Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Saturday November 18 2017, @10:39AM   Printer-friendly
from the I-hear-you dept.

A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo.

As estimated during the discovery of this devastating threat, several IoT and smart devices whose operating systems are often updated less frequently than smartphones and desktops are also vulnerable to BlueBorne.

BlueBorne is the name given to the sophisticated attack exploiting a total of eight Bluetooth implementation vulnerabilities that allow attackers within the range of the targeted devices to run malicious code, steal sensitive information, take complete control, and launch man-in-the-middle attacks.

What's worse? Triggering the BlueBorne exploit doesn't require victims to click any link or open any fileā€”all without requiring user interaction. Also, most security products would likely not be able to detect the attack. What's even scarier is that once an attacker gains control of one Bluetooth-enabled device, he/she can infect any or all devices on the same network.

These Bluetooth vulnerabilities were patched by Google for Android in September, Microsoft for Windows in July, Apple for iOS one year before disclosure, and Linux distributions also shortly after disclosure. However, many of these 5 billion devices are still unpatched and open to attacks via these flaws.

Source: https://thehackernews.com/2017/11/amazon-alexa-hacking-bluetooth.html


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Interesting) by Anonymous Coward on Saturday November 18 2017, @06:13PM (4 children)

    by Anonymous Coward on Saturday November 18 2017, @06:13PM (#598709)

    I don't have any home devices.

    Not just home devices. Home devices are the latest to be found vulnerable, along with smart phones, tablets, laptops, desktops, etc, etc.

    I'm not a fucking idiot.

    Well, based on your reading comprehension some might draw a different conclusion.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   1  
  • (Score: 3, Informative) by frojack on Saturday November 18 2017, @07:28PM (1 child)

    by frojack (1554) on Saturday November 18 2017, @07:28PM (#598734) Journal

    latest to be found vulnerable, along with smart phones, tablets, laptops, desktops, etc, etc.

    Stupid fucking AC. RTFA, and if you won't, at least RTFS.

    Most smartphones have been patched.
    Most tablets have been patched.
    Most laptops have been patched.
    Most Desktops have been patched.

    Most have been patched a year ago.
    No exploit is in the wild.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 0) by Anonymous Coward on Saturday November 18 2017, @10:23PM

      by Anonymous Coward on Saturday November 18 2017, @10:23PM (#598768)

      Old versions of Android have not been patched for this or any new vulnerabilities.
      Old versions of Windows have not been patched.
      iOS devices running iOS 9.x or earlier have not been patched

      That right there are billions of devices. Stupid fucking frojack.

  • (Score: 2) by LoRdTAW on Saturday November 18 2017, @07:32PM (1 child)

    by LoRdTAW (3755) on Saturday November 18 2017, @07:32PM (#598737) Journal

    Well, based on your reading comprehension

    And yours: "Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices" I'm referring specifically to the devices in these articles. Stay within scope.

    • (Score: 0) by Anonymous Coward on Saturday November 18 2017, @10:25PM

      by Anonymous Coward on Saturday November 18 2017, @10:25PM (#598769)

      Billions of devices are affected. Stay within reality.