Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,223
- Points
- 113
How wearable devices betray our privacy and what to do about it.
Researchers from the University of California, San Diego have created a unique firmware update that will make smartphones invisible to surveillance via Bluetooth. The invention significantly increases the level of protection of our personal information.
The team initially reported the Bluetooth fingerprint issue at the IEEE Security & Privacy conference in 2022. Two years later, at the same event, the scientists presented the solution.
Constantly working Bluetooth in mobile devices has long been a concern for specialists. Smartphones, smart watches, and fitness bracelets send up to 500 Bluetooth signals per minute. These signals are necessary for useful functions: finding a lost phone or connecting wireless headphones. However, the same technology can be used by attackers to track users.
Existing security methods based on random changes in the device ID and MAC address were ineffective. During production, each device gets the smallest, unique characteristics. These features create a kind of "fingerprint" in the Bluetooth signal that allows you to identify a specific gadget.
The new method, presented at the IEEE Security & Privacy 2024 conference, uses multi-level encryption. The researchers explain the principle of the method using the example of constantly changing colored contact lenses. Professor Aaron Shulman, one of the authors of the paper, explained: "We tested our system in the conditions of maximum threat. We assumed that a hacker from the special services who knows our algorithm is working against us. And even in this case, hacking was impossible."
The development was tested on the Texas Instruments CC2640 chipset, which is often used in various "smart" devices. The results are impressive: previously, it took only a minute to identify a gadget, but now, even with round-the-clock monitoring, it will take more than 10 days.
Professor Dinesh Bharadia, another leader of the study, explained: "Now digital traces are useless for intruders. Even the most experienced hacker can't do anything better than rely on a random match." He added: "You can't track a phone even if you're near it, because its IDs are constantly changing."
It is important to note that the new protection can be implemented gradually. It is enough to update the software on at least one widely used Bluetooth Low Energy chipset. Now researchers are looking for partners among manufacturers who are ready to integrate this technology into their products. It is assumed that the method can also be effective for masking WiFi signals.
Source
Researchers from the University of California, San Diego have created a unique firmware update that will make smartphones invisible to surveillance via Bluetooth. The invention significantly increases the level of protection of our personal information.
The team initially reported the Bluetooth fingerprint issue at the IEEE Security & Privacy conference in 2022. Two years later, at the same event, the scientists presented the solution.
Constantly working Bluetooth in mobile devices has long been a concern for specialists. Smartphones, smart watches, and fitness bracelets send up to 500 Bluetooth signals per minute. These signals are necessary for useful functions: finding a lost phone or connecting wireless headphones. However, the same technology can be used by attackers to track users.
Existing security methods based on random changes in the device ID and MAC address were ineffective. During production, each device gets the smallest, unique characteristics. These features create a kind of "fingerprint" in the Bluetooth signal that allows you to identify a specific gadget.
The new method, presented at the IEEE Security & Privacy 2024 conference, uses multi-level encryption. The researchers explain the principle of the method using the example of constantly changing colored contact lenses. Professor Aaron Shulman, one of the authors of the paper, explained: "We tested our system in the conditions of maximum threat. We assumed that a hacker from the special services who knows our algorithm is working against us. And even in this case, hacking was impossible."
The development was tested on the Texas Instruments CC2640 chipset, which is often used in various "smart" devices. The results are impressive: previously, it took only a minute to identify a gadget, but now, even with round-the-clock monitoring, it will take more than 10 days.
Professor Dinesh Bharadia, another leader of the study, explained: "Now digital traces are useless for intruders. Even the most experienced hacker can't do anything better than rely on a random match." He added: "You can't track a phone even if you're near it, because its IDs are constantly changing."
It is important to note that the new protection can be implemented gradually. It is enough to update the software on at least one widely used Bluetooth Low Energy chipset. Now researchers are looking for partners among manufacturers who are ready to integrate this technology into their products. It is assumed that the method can also be effective for masking WiFi signals.
Source
