Here’s a potentially serious vulnerability affecting Bluetooth that could lead to leaks of private data from Apple, Google and Intel-based smartphones and PCs. Patches are being made available, so concerned users should update where they can. Millions, if not hundreds of millions or billions, of devices are likely affected.
A cryptographic bug in many Bluetooth firmware and operating system drivers could allow an attacker within about 30 meters to capture and decrypt data shared between Bluetooth-paired devices.
From Intel's explanation:
A vulnerability in Bluetooth(R) pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth(R) devices. This may result in information disclosure, elevation of privilege and/or denial of service.
According to the Bluetooth Special Interest Group (SIG) it's not likely many users were impacted by the vulnerability.
For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure. The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgment to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.Both Bluetooth and Bluetooth LE are affected. Apple has already introduced a fix for the bug on its devices (in macOS High Sierra 10.13.5/10.13.6, iOS 11.4, tvOS 11.4, and watchOS 4.3.1), so iOS and Mac users do not need to worry. Intel, Broadcom, and Qualcomm have also introduced fixes, while Microsoft says its devices are not affected.
Devices containing Bluetooth from a range of vendors—including Apple, Intel, Broadcom and Qualcomm—are all affected. That’s according to a warning from the U.S. Computer Emergency Response Team, run out of the Carnegie Mellon Software Engineering Institute. It described a vulnerability that was the result of a missing check on keys during the process of encrypting data sent over Bluetooth connections. More specifically, it was a missing validation contained in the method of encryption used in Bluetooth, a standard known as the “Diffie-Hellman key exchange.”
Ultimately, the error means that a hacker who is within Bluetooth range of an affected device could get the keys needed to reveal what’s supposed to be encrypted data “with high probability,” the U.S. CERT said. The hacker could then intercept and decrypt all messages sent over Bluetooth. This would include whatever data the app or device is sending via Bluetooth. That could be something as innocuous as notifications, though in the worst case scenario could include security codes such as those used in two-factor authentication, warned Bluetooth security expert Mike Ryan.
There are a lot of affected technologies. As Lior Neumann, one of the two Israeli researchers who found the bug, explained to Forbes in an email: “As far as we know every Android—prior to the patch published in June—and every device with wireless chip of Intel, Qualcomm or Broadcom is vulnerable.”
Where are the fixes?
Apple issued fixes back in May with the release of iOS 11.4 and in supported MacOS versions in June. For those who haven’t updated, Neumann warned: “Every iPhone device with a Broadcom or Qualcomm chip is inherently vulnerable," he added. That would include the latest iPhone 8 and X models.
Google hadn’t returned a request for comment, though the Android Open Source Project (AOSP) has released a patch, according to Neumann. Two Android vendors, Huawei and LG, say they have patched the vulnerability. Forbes couldn’t find evidence of patches from other major Android manufacturers, like Samsung and HTC, however.
Broadcom said: "We have made relevant fixes available to our OEM customers, who may release them in their software updates to end users." Intel, meanwhile, said it was "developing and validating Bluetooth software updates that address the issue for affected Intel products. Intel recommends that customers deploy available updates as soon as possible." Qualcomm said it had sent out patches too.
The Bluetooth SIG, an organization that develops the Bluetooth standard, released an update that should help guide manufacturers towards a patch. It ensures checks on those crucial keys are made correctly. Despite the patch, the Bluetooth SIG sought to downplay the severity of the vulnerability, noting that an attacker would have to be within range of two vulnerable devices—one was not enough to snoop on data passed between them.
But Neumann told Forbes the attacks “should be relatively simple to carry out.” Full technical details on the attacks were in a white paper from the Technion Israel Institute of Technology, Neumann added.
It may take some time for the Broadcom, AOSP or Bluetooth SIG patches to make it out to the myriad Android models on the market, warned professor Alan Woodward, a security expert from the University of Surrey.
“It’s about how long it takes to get the updates out there for the vendors,” Woodward said. “It’s a good example of why simply complying with a specification isn’t always proof that something is secure.”
Broken Windows
While Microsoft wasn’t included on the list of affected companies, Neumann said Windows was vulnerable to older Bluetooth attacks. He noted that Windows did not support Bluetooth version 4.2 and is vulnerable to an eavesdropping attack on Bluetooth 4.0.
Ryan said Neumann was right. But Ryan noted that both the old and new attacks could only happen when the devices first pair. “Think of when you get a new Bluetooth headset: You pair it and then your phone remembers the headset forever. If the attacker isn’t there when you first pair, they can’t decrypt any data.”
Microsoft, however, said Windows 10 had been updated to include support for Bluetooth 4.2. But a spokesperson didn't mention other, older versions of Windows.
_____________________________________
CONTACT US..!!
_____________________________________
https://www.facebook.com/Walkalone3933
https://www.instagram.com/walk._.alone
Instagram :- Coming Soon..!!
https://www.instagram.com/walk._.alone
Instagram :- Coming Soon..!!
---------->Walk._.Alone<-----------
No comments:
Post a Comment