Bluetooth security flaw uncovered

Bluetooth security flaw uncovered

A Bluetooth vulnerability has been uncovered that could make it simpler for a hacker to intrude on devices, the standards organisation has said.

The flaw could allow interference from the moment an encrypted connection is set up between two devices.

A joint paper by researchers at Oxford University, Singapore University of Technology and Design and the Helmholtz Centre for Information Security (CISPA) called the issue “a serious threat to the security and privacy of all Bluetooth users”.

Named the Key Negotiation of Bluetooth attack, the weakness fools the pair into creating a relatively shorter encryption key, making it easier for hackers to crack.

To do this, perpetrators need to perform a brute-force attack, where many passwords are submitted by a system at speed with the hope of eventually narrowing it down to the correct one.

However, the person would need to be in close range of the devices it is trying to intercept and would have to figure out the password in ample time, as most Bluetooth transfers do not take long to complete.

The process would also have to be repeated each time, and is only thought to affect certain types of Bluetooth.

In response, standards group Bluetooth Special Interest Group (SIG) has updated its specification to recommend a minimum encryption key length.

“There is no evidence that the vulnerability has been exploited maliciously and the Bluetooth SIG is not aware of any devices implementing the attack having been developed, including by the researchers who identified the vulnerability,” the organisation said.

- Press Association

More on this topic

Sisters of mercy reimagine music app conceptSisters of mercy reimagine music app concept

Mu-so rekindles love for music and sound qualityMu-so rekindles love for music and sound quality

High performance gives Envy the edgeHigh performance gives Envy the edge

Online payments company Stripe expands to eastern EuropeOnline payments company Stripe expands to eastern Europe

More in this Section

Google is changing how it prioritises news stories in searchGoogle is changing how it prioritises news stories in search

Amazon and Microsoft both confirm events to unveil new devicesAmazon and Microsoft both confirm events to unveil new devices

Ireland's Data Protection Commission working with global partners to counter cyber crimeIreland's Data Protection Commission working with global partners to counter cyber crime

Irish tech experts create smart online protections for precision farmingIrish tech experts create smart online protections for precision farming


Lifestyle

Columnist and trained counsellor Fiona Caine advises a 20-something man who isn’t having any luck meeting women in bars and clubs.Ask a counsellor: ‘Neither me or my mates have had a date for years – what are we doing wrong?’

As Aussie beer and cider brand Gayle launches in the UK, Abi Jackson finds out more from co-founder Virginia Buckworth.‘Brewed with love’: How new Aussie brand Gayle is putting ‘gay ale’ on the world drinks map

Frédérique Lecomte uses drama to help child soldiers, as well as other victims and perpetrators in conflict zones, writes Ellie O’Byrne.Healing power of theatre

With two drum kits and three guitars, Thumper really do live up to their name, writes Ellie O’Byrne.Happy to be part of the rock revival

More From The Irish Examiner