Slashdot Mirror
BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices (bleepingcomputer.com)
An anonymous reader quotes a report from Bleeping Computer: Security researchers have discovered eight vulnerabilities -- codenamed collectively as BlueBorne -- in the Bluetooth implementations used by over 5.3 billion devices. Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with a target device. They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars. Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world. "These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date," an Armis spokesperson told Bleeping Computer via email. "Previously identified flaws found in Bluetooth were primarily at the protocol level," he added. "These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device." Consumers are recommended to disable Bluetooth unless you need to use it, but then turn it off immediately. When a patch or update is issued and installed on your device, you should be able to turn Bluetooth back on and leave it on safely. The BlueBorne Android App on the Google Play Store will be able to determine if a user's Android device is vulnerable. A technical report on the BlueBorne flaws is available here (PDF).
Am I right?
for the new iPhone! How do those new earbuds sound? Are they making a "hacking" noise?
You're device will be too old to update. You'll have to buy a new one. Neat trick, huh?
“He’s not deformed, he’s just drunk!”
I'd like to think these vulnerabilities will be fixed, but many Android devices don't get updates in a timely manner if at all. Must Bluetooth be permanently disabled on many of those devices?
So just turn off bluetooth forever and keep it off? .
Gee, that old-fashioned audio jack ain't lookin' too bad right now . . .
I usually leave Bluetooth off anyway, because of the battery drain.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
I didn't really want to use my keyboard and mouse with my laptop when sitting at my desk anyway. I'll just go ahead and turn off bluetooth for all my devices. My Apple Pen and iPad should probably be locked down too. HELPFUL!
And there is no truth to the ability of the new iPhone X to use your face to allow the feds to unlock your phone and turn on bluetooth without telling you.
Really.
Trust us.
We would never do that.
By the way, you really need to get that mole looked at.
-- Tigger warning: This post may contain tiggers! --
What and no exploit code released?
Bastards :-(
love the taste, hate the texture
Good luck getting an update for your Lenovo devices, too.
Redhat had it covered first. Debian now has it patched. I would imagine that MS Server, Win7 and Win10 might not be too far behind considering that the real danger of this exploit is access to corporate networks that use bluetooth devices. Fortunately most thin clients do not have bluetooth built in otherwise this could become another update nightmare for MS admins. Either way I don't think this will effect the Microsoft servers users too much. What I do foresee is a rapid removal of bluetooth mice and a server side disabling of the usb bluetooth stack happening in major business until Microsoft patches the windows bluetooth stack.
This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
Lenovo won't release a security update for the Moto X 2014
It's still on August 2016 patch level, 13 months old now...
Looks like the vulnerabilities that impact Android are in the BlueZ bluetooth stack.
Nothing to do with the MAC address of your Bluetooth/Wifi, of if Bluetooth and WiFi are contained in the same piece of hardware (I doubt any phone has a separate Bluetooth chip anyway, it would require a separate bluetooth antenna, cost more and take up more space)
Looks like the vulnerabilities that impact Android are in the BlueZ bluetooth stack.
Nothing to do with the MAC address of your Bluetooth/Wifi, of if Bluetooth and WiFi are contained in the same piece of hardware (I doubt any phone has a separate Bluetooth chip anyway, it would require a separate bluetooth antenna, cost more and take up more space)
From PDF in summery
"If the device generates no Bluetooth traffic, and is only listening, it is still possible to “guess” the
BDADDR, by sniffing its WiFi traffic. This is viable since WiFi MAC addresses appear unencrypted
over the air and due to the widely accepted norm of OEMs and hardware manufacturers that the
MACs of internal Bluetooth/WiFi adapters are either the same, or only differ in the last digit (one
being +1 of the other"
I can see a legitimate use for this vulnerability: disable mobiles of drivers who insist on texting while driving. With a little sophistication, it can be done automatically, with your own phone safely in your pocket.
Stupidity is an equal opportunity striker.
Fellow slashdotter Bill Dog
so yes its basically like wifi, cables are reliable
there is a buffer overflow in some versions of windows/linux/iOS
this has been patched in recent versions of all the OS's
its not a replicating worm per se unless you count all the people who have downloaded an "app" to check if they are vulnerable...
the videos and documentation on their website give absolutely no details and completely pointless, this is what happens when you let a media company deal with a buffer overflow
Actual information :
Background Information
The Logical Link Control and Adaptation Layer Protocol (L2CAP) works at the data link layer in the Bluetooth stack. It provides services such as connection multiplexing, segmentation and reassembly of packets for upper layer protocols such as Bluetooth. It facilitates higher level protocols to transmit and receive L2CAP data packets to and from clients.
A stack buffer overflow issue was found in various systems Bluetooth subsystem processing the pending configuration packets received from a client. As a result, a client could send arbitrary L2CAP configuration parameters which were stored in a stack buffer object. These parameters could exceed the buffer length, overwriting the adjacent kernel stack contents. This exchange occurs, prior to any authentication, when establishing a Bluetooth connection. An unauthenticated user, who is able to connect to a system via Bluetooth, could use this flaw to crash the system or potentially execute arbitrary code on the system if not secured correctly. if the Linux kernel stack protection feature (CONFIG_CC_STACKPROTECTOR=y) is on then your not going to be vulnerable.
Not impressed with the press release at all I'm afraid
It does show which vendors of equipment pay attention, develop patches and deserve respect
Regards
John Jones