A Bluetooth bug makes it possible to track Windows devices in addition to iPhones, iPads, Macs and Apple Watches. The vulnerability was discovered by researchers at Boston University.
A new vulnerability allows Apple and Windows devices to be tracked undetected. This was discovered and announced by researchers at Boston University. Android devices are said to be unaffected by the vulnerability. In addition to iPhones, iPads, Macs and Apple Watches, all laptops and tablets with Windows 10 are also vulnerable - even Fitbit wearables are not spared from the error. The bug is said to be in the Bluetooth communication protocol. The vulnerability allows an attacker to track one of the affected devices undetected. To make pairing between two devices easy, Bluetooth Low Energy (BLE) uses public, unencrypted channels to communicate its presence to other nearby devices. To prevent unwanted tracking, the MAC addresses are usually anonymized and randomly generated.
Disabling Bluetooth helps
The error itself, however, allows the identity tokens to be extracted from the respective device without being detected. The security gap goes so far that tracking is not interrupted, despite randomly generated MAC addresses - this means an attacker can permanently track the respective device. It is not known whether the gap has already been exploited - but this is because such an attack can hardly or not at all be detected. It is currently unclear whether Apple and Co. are able to fix the error with an over-the-air update. To prevent such tracking, Bluetooth must be completely deactivated. Qi charging stations on offer on Amazon
