Sunday , May 28 2023

So a hacker could manipulate your devices via bluetooth


Researchers found a worrying failure in the bluetooth connection between devices paired with each other. And a security breach allowed some hackers to enter and manipulate the devices involved in this wireless connection.

For example, if a cyber hacker took control of a phone or a headset, he could have listened to the user's conversation.

The problem that gives rise to this violation is when the encryption of both computers is performed the key can be manipulated, establishing a shorter key, which can then be resolved by a brute force attack to monitor or manipulate traffic.

There are 17 chips which can be vulnerable, where companies like Apple, Qualcomm, Broadcom, Intel and Chicony have all encountered some problems with this type of attack.

However, there is already a solution to this problem, since the Bluetooth SIG has updated the specification Bluetooth Core to recommend to manufacturers a minimum encryption length of 7 bytes for BR / LDR connections.

A manipulation that sounds worrisome, but requires some specifications to be carried out.

Specifically, it is not that a hacker will be on the other side of the world and control your devices, but must be within the reach of the wireless, because if you do not meet this requirement, you will not be able to carry out your task.

In addition, you need both devices to have the same driver not updated, because if one of them already has the update patch, the process will be interrupted.

Source link