Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Wednesday September 13 2017, @01:13AM   Printer-friendly
from the color-us-blue dept.

Submitted via IRC for TheMightyBuzzard

Billions of Android, iOS, Windows and Linux devices that use Bluetooth may be exposed to a new attack that can be carried out remotely without any user interaction, researchers warned.

Armis Labs, a company that specializes in protecting Internet of Things (IoT) devices, has discovered a total of eight Bluetooth implementation vulnerabilities that expose mobile, desktop and IoT systems to an attack it has dubbed "BlueBorne."

According to the security firm, the attack only requires Bluetooth to be enabled on the targeted device – no pairing is needed between the victim and the attacker's device, and the Bluetooth connection does not even have to be discoverable.

A hacker who is in range of the targeted device can exploit one of the several Bluetooth implementation vulnerabilities that can lead to remote code execution, information disclosure or man-in-the-middle (MitM) attacks. The attacker only needs to determine what type of operating system the target is using in order to deploy an exploit specific to that platform.

BlueBorne does not require the targeted user to click on a link or open a file, and the malicious activities can take place in the background, making it less likely for the victim to notice anything suspicious. And since the attack leverages Bluetooth, a less common attack vector, many security solutions may not detect the malicious activity, Armis said.

With all the smartphones out there whose manufacturers and carriers refuse to update them after a year or so, I can see this being a big, big problem.

Source: http://www.securityweek.com/billions-devices-potentially-exposed-new-bluetooth-attack

Armis Labs. US-CERT.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by c0lo on Wednesday September 13 2017, @03:02AM (2 children)

    by c0lo (156) Subscriber Badge on Wednesday September 13 2017, @03:02AM (#567059) Journal

    What's wrong with using the phone without headphones?
    It's primary function is to be a phone, dam'it. If it's not, then you (one instance of the "everyone who...") are the one who bought it, deal with the problem.

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Wednesday September 13 2017, @03:25AM (1 child)

    by Anonymous Coward on Wednesday September 13 2017, @03:25AM (#567062)

    It's only called a "phone" because that's the most similar device that people were carrying around at the time these mobile computers were introduced.

    The phone *app* is probably the least used app on the entire device. Nobody gives a fuck about phones, grandpa! FUCK.

    • (Score: 2) by c0lo on Wednesday September 13 2017, @03:41AM

      by c0lo (156) Subscriber Badge on Wednesday September 13 2017, @03:41AM (#567065) Journal

      The phone *app* is probably the least used app on the entire device. Nobody gives a fuck about phones, grandpa! FUCK.

      Suits you well, then.

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford