from other nearby devices."

While the concept might work when there’s only a handful of devices around, it gets a bit more tricky in crowded environments. Testing the flaw on 162 devices, the researchers were able to identify 40% of Bluetooth chips, while testing on 647 mobile devices, the percentage went up to almost half (47%).

"By evaluating the practicality of this attack in the field, particularly in busy settings such as coffee shops, we found that certain devices have unique fingerprints, and therefore are particularly vulnerable to tracking attacks. Others have common fingerprints – they will often be misidentified," the researchers concluded.

• Looking for a new device? These are the best business smartphones for work around

Via: The Register