Expand / Collapse search
Watch TV
Menu

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.

Security

Turn off your Bluetooth, warn security experts

By Brooke Crothers Fox News
Published | Updated
close
Election hacking DEF CON 2019 Video

Election hacking DEF CON 2019

The Fox News Investigative Unit got a first-hand look at the vulnerabilities of U.S. election equipment at the DEF CON 27 Hacking Conference in Las Vegas.

Your Bluetooth connection is unsafe. Very unsafe. That’s the message from the largest hacker convention.

Bluetooth, which is a wireless technology for connecting everything from wireless earphones to car entertainment systems, is hacker heaven.

It's bad enough that attendees at the hacker convention DEF CON are advising to turn it off when not in use, as noted in reports from Security Boulevard and Mashable.

RANSOMWARE IS A 'BEST SELLER' ON UNDERGROUND HACKER FORUMS

“People can track you with your Bluetooth devices. The problem is chronic with devices like headphones [and] fitness trackers,” noted Security Boulevard in a post entitled “Securing devices for DEF CON,” adding that many Bluetooth devices “seem to have gaping holes just waiting to be hacked.”

(David Becker/Getty Images)

The recent KNOB attack, disclosed on Aug. 13, is an example of how unsafe Bluetooth connections can be. The “severe” vulnerability in the Bluetooth specification can allow an attacker to potentially change the content of nearby Bluetooth devices, according to a web page on the attack.

If you use your Bluetooth for music or audio, the danger is small, said Adam Kujawa, director of Malwarebytes Labs, to Fox News.

HACKING CONFERENCE GETS ME KEYS TO YOUR VOTING MACHINE, PROBABLY

“When using Bluetooth for other things, like data transmission, calls … the likelihood that an attack could result in damage increases, but I don’t think this increases the likelihood of being attacked,” he said.

Most of the tools to do effective hacking are expensive, he said.

“In addition, the skills required to launch this kind of attack are at least in the intermediate area," he said.

But Jake Kouns, chief information security officer at Risk Based Security, says that the big picture is less sanguine.

OVER 1 MILLION FINGERPRINTS LEAKED AT ONE OF WORLD’S BIGGEST BIOMETRIC FIRMS, RESEARCHERS SAY

“The widespread use of Bluetooth means a single vulnerability can have a devastating impact on an ever-growing list of devices,” he said in an email to Fox News.

“Further compounding the problem, many Bluetooth-enabled consumer devices are not typically easy to update, and in some cases can’t be updated," he said, making them forever vulnerable to attack.

But is it practical to turn off your Bluetooth every time after using it?

“Any time I hear the advice to turn off Bluetooth, it does feel a bit dirty on the surface as there should be a better option,” Kouns said.

GOP SENATORS DEMAND ANSWERS FROM GOOGLE OVER THE TECH GIANT’S 'SMART SPEAKER RELATIONSHIP' WITH HUAWEI

“But realistically and unfortunately, in many cases turning off Bluetooth is the best suggestion,” he added.

One thing to keep in mind, Kouns said, is that many consumer devices only need to have Bluetooth enabled for one-time setup procedures. After that, Bluetooth can be turned off.

The issue is when a device needs to have a Bluetooth connection turned on all the time.

"Bluetooth headsets, fitness trackers and smartwatches are just a few examples that typically require Bluetooth to be turned on all the time to allow real-time data syncing, including receiving alerts and messages,” Kouns said.

AMAZON'S RING SERVICE MAY HAVE 200 POLICE DEPARTMENT PARTNERSHIPS ALREADY

Be aware of which devices are using Bluetooth, he noted.  Often, consumers have no idea which devices are using Bluetooth and which are accessing confidential data, according to Kouns.

“The development of Bluetooth is focused on functionality and expansion of use rather than security,” Malwarebytes Labs’ Kujawa said.

But this will likely change going forward, he said.

The Bluetooth Special Interest Group (SIG) prioritizes security and the specification provides advanced security features that adhere to global requirements. The SIG also provides member companies with extensive developer tools and resources to assist in effective implementation of Bluetooth technology, including its security features.

CLICK HERE TO GET THE FOX NEWS APP

The Bluetooth Special Interest Group, the trade association that oversees Bluetooth technology, told Fox News that it prioritizes security and that the Bluetooth specification "provides advanced security features that adhere to global requirements."

"The SIG also provides member companies with extensive developer tools and resources to assist in effective implementation of Bluetooth technology, including its security features," a spokeswoman added, in a statement emailed to Fox News.

Founded in 1998, Bluetooth SIG encompasses more than 35,000 member companies, according to its website.

Fox News’ James Rogers contributed to this article.