Industry Wide Mobile App Bluetooth Design Flaw
Updated to include a response from Dr Zhiqiang Lin.
Bluetooth devices are allegedly vulnerable to hacking during the pairing process allowing potential hackers to access your location data through your smartphone or certain mobile apps, however, the Apple ecosystem may not be affected with the iOS App Store not being included, according to a revealing study.
According to a study presented at the Association for Computing Machinery’s Conference on Computer and Communications Security, Bluetooth devices are susceptible to compromise as a result of a design glitch that leaves mobile apps, downloaded from the Google Play Store, open to attack.
The analysis evaluated all of the Bluetooth Low Energy apps in the Google Play Store (18,166 at the time of their research), identifying 1,434 vulnerable apps that allow unauthorised access.
Unfortunately, the analysis did not include apps in the Apple App Store as according to Dr Zhiqiang Lin, associate professor of computer science and engineering at Ohio State University, the university lacked access to their code for a large scale study.
Dr Lin, however, believes the issue is an ‘industry-wide problem’ that is ‘not specific to Android Apps’.
‘The problem absolutely exists in Apple apps’.
She goes on further to state that any device capable of running these Bluetooth Low Energy apps ‘are subject to the attack’.
Dr Lin demonstrates in the study that devices are vulnerable during the initial pairing process with a mobile app, and again during operation.
While many apps and phones come with varying levels of encryption and security, according to Lin, ‘in some cases, in which no encryption is involved, or encryption [has been] misused between mobile apps and devices, the attacker would be able to ‘listen in’ on your conversation and collect that data.’
‘The potential for privacy invasion is high’.
The study utilised a hacking device called a ‘sniffer’ to test their findings, discovering nearly 6,000 Bluetooth devices in a 2km radius, with 94.6% of them able to be “fingerprinted” (identified) for attack and 1,434 apps ‘ripe for exploitation’.
Fortunately, recommendations have been made to app developers and Bluetooth industry groups with Lin calling the problem ‘relatively easy to fix’.