A Bluetooth vulnerability would allow cybercriminals to track the activity of fitness tracker wearers or use Apple devices
Together with Wi-Fi, Bluetooth is undoubtedly the best known and most used wireless connection. Now present on any type of device (from smartphones to smart bulbs, via wireless speaker, smartwatch and fitness tracker) it is extremely versatile and allows you to connect two devices without consuming too much energy.
Despite the widespread use (or perhaps because of this), it sometimes happens that hackers are able to discover, and exploit for their sinister purposes, the flaws of the Bluetooth firmware . The last one, for example, was announced just a few hours ago by a group of researchers at Boston University. In particular, it is a vulnerability that affects some of the most widespread fitness trackers on the market, giving the possibility to some hackers to identify with great precision the position of the wearer or the user of the device .
The flaw in the Bluetooth connection
As mentioned, the Bluetooth vulnerability identified by Boston University would allow third parties to determine the user’s position , sensitive information, especially in the hands of a possible stalker. The flaw in the Bluetooth connection is linked to the mode A in which it is determined and managed the connection between two devices.
When this happens, one of the two devices takes on a “central” role, managing the technical aspects of communication. In particular, what in jargon is called “master” assigns to the other device (called “slave”) a sort of address to send data packets to. To protect users, this address is changed at regular intervals , in order to make the communication anonymous. Or at least try it. Thanks to a complex algorithm, in fact, it is possible to go back to the original address and trace, thus, all the activities and data sent.
Bluetooth risk: the devices involved
According to allegations made by analysts and researchers, the Android device would not be affected by the vulnerability a while are at the real risk devices Applee Windows 10. But the risk to have to be particularly careful are the FitBit users, because the devices dedicated to the fitness of the house in San Francisco they are not able to update their unique addresses thus becoming easy prey for any bad guys.